renegade-project/linux-next
2
0
Fork 0
mirror of https://github.com/edk2-porting/linux-next.git synced 2025-01-02 10:43:57 +08:00
Code
Mainline Linux tree for various devices, only for fun :)
852,724 Commits 41 Branches 2 Tags 3.4 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Makefile 0.3%
Python 0.3%
1ec4013bab
Go to file
Linus Torvalds 1ec4013bab SafeSetID patches for 5.3 
These changes from Jann Horn fix a couple issues in the recently added
 SafeSetID LSM:
 
 (1) There was a simple logic bug in one of the hooks for the LSM where
     the code was incorrectly returning early in some cases before all
     security checks had been passed.
 
 (2) There was a more high level issue with how this LSM gets configured
     that could allow for a program to bypass the security restrictions
     by switching to an allowed UID and then again to any other UID on
     the system if the target UID of the first transition is
     unconstrained on the system. Luckily this is an easy fix that we now
     enforce at the time the LSM gets configured.
 
 There are also some changes from Jann that make policy updates for this
 LSM atomic. Kees Cook, Jann and myself have reviewed these changes and they
 look good from our point of view.
 
 Signed-off-by: Micah Morton <mortonm@chromium.org>
 -----BEGIN PGP SIGNATURE-----
 
 iQJJBAABCgAzFiEEgvWslnM+qUy+sgVg5n2WYw6TPBAFAl0smnkVHG1vcnRvbm1A
 Y2hyb21pdW0ub3JnAAoJEOZ9lmMOkzwQjrsQAL06++A21FSJrATG/60Z9XHLv+Wz
 aQ2xc7BMbA8iB3qAlDMMx2ygLXXKo6uX1/aXUh4oU7Zof3anNK2yyWVJzN/2gGbn
 PB//FKhEdP9GSrlbtVnNcvrGVWVwpObyc61n/gCZuv8+eIKWhhqXJed+C0idyQY0
 RPS2XGwKB5VL5O/fiHsq01IQLcw4SpwgbtV/+9l/zId2XLsCfsoPcULH1jHj99I0
 Gkh4JW2D1+OO2tScIRSipjDA6F87nDivf9ey+4EA1HxW89XAcT2WaeSUYGsKtID0
 CnSvV+FamOViuOcZUQ7XCOs6LqqEjU1gKHeuQ+Pmv+I+i5g6gaSBU6CDN8hvcRp9
 OI6cGUdiKwVUZ+Crfl/jGixCPGCNNJ93O/M7C2S3YieErjBY+hQ3fFTZv0KIv0Dp
 OCSres/t1Jop/UFS04e06k1f7gZGR98qgyMYPRTtbLeMYNI9QJAFQyOpb7FU0pux
 r6Dw7Dt28MXRj2OwLPvQHDWNAoyOom3cqT6GNajv7xW57cNZR4uvBxL1phihRz7A
 BA5irwoaJRb4ksgCRd4X5oy88xAdoULWdzWxOZOQav48+KJzEN4y4O0wyBda4gfG
 YnO2Kqf4y7M6C3RQk2EDM2DRT+Ql35qWHEGpCywNH/tHTM2FYEESEzfsQTuOA2uZ
 N8OkZWG6YBfSkdK6
 =GW0O
 -----END PGP SIGNATURE-----

Merge tag 'safesetid-5.3' of git://github.com/micah-morton/linux

Pull safesetid updates from Micah Morton:
 "These changes from Jann Horn fix a couple issues in the recently added
  SafeSetID LSM:

   - There was a simple logic bug in one of the hooks for the LSM where
     the code was incorrectly returning early in some cases before all
     security checks had been passed.

   - There was a more high level issue with how this LSM gets configured
     that could allow for a program to bypass the security restrictions
     by switching to an allowed UID and then again to any other UID on
     the system if the target UID of the first transition is
     unconstrained on the system. Luckily this is an easy fix that we
     now enforce at the time the LSM gets configured.

  There are also some changes from Jann that make policy updates for
  this LSM atomic. Kees Cook, Jann and myself have reviewed these
  changes and they look good from our point of view"

* tag 'safesetid-5.3' of git://github.com/micah-morton/linux:
  LSM: SafeSetID: fix use of literal -1 in capable hook
  LSM: SafeSetID: verify transitive constrainedness
  LSM: SafeSetID: add read handler
  LSM: SafeSetID: rewrite userspace API to atomic updates
  LSM: SafeSetID: fix userns handling in securityfs
  LSM: SafeSetID: refactor policy parsing
  LSM: SafeSetID: refactor safesetid_security_capable()
  LSM: SafeSetID: refactor policy hash table
  LSM: SafeSetID: fix check for setresuid(new1, new2, new3)
  LSM: SafeSetID: fix pr_warn() to include newline
2019-07-16 11:49:58 -07:00
arch for-linus-20190715 2019-07-16 11:30:07 -07:00
block block: Limit zone array allocation size 2019-07-11 20:04:40 -06:00
certs Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00
crypto USB / PHY patches for 5.3-rc1 2019-07-11 15:40:06 -07:00
Documentation for-linus-20190715 2019-07-15 21:20:52 -07:00
drivers - New Functionality 2019-07-16 09:25:04 -07:00
fs Merge branch 'proc-cmdline' (/proc/<pid>/cmdline fixes) 2019-07-16 10:37:27 -07:00
include for-linus-20190715 2019-07-16 11:30:07 -07:00
init Kbuild updates for v5.3 2019-07-12 16:03:16 -07:00
ipc treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
kernel for-linus-20190715 2019-07-16 11:30:07 -07:00
lib 5.3 Merge window RDMA pull request 2019-07-15 20:38:15 -07:00
LICENSES LICENSES: Rename other to deprecated 2019-05-03 06:34:32 -06:00
mm Revert "Merge branch 'vmwgfx-next' of git://people.freedesktop.org/~thomash/linux into drm-next" 2019-07-16 04:07:13 +10:00
net pci-v5.3-changes 2019-07-15 20:44:49 -07:00
samples Kbuild updates for v5.3 2019-07-12 16:03:16 -07:00
scripts stream_open related bits for Linux 5.3 2019-07-14 17:08:08 -07:00
security LSM: SafeSetID: fix use of literal -1 in capable hook 2019-07-15 08:08:03 -07:00
sound Driver Core and debugfs changes for 5.3-rc1 2019-07-12 12:24:03 -07:00
tools SafeSetID patches for 5.3 2019-07-16 11:49:58 -07:00
usr kbuild: compile-test exported headers to ensure they are self-contained 2019-07-08 23:13:57 +09:00
virt ARM: 2019-07-12 15:35:14 -07:00
.clang-format Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-04-17 11:26:25 -07:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore kbuild: do not create wrappers for header-test-y 2019-07-09 10:10:27 +09:00
.mailmap MAINTAINERS: Update my email address 2019-06-18 14:37:27 +01:00
COPYING COPYING: use the new text with points to the license files 2018-03-23 12:41:45 -06:00
CREDITS Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2019-06-25 01:32:59 +02:00
Kbuild Kbuild updates for v5.1 2019-03-10 17:48:21 -07:00
Kconfig docs: kbuild: convert docs to ReST and rename to *.rst 2019-06-14 14:21:21 -06:00
MAINTAINERS for-linus-20190715 2019-07-16 11:30:07 -07:00
Makefile Kbuild updates for v5.3 2019-07-12 16:03:16 -07:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.