2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2024-12-21 11:44:01 +08:00
linux-next/security/tomoyo
Linus Torvalds 7a1e8b80fb Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
 "Highlights:

   - TPM core and driver updates/fixes
   - IPv6 security labeling (CALIPSO)
   - Lots of Apparmor fixes
   - Seccomp: remove 2-phase API, close hole where ptrace can change
     syscall #"

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (156 commits)
  apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling
  tpm: Add TPM 2.0 support to the Nuvoton i2c driver (NPCT6xx family)
  tpm: Factor out common startup code
  tpm: use devm_add_action_or_reset
  tpm2_i2c_nuvoton: add irq validity check
  tpm: read burstcount from TPM_STS in one 32-bit transaction
  tpm: fix byte-order for the value read by tpm2_get_tpm_pt
  tpm_tis_core: convert max timeouts from msec to jiffies
  apparmor: fix arg_size computation for when setprocattr is null terminated
  apparmor: fix oops, validate buffer size in apparmor_setprocattr()
  apparmor: do not expose kernel stack
  apparmor: fix module parameters can be changed after policy is locked
  apparmor: fix oops in profile_unpack() when policy_db is not present
  apparmor: don't check for vmalloc_addr if kvzalloc() failed
  apparmor: add missing id bounds check on dfa verification
  apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task
  apparmor: use list_next_entry instead of list_entry_next
  apparmor: fix refcount race when finding a child profile
  apparmor: fix ref count leak when profile sha1 hash is read
  apparmor: check that xindex is in trans_table bounds
  ...
2016-07-29 17:38:46 -07:00
..
policy tomoyo: Do not generate empty policy files 2015-04-07 21:27:45 +02:00
.gitignore tomoyo: Do not generate empty policy files 2015-04-07 21:27:45 +02:00
audit.c tomoyo: Use sensible time interface 2014-06-12 16:18:45 +02:00
common.c tomoyo: Use sensible time interface 2014-06-12 16:18:45 +02:00
common.h tomoyo: constify assorted struct path * 2016-03-28 00:47:23 -04:00
condition.c VFS: security/: d_backing_inode() annotations 2015-04-15 15:06:56 -04:00
domain.c mm/gup: Introduce get_user_pages_remote() 2016-02-16 10:04:09 +01:00
environ.c TOMOYO: Add environment variable name restriction support. 2011-09-14 08:27:05 +10:00
file.c tomoyo: constify assorted struct path * 2016-03-28 00:47:23 -04:00
gc.c security: tomoyo: simplify the gc kthread creation 2016-06-06 20:23:55 +10:00
group.c TOMOYO: Add socket operation restriction support. 2011-09-14 08:27:05 +10:00
Kconfig tomoyo: Use bin2c to generate builtin-policy.h 2015-04-07 21:27:45 +02:00
load_policy.c usermodehelper: use UMH_WAIT_PROC consistently 2012-03-23 16:58:41 -07:00
Makefile tomoyo: Do not generate empty policy files 2015-04-07 21:27:45 +02:00
memory.c vfs: make the string hashes salt the hash 2016-06-10 20:21:46 -07:00
mount.c tomoyo: constify assorted struct path * 2016-03-28 00:47:23 -04:00
network.c TOMOYO: Add socket operation restriction support. 2011-09-14 08:27:05 +10:00
realpath.c VFS: security/: d_backing_inode() annotations 2015-04-15 15:06:56 -04:00
securityfs_if.c convert a bunch of open-coded instances of memdup_user_nul() 2016-01-04 10:26:58 -05:00
tomoyo.c constify security_sb_pivotroot() 2016-03-28 00:47:52 -04:00
util.c vfs: make the string hashes salt the hash 2016-06-10 20:21:46 -07:00