mirror_ubuntu-kernels

mirror of https://git.proxmox.com/git/mirror_ubuntu-kernels.git synced 2025-12-31 10:40:23 +00:00

History

Linus Torvalds 17ae69aba8 Add Landlock, a new LSM from Mickaël Salaün <mic@linux.microsoft.com> -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEgycj0O+d1G2aycA8rZhLv9lQBTwFAmCInP4ACgkQrZhLv9lQ BTza0g//dTeb9woC9H7qlEhK4l9yk62lTss60Q8X7m7ZSNfdL4tiEbi64SgK+iOW OOegbrOEb8Kzh4KJJYmVlVZ5YUWyH4szgmee1wnylBdsWiWaPLPF3Cflz77apy6T TiiBsJd7rRE29FKheaMt34B41BMh8QHESN+DzjzJWsFoi/uNxjgSs2W16XuSupKu bpRmB1pYNXMlrkzz7taL05jndZYE5arVriqlxgAsuLOFOp/ER7zecrjImdCM/4kL W6ej0R1fz2Geh6CsLBJVE+bKWSQ82q5a4xZEkSYuQHXgZV5eywE5UKu8ssQcRgQA VmGUY5k73rfY9Ofupf2gCaf/JSJNXKO/8Xjg0zAdklKtmgFjtna5Tyg9I90j7zn+ 5swSpKuRpilN8MQH+6GWAnfqQlNoviTOpFeq3LwBtNVVOh08cOg6lko/bmebBC+R TeQPACKS0Q0gCDPm9RYoU1pMUuYgfOwVfVRZK1prgi2Co7ZBUMOvYbNoKYoPIydr ENBYljlU1OYwbzgR2nE+24fvhU8xdNOVG1xXYPAEHShu+p7dLIWRLhl8UCtRQpSR 1ofeVaJjgjrp29O+1OIQjB2kwCaRdfv/Gq1mztE/VlMU/r++E62OEzcH0aS+mnrg yzfyUdI8IFv1q6FGT9yNSifWUWxQPmOKuC8kXsKYfqfJsFwKmHM= =uCN4 -----END PGP SIGNATURE----- Merge tag 'landlock_v34' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security Pull Landlock LSM from James Morris: "Add Landlock, a new LSM from Mickaël Salaün. Briefly, Landlock provides for unprivileged application sandboxing. From Mickaël's cover letter: "The goal of Landlock is to enable to restrict ambient rights (e.g. global filesystem access) for a set of processes. Because Landlock is a stackable LSM [1], it makes possible to create safe security sandboxes as new security layers in addition to the existing system-wide access-controls. This kind of sandbox is expected to help mitigate the security impact of bugs or unexpected/malicious behaviors in user-space applications. Landlock empowers any process, including unprivileged ones, to securely restrict themselves. Landlock is inspired by seccomp-bpf but instead of filtering syscalls and their raw arguments, a Landlock rule can restrict the use of kernel objects like file hierarchies, according to the kernel semantic. Landlock also takes inspiration from other OS sandbox mechanisms: XNU Sandbox, FreeBSD Capsicum or OpenBSD Pledge/Unveil. In this current form, Landlock misses some access-control features. This enables to minimize this patch series and ease review. This series still addresses multiple use cases, especially with the combined use of seccomp-bpf: applications with built-in sandboxing, init systems, security sandbox tools and security-oriented APIs [2]" The cover letter and v34 posting is here: https://lore.kernel.org/linux-security-module/20210422154123.13086-1-mic@digikod.net/ See also: https://landlock.io/ This code has had extensive design discussion and review over several years" Link: https://lore.kernel.org/lkml/50db058a-7dde-441b-a7f9-f6837fe8b69f@schaufler-ca.com/ [1] Link: https://lore.kernel.org/lkml/f646e1c7-33cf-333f-070c-0a40ad0468cd@digikod.net/ [2] * tag 'landlock_v34' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: landlock: Enable user space to infer supported features landlock: Add user and kernel documentation samples/landlock: Add a sandbox manager example selftests/landlock: Add user space tests landlock: Add syscall implementations arch: Wire up Landlock syscalls fs,security: Add sb_delete hook landlock: Support filesystem access-control LSM: Infrastructure management of the superblock landlock: Add ptrace restrictions landlock: Set up the security framework and manage credentials landlock: Add ruleset and domain management landlock: Add object management		2021-05-01 18:50:44 -07:00
..
