github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-05-12 16:18:45 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
917719c412
linux/Documentation
History
Linus Torvalds 917719c412 selinux/stable-7.1 PR 20260507 
-----BEGIN PGP SIGNATURE-----
 
 iQJIBAABCgAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAmn8tJEUHHBhdWxAcGF1
 bC1tb29yZS5jb20ACgkQ6iDy2pc3iXN/Qw//XAX9lG6yOCVR/JnuhNOjgENvqANu
 2aY33ylr+nqqQ3bDR7uJKrxZ74Vu+r4+SKFF2mHmVJkIkOie2XsFBYh68Q2QiIQd
 ZROxTnPYeP/eEsL1Px6ZjyILqD4gkNUtSQvH3FoydFcF784VcMwvPoTeLENzqZkV
 RDcVypiYNiROfVS4cDXYiVZKZuQeMg7/9IX5ZVDsdYv2DwlYgj5LsfM+HdB95vf1
 MoysATSwOo6VUUvri+i9BNVC3ZYeSpEvC9NZazb3QKWH/cpvDrzZh0Qz+Mn2TFVt
 X2o9syY2K8nm/ZxUTVmbni2Y8xB71a3WRJjx3vdc/ZpsOQ38hMMnLfxCCB/xNvQ1
 Z8/qUOVT0fiI4AfJdQjVZkO7viKQfRlQAtkT+nAVIESnsZdBckluT7uFSH4nvzcC
 JNK6Uzvhs4lhrYyMA9rEQOpswspcKxyeYPZN5rFtlz3zUzGeYG0pTNZ6B9Tjl8DK
 xnqcm/ySTGx8m6/w29xDdubOjj+J2U+oGOkaGAWyXDxGbJ2vWPvqQrbRfFrMuzPh
 sO5IYKcQ6MbEIzcUErlASXVxJj2KfCjEnbTDpocOVEY6vczAPtQuZme3WyQ80GuV
 wUYXDEBYEJG27vjHXtN5ClZs6NRY2niyphq3yh+gWoJFens76ord9zU6Pq8IF4xd
 XcPbqMhY1Q65i3c=
 =l+qi
 -----END PGP SIGNATURE-----

Merge tag 'selinux-pr-20260507' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux

Pull selinux fixes from Paul Moore:

 - Allow for multiple opens of /sys/fs/selinux/policy

   Prevent a single process from blocking others from reading the
   SELinux policy loaded in the kernel. This does have the side effect
   of potentially allowing userspace to trigger additional kernel memory
   allocations as part of the open/read operation, but this is mitigated
   by requiring the SELinux security/read_policy permission.

 - Reduce the critical sections where the SELinux policy mutex is held

   This includes the patch to the policy loader code where we move the
   permission checks and an allocation outside the mutex as well as the
   the patch to checkreqprot which drops the code/lock entirely.

   While the checkreqprot code had effectively been dropped in an
   earlier release, portions of the code still remained that would have
   triggered the mutex to perform an IMA measurement. This finally drops
   all of that while preserving the user visible behavior.

 - Eliminate potential sources of log spamming

   There were a few areas where processes could flood the system logs
   and hide other, more critical events. The previously disabled
   checkreqprot and runtime disable knobs in selinuxfs were two such
   areas that have now been greatly simplified and a pr_err() replaced
   with a pr_err_once().

   The third such place is the /sys/fs/selinux/user file, which hasn't
   been used by a userspace release since 2020 and was scheduled for
   removal after 2025; this effectively disables this functionality, but
   similar to checkreqprot, it is done in a way that should not break
   old userspace.

