forked from mirrors/linux
5807fcaa9b
Pull security subsystem updates from James Morris: - EVM gains support for loading an x509 cert from the kernel (EVM_LOAD_X509), into the EVM trusted kernel keyring. - Smack implements 'file receive' process-based permission checking for sockets, rather than just depending on inode checks. - Misc enhancments for TPM & TPM2. - Cleanups and bugfixes for SELinux, Keys, and IMA. * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (41 commits) selinux: Inode label revalidation performance fix KEYS: refcount bug fix ima: ima_write_policy() limit locking IMA: policy can be updated zero times selinux: rate-limit netlink message warnings in selinux_nlmsg_perm() selinux: export validatetrans decisions gfs2: Invalid security labels of inodes when they go invalid selinux: Revalidate invalid inode security labels security: Add hook to invalidate inode security labels selinux: Add accessor functions for inode->i_security security: Make inode argument of inode_getsecid non-const security: Make inode argument of inode_getsecurity non-const selinux: Remove unused variable in selinux_inode_init_security keys, trusted: seal with a TPM2 authorization policy keys, trusted: select hash algorithm for TPM2 chips keys, trusted: fix: *do not* allow duplicate key options tpm_ibmvtpm: properly handle interrupted packet receptions tpm_tis: Tighten IRQ auto-probing tpm_tis: Refactor the interrupt setup tpm_tis: Get rid of the duplicate IRQ probing code ... |
||
|---|---|---|
| .. | ||
| avtab.c | ||
| avtab.h | ||
| conditional.c | ||
| conditional.h | ||
| constraint.h | ||
| context.h | ||
| ebitmap.c | ||
| ebitmap.h | ||
| hashtab.c | ||
| hashtab.h | ||
| mls.c | ||
| mls.h | ||
| mls_types.h | ||
| policydb.c | ||
| policydb.h | ||
| services.c | ||
| services.h | ||
| sidtab.c | ||
| sidtab.h | ||
| status.c | ||
| symtab.c | ||
| symtab.h | ||