Kernel/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-01-16 09:56:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux/security
History
Stephen Boyd ce0d73ef8d loadpin: Prevent SECURITY_LOADPIN_ENFORCE=y without module decompression 
If modules are built compressed, and LoadPin is enforcing by default, we
must have in-kernel module decompression enabled (MODULE_DECOMPRESS).
Modules will fail to load without decompression built into the kernel
because they'll be blocked by LoadPin. Add a depends on clause to
prevent this combination.

Cc: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Cc: Douglas Anderson <dianders@chromium.org>
Signed-off-by: Stephen Boyd <swboyd@chromium.org>
Link: https://lore.kernel.org/r/20240514224839.2526112-1-swboyd@chromium.org
Signed-off-by: Kees Cook <keescook@chromium.org>
2024-05-18 13:46:10 -07:00
..
apparmor
lsm: use 32-bit compatible data types in LSM syscalls
2024-03-14 11:31:26 -04:00
bpf
lsm: mark the lsm_id variables are marked as static
2023-11-12 22:54:42 -05:00
integrity
lsm/stable-6.9 PR 20240312
2024-03-12 20:03:34 -07:00
keys
ima: Move to LSM infrastructure
2024-02-15 23:43:46 -05:00
landlock
landlock: Use f_cred in security_file_open() hook
2024-03-08 18:22:16 +01:00
loadpin
loadpin: Prevent SECURITY_LOADPIN_ENFORCE=y without module decompression
2024-05-18 13:46:10 -07:00
lockdown
LSM: Identify modules by more than name
2023-11-12 22:54:42 -05:00
safesetid
lsm: mark the lsm_id variables are marked as static
2023-11-12 22:54:42 -05:00
selinux
lsm: use 32-bit compatible data types in LSM syscalls
2024-03-14 11:31:26 -04:00
smack
lsm: use 32-bit compatible data types in LSM syscalls
2024-03-14 11:31:26 -04:00
tomoyo
tomoyo: fix UAF write bug in tomoyo_write_control()
2024-03-01 11:14:00 -08:00
yama
lsm: mark the lsm_id variables are marked as static
2023-11-12 22:54:42 -05:00
commoncap.c
lsm: mark the lsm_id variables are marked as static
2023-11-12 22:54:42 -05:00
device_cgroup.c
device_cgroup: Fix kernel-doc warnings in device_cgroup
2023-06-21 09:30:49 -04:00
inode.c
security: convert to new timestamp accessors
2023-10-18 14:08:31 +02:00
Kconfig
fortify: drop Clang version check for 12.0.1 or newer
2024-02-22 15:38:54 -08:00
Kconfig.hardening
hardening: Move BUG_ON_DATA_CORRUPTION to hardening options
2023-08-15 14:57:25 -07:00
lsm_audit.c
lsm: fix a number of misspellings
2023-05-25 17:52:15 -04:00
lsm_syscalls.c
lsm: use 32-bit compatible data types in LSM syscalls
2024-03-14 11:31:26 -04:00
Makefile
LSM: syscalls for current process attributes
2023-11-12 22:54:42 -05:00
min_addr.c
sysctl: pass kernel pointers to ->proc_handler
2020-04-27 02:07:40 -04:00
security.c
lsm: handle the NULL buffer case in lsm_fill_user_ctx()
2024-03-14 11:31:26 -04:00