MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-10-22 23:13:01 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
fd590381da
linux-yocto/security
History
John Johansen 7be40fd6f8 apparmor: fix x_table_lookup when stacking is not the first entry 
[ Upstream commit a9eb185be8 ]

x_table_lookup currently does stacking during label_parse() if the
target specifies a stack but its only caller ensures that it will
never be used with stacking.

Refactor to slightly simplify the code in x_to_label(), this
also fixes a long standing problem where x_to_labels check on stacking
is only on the first element to the table option list, instead of
the element that is found and used.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-08-20 18:41:29 +02:00
..
apparmor apparmor: fix x_table_lookup when stacking is not the first entry 2025-08-20 18:41:29 +02:00
bpf bpf: lsm: Remove hook to bpf_task_storage_free 2024-12-16 12:32:31 -08:00
integrity ima: do not copy measurement list to kdump kernel 2025-05-14 06:40:09 -04:00
ipe ipe: add errno field to IPE policy load auditing 2025-05-27 18:08:51 -07:00
keys KEYS: Invert FINAL_PUT bit 2025-06-11 11:57:14 -07:00
landlock landlock: opened file never has a negative dentry 2025-08-20 18:40:55 +02:00
loadpin loadpin: remove MODULE_COMPRESS_NONE as it is no longer supported 2025-03-03 09:35:50 -08:00
lockdown lockdown: initialize local array before use to quiet static analysis 2025-01-05 12:48:43 -05:00
safesetid safesetid: check size of policy writes 2025-01-04 22:46:09 -05:00
selinux selinux: change security_compute_sid to return the ssid or tsid on match 2025-06-19 16:13:16 -04:00
smack Networking changes for 6.16. 2025-05-28 15:24:36 -07:00
tomoyo tomoyo: use better patterns for procfs in learning mode 2025-01-31 00:27:44 +09:00
yama yama: don't abuse rcu_read_lock/get_task_struct in yama_task_prctl() 2025-03-07 19:58:05 -08:00
commoncap.c capability: Remove unused has_capability 2025-03-07 22:03:09 -06:00
device_cgroup.c device_cgroup: Fix kernel-doc warnings in device_cgroup 2023-06-21 09:30:49 -04:00
inode.c securityfs: don't pin dentries twice, once is enough... 2025-08-20 18:40:56 +02:00
Kconfig mseal sysmap: kernel config and header change 2025-04-01 15:17:14 -07:00
Kconfig.hardening require gcc-8 and binutils-2.30 2025-05-31 08:16:52 -07:00
lsm_audit.c net: Retire DCCP socket. 2025-04-11 18:58:10 -07:00
lsm_syscalls.c lsm: use 32-bit compatible data types in LSM syscalls 2024-03-14 11:31:26 -04:00
Makefile lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set 2025-01-04 11:50:44 -05:00
min_addr.c security: min_addr: move sysctl to security/min_addr.c 2025-02-07 16:53:04 +01:00
security.c lsm: Move security_netlink_send to under CONFIG_SECURITY_NETWORK 2025-04-22 15:34:58 -04:00