bpf	Networking changes for 5.13.	2021-04-29 11:57:23 -07:00
cgroup	cgroup: rstat: punt root-level optimization to individual controllers	2021-04-30 11:20:37 -07:00
configs	kconfig: do not use allnoconfig_y option	2021-04-14 15:22:49 +09:00
debug	printk changes for 5.13	2021-04-27 18:09:44 -07:00
dma	kernel/dma: remove unnecessary unmap_kernel_range	2021-04-30 11:20:40 -07:00
entry	A trivial cleanup of typo fixes.	2021-04-26 09:41:15 -07:00
events	ARM:	2021-05-01 10:14:08 -07:00
gcov	Revert "gcov: clang: fix clang-11+ build"	2021-04-19 15:08:49 -07:00
irq	This is the bulk of the pin control changes for the v5.13 kernel cycle	2021-04-30 13:04:30 -07:00
kcsan	kcsan: Fix printk format string	2021-04-22 14:36:03 +02:00
livepatch	Livepatching changes for 5.13	2021-04-27 18:14:38 -07:00
locking	Locking changes for this cycle were:	2021-04-28 12:37:53 -07:00
power	PM: sleep: fix typos in comments	2021-04-08 19:37:21 +02:00
printk	kernel/printk.c: Fixed mundane typos	2021-03-30 15:34:17 +02:00
rcu	Merge branches 'bitmaprange.2021.03.08a', 'fixes.2021.03.15a', 'kvfree_rcu.2021.03.08a', 'mmdumpobj.2021.03.08a', 'nocb.2021.03.15a', 'poll.2021.03.24a', 'rt.2021.03.08a', 'tasks.2021.03.08a', 'torture.2021.03.08a' and 'torturescript.2021.03.22a' into HEAD	2021-03-24 17:20:18 -07:00
sched	Scheduler updates for this cycle are:	2021-04-28 13:33:57 -07:00
time	ARM:	2021-05-01 10:14:08 -07:00
trace	Networking changes for 5.13.	2021-04-29 11:57:23 -07:00
.gitignore
acct.c	kernel/acct.c: use #elif instead of #end and #elif	2020-12-15 22:46:15 -08:00
async.c
audit_fsnotify.c	audit_alloc_mark(): don't open-code ERR_CAST()	2021-02-23 10:25:27 -05:00
audit_tree.c	fsnotify: generalize handle_inode_event()	2020-12-03 14:58:35 +01:00
audit_watch.c	fsnotify: generalize handle_inode_event()	2020-12-03 14:58:35 +01:00
audit.c	lsm: separate security_task_getsecid() into subjective and objective variants	2021-03-22 15:23:32 -04:00
audit.h	audit: avoid -Wempty-body warning	2021-03-24 12:11:48 -04:00
auditfilter.c	lsm: separate security_task_getsecid() into subjective and objective variants	2021-03-22 15:23:32 -04:00
auditsc.c	audit/stable-5.13 PR 20210426	2021-04-27 13:50:58 -07:00
backtracetest.c
bounds.c
capability.c	capability: handle idmapped mounts	2021-01-24 14:27:16 +01:00
cfi.c	add support for Clang CFI	2021-04-08 16:04:20 -07:00
compat.c	treewide: Use fallthrough pseudo-keyword	2020-08-23 17:36:59 -05:00
configs.c
context_tracking.c
cpu_pm.c	notifier: Fix broken error handling pattern	2020-09-01 09:58:03 +02:00
cpu.c	cpumask/hotplug: Fix cpu_dying() state tracking	2021-04-21 13:55:43 +02:00
crash_core.c	kdump: append uts_namespace.name offset to VMCOREINFO	2020-12-15 22:46:18 -08:00
crash_dump.c
cred.c
delayacct.c
dma.c
exec_domain.c
exit.c	signal: Allow tasks to cache one sigqueue struct	2021-04-14 18:04:08 +02:00
extable.c
fail_function.c	fault-injection: handle EI_ETYPE_TRUE	2020-12-15 22:46:19 -08:00