* tag 'selinux-pr-20260507' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
  selinux: shrink critical section in sel_write_load()
  selinux: allow multiple opens of /sys/fs/selinux/policy
  selinux: prune /sys/fs/selinux/user
  selinux: prune /sys/fs/selinux/disable
  selinux: prune /sys/fs/selinux/checkreqprot
2026-05-07 17:26:43 -07:00
..
ABI selinux: prune /sys/fs/selinux/user 2026-05-05 15:27:44 -04:00
accel
accounting
admin-guide cgroup: Fixes for v7.1-rc2 2026-05-05 15:43:32 -07:00
arch s390 updates for 7.1 merge window 2026-04-22 11:13:45 -07:00
block Documentation: ublk: address review comments for SHMEM_ZC docs 2026-04-09 19:10:44 -06:00
bpf docs/bpf: add missing fsession attach type to docs 2026-04-12 12:42:38 -07:00
cdrom
core-api mm.git review status for linus..mm-stable 2026-04-15 12:59:16 -07:00
cpu-freq
crypto Crypto library fix and documentation update for 7.1 2026-04-21 11:46:22 -07:00
dev-tools mm.git review status for linus..mm-stable 2026-04-15 12:59:16 -07:00
devicetree mailbox: updates for v7.1 2026-04-27 15:21:18 -07:00
doc-guide docs: kernel-doc.rst: document private: scope propagation 2026-03-22 15:02:29 -06:00
driver-api We've finally gotten rid of the struct clk_ops::round_rate() code after months 2026-04-21 08:33:26 -07:00
edac
fault-injection
fb
features RISC-V updates for v7.1 2026-04-24 10:00:37 -07:00
filesystems \n 2026-04-27 16:45:39 -07:00
firmware_class
firmware-guide
fpga
gpu DRM Rust changes for v7.1-rc1 2026-04-01 07:32:05 +10:00
hid Docs: hid: intel-ish-hid: make long URL usable 2026-04-09 08:40:41 -06:00
hwmon hwmon: add support for MCP998X 2026-04-11 00:02:13 -07:00
i2c
iio Docs: iio: ad7191 Correct clock configuration 2026-03-27 07:31:19 +00:00
images
infiniband RDMA/hfi1: Remove opa_vnic 2026-03-10 07:51:30 -04:00
input
kbuild Modules changes for v7.1-rc1 2026-04-14 17:16:38 -07:00
kernel-hacking
leds
litmus-tests
livepatch
locking
maintainer
mhi
misc-devices TTY / Serial driver updates for 7.0-rc1 2026-02-17 09:30:52 -08:00
mm mm.git review status for linus..mm-stable 2026-04-15 12:59:16 -07:00
netlabel
netlink net: psp: require admin permission for dev-set and key-rotate 2026-04-28 17:44:20 -07:00
networking Delete some obsolete networking code 2026-04-24 09:41:58 -07:00
nvdimm
nvme
PCI pci-v7.1-changes 2026-04-15 14:41:21 -07:00
pcmcia
peci
power power supply and reset changes for the 7.0 series 2026-02-12 18:24:37 -08:00
process SPDX change for 7.1-rc1 2026-04-24 13:30:54 -07:00
RCU rcu-tasks: Document that RCU Tasks Trace grace periods now imply RCU grace periods 2026-03-30 15:48:14 -04:00
rust docs: rust: general-information: use real example 2026-04-07 10:00:25 +02:00
scheduler sched_ext: Changes for v7.1 2026-04-15 10:54:24 -07:00
scsi SCSI misc on 20260212 2026-02-12 15:43:02 -08:00
security ipe/stable-7.1 PR 20260413 2026-04-15 15:19:45 -07:00
sound ALSA: usb-audio: Add QUIRK_FLAG_MIXER_{PLAYBACK,CAPTURE}_LINEAR_VOL 2026-03-04 12:05:57 +01:00
sphinx docs: pt_BR: Add initial Portuguese translation 2026-02-23 14:16:07 -07:00
sphinx-includes
sphinx-static docs: allow long links to wrap per character to prevent page overflow 2026-03-25 13:22:02 -06:00
spi spi: Updates for v7.0 2026-02-11 09:43:43 -08:00
staging net: remove ax25 and amateur radio (hamradio) subsystem 2026-04-23 10:24:02 -07:00
sunrpc/xdr Documentation: Add the RPC language description of NLM version 4 2026-03-29 21:25:09 -04:00
target
tee
timers
tools RTLA patches for v7.1: 2026-04-15 17:48:24 -07:00
trace Runtime Verification updates for 7.1: 2026-04-15 17:15:18 -07:00
translations Delete some obsolete networking code 2026-04-24 09:41:58 -07:00
usb USB / Thunderbolt changes for 7.0-rc1 2026-02-17 09:36:43 -08:00
userspace-api dma-mapping updates for Linux 7.0: 2026-04-17 11:12:42 -07:00
virt - ESA nesting support 2026-04-13 19:01:15 +02:00
w1
watchdog linux-watchdog 6.20-rc1 tag 2026-02-16 12:21:22 -08:00
wmi platform/wmi: Replace .no_notify_data with .min_event_size 2026-04-13 14:11:27 +03:00
.gitignore
.renames.txt drivers: net: smsc: smc91c92: Remove this driver 2026-04-23 15:57:06 -07:00
atomic_bitops.txt
atomic_t.txt
Changes
CodingStyle
conf.py docs: use logo.svg as favicon 2026-03-22 15:27:43 -06:00
docutils.conf
index.rst
Kconfig
Makefile
memory-barriers.txt
SubmittingPatches
subsystem-apis.rst net: remove ISDN subsystem and Bluetooth CMTP 2026-04-23 10:24:02 -07:00