linux/security at 52dec4c9eacc339dbf1b2ab549248df1cc6eb030 - linux - Gitea: Git with a cup of tea

IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an email to Administrator. User accounts are meant only to access repo and report issues and/or generate pull requests. This is a purpose-specific Git hosting for BaseALT projects. Thank you for your understanding!

Только зарегистрированные пользователи имеют доступ к сервису! Для получения аккаунта, обратитесь к администратору.

iv/linux

History

Mimi Zohar a7f2a366f6 ima: fallback to MODULE_SIG_ENFORCE for existing kernel module syscall

The new kernel module syscall appraises kernel modules based
on policy.   If the IMA policy requires kernel module checking,
fallback to module signature enforcing for the existing syscall.
Without CONFIG_MODULE_SIG_FORCE enabled, the kernel module's
integrity is unknown, return -EACCES.

Changelog v1:
- Fix ima_module_check() return result (Tetsuo Handa)

Reported-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Reviewed-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>

2012-12-24 09:35:48 -05:00

..

apparmor: fix IRQ stack overflow during free_profile

2012-10-25 02:12:50 +11:00

ima: fallback to MODULE_SIG_ENFORCE for existing kernel module syscall

2012-12-24 09:35:48 -05:00

keys: fix unreachable code

2012-12-20 17:40:21 -08:00

bridge: update selinux perm table for RTM_NEWMDB and RTM_DELMDB

2012-12-15 17:14:38 -08:00

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

2012-12-16 15:40:50 -08:00

consitify do_mount() arguments

2012-10-11 20:02:04 -04:00

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace

2012-12-17 15:44:47 -08:00

capability.c

security: introduce kernel_module_from_file hook

2012-12-14 13:05:24 +10:30

commoncap.c

Fix cap_capable to only allow owners in the parent user namespace to have caps.

2012-12-14 13:50:32 -08:00

device_cgroup.c

cgroup: rename ->create/post_create/pre_destroy/destroy() to ->css_alloc/online/offline/free()

2012-11-19 08:13:38 -08:00

inode.c

securityfs: fix object creation races

2012-01-10 10:20:35 -05:00

Kconfig

KEYS: Move the key config into security/keys/Kconfig

2012-05-11 10:56:56 +01:00

lsm_audit.c

LSM: BUILD_BUG_ON if the common_audit_data union ever grows

2012-04-09 12:23:03 -04:00

Makefile

security: Yama LSM

2012-02-10 09:18:52 +11:00

min_addr.c

mmap_min_addr check CAP_SYS_RAWIO only for write

2010-04-23 08:56:31 +10:00

security.c

ima: support new kernel module syscall

2012-12-14 13:05:26 +10:30