fork.c	mm: memcontrol: fix kernel stack account	2021-04-30 11:20:37 -07:00
freezer.c	Revert "kernel: freezer should treat PF_IO_WORKER like PF_KTHREAD for freezing"	2021-03-27 14:09:10 -06:00
futex.c	Linux 5.12-rc5	2021-03-29 15:56:48 +02:00
gen_kheaders.sh	kbuild: redo fake deps at include/config/*.h	2021-04-25 05:26:10 +09:00
groups.c	groups: simplify struct group_info allocation	2021-02-26 09:41:03 -08:00
hung_task.c	kernel/hung_task.c: make type annotations consistent	2020-11-02 12:14:19 -08:00
iomem.c
irq_work.c	irq_work: record irq_work_queue() call stack	2021-04-30 11:20:42 -07:00
jump_label.c	static_call: Fix static_call_update() sanity check	2021-03-19 13:16:44 +01:00
kallsyms.c	kallsyms: strip ThinLTO hashes from static functions	2021-04-08 16:04:21 -07:00
kcmp.c	Merge branch 'exec-update-lock-for-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace	2020-12-15 19:36:48 -08:00
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt	preempt: Introduce CONFIG_PREEMPT_DYNAMIC	2021-02-17 14:12:24 +01:00
kcov.c	kernel: make kcov_common_handle consider the current context	2020-11-02 18:00:20 -08:00
kexec_core.c	Merge branch 'work.elf-compat' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2021-02-21 09:29:23 -08:00
kexec_elf.c
kexec_file.c	ima: Free IMA measurement buffer after kexec syscall	2021-02-10 15:49:38 -05:00
kexec_internal.h	kexec: move machine_kexec_post_load() to public interface	2021-02-22 12:33:26 +00:00
kexec.c	LSM: Introduce kernel_post_load_data() hook	2020-10-05 13:37:03 +02:00
kheaders.c
kmod.c
kprobes.c	kprobes: Fix to delay the kprobes jump optimization	2021-02-19 14:57:12 -05:00
ksysfs.c
kthread.c	Scheduler updates for this cycle are:	2021-04-28 13:33:57 -07:00
latencytop.c
Makefile	add support for Clang CFI	2021-04-08 16:04:20 -07:00
module_signature.c	module: harden ELF info handling	2021-01-19 10:24:45 +01:00
module_signing.c	module: harden ELF info handling	2021-01-19 10:24:45 +01:00
module-internal.h
module.c	Summary of modules changes for the 5.13 merge window:	2021-04-30 12:29:36 -07:00
notifier.c	notifier: Fix broken error handling pattern	2020-09-01 09:58:03 +02:00
nsproxy.c	fixes-v5.11	2020-12-14 16:40:27 -08:00
padata.c	padata: fix possible padata_works_lock deadlock	2020-09-04 17:51:55 +10:00
panic.c	panic: don't dump stack twice on warn	2020-11-14 11:26:04 -08:00
params.c	Modules updates for v5.11	2020-12-17 13:01:31 -08:00
pid_namespace.c	fixes-v5.11	2020-12-14 16:40:27 -08:00
pid.c	Merge branch 'exec-update-lock-for-v5.11' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace	2020-12-15 19:36:48 -08:00
profile.c	kernel: Initialize cpumask before parsing	2021-04-10 13:35:54 +02:00
ptrace.c	Linux 5.12-rc8	2021-04-20 10:13:58 +02:00
range.c	kernel.h: split out min()/max() et al. helpers	2020-10-16 11:11:19 -07:00
reboot.c	Revert "PM: ACPI: reboot: Use S5 for reboot"	2021-03-18 16:58:02 +01:00
