MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-10-22 23:13:01 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
c6ad9fdbd4
linux-yocto/security
History
Hamza Mahfooz c6ad9fdbd4 io_uring,lsm,selinux: add LSM hooks for io_uring_setup() 
It is desirable to allow LSM to configure accessibility to io_uring
because it is a coarse yet very simple way to restrict access to it. So,
add an LSM for io_uring_allowed() to guard access to io_uring.

Cc: Paul Moore <paul@paul-moore.com>
Signed-off-by: Hamza Mahfooz <hamzamahfooz@linux.microsoft.com>
Acked-by: Jens Axboe <axboe@kernel.dk>
[PM: merge fuzz due to changes in preceding patches, subj tweak]
Signed-off-by: Paul Moore <paul@paul-moore.com>
2025-02-07 17:17:49 -05:00
..
apparmor treewide: const qualify ctl_tables where applicable 2025-01-28 13:48:37 +01:00
bpf bpf: lsm: Remove hook to bpf_task_storage_free 2024-12-16 12:32:31 -08:00
integrity AT_EXECVE_CHECK introduction for v6.14-rc1 2025-01-22 20:34:42 -08:00
ipe ipe: fallback to platform keyring also if key in trusted keyring is rejected 2024-10-18 12:14:53 -07:00
keys treewide: const qualify ctl_tables where applicable 2025-01-28 13:48:37 +01:00
landlock landlock: Optimize file path walks and prepare for audit support 2025-01-17 19:05:37 +01:00
loadpin fdget(), more trivial conversions 2024-11-03 01:28:06 -05:00
lockdown lockdown: initialize local array before use to quiet static analysis 2025-01-05 12:48:43 -05:00
safesetid safesetid: check size of policy writes 2025-01-04 22:46:09 -05:00
selinux io_uring,lsm,selinux: add LSM hooks for io_uring_setup() 2025-02-07 17:17:49 -05:00
smack lsm/stable-6.14 PR 20250121 2025-01-21 20:03:04 -08:00
tomoyo tomoyo: automatically use patterns for several situations in learning mode 2025-01-06 21:25:00 +09:00
yama treewide: const qualify ctl_tables where applicable 2025-01-28 13:48:37 +01:00
commoncap.c capabilities patches for 6.14-rc1 2025-01-23 08:00:16 -08:00
device_cgroup.c device_cgroup: Fix kernel-doc warnings in device_cgroup 2023-06-21 09:30:49 -04:00
inode.c lsm: Use IS_ERR_OR_NULL() helper function 2024-08-29 11:12:13 -04:00
Kconfig lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set 2025-01-04 11:50:44 -05:00
Kconfig.hardening hardening: Document INIT_STACK_ALL_PATTERN behavior with GCC 2025-01-08 14:17:33 -08:00
lsm_audit.c selinux/stable-6.14 PR 20250121 2025-01-21 20:09:14 -08:00
lsm_syscalls.c lsm: use 32-bit compatible data types in LSM syscalls 2024-03-14 11:31:26 -04:00
Makefile lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set 2025-01-04 11:50:44 -05:00
min_addr.c sysctl: treewide: constify the ctl_table argument of proc_handlers 2024-07-24 20:59:29 +02:00
security.c io_uring,lsm,selinux: add LSM hooks for io_uring_setup() 2025-02-07 17:17:49 -05:00