github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-05-12 16:18:45 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
701ea57fea
linux/security
History
Linus Torvalds eefe0b9dee + Cleanups 
- Use sysfs_emit in param_get_{audit,mode}
   - Remove redundant if check in sk_peer_get_label
   - Replace memcpy + NUL termination with kmemdup_nul in do_setattr
 
 + Bug Fixes
   - Fix aa_dfa_unpack's error handling in aa_setup_dfa_engine
   - Fix string overrun due to missing termination
   - Fix wrong dentry in RENAME_EXCHANGE uid check
   - fix unpack_tags to properly return error in failure cases
   - fix dfa size check
   - return error on namespace mismatch in verify_header
   - use target task's context in apparmor_getprocattr()
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEE7cSDD705q2rFEEf7BS82cBjVw9gFAmnqqQkACgkQBS82cBjV
 w9hbkxAAhNJACQhDVcCFHIRzFTRYANEUtqwn2Ry4wyVuJA5N17McAe4JnPfvSuDv
 h/jSov5dPNw2gIgnwpX7aOf2ARe3l4FOMx43mUITnmahtwRoKVooV79RwTXHUxBX
 NXamG5kEVtz4p4iFR5j2R5LiddwueqtzXbld85ieId3BuoMo8cwklKlDjrMpMNai
 mQSwkeTB6Qv/M2r0MiDml0V8OYE4AO00CeEU3/vBZayu9j8xuqY8DvKwcwtbnRmm
 7TnITp0EMmtjpNkZHkjXwdAfMKBogYuLSlKwEq33H07cEMAxBbC6gevAVqIBLz3G
 e9/CbiQn2l1qZzXoBgrZV8MMJRN9aaKl+wrZmVu4zijlhTOP0AoqZ9q354mCIYA5
 k2jLEuZvgr+bggFMHPjfJt6Wa5N9EhoBRikziW6lYmtORqe4ng5Wj6VtVxba82qR
 yIGAViresioyHRvgOzbLjavi9q5nkQsPZmPvvMPyD1e2bXTzuw7uktGWCpI32Vsy
 Mu0H7CULCpzFAXFyK/Q0fMQaYRchq2vBJ83T5IXfe8vslSH7uKsPuiU6C8/oIA8J
 0DPAbVQ/KJ2ArPOGNCUO84xj2Hjw8yANdetjEIC7zHIerRxagSIAbnXBIuuR2EQD
 Z5uEgXTchX2PRW+dO+prYYhKufHGy7MTi+geUwHaxb+qefU8dlY=
 =OOib
 -----END PGP SIGNATURE-----

Merge tag 'apparmor-pr-2026-04-23' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor

Pull apparmor updates from John Johansen:
 "Cleanups
   - Use sysfs_emit in param_get_{audit,mode}
   - Remove redundant if check in sk_peer_get_label
   - Replace memcpy + NUL termination with kmemdup_nul in do_setattr

  Bug Fixes:
   - Fix aa_dfa_unpack's error handling in aa_setup_dfa_engine
   - Fix string overrun due to missing termination
   - Fix wrong dentry in RENAME_EXCHANGE uid check
   - fix unpack_tags to properly return error in failure cases
   - fix dfa size check
   - return error on namespace mismatch in verify_header
   - use target task's context in apparmor_getprocattr()"

* tag 'apparmor-pr-2026-04-23' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor:
  apparmor/lsm: Fix aa_dfa_unpack's error handling in aa_setup_dfa_engine
  apparmor: Fix string overrun due to missing termination
  apparmor: Fix wrong dentry in RENAME_EXCHANGE uid check
  apparmor: fix unpack_tags to properly return error in failure cases
  apparmor: fix dfa size check
  apparmor: Use sysfs_emit in param_get_{audit,mode}
  apparmor: Remove redundant if check in sk_peer_get_label
  apparmor: Replace memcpy + NUL termination with kmemdup_nul in do_setattr
  apparmor: return error on namespace mismatch in verify_header
  apparmor: use target task's context in apparmor_getprocattr()
2026-04-24 09:22:21 -07:00
..
apparmor + Cleanups 2026-04-24 09:22:21 -07:00
bpf lsm: replace the name field with a pointer to the lsm_id struct 2025-10-22 19:24:18 -04:00
integrity integrity-v7.1 2026-04-17 15:42:01 -07:00
ipe treewide: change inode->i_ino from unsigned long to u64 2026-03-06 14:31:28 +01:00
keys Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
landlock landlock: Clarify BUILD_BUG_ON check in scoping logic 2026-04-07 18:51:07 +02:00
loadpin Convert 'alloc_flex' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
lockdown lockdown: move initcalls to the LSM framework 2025-10-22 19:24:27 -04:00
safesetid Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
selinux mm.git review status for linus..mm-stable 2026-04-15 12:59:16 -07:00
smack Networking changes for 7.1. 2026-04-14 18:36:10 -07:00
tomoyo tomoyo: use u64 for holding inode->i_ino value 2026-04-15 00:00:10 +09:00
yama Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
commoncap_test.c security: Add KUnit tests for kuid_root_in_ns and vfsuid_root_in_currentns 2026-01-09 11:28:28 -06:00
commoncap.c security: Add KUnit tests for kuid_root_in_ns and vfsuid_root_in_currentns 2026-01-09 11:28:28 -06:00
device_cgroup.c Convert 'alloc_obj' family to use the new default GFP_KERNEL argument 2026-02-21 17:09:51 -08:00
inode.c securityfs: use kstrdup_const() to manage symlink targets 2026-03-17 17:13:36 -04:00
Kconfig proc: make PROC_MEM_FORCE_PTRACE the Kconfig default 2026-04-13 09:12:37 -07:00
Kconfig.hardening rust: add bitmap API. 2025-09-22 15:52:44 -04:00
lsm_audit.c treewide: change inode->i_ino from unsigned long to u64 2026-03-06 14:31:28 +01:00
lsm_init.c lsm: add backing_file LSM hooks 2026-04-03 16:53:50 -04:00
lsm_notifier.c lsm: split the notifier code out into lsm_notifier.c 2025-10-22 19:24:15 -04:00
lsm_syscalls.c lsm: rework lsm_active_cnt and lsm_idlist[] 2025-10-22 19:24:19 -04:00
lsm.h lsm: add backing_file LSM hooks 2026-04-03 16:53:50 -04:00
Makefile lsm: split the init code out into lsm_init.c 2025-10-22 19:24:16 -04:00
min_addr.c lsm: preserve /proc/sys/vm/mmap_min_addr when !CONFIG_SECURITY 2026-01-29 13:56:53 -05:00
security.c Landlock update for v7.1-rc1 2026-04-13 15:42:19 -07:00