korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2025-01-07 06:14:24 +08:00
Code Issues Packages Projects Releases Wiki Activity
299e2b1967
linux/tools/testing/selftests
History
Linus Torvalds 299e2b1967 Landlock updates for v6.2-rc1 
-----BEGIN PGP SIGNATURE-----
 
 iIYEABYIAC4WIQSVyBthFV4iTW/VU1/l49DojIL20gUCY5b27RAcbWljQGRpZ2lr
 b2QubmV0AAoJEOXj0OiMgvbSg9YA/0K10H+VsGt1+qqR4+w9SM7SFzbgszrV3Yw9
 rwiPgaPVAP9rxXPr2bD2hAk7/Lv9LeJ2kfM9RzMErP1A6UsC5YVbDA==
 =mAG7
 -----END PGP SIGNATURE-----

Merge tag 'landlock-6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux

Pull landlock updates from Mickaël Salaün:
 "This adds file truncation support to Landlock, contributed by Günther
  Noack. As described by Günther [1], the goal of these patches is to
  work towards a more complete coverage of file system operations that
  are restrictable with Landlock.

  The known set of currently unsupported file system operations in
  Landlock is described at [2]. Out of the operations listed there,
  truncate is the only one that modifies file contents, so these patches
  should make it possible to prevent the direct modification of file
  contents with Landlock.

  The new LANDLOCK_ACCESS_FS_TRUNCATE access right covers both the
  truncate(2) and ftruncate(2) families of syscalls, as well as open(2)
  with the O_TRUNC flag. This includes usages of creat() in the case
  where existing regular files are overwritten.

  Additionally, this introduces a new Landlock security blob associated
  with opened files, to track the available Landlock access rights at
  the time of opening the file. This is in line with Unix's general
  approach of checking the read and write permissions during open(), and
  associating this previously checked authorization with the opened
  file. An ongoing patch documents this use case [3].

  In order to treat truncate(2) and ftruncate(2) calls differently in an
  LSM hook, we split apart the existing security_path_truncate hook into
  security_path_truncate (for truncation by path) and
  security_file_truncate (for truncation of previously opened files)"

Link: https://lore.kernel.org/r/20221018182216.301684-1-gnoack3000@gmail.com [1]
Link: https://www.kernel.org/doc/html/v6.1/userspace-api/landlock.html#filesystem-flags [2]
Link: https://lore.kernel.org/r/20221209193813.972012-1-mic@digikod.net [3]

