mirrors/linux
2
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-05-14 04:09:18 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
79625f1b3a3df63d3289a0781fdf121bc42966f7
linux/security
History
Mickaël Salaün 79625f1b3a landlock: Prepare to use credential instead of domain for fowner 
This cosmetic change is needed for audit support, specifically to be
able to filter according to cross-execution boundaries.

struct landlock_file_security's size stay the same for now but it will
increase with struct landlock_cred_security's size.

Only save Landlock domain in hook_file_set_fowner() if the current
domain has LANDLOCK_SCOPE_SIGNAL, which was previously done for each
hook_file_send_sigiotask() calls.  This should improve a bit
performance.

Replace hardcoded LANDLOCK_SCOPE_SIGNAL with the signal_scope.scope
variable.

Use scoped guards for RCU read-side critical sections.

Cc: Günther Noack <gnoack@google.com>
Link: https://lore.kernel.org/r/20250320190717.2287696-8-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
2025-03-26 13:59:37 +01:00
..
apparmor
treewide: const qualify ctl_tables where applicable
2025-01-28 13:48:37 +01:00
bpf
bpf: lsm: Remove hook to bpf_task_storage_free
2024-12-16 12:32:31 -08:00
integrity
ima: Reset IMA_NONACTION_RULE_FLAGS after post_setattr
2025-02-04 21:36:43 -05:00
ipe
ipe: fallback to platform keyring also if key in trusted keyring is rejected
2024-10-18 12:14:53 -07:00
keys
treewide: const qualify ctl_tables where applicable
2025-01-28 13:48:37 +01:00
landlock
landlock: Prepare to use credential instead of domain for fowner
2025-03-26 13:59:37 +01:00
loadpin
fdget(), more trivial conversions
2024-11-03 01:28:06 -05:00
lockdown
lockdown: initialize local array before use to quiet static analysis
2025-01-05 12:48:43 -05:00
safesetid
safesetid: check size of policy writes
2025-01-04 22:46:09 -05:00
selinux
Merge tag 'fsnotify_hsm_for_v6.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs
2025-01-23 13:36:06 -08:00
smack
Merge tag 'lsm-pr-20250121' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm
2025-01-21 20:03:04 -08:00
tomoyo
tomoyo: use better patterns for procfs in learning mode
2025-01-31 00:27:44 +09:00
yama
treewide: const qualify ctl_tables where applicable
2025-01-28 13:48:37 +01:00
commoncap.c
Merge tag 'caps-6.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux
2025-01-23 08:00:16 -08:00
device_cgroup.c
device_cgroup: Fix kernel-doc warnings in device_cgroup
2023-06-21 09:30:49 -04:00
inode.c
lsm: Use IS_ERR_OR_NULL() helper function
2024-08-29 11:12:13 -04:00
Kconfig
lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set
2025-01-04 11:50:44 -05:00
Kconfig.hardening
hardening: Document INIT_STACK_ALL_PATTERN behavior with GCC
2025-01-08 14:17:33 -08:00
lsm_audit.c
lsm: Add audit_log_lsm_data() helper
2025-03-26 13:59:33 +01:00
lsm_syscalls.c
lsm: use 32-bit compatible data types in LSM syscalls
2024-03-14 11:31:26 -04:00
Makefile
lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set
2025-01-04 11:50:44 -05:00
min_addr.c
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
security.c
Merge tag 'AT_EXECVE_CHECK-v6.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
2025-01-22 20:34:42 -08:00