mirror-linux/security
Linus Torvalds 61af143fbe Smack patches for v6.15
-----BEGIN PGP SIGNATURE-----
 
 iQJLBAABCAA1FiEEC+9tH1YyUwIQzUIeOKUVfIxDyBEFAmfi1Z4XHGNhc2V5QHNj
 aGF1Zmxlci1jYS5jb20ACgkQOKUVfIxDyBGPlRAAua8w+rpw06Njdi8LNDytiMil
 Z8a1dbF2yupLclaydLuwxOvJbdjNcCzEVDDFNYEfh6iBiXsaoqr1FO13mmdcjon7
 NXPscvhBWbb0dXvPEk74upWk2HRUIS0BI3tofY1YaGJLdWZRM2z6qvHcb4jNkM89
 o+wzzxme7HNwez4SpB+vmm8WZ4AH3rX7q0ihf3XOpplvxeKwob3ZCu+nNQe0AXMI
 FjMXPn148O96UKJgYJFMV1rLzWmYXzrrDBvzYS79walyti9ct1SYKRY4Zs80MiJK
 0mQGDpg60PFUldcsnBD9Pp5nifcLKg5nNUWb15AhRw1sR4wnKl4DxCA4032NYB/x
 wuVW2rsRjPDuzD6XGS16FZDv86qSyxPtJmvk3qKJmiIQVRc1xhJWAH57A+UzgnLx
 UGvIcIoJjifTX4EUZXdCdH44RBBs/tjCbrBKROPnKBPbkLHNxAzW/Z65hLvxHgg8
 f0vFuSNAL5dCNRdspWgE5BayM0RoW/HZbY15/O+oc7hDgs2ORgKPtayt4uJZr1km
 PhxG3/9BWRjga44RRwIGCsxzqVdO0l5FYYqh+AYnzTOz8S+kncmcPHbnWOYVU0aH
 9u5jE46TCmRxVnEaco+1dhGBUZaFgjXpPv+PxT+LZgTVHLbhBuONCEIot8ejFOKc
 TomnIzxqMacRAlURNXM=
 =SUpV
 -----END PGP SIGNATURE-----

Merge tag 'Smack-for-6.15' of https://github.com/cschaufler/smack-next

Pull smack updates from Casey Schaufler:
 "This is a larger set of patches than usual, consisting of a set of
  build clean-ups, a rework of error handling in setting up CIPSO label
  specification and a bug fix in network labeling"

* tag 'Smack-for-6.15' of https://github.com/cschaufler/smack-next:
  smack: recognize ipv4 CIPSO w/o categories
  smack: Revert "smackfs: Added check catlen"
  smack: remove /smack/logging if audit is not configured
  smack: ipv4/ipv6: tcp/dccp/sctp: fix incorrect child socket label
  smack: dont compile ipv6 code unless ipv6 is configured
  Smack: fix typos and spelling errors
2025-03-25 16:04:11 -07:00
..
apparmor Change inode_operations.mkdir to return struct dentry * 2025-02-27 20:00:17 +01:00
bpf bpf: lsm: Remove hook to bpf_task_storage_free 2024-12-16 12:32:31 -08:00
integrity ima: Reset IMA_NONACTION_RULE_FLAGS after post_setattr 2025-02-04 21:36:43 -05:00
ipe ipe: fallback to platform keyring also if key in trusted keyring is rejected 2024-10-18 12:14:53 -07:00
keys keys: Fix UAF in key_put() 2025-03-22 15:36:49 +02:00
landlock vfs-6.15-rc1.misc 2025-03-24 09:13:50 -07:00
loadpin loadpin: remove MODULE_COMPRESS_NONE as it is no longer supported 2025-03-03 09:35:50 -08:00
lockdown lockdown: initialize local array before use to quiet static analysis 2025-01-05 12:48:43 -05:00
safesetid safesetid: check size of policy writes 2025-01-04 22:46:09 -05:00
selinux selinux/stable-6.15 PR 20250323 2025-03-25 15:52:32 -07:00
smack smack: recognize ipv4 CIPSO w/o categories 2025-02-16 14:17:55 -08:00
tomoyo tomoyo: use better patterns for procfs in learning mode 2025-01-31 00:27:44 +09:00
yama yama: don't abuse rcu_read_lock/get_task_struct in yama_task_prctl() 2025-03-07 19:58:05 -08:00
Kconfig fortify: Move FORTIFY_SOURCE under 'Kernel hardening options' 2025-02-28 11:51:31 -08:00
Kconfig.hardening hardening: Enable i386 FORTIFY_SOURCE on Clang 16+ 2025-03-08 09:16:42 -08:00
Makefile lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set 2025-01-04 11:50:44 -05:00
commoncap.c capabilities patches for 6.14-rc1 2025-01-23 08:00:16 -08:00
device_cgroup.c device_cgroup: Fix kernel-doc warnings in device_cgroup 2023-06-21 09:30:49 -04:00
inode.c lsm: Use IS_ERR_OR_NULL() helper function 2024-08-29 11:12:13 -04:00
lsm_audit.c lsm: remove old email address for Stephen Smalley 2025-03-10 15:58:43 -04:00
lsm_syscalls.c lsm: use 32-bit compatible data types in LSM syscalls 2024-03-14 11:31:26 -04:00
min_addr.c sysctl: treewide: constify the ctl_table argument of proc_handlers 2024-07-24 20:59:29 +02:00
security.c perf: Remove unnecessary parameter of security check 2025-02-26 14:13:58 -05:00