mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-19 09:04:57 +00:00
Code Issues Releases Wiki Activity
linux-stable/security
History
Mickaël Salaün 782191c748
landlock: Warn once if a Landlock action is requested while disabled 
Because sandboxing can be used as an opportunistic security measure,
user space may not log unsupported features.  Let the system
administrator know if an application tries to use Landlock but failed
because it isn't enabled at boot time.  This may be caused by boot
loader configurations with outdated "lsm" kernel's command-line
parameter.

Cc: stable@vger.kernel.org
Fixes: 265885daf3 ("landlock: Add syscall implementations")
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Günther Noack <gnoack3000@gmail.com>
Link: https://lore.kernel.org/r/20240227110550.3702236-2-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>
2024-03-07 11:29:46 +01:00
..
apparmor exec: Check __FMODE_EXEC instead of in_execve for LSMs 2024-01-24 11:38:58 -08:00
bpf lsm: mark the lsm_id variables are marked as static 2023-11-12 22:54:42 -05:00
integrity integrity-v6.8 2024-01-09 13:24:06 -08:00
keys Revert "KEYS: encrypted: Add check for strsep" 2024-01-24 16:11:59 -05:00
landlock landlock: Warn once if a Landlock action is requested while disabled 2024-03-07 11:29:46 +01:00
loadpin lsm: mark the lsm_id variables are marked as static 2023-11-12 22:54:42 -05:00
lockdown LSM: Identify modules by more than name 2023-11-12 22:54:42 -05:00
safesetid lsm: mark the lsm_id variables are marked as static 2023-11-12 22:54:42 -05:00
selinux for-6.8/io_uring-2024-01-08 2024-01-11 14:19:23 -08:00
smack for-6.8/io_uring-2024-01-08 2024-01-11 14:19:23 -08:00
tomoyo exec: Check __FMODE_EXEC instead of in_execve for LSMs 2024-01-24 11:38:58 -08:00
yama lsm: mark the lsm_id variables are marked as static 2023-11-12 22:54:42 -05:00
commoncap.c lsm: mark the lsm_id variables are marked as static 2023-11-12 22:54:42 -05:00
device_cgroup.c device_cgroup: Fix kernel-doc warnings in device_cgroup 2023-06-21 09:30:49 -04:00
inode.c security: convert to new timestamp accessors 2023-10-18 14:08:31 +02:00
Kconfig mm/slab: remove HAVE_HARDENED_USERCOPY_ALLOCATOR 2023-05-24 15:38:17 +02:00
Kconfig.hardening hardening: Move BUG_ON_DATA_CORRUPTION to hardening options 2023-08-15 14:57:25 -07:00
lsm_audit.c lsm: fix a number of misspellings 2023-05-25 17:52:15 -04:00
lsm_syscalls.c LSM: Helpers for attribute names and filling lsm_ctx 2023-11-12 22:54:42 -05:00
Makefile LSM: syscalls for current process attributes 2023-11-12 22:54:42 -05:00
min_addr.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
security.c lsm: fix integer overflow in lsm_set_self_attr() syscall 2024-02-14 13:53:15 -05:00