f1c921fb70
-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAmCHM2sUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQ6iDy2pc3iXNfCg/9GmoCyCh+ZRj5RGQ6M+yJas1+yyJQ uEfTNde54yfATUTaaWYnZG59yqzM3I2uaV11U7tqg8ajiFPxJKqbs5R9jl3lnSjH 0Dg22nXPSCOTKcU0x/DeLoKRr+M9jO1K/nQ8NEZvYX4nC/OgtCvJqb/oEQZIKAk5 2a7OEmNNQyFGd274p9dELaDHxN9UIaJ2PzQFXtq7ROHgBXQO4ONb2ajOf6mDSFQb vP/CDHwaH+pcE28w44oRy0/YBkO1SrdqoFQchg5yFagM5tQRLGkXK4OFSs5KHi5Q YMtmaOzMPIv1e5eaC1HuuMJYA4pPb30T9hFHP7tmBVZfmZaFaDeUs+BhMm98WTiS o0iTP7tfs36/poOR1Q0/sB06uvF9hUAAX1ZuE95YySifbXU9hsUc9b0uQSwCdg9P /J9rcdHLTpWqjw9n02mezWmAvo5U8ZvbDs+0xPIwI+3RTUP5t6mp+Hd5Tc7bPTq1 0rpWXx+FQoSytFap5qiUSiwBp+HF6HQnNIXB0Muf6wctChoTjvo7TwoxH//z4kEm +SddhOCNkB7VC/X7hOxhl0F/rdHuXvb1AFIWjpTLJH2CR1PvMtF+sGey+uPT6hKZ /gvhmQGjFdph99eGlfVbCNvx1pM61O25IscaYD1T2wGImw+z7dX4WkG3WoOdDSkR bRjrBkcHh0gLhWk= =HTEy -----END PGP SIGNATURE----- Merge tag 'selinux-pr-20210426' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux Pull selinux updates from Paul Moore: - Add support for measuring the SELinux state and policy capabilities using IMA. - A handful of SELinux/NFS patches to compare the SELinux state of one mount with a set of mount options. Olga goes into more detail in the patch descriptions, but this is important as it allows more flexibility when using NFS and SELinux context mounts. - Properly differentiate between the subjective and objective LSM credentials; including support for the SELinux and Smack. My clumsy attempt at a proper fix for AppArmor didn't quite pass muster so John is working on a proper AppArmor patch, in the meantime this set of patches shouldn't change the behavior of AppArmor in any way. This change explains the bulk of the diffstat beyond security/. - Fix a problem where we were not properly terminating the permission list for two SELinux object classes. * tag 'selinux-pr-20210426' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: add proper NULL termination to the secclass_map permissions smack: differentiate between subjective and objective task credentials selinux: clarify task subjective and objective credentials lsm: separate security_task_getsecid() into subjective and objective variants nfs: account for selinux security context when deciding to share superblock nfs: remove unneeded null check in nfs_fill_super() lsm,selinux: add new hook to compare new mount to an existing mount selinux: fix misspellings using codespell tool selinux: fix misspellings using codespell tool selinux: measure state and policy capabilities selinux: Allow context mounts for unpriviliged overlayfs |
||
---|---|---|
.. | ||
blocklayout | ||
filelayout | ||
flexfilelayout | ||
cache_lib.c | ||
cache_lib.h | ||
callback_proc.c | ||
callback_xdr.c | ||
callback.c | ||
callback.h | ||
client.c | ||
delegation.c | ||
delegation.h | ||
dir.c | ||
direct.c | ||
dns_resolve.c | ||
dns_resolve.h | ||
export.c | ||
file.c | ||
fs_context.c | ||
fscache-index.c | ||
fscache.c | ||
fscache.h | ||
getroot.c | ||
inode.c | ||
internal.h | ||
io.c | ||
iostat.h | ||
Kconfig | ||
Makefile | ||
mount_clnt.c | ||
namespace.c | ||
netns.h | ||
nfs2super.c | ||
nfs2xdr.c | ||
nfs3_fs.h | ||
nfs3acl.c | ||
nfs3client.c | ||
nfs3proc.c | ||
nfs3super.c | ||
nfs3xdr.c | ||
nfs4_fs.h | ||
nfs4client.c | ||
nfs4file.c | ||
nfs4getroot.c | ||
nfs4idmap.c | ||
nfs4idmap.h | ||
nfs4namespace.c | ||
nfs4proc.c | ||
nfs4renewd.c | ||
nfs4session.c | ||
nfs4session.h | ||
nfs4state.c | ||
nfs4super.c | ||
nfs4sysctl.c | ||
nfs4trace.c | ||
nfs4trace.h | ||
nfs4xdr.c | ||
nfs42.h | ||
nfs42proc.c | ||
nfs42xattr.c | ||
nfs42xdr.c | ||
nfs.h | ||
nfsroot.c | ||
nfstrace.c | ||
nfstrace.h | ||
pagelist.c | ||
pnfs_dev.c | ||
pnfs_nfs.c | ||
pnfs.c | ||
pnfs.h | ||
proc.c | ||
read.c | ||
super.c | ||
symlink.c | ||
sysctl.c | ||
sysfs.c | ||
sysfs.h | ||
unlink.c | ||
write.c |