regset.c
relay.c	relay: allow the use of const callback structs	2020-12-15 22:46:18 -08:00
resource_kunit.c	resource: provide meaningful MODULE_LICENSE() in test suite	2020-11-25 18:52:35 +01:00
resource.c	resource: Move devmem revoke code to resource framework	2021-01-12 14:26:31 +01:00
rseq.c	rseq: Optimise rseq_get_rseq_cs() and clear_rseq_cs()	2021-04-14 18:04:09 +02:00
scftorture.c	scftorture: Add debug output for wrong-CPU warning	2021-01-04 13:53:41 -08:00
scs.c	scs: switch to vmapped shadow stacks	2020-12-01 10:30:28 +00:00
seccomp.c	seccomp: Fix "cacheable" typo in comments	2021-03-30 22:34:30 -07:00
signal.c	Scheduler updates for this cycle are:	2021-04-28 13:33:57 -07:00
smp.c	Merge branch 'locking/core' into x86/mm, to resolve conflict	2021-03-06 13:00:58 +01:00
smpboot.c	kthread: Extract KTHREAD_IS_PER_CPU	2021-01-22 15:09:42 +01:00
smpboot.h
softirq.c	RCU changes for this cycle were:	2021-04-28 12:00:13 -07:00
stackleak.c	stackleak: let stack_erasing_sysctl take a kernel pointer buffer	2020-09-19 13:13:39 -07:00
stacktrace.c	stacktrace: Remove reliable argument from arch_stack_walk() callback	2020-09-18 14:24:16 +01:00
static_call.c	static_call: Fix unused variable warn w/o MODULE	2021-04-09 13:22:12 +02:00
stop_machine.c	stop_machine: Add caller debug info to queue_stop_cpus_work	2021-03-23 16:01:58 +01:00
sys_ni.c	Add Landlock, a new LSM from Mickaël Salaün <mic@linux.microsoft.com>	2021-05-01 18:50:44 -07:00
sys.c	arm64: Introduce prctl(PR_PAC_{SET,GET}_ENABLED_KEYS)	2021-04-13 17:31:44 +01:00
sysctl-test.c
sysctl.c	Networking changes for 5.13.	2021-04-29 11:57:23 -07:00
task_work.c	kasan: record task_work_add() call stack	2021-04-30 11:20:42 -07:00
taskstats.c	treewide: rename nla_strlcpy to nla_strscpy.	2020-11-16 08:08:54 -08:00
test_kprobes.c
torture.c	torture: Replace torture_init_begin string with %s	2021-03-08 14:22:28 -08:00
tracepoint.c	tracepoints: Code clean up	2021-02-09 12:27:29 -05:00
tsacct.c
ucount.c	fanotify: configurable limits via sysfs	2021-03-16 16:49:31 +01:00
uid16.c
uid16.h
umh.c	usermodehelper: reset umask to default before executing user process	2020-10-06 10:31:52 -07:00
up.c	smp: Inline on_each_cpu_cond() and on_each_cpu()	2021-03-06 12:59:10 +01:00
user_namespace.c	capabilities: require CAP_SETFCAP to map uid 0	2021-04-20 14:28:33 -07:00
user-return-notifier.c
user.c	user: Use generic ns_common::count	2020-08-19 14:14:12 +02:00
usermode_driver.c	bpf: Fix umd memory leak in copy_process()	2021-03-19 22:23:19 +01:00
utsname_sysctl.c
utsname.c	uts: Use generic ns_common::count	2020-08-19 14:13:20 +02:00
watch_queue.c	watch_queue: rectify kernel-doc for init_watch()	2021-01-26 11:16:34 +00:00
watchdog_hld.c
watchdog.c	watchdog: cleanup handling of false positives	2021-04-30 11:20:36 -07:00
workqueue_internal.h
workqueue.c	CFI on arm64 series for v5.13-rc1	2021-04-27 10:16:46 -07:00