Mickaël Salaün acda20add4 landlock: Warn once if a Landlock action is requested while disabled ... [ Upstream commit 782191c748 ] Because sandboxing can be used as an opportunistic security measure, user space may not log unsupported features. Let the system administrator know if an application tries to use Landlock but failed because it isn't enabled at boot time. This may be caused by boot loader configurations with outdated "lsm" kernel's command-line parameter. Cc: stable@vger.kernel.org Fixes: 265885daf3 ("landlock: Add syscall implementations") Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Günther Noack <gnoack3000@gmail.com> Link: https://lore.kernel.org/r/20240227110550.3702236-2-mic@digikod.net Signed-off-by: Mickaël Salaün <mic@digikod.net> Signed-off-by: Sasha Levin <sashal@kernel.org>		2024-04-03 15:19:32 +02:00
..
apparmor	apparmor: Free up __cleanup() name	2024-02-23 09:12:51 +01:00
bpf
integrity
keys	Revert "KEYS: encrypted: Add check for strsep"	2024-01-25 15:27:52 -08:00
landlock	landlock: Warn once if a Landlock action is requested while disabled	2024-04-03 15:19:32 +02:00
loadpin
lockdown
safesetid
selinux	lsm: new security_file_ioctl_compat() hook	2024-01-31 16:17:00 -08:00
smack	smack: Handle SMACK64TRANSMUTE in smack_inode_setsecurity()	2024-04-03 15:19:24 +02:00
tomoyo	tomoyo: fix UAF write bug in tomoyo_write_control()	2024-03-06 14:45:09 +00:00
yama
commoncap.c
device_cgroup.c
inode.c
Kconfig
Kconfig.hardening
lsm_audit.c
Makefile
min_addr.c
security.c	lsm: fix the logic in security_inode_getsecctx()	2024-02-23 09:12:37 +01:00