public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-08-05 16:54:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/kernel
History
Micah Morton fcfe0ac2fc security: Add LSM hook to setgroups() syscall 
Give the LSM framework the ability to filter setgroups() syscalls. There
are already analagous hooks for the set*uid() and set*gid() syscalls.
The SafeSetID LSM will use this new hook to ensure setgroups() calls are
allowed by the installed security policy. Tested by putting print
statement in security_task_fix_setgroups() hook and confirming that it
gets hit when userspace does a setgroups() syscall.

Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Micah Morton <mortonm@chromium.org>
2022-07-15 18:21:49 +00:00
..
bpf bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals 2022-07-01 12:56:27 -07:00
cgroup Merge branch 'for-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup 2022-05-25 11:47:25 -07:00
configs
debug Modules updates for v5.19-rc1 2022-05-26 17:13:43 -07:00
dma dma-direct: use the correct size for dma_set_encrypted() 2022-06-23 15:26:59 +02:00
entry * Fix syzkaller NULL pointer dereference 2022-06-08 09:16:31 -07:00
events Two small perf updates: 2022-06-05 10:40:31 -07:00
futex drm for 5.19-rc1 2022-05-25 16:18:27 -07:00
gcov
irq genirq: PM: Use runtime PM for chained interrupts 2022-06-09 15:58:13 +01:00
kcsan linux-kselftest-kunit-5.19-rc1 2022-05-25 11:32:53 -07:00
livepatch Livepatching changes for 5.19 2022-06-02 08:55:01 -07:00
locking locking/lockdep: Use sched_clock() for random numbers 2022-06-13 10:29:57 +02:00
module module: Fix prefix for module.sig_enforce module param 2022-06-02 12:44:33 -07:00
power PM: hibernate: Use kernel_can_power_off() 2022-06-21 20:57:30 +02:00
printk Revert "printk: add functions to prefer direct printing" 2022-06-23 18:41:40 +02:00
rcu Merge branch 'rework/kthreads' into for-linus 2022-06-23 19:11:28 +02:00
sched sched: Fix balance_push() vs __sched_setscheduler() 2022-06-13 10:15:07 +02:00
time tick/nohz: unexport __init-annotated tick_nohz_full_setup() 2022-06-27 10:43:12 -07:00
trace block-5.19-2022-06-24 2022-06-24 11:07:54 -07:00
.gitignore
acct.c kernel/acct: move acct sysctls to its own file 2022-04-06 13:43:44 -07:00
async.c
audit.c
audit.h
audit_fsnotify.c fsnotify: make allow_dups a property of the group 2022-04-25 14:37:18 +02:00
audit_tree.c audit: use fsnotify group lock helpers 2022-04-25 14:37:28 +02:00
audit_watch.c fsnotify: pass flags argument to fsnotify_alloc_group() 2022-04-25 14:37:12 +02:00
auditfilter.c
auditsc.c audit: free module name 2022-06-15 19:28:44 -04:00
backtracetest.c
bounds.c
capability.c
cfi.c cfi: Fix __cfi_slowpath_diag RCU usage with cpuidle 2022-06-13 09:18:46 -07:00
compat.c
configs.c
context_tracking.c
cpu.c Intel Trust Domain Extensions 2022-05-23 17:51:12 -07:00
cpu_pm.c
crash_core.c Not a lot of material this cycle. Many singleton patches against various 2022-05-27 11:22:03 -07:00
crash_dump.c
cred.c
delayacct.c delayacct: track delays from write-protect copy 2022-06-01 15:55:25 -07:00
dma.c
exec_domain.c
exit.c
extable.c
fail_function.c
fork.c This set of changes updates init and user mode helper tasks to be 2022-06-03 16:03:05 -07:00
freezer.c
gen_kheaders.sh kheaders: Have cpio unconditionally replace files 2022-05-08 03:16:59 +09:00
groups.c security: Add LSM hook to setgroups() syscall 2022-07-15 18:21:49 +00:00
hung_task.c Merge branch 'rework/kthreads' into for-linus 2022-06-23 19:11:28 +02:00
iomem.c
irq_work.c irq_work: use kasan_record_aux_stack_noalloc() record callstack 2022-04-15 14:49:55 -07:00
