mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-04-02 05:51:14 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
8d34e16f7f2b51f880957f2caadaae731ee28867
linux/security
History
Maxime Bélair 8d34e16f7f apparmor: userns: Add support for execpath in userns 
This new field allows reliable identification of the binary that
triggered a denial since the existing field (comm) only gives the name of
the binary, not its path. Thus comm doesn't work for binaries outside of
$PATH or works unreliably when two binaries have the same name.
Additionally comm can be modified by a program, for example, comm="(tor)"
or comm=4143504920506F6C6C6572 (= ACPI Poller).

Signed-off-by: Maxime Bélair <maxime.belair@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
2026-01-29 01:27:53 -08:00
..
apparmor
apparmor: userns: Add support for execpath in userns
2026-01-29 01:27:53 -08:00
bpf
lsm: replace the name field with a pointer to the lsm_id struct
2025-10-22 19:24:18 -04:00
integrity
Merge tag 'integrity-v6.19' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
2025-12-03 11:08:03 -08:00
ipe
Merge tag 'ipe-pr-20251202' of git://git.kernel.org/pub/scm/linux/kernel/git/wufan/ipe
2025-12-03 11:19:34 -08:00
keys
tpm2-sessions: Open code tpm_buf_append_hmac_session()
2025-12-05 06:42:51 +02:00
landlock
Merge tag 'landlock-6.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux
2025-12-06 09:52:41 -08:00
loadpin
loadpin: move initcalls to the LSM framework
2025-10-22 19:24:25 -04:00
lockdown
lockdown: move initcalls to the LSM framework
2025-10-22 19:24:27 -04:00
safesetid
safesetid: move initcalls to the LSM framework
2025-10-22 19:24:26 -04:00
selinux
Merge tag 'pull-persistency' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2025-12-05 14:36:21 -08:00
smack
Merge tag 'pull-persistency' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2025-12-05 14:36:21 -08:00
tomoyo
Merge tag 'tomoyo-pr-20251212' of git://git.code.sf.net/p/tomoyo/tomoyo
2025-12-14 15:21:02 +12:00
yama
lsm: replace the name field with a pointer to the lsm_id struct
2025-10-22 19:24:18 -04:00
commoncap.c
Merge tag 'caps-pr-20251204' of git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux
2025-12-04 20:10:28 -08:00
device_cgroup.c
device_cgroup: Refactor devcgroup_seq_show to use seq_put* helpers
2025-11-11 19:47:24 -05:00
inode.c
Merge tag 'pull-persistency' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2025-12-05 14:36:21 -08:00
Kconfig
lsm: CONFIG_LSM can depend on CONFIG_SECURITY
2025-09-11 16:32:04 -04:00
Kconfig.hardening
rust: add bitmap API.
2025-09-22 15:52:44 -04:00
lsm_audit.c
net: Retire DCCP socket.
2025-04-11 18:58:10 -07:00
lsm_init.c
lsm: use unrcu_pointer() for current->cred in security_init()
2025-11-19 10:32:06 -05:00
lsm_notifier.c
lsm: split the notifier code out into lsm_notifier.c
2025-10-22 19:24:15 -04:00
lsm_syscalls.c
lsm: rework lsm_active_cnt and lsm_idlist[]
2025-10-22 19:24:19 -04:00
lsm.h
lsm: consolidate all of the LSM framework initcalls
2025-10-22 19:24:28 -04:00
Makefile
lsm: split the init code out into lsm_init.c
2025-10-22 19:24:16 -04:00
min_addr.c
lsm: consolidate all of the LSM framework initcalls
2025-10-22 19:24:28 -04:00
security.c
lsm: cleanup the debug and console output in lsm_init.c
2025-10-22 19:24:23 -04:00