linux/kernel
Linus Torvalds 92d4a03674 Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:

 - kstrdup() return value fix from Eric Biggers

 - Add new security_load_data hook to differentiate security checking of
   kernel-loaded binaries in the case of there being no associated file
   descriptor, from Mimi Zohar.

 - Add ability to IMA to specify a policy at build-time, rather than
   just via command line params or by loading a custom policy, from
   Mimi.

 - Allow IMA and LSMs to prevent sysfs firmware load fallback (e.g. if
   using signed firmware), from Mimi.

 - Allow IMA to deny loading of kexec kernel images, as they cannot be
   measured by IMA, from Mimi.

* 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  security: check for kstrdup() failure in lsm_append()
  security: export security_kernel_load_data function
  ima: based on policy warn about loading firmware (pre-allocated buffer)
  module: replace the existing LSM hook in init_module
  ima: add build time policy
  ima: based on policy require signed firmware (sysfs fallback)
  firmware: add call to LSM hook before firmware sysfs fallback
  ima: based on policy require signed kexec kernel images
  kexec: add call to LSM hook in original kexec_load syscall
  security: define new LSM hook named security_kernel_load_data
  MAINTAINERS: remove the outdated "LINUX SECURITY MODULE (LSM) FRAMEWORK" entry
2018-08-15 10:25:26 -07:00
..
bpf Merge branch 'locking-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-08-13 12:23:39 -07:00
cgroup docs: Fix some broken references 2018-06-15 18:10:01 -03:00
configs kconfig: tinyconfig: remove stale stack protector fixups 2018-06-15 07:15:28 +09:00
debug treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
dma dma-mapping updates for 4.19 2018-08-14 11:11:52 -07:00
events arm64 updates for 4.19 2018-08-14 16:39:13 -07:00
gcov gcov: remove CONFIG_GCOV_FORMAT_AUTODETECT 2018-06-08 18:56:02 +09:00
irq Merge branch 'irq-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-08-13 10:47:26 -07:00
livepatch livepatch: Allow to call a custom callback when freeing shadow variables 2018-04-17 13:42:48 +02:00
locking Merge branch 'core-rcu-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-08-13 10:49:41 -07:00
power Power management updates for 4.19-rc1 2018-08-14 13:12:24 -07:00
printk Printk changes for 4.18 2018-06-06 16:04:55 -07:00
rcu Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-08-13 11:25:07 -07:00
sched Merge branch 'l1tf-final' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-08-14 09:46:06 -07:00
time Merge branch 'parisc-4.19-1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux 2018-08-13 19:18:02 -07:00
trace This was a moderately busy cycle for docs, with the usual collection of 2018-08-14 14:29:31 -07:00
.gitignore
acct.c kernel/acct.c: fix the acct->needcheck check in check_free_space() 2018-01-04 16:45:09 -08:00
async.c kernel/async.c: revert "async: simplify lowest_in_progress()" 2018-02-06 18:32:44 -08:00
audit_fsnotify.c fsnotify: add fsnotify_add_inode_mark() wrappers 2018-05-18 14:58:22 +02:00
audit_tree.c fsnotify: add fsnotify_add_inode_mark() wrappers 2018-05-18 14:58:22 +02:00
audit_watch.c \n 2018-06-17 05:06:18 +09:00
audit.c audit: use inline function to get audit context 2018-05-14 17:24:18 -04:00
audit.h audit: track the owner of the command mutex ourselves 2018-02-23 11:22:22 -05:00
auditfilter.c audit: use existing session info function 2018-05-18 15:47:54 -04:00
auditsc.c audit: fix potential null dereference 'context->module.name' 2018-07-30 18:09:37 -04:00
backtracetest.c
bounds.c
capability.c
compat.c time: Enable get/put_compat_itimerspec64 always 2018-06-24 14:39:47 +02:00
configs.c
context_tracking.c
cpu_pm.c
cpu.c cpu/hotplug: Non-SMP machines do not make use of booted_once 2018-08-14 15:00:00 -07:00
crash_core.c mm: split page_type out from _mapcount 2018-06-07 17:34:37 -07:00
crash_dump.c
cred.c
delayacct.c delayacct: Use raw_spinlocks 2018-04-27 14:34:51 +02:00
dma.c proc: introduce proc_create_single{,_data} 2018-05-16 07:23:35 +02:00
elfcore.c
exec_domain.c proc: introduce proc_create_single{,_data} 2018-05-16 07:23:35 +02:00
exit.c kernel: use kernel_wait4() instead of sys_wait4() 2018-04-02 20:14:51 +02:00
extable.c extable: Make init_kernel_text() global 2018-02-21 16:54:06 +01:00
fail_function.c bpf/error-inject/kprobes: Clear current_kprobe and enable preempt in kprobe 2018-06-21 12:33:19 +02:00
fork.c for-4.19/block-20180812 2018-08-14 10:23:25 -07:00
freezer.c PM / reboot: Eliminate race between reboot and suspend 2018-08-06 12:35:20 +02:00
futex_compat.c
