linux-stable/security/landlock
Linus Torvalds 0f25f0e4ef the bulk of struct fd memory safety stuff
Making sure that struct fd instances are destroyed in the same
 scope where they'd been created, getting rid of reassignments
 and passing them by reference, converting to CLASS(fd{,_pos,_raw}).
 
 We are getting very close to having the memory safety of that stuff
 trivial to verify.
 
 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
 -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQQqUNBr3gm4hGXdBJlZ7Krx/gZQ6wUCZzdikAAKCRBZ7Krx/gZQ
 69nJAQCmbQHK3TGUbQhOw6MJXOK9ezpyEDN3FZb4jsu38vTIdgEA6OxAYDO2m2g9
 CN18glYmD3wRyU6Bwl4vGODouSJvDgA=
 =gVH3
 -----END PGP SIGNATURE-----

Merge tag 'pull-fd' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs

Pull 'struct fd' class updates from Al Viro:
 "The bulk of struct fd memory safety stuff

  Making sure that struct fd instances are destroyed in the same scope
  where they'd been created, getting rid of reassignments and passing
  them by reference, converting to CLASS(fd{,_pos,_raw}).

  We are getting very close to having the memory safety of that stuff
  trivial to verify"

* tag 'pull-fd' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (28 commits)
  deal with the last remaing boolean uses of fd_file()
  css_set_fork(): switch to CLASS(fd_raw, ...)
  memcg_write_event_control(): switch to CLASS(fd)
  assorted variants of irqfd setup: convert to CLASS(fd)
  do_pollfd(): convert to CLASS(fd)
  convert do_select()
  convert vfs_dedupe_file_range().
  convert cifs_ioctl_copychunk()
  convert media_request_get_by_fd()
  convert spu_run(2)
  switch spufs_calls_{get,put}() to CLASS() use
  convert cachestat(2)
  convert do_preadv()/do_pwritev()
  fdget(), more trivial conversions
  fdget(), trivial conversions
  privcmd_ioeventfd_assign(): don't open-code eventfd_ctx_fdget()
  o2hb_region_dev_store(): avoid goto around fdget()/fdput()
  introduce "fd_pos" class, convert fdget_pos() users to it.
  fdget_raw() users: switch to CLASS(fd_raw)
  convert vmsplice() to CLASS(fd)
  ...
2024-11-18 12:24:06 -08:00
..
.kunitconfig landlock: Add support for KUnit tests 2024-02-27 11:21:45 +01:00
common.h landlock: Add support for KUnit tests 2024-02-27 11:21:45 +01:00
cred.c landlock: Don't lose track of restrictions on cred_transfer 2024-07-24 17:34:54 +02:00
cred.h landlock: Add signal scoping 2024-09-16 23:50:52 +02:00
fs.c landlock: Refactor filesystem access mask management 2024-11-09 19:52:10 +01:00
fs.h landlock: Add signal scoping 2024-09-16 23:50:52 +02:00
Kconfig landlock: Add support for KUnit tests 2024-02-27 11:21:45 +01:00
limits.h landlock: Add signal scoping 2024-09-16 23:50:52 +02:00
Makefile landlock: Rename "ptrace" files to "task" 2024-03-08 18:22:16 +01:00
net.c landlock: Refactor network access mask management 2024-11-09 19:52:13 +01:00
net.h landlock: Support network rules with TCP bind and connect 2023-10-26 21:07:15 +02:00
object.c landlock: Format with clang-format 2022-05-09 12:31:10 +02:00
object.h landlock: Format with clang-format 2022-05-09 12:31:10 +02:00
ruleset.c landlock: Add abstract UNIX socket scoping 2024-09-16 23:50:45 +02:00
ruleset.h landlock: Refactor filesystem access mask management 2024-11-09 19:52:10 +01:00
setup.c landlock: Rename "ptrace" files to "task" 2024-03-08 18:22:16 +01:00
setup.h LSM: Identify modules by more than name 2023-11-12 22:54:42 -05:00
syscalls.c the bulk of struct fd memory safety stuff 2024-11-18 12:24:06 -08:00
task.c landlock: Optimize scope enforcement 2024-11-09 19:52:13 +01:00
task.h landlock: Rename "ptrace" files to "task" 2024-03-08 18:22:16 +01:00