jump_label.c
kallsyms.c ftrace: Add ftrace_lookup_symbols function 2022-05-10 14:42:06 -07:00
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kcov.c kcov: update pos before writing pc in trace function 2022-05-25 13:05:42 -07:00
kexec.c
kexec_core.c Not a lot of material this cycle. Many singleton patches against various 2022-05-27 11:22:03 -07:00
kexec_elf.c
kexec_file.c RISC-V Patches for the 5.19 Merge Window, Part 1 2022-05-31 14:10:54 -07:00
kexec_internal.h
kheaders.c
kmod.c
kprobes.c tracing updates for 5.19: 2022-05-29 10:31:36 -07:00
ksysfs.c
kthread.c kthread: make it clear that kthread_create_on_node() might be terminated by any fatal signal 2022-06-16 19:11:30 -07:00
latencytop.c latencytop: move sysctl to its own file 2022-04-21 11:40:59 -07:00
Makefile kernel: add platform_has() infrastructure 2022-06-06 08:06:00 +02:00
module_signature.c
notifier.c notifier: Add blocking/atomic_notifier_chain_register_unique_prio() 2022-05-19 19:30:30 +02:00
nsproxy.c
padata.c
panic.c Merge branch 'rework/kthreads' into for-linus 2022-06-23 19:11:28 +02:00
params.c
pid.c
pid_namespace.c kernel: pid_namespace: use NULL instead of using plain integer as pointer 2022-04-29 14:38:00 -07:00
platform-feature.c kernel: add platform_has() infrastructure 2022-06-06 08:06:00 +02:00
profile.c
ptrace.c ptrace: fix clearing of JOBCTL_TRACED in ptrace_unfreeze_traced() 2022-07-09 11:06:19 -07:00
range.c
reboot.c Merge branch 'rework/kthreads' into for-linus 2022-06-23 19:11:28 +02:00
regset.c
relay.c relay: remove redundant assignment to pointer buf 2022-05-12 20:38:37 -07:00
resource.c
resource_kunit.c
rseq.c
scftorture.c scftorture: Fix distribution of short handler delays 2022-04-11 17:07:29 -07:00
scs.c
seccomp.c seccomp: Add wait_killable semantic to seccomp user notifier 2022-05-03 14:11:58 -07:00
signal.c signal handling: don't use BUG_ON() for debugging 2022-07-07 09:53:43 -07:00
smp.c Scheduler changes in this cycle were: 2022-05-24 11:11:13 -07:00
smpboot.c cpu/hotplug: Allow the CPU in CPU_UP_PREPARE state to be brought up again. 2022-04-12 14:13:01 +02:00
smpboot.h
softirq.c smp: Make softirq handling RT safe in flush_smp_call_function_queue() 2022-05-01 10:03:43 +02:00
stackleak.c stackleak: add on/off stack variants 2022-05-08 01:33:09 -07:00
stacktrace.c
static_call.c
static_call_inline.c
stop_machine.c Scheduler changes in this cycle were: 2022-05-24 11:11:13 -07:00
sys.c arm64/sme: Implement vector length configuration prctl()s 2022-04-22 18:50:54 +01:00
sys_ni.c
sysctl-test.c
sysctl.c sysctl changes for v5.19-rc1 2022-05-26 16:57:20 -07:00
task_work.c task_work: allow TWA_SIGNAL without a rescheduling IPI 2022-04-30 08:39:32 -06:00
taskstats.c kernel: make taskstats available from all net namespaces 2022-04-29 14:38:03 -07:00
torture.c
tracepoint.c
tsacct.c taskstats: version 12 with thread group and exe info 2022-04-29 14:38:03 -07:00
ucount.c
uid16.c
uid16.h
umh.c kthread: Don't allocate kthread_struct for init and umh 2022-05-06 14:49:44 -05:00
up.c
user-return-notifier.c
user.c
user_namespace.c
usermode_driver.c blob_to_mnt(): kern_unmount() is needed to undo kern_mount() 2022-05-19 23:25:47 -04:00
utsname.c
utsname_sysctl.c
watch_queue.c
watchdog.c Merge branch 'rework/kthreads' into for-linus 2022-06-23 19:11:28 +02:00
watchdog_hld.c Revert "printk: add functions to prefer direct printing" 2022-06-23 18:41:40 +02:00
workqueue.c workqueue: Wrap flush_workqueue() using a macro 2022-06-07 07:07:14 -10:00
workqueue_internal.h