Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-04 12:12:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
The linux-next integration testing tree
1,188,511 Commits 7 Branches 927 Tags 3.6 GiB
C 97.5%
Assembly 1%
Shell 0.6%
Python 0.3%
Makefile 0.3%
6adc2272aa
Go to file
Ondrej Mosnacek 6adc2272aa io_uring: don't audit the capability check in io_uring_create() 
The check being unconditional may lead to unwanted denials reported by
LSMs when a process has the capability granted by DAC, but denied by an
LSM. In the case of SELinux such denials are a problem, since they can't
be effectively filtered out via the policy and when not silenced, they
produce noise that may hide a true problem or an attack.

Since not having the capability merely means that the created io_uring
context will be accounted against the current user's RLIMIT_MEMLOCK
limit, we can disable auditing of denials for this check by using
ns_capable_noaudit() instead of capable().

Fixes: 2b188cc1bb ("Add io_uring IO interface")
Link: https://bugzilla.redhat.com/show_bug.cgi?id=2193317
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Reviewed-by: Jeff Moyer <jmoyer@redhat.com>
Link: https://lore.kernel.org/r/20230718115607.65652-1-omosnace@redhat.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2023-07-18 14:16:25 -06:00
arch arm64 updates for 6.5: 2023-06-26 17:11:53 -07:00
block for-6.5/block-2023-06-23 2023-06-26 12:47:20 -07:00
certs KEYS: Add missing function documentation 2023-04-24 16:15:52 +03:00
crypto KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() 2023-06-02 15:36:23 +02:00
Documentation Thermal control updates for 6.5-rc1 2023-06-26 19:41:26 -07:00
drivers chrome platform changes for 6.5 2023-06-26 20:12:07 -07:00
fs - Add support for unaccepted memory as specified in the UEFI spec v2.9. 2023-06-26 15:32:39 -07:00
include Power management updates for 6.5-rc1 2023-06-26 19:36:30 -07:00
init Updates for the x86 boot process: 2023-06-26 13:39:10 -07:00
io_uring io_uring: don't audit the capability check in io_uring_create() 2023-07-18 14:16:25 -06:00
ipc Merge branch 'work.namespace' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2023-02-24 19:20:07 -08:00
kernel Power management updates for 6.5-rc1 2023-06-26 19:36:30 -07:00
lib A single update for debug objects: 2023-06-26 13:33:00 -07:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
mm - Address -Wmissing-prototype warnings 2023-06-26 16:43:54 -07:00
net for-6.5/io_uring-2023-06-23 2023-06-26 12:30:26 -07:00
rust rust: error: impl Debug for Error with errname() integration 2023-06-13 01:24:42 +02:00
samples samples/bpf: Drop unnecessary fallthrough 2023-05-16 19:44:05 +02:00
scripts Rust changes for v6.5 2023-06-26 09:35:50 -07:00
security fsverity updates for 6.5 2023-06-26 10:56:13 -07:00
sound ASoC: Fix for v6.4 2023-06-21 15:23:23 +02:00
tools arm64 updates for 6.5: 2023-06-26 17:11:53 -07:00
usr initramfs: Check negative timestamp to prevent broken cpio archive 2023-04-16 17:37:01 +09:00
virt KVM: Avoid illegal stage2 mapping on invalid memory slot 2023-06-22 15:14:57 -04:00
.clang-format cxl for v6.4 2023-04-30 11:51:51 -07:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore linux-kselftest-kunit-6.4-rc1 2023-04-24 12:31:32 -07:00
.mailmap NFSD 6.5 Release Notes 2023-06-26 10:48:57 -07:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS - Address -Wmissing-prototype warnings 2023-06-26 16:43:54 -07:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS - Address -Wmissing-prototype warnings 2023-06-26 16:43:54 -07:00
Makefile Linux 6.4 2023-06-25 16:29:58 -07:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.