mirrors/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2025-11-04 02:30:34 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/Documentation/userspace-api
History
Linus Torvalds 7288511606 Landlock update for v6.15-rc1 
-----BEGIN PGP SIGNATURE-----
 
 iIYEABYKAC4WIQSVyBthFV4iTW/VU1/l49DojIL20gUCZ+bGgBAcbWljQGRpZ2lr
 b2QubmV0AAoJEOXj0OiMgvbSKmgBAICZsmQTuKMHIXdB7kwA+BX5k++SZcyA+qHN
 0hrJTSMsAP0Uv6NpiPT4CTduqBMRbuMwNhujBczRiok6yaHDbC8eCw==
 =K8XL
 -----END PGP SIGNATURE-----

Merge tag 'landlock-6.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux

Pull landlock updates from Mickaël Salaün:
 "This brings two main changes to Landlock:

   - A signal scoping fix with a new interface for user space to know if
     it is compatible with the running kernel.

   - Audit support to give visibility on why access requests are denied,
     including the origin of the security policy, missing access rights,
     and description of object(s). This was designed to limit log spam
     as much as possible while still alerting about unexpected blocked
     access.

  With these changes come new and improved documentation, and a lot of
  new tests"

* tag 'landlock-6.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux: (36 commits)
  landlock: Add audit documentation
  selftests/landlock: Add audit tests for network
  selftests/landlock: Add audit tests for filesystem
  selftests/landlock: Add audit tests for abstract UNIX socket scoping
  selftests/landlock: Add audit tests for ptrace
  selftests/landlock: Test audit with restrict flags
  selftests/landlock: Add tests for audit flags and domain IDs
  selftests/landlock: Extend tests for landlock_restrict_self(2)'s flags
  selftests/landlock: Add test for invalid ruleset file descriptor
  samples/landlock: Enable users to log sandbox denials
  landlock: Add LANDLOCK_RESTRICT_SELF_LOG_SUBDOMAINS_OFF
  landlock: Add LANDLOCK_RESTRICT_SELF_LOG_*_EXEC_* flags
  landlock: Log scoped denials
  landlock: Log TCP bind and connect denials
  landlock: Log truncate and IOCTL denials
  landlock: Factor out IOCTL hooks
  landlock: Log file-related denials
  landlock: Log mount-related denials
  landlock: Add AUDIT_LANDLOCK_DOMAIN and log domain status
  landlock: Add AUDIT_LANDLOCK_ACCESS and log ptrace denials
  ...
2025-03-28 12:37:13 -07:00
..
accelerators Documentation: ocxl.rst: Update consortium site 2025-03-12 16:26:45 -06:00
ebpf
gpio Documentation: gpio: Reconfiguration with unset direction (uAPI v2) 2024-07-01 09:38:45 +02:00
ioctl SCSI misc on 20250326 2025-03-26 19:57:34 -07:00
media [GIT PULL for v6.15] media updates 2025-03-25 21:00:31 -07:00
netlink tools: ynl: move python code to separate sub-directory 2025-01-09 12:53:27 -08:00
check_exec.rst security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits 2024-12-18 17:00:29 -08:00
dcdbas.rst
dma-buf-alloc-exchange.rst
dma-buf-heaps.rst Documentation: dma-buf: heaps: Add heap name definitions 2025-03-12 16:49:02 -06:00
ELF.rst
futex2.rst
index.rst Documentation: dma-buf: heaps: Add heap name definitions 2025-03-12 16:49:02 -06:00
iommufd.rst Documentation: userspace-api: iommufd: Update vDEVICE 2024-11-12 11:46:19 -04:00
isapnp.rst
landlock.rst landlock: Add audit documentation 2025-03-26 13:59:49 +01:00
lsm.rst
mfd_noexec.rst mm/memfd: add documentation for MFD_NOEXEC_SEAL MFD_EXEC 2024-06-15 10:43:07 -07:00
mseal.rst mseal: update mseal.rst 2024-10-28 21:40:41 -07:00
no_new_privs.rst
ntsync.rst docs: ntsync: Add documentation for the ntsync uAPI. 2025-01-08 13:18:12 +01:00
perf_ring_buffer.rst Documentation: userspace-api: Document perf ring buffer mechanism 2024-01-30 13:49:02 -07:00
seccomp_filter.rst
spec_ctrl.rst
sysfs-platform_profile.rst Documentation: Add documentation about class interface for platform profiles 2024-12-10 19:18:22 +02:00
tee.rst
unshare.rst
vduse.rst