futex.c pids: introduce find_get_task_by_vpid() helper 2018-02-06 18:32:46 -08:00
groups.c
hung_task.c kernel/hung_task.c: show all hung tasks before panic 2018-06-07 17:34:39 -07:00
iomem.c memremap: split devm_memremap_pages() and memremap() infrastructure 2018-05-15 23:08:33 -07:00
irq_work.c irq/work: Improve the flag definitions 2018-01-08 19:43:15 +01:00
jump_label.c jump_label: Disable jump labels in __exit code 2018-03-20 08:57:17 +01:00
kallsyms.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/pmladek/printk 2018-02-01 13:36:15 -08:00
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kcov.c sched/core / kcov: avoid kcov_area during task switch 2018-06-15 07:55:24 +09:00
kexec_core.c kexec: yield to scheduler when loading kimage segments 2018-06-15 07:55:24 +09:00
kexec_file.c treewide: Use array_size() in vzalloc() 2018-06-12 16:19:22 -07:00
kexec_internal.h
kexec.c kexec: add call to LSM hook in original kexec_load syscall 2018-07-16 12:31:57 -07:00
kmod.c
kprobes.c kprobes: Replace %p with other pointer types 2018-06-21 17:33:42 +02:00
ksysfs.c
kthread.c Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-08-13 11:25:07 -07:00
latencytop.c
Makefile dma-mapping: move all DMA mapping code to kernel/dma 2018-06-14 08:50:37 +02:00
memremap.c mm: fix exports that inadvertently make put_page() EXPORT_SYMBOL_GPL 2018-07-26 19:38:03 -07:00
module_signing.c
module-internal.h
module.c module: replace the existing LSM hook in init_module 2018-07-16 12:31:57 -07:00
notifier.c
nsproxy.c
padata.c padata: add SPDX identifier 2018-01-05 18:43:00 +11:00
panic.c Kbuild: rename CC_STACKPROTECTOR[_STRONG] config variables 2018-06-14 12:21:18 +09:00
params.c kernel/params.c: downgrade warning for unsafe parameters 2018-04-11 10:28:37 -07:00
pid_namespace.c Merge branch 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2018-04-03 19:15:32 -07:00
pid.c xarray: add the xa_lock to the radix_tree_root 2018-04-11 10:28:39 -07:00
profile.c
ptrace.c pids: introduce find_get_task_by_vpid() helper 2018-02-06 18:32:46 -08:00
range.c
reboot.c PM / reboot: Eliminate race between reboot and suspend 2018-08-06 12:35:20 +02:00
relay.c kernel/relay.c: change return type to vm_fault_t 2018-06-15 07:55:24 +09:00
resource.c libnvdimm for 4.18 2018-06-08 17:21:52 -07:00
rseq.c rseq: uapi: Declare rseq_cs field as union, update includes 2018-07-10 22:18:52 +02:00
seccomp.c audit/stable-4.18 PR 20180605 2018-06-06 16:34:00 -07:00
signal.c signal: Remove no longer required irqsave/restore 2018-06-10 06:14:01 +02:00
smp.c cpu/hotplug: Fix SMT supported evaluation 2018-08-07 12:25:30 +02:00
smpboot.c smpboot: Remove cpumask from the API 2018-07-03 09:20:44 +02:00
smpboot.h
softirq.c nohz: Fix missing tick reprogram when interrupting an inline softirq 2018-08-03 15:52:10 +02:00
stacktrace.c
stop_machine.c Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-08-13 11:25:07 -07:00
sys_ni.c Merge branch 'core-rseq-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-06-10 10:17:09 -07:00
sys.c sysinfo: Remove get_monotonic_boottime() 2018-06-19 09:56:27 +02:00
sysctl_binary.c staging: irda: remove remaining remants of irda code removal 2018-04-16 11:26:49 +02:00
sysctl.c sched/sysctl: Remove unused sched_time_avg_ms sysctl 2018-07-16 00:16:29 +02:00
task_work.c
taskstats.c pids: introduce find_get_task_by_vpid() helper 2018-02-06 18:32:46 -08:00
test_kprobes.c kprobes: Remove jprobe API implementation 2018-06-21 12:33:05 +02:00
torture.c torture: Keep old-school dmesg format 2018-06-25 11:30:10 -07:00
tracepoint.c tracepoints: Fix the descriptions of tracepoint_probe_register{_prio} 2018-05-28 12:49:51 -04:00
tsacct.c
ucount.c headers: untangle kmemleak.h from mm.h 2018-04-05 21:36:27 -07:00
uid16.c fs: add do_fchownat(), ksys_fchown() helpers and ksys_{,l}chown() wrappers 2018-04-02 20:15:59 +02:00
uid16.h kernel: provide ksys_*() wrappers for syscalls called by kernel/uid16.c 2018-04-02 20:15:30 +02:00
umh.c umh: fix race condition 2018-06-07 16:56:28 -04:00
up.c
user_namespace.c treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
user-return-notifier.c
user.c efivarfs: Limit the rate for non-root to read files 2018-02-22 10:21:02 -08:00
utsname_sysctl.c
utsname.c uts: create "struct uts_namespace" from kmem_cache 2018-04-11 10:28:35 -07:00
watchdog_hld.c watchdog: Reduce message verbosity 2018-08-03 12:19:08 +02:00
watchdog.c watchdog/softlockup: Fix cpu_stop_queue_work() double-queue bug 2018-07-15 23:51:19 +02:00
workqueue_internal.h workqueue: Set worker->desc to workqueue name by default 2018-05-18 08:47:13 -07:00
workqueue.c treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00