* tag 'landlock-6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux:
  samples/landlock: Document best-effort approach for LANDLOCK_ACCESS_FS_REFER
  landlock: Document Landlock's file truncation support
  samples/landlock: Extend sample tool to support LANDLOCK_ACCESS_FS_TRUNCATE
  selftests/landlock: Test ftruncate on FDs created by memfd_create(2)
  selftests/landlock: Test FD passing from restricted to unrestricted processes
  selftests/landlock: Locally define __maybe_unused
  selftests/landlock: Test open() and ftruncate() in multiple scenarios
  selftests/landlock: Test file truncation support
  landlock: Support file truncation
  landlock: Document init_layer_masks() helper
  landlock: Refactor check_access_path_dual() into is_access_to_paths_allowed()
  security: Create file_truncate hook from path_truncate hook
2022-12-13 09:14:50 -08:00
..
alsa
amd-pstate selftests: amd-pstate: Trigger gitsource benchmark and test cpus 2022-11-01 03:22:37 -06:00
arm64 Merge branch 'for-next/selftests' into for-next/core 2022-12-06 11:25:43 +00:00
bpf selftests/bpf: Make test_bench_attach serial 2022-11-21 11:52:01 -08:00
breakpoints
capabilities
cgroup Non-MM patches for 6.2-rc1. 2022-12-12 17:28:58 -08:00
clone3
core
cpu-hotplug selftests/cpu-hotplug: Add log info when test success 2022-10-05 11:05:18 -06:00
cpufreq
damon selftest/damon: add a test for duplicate context dirs creation 2022-10-03 14:03:06 -07:00
dma
dmabuf-heaps
drivers selftests: net: Fix netdev name mismatch in cleanup 2022-10-20 21:09:22 -07:00
efivarfs selftests/efivarfs: Add checking of the test return value 2022-11-22 09:09:04 -07:00
exec
filesystems Updates to various subsystems which I help look after. lib, ocfs2, 2022-08-07 10:03:24 -07:00
firmware
fpu
ftrace linux-kselftest-next-6.2-rc1 2022-12-12 16:39:38 -08:00
futex selftests/futex: fix build for clang 2022-10-18 14:13:11 -06:00
gpio selftests: gpio: Use "grep -E" instead of "egrep" 2022-11-25 10:57:23 -07:00
ia64
intel_pstate selftests/intel_pstate: fix build for ARCH=x86_64 2022-10-18 14:13:19 -06:00
ipc
ir
kcmp
kexec selftests/kexec: fix build for ARCH=x86_64 2022-10-18 14:13:25 -06:00
kmod
kselftest
kvm KVM: selftests: add svm part to triple_fault_test 2022-11-17 11:40:00 -05:00
landlock Landlock updates for v6.2-rc1 2022-12-13 09:14:50 -08:00
lib
livepatch Merge branch 'for-6.1/sysfs-patched-object' into for-linus 2022-10-05 13:00:03 +02:00
lkdtm lkdtm: Update tests for memcpy() run-time warnings 2022-09-07 16:37:27 -07:00
locking
media_tests
membarrier
memfd
memory-hotplug selftests/memory-hotplug: Remove the redundant warning information 2022-10-18 14:21:18 -06:00
mincore
mount
mount_setattr
move_mount_set_group
mqueue
nci
net ipv4: Fix incorrect route flushing when table ID 0 is used 2022-12-06 20:34:43 -08:00
netfilter selftests: netfilter: Fix and review rpath.sh 2022-11-09 10:29:57 +01:00
nolibc selftests/nolibc: Always rebuild the sysroot when running a test 2022-10-28 15:17:22 -07:00
nsfs
ntb
openat2
perf_events selftests/perf_events: Add a SIGTRAP stress test with disables 2022-10-17 16:32:06 +02:00
pid_namespace
pidfd selftests/pidfd_test: Remove the erroneous ',' 2022-11-02 03:09:57 -06:00
powerpc selftests/powerpc: Update bhrb filter sampling test for multiple branch filters 2022-09-28 19:22:13 +10:00
prctl
proc proc: fixup uptime selftest 2022-11-18 13:55:08 -08:00
pstore
ptp
ptrace
rcutorture torture: Make torture.sh create a properly formatted log file 2022-10-20 15:29:08 -07:00
resctrl
rlimits
rseq
rtc selftests: rtc: skip when RTC is not present 2022-11-15 13:30:51 -07:00
safesetid
sched
seccomp selftests/seccomp: Check CAP_SYS_ADMIN capability in the test mode_filter_without_nnp 2022-12-02 11:32:53 -08:00
sgx selftests/sgx: Ignore OpenSSL 3.0 deprecated functions warning 2022-08-15 16:50:07 -06:00
sigaltstack
size
sparc64
splice selftests: splice_read: Fix sysfs read cases 2022-11-29 17:28:31 -07:00
static_keys
sync
syscall_user_dispatch
sysctl
tc-testing selftests/tc-testing: update qdisc/cls/action features in config 2022-09-30 18:41:35 -07:00
tdx selftests/tdx: Test TDX attestation GetReport support 2022-11-17 11:04:28 -08:00
timens selftests/timens: add a test for vfork+exit 2022-10-25 15:15:52 -07:00
timers
tmpfs
tpm2 selftests/tpm2: Split async tests call to separate shell script runner 2022-11-29 17:28:31 -07:00
uevent
user
user_events tracing/user_events: Use bits vs bytes for enabled status page data 2022-09-29 10:17:37 -04:00
vDSO selftests/vDSO: Add riscv getcpu & gettimeofday test 2022-11-03 03:28:01 -06:00
vm Non-MM patches for 6.2-rc1. 2022-12-12 17:28:58 -08:00
watchdog selftests/watchdog: Fix spelling mistake "Temeprature" -> "Temperature" 2022-10-27 02:53:37 -06:00
wireguard random: use random.trust_{bootloader,cpu} command line option only 2022-11-18 02:18:10 +01:00
x86
zram
.gitignore
gen_kselftest_tar.sh
kselftest_deps.sh selftests: kselftest_deps: Use "grep -E" instead of "egrep" 2022-11-25 10:55:52 -07:00
kselftest_harness.h
kselftest_install.sh
kselftest_module.h
kselftest.h
lib.mk linux-kselftest-next-6.2-rc1 2022-12-12 16:39:38 -08:00
Makefile selftests/tdx: Test TDX attestation GetReport support 2022-11-17 11:04:28 -08:00
run_kselftest.sh