2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2024-12-17 09:43:59 +08:00
linux-next/security
Mat Martineau 4a420896f1 KEYS: Consistent ordering for __key_link_begin and restrict check
The keyring restrict callback was sometimes called before
__key_link_begin and sometimes after, which meant that the keyring
semaphores were not always held during the restrict callback.

If the semaphores are consistently acquired before checking link
restrictions, keyring contents cannot be changed after the restrict
check is complete but before the evaluated key is linked to the keyring.

Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
2017-04-04 14:10:11 -07:00
..
apparmor security: mark LSM hooks as __ro_after_init 2017-03-06 11:00:15 +11:00
integrity KEYS: Use structure to capture key restriction function and data 2017-04-04 14:10:10 -07:00
keys KEYS: Consistent ordering for __key_link_begin and restrict check 2017-04-04 14:10:11 -07:00
loadpin security: mark LSM hooks as __ro_after_init 2017-03-06 11:00:15 +11:00
selinux security: mark LSM hooks as __ro_after_init 2017-03-06 11:00:15 +11:00
smack security: mark LSM hooks as __ro_after_init 2017-03-06 11:00:15 +11:00
tomoyo TOMOYO: Use designated initializers 2017-03-30 17:37:45 +11:00
yama security: mark LSM hooks as __ro_after_init 2017-03-06 11:00:15 +11:00
commoncap.c security: mark LSM hooks as __ro_after_init 2017-03-06 11:00:15 +11:00
device_cgroup.c security/device_cgroup: Fix RCU_LOCKDEP_WARN() condition 2015-09-03 18:13:10 -07:00
inode.c LSM: Add /sys/kernel/security/lsm 2017-01-19 13:18:29 +11:00
Kconfig security: introduce CONFIG_SECURITY_WRITABLE_HOOKS 2017-03-06 11:00:12 +11:00
lsm_audit.c Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2016-10-04 14:48:27 -07:00
Makefile LSM: LoadPin for kernel file loading restrictions 2016-04-21 10:47:27 +10:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c LSM: Revive security_task_alloc() hook and per "struct task_struct" security blob. 2017-03-28 11:05:14 +11:00