korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-26 13:44:15 +08:00
Code Issues Packages Projects Releases Wiki Activity
3ac96c30cc
linux/security/apparmor
History
Linus Torvalds ae5906ceee Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 
Pull security subsystem updates from James Morris:

 - Extend LSM stacking to allow sharing of cred, file, ipc, inode, and
   task blobs. This paves the way for more full-featured LSMs to be
   merged, and is specifically aimed at LandLock and SARA LSMs. This
   work is from Casey and Kees.

 - There's a new LSM from Micah Morton: "SafeSetID gates the setid
   family of syscalls to restrict UID/GID transitions from a given
   UID/GID to only those approved by a system-wide whitelist." This
   feature is currently shipping in ChromeOS.

* 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (62 commits)
  keys: fix missing __user in KEYCTL_PKEY_QUERY
  LSM: Update list of SECURITYFS users in Kconfig
  LSM: Ignore "security=" when "lsm=" is specified
  LSM: Update function documentation for cap_capable
  security: mark expected switch fall-throughs and add a missing break
  tomoyo: Bump version.
  LSM: fix return value check in safesetid_init_securityfs()
  LSM: SafeSetID: add selftest
  LSM: SafeSetID: remove unused include
  LSM: SafeSetID: 'depend' on CONFIG_SECURITY
  LSM: Add 'name' field for SafeSetID in DEFINE_LSM
  LSM: add SafeSetID module that gates setid calls
  LSM: add SafeSetID module that gates setid calls
  tomoyo: Allow multiple use_group lines.
  tomoyo: Coding style fix.
  tomoyo: Swicth from cred->security to task_struct->security.
  security: keys: annotate implicit fall throughs
  security: keys: annotate implicit fall throughs
  security: keys: annotate implicit fall through
  capabilities:: annotate implicit fall through
  ...
2019-03-07 11:44:01 -08:00
..
include apparmor: Adjust offset when accessing task blob. 2019-01-22 14:38:59 -08:00
.gitignore apparmor: add base infastructure for socket mediation 2018-03-13 17:25:48 -07:00
apparmorfs.c security: audit and remove any unnecessary uses of module.h 2018-12-12 14:58:51 -08:00
audit.c apparmor: Fix memory leak of rule on error exit path 2018-06-07 01:50:48 -07:00
capability.c LSM: generalize flag passing to security_capable 2019-01-10 14:16:06 -08:00
crypto.c crypto: drop mask=CRYPTO_ALG_ASYNC from 'shash' tfm allocations 2018-11-20 14:26:55 +08:00
domain.c Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-03-07 11:44:01 -08:00
file.c apparmor: Replace spin_is_locked() with lockdep 2018-10-03 06:29:22 -07:00
ipc.c LSM: generalize flag passing to security_capable 2019-01-10 14:16:06 -08:00
Kconfig apparmor: Remove SECURITY_APPARMOR_BOOTPARAM_VALUE 2019-01-08 13:18:43 -08:00
label.c apparmor: fixup secid map conversion to using IDR 2018-06-07 01:50:49 -07:00
lib.c apparmor: Fix uninitialized value in aa_split_fqname 2018-10-03 06:29:22 -07:00
lsm.c Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-03-07 11:44:01 -08:00
Makefile apparmor: add base infastructure for socket mediation 2018-03-13 17:25:48 -07:00
match.c apparmor: fix typo "traverse" 2018-05-03 00:50:12 -07:00
mount.c vfs: Suppress MS_* flag defs within the kernel unless explicitly enabled 2018-12-20 16:32:56 +00:00
net.c apparmor: add #ifdef checks for secmark filtering 2018-10-12 17:09:56 -07:00
nulldfa.in apparmor: cleanup add proper line wrapping to nulldfa.in 2018-02-09 11:30:01 -08:00
path.c apparmor: Move path lookup to using preallocated buffers 2017-06-08 11:29:34 -07:00
policy_ns.c apparmor: fix an error code in __aa_create_ns() 2018-08-21 16:24:56 -07:00
policy_unpack.c apparmor: Parse secmark policy 2018-10-03 06:18:38 -07:00
policy.c apparmor: fix checkpatch error in Parse secmark policy 2018-11-01 22:28:17 -07:00
procattr.c apparmor: move context.h to cred.h 2018-02-09 11:30:01 -08:00
resource.c LSM: generalize flag passing to security_capable 2019-01-10 14:16:06 -08:00
secid.c + Features/Improvements 2018-11-02 10:04:26 -07:00
stacksplitdfa.in apparmor: use the dfa to do label parse string splitting 2018-02-09 11:30:01 -08:00
task.c AppArmor: Abstract use of cred security blob 2019-01-08 13:18:44 -08:00