linux-kernelorg-stable

History

John Johansen 5bfcbd22ee apparmor: Enable tuning of policy paranoid load for embedded systems AppArmor by default does an extensive check on loaded policy that can take quite some time on limited resource systems. Allow disabling this check for embedded systems where system images are readonly and have checksumming making the need for the embedded policy to be fully checked to be redundant. Note: basic policy checks are still done. Signed-off-by: John Johansen <john.johansen@canonical.com>		2022-07-09 15:13:59 -07:00
..
apparmor	apparmor: Enable tuning of policy paranoid load for embedded systems	2022-07-09 15:13:59 -07:00
bpf	…
integrity	integrity-v5.19	2022-05-24 13:50:39 -07:00
keys	tpmdd updates for v5.19-rc1	2022-05-24 13:16:50 -07:00
landlock	landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER	2022-05-23 13:27:59 +02:00
loadpin	loadpin: stop using bdevname	2022-05-16 16:02:21 -07:00
lockdown	…
safesetid	LSM: SafeSetID: Mark safesetid_initialized as __initdata	2021-06-10 09:52:32 -07:00
selinux	selinux/stable-5.19 PR 20220523	2022-05-24 13:06:32 -07:00
smack	Cleanups (and one fix) around struct mount handling.	2022-06-04 19:00:05 -07:00
tomoyo	LSM: Remove double path_rename hook calls for RENAME_EXCHANGE	2022-05-23 13:27:58 +02:00
yama	…
Kconfig	usercopy: Remove HARDENED_USERCOPY_PAGESPAN	2022-04-13 12:15:52 -07:00
Kconfig.hardening	randstruct: Enable Clang support	2022-05-08 01:33:07 -07:00
Makefile	security: remove unneeded subdir-$(CONFIG_...)	2021-09-03 08:17:20 +09:00
commoncap.c	fs: support mapped mounts of mapped filesystems	2021-12-05 10:28:57 +01:00
device_cgroup.c	bpf: Make BPF_PROG_RUN_ARRAY return -err instead of allow boolean	2022-01-19 12:51:30 -08:00
inode.c	…
lsm_audit.c	selinux: log anon inode class name	2022-05-03 16:09:03 -04:00
min_addr.c	…
security.c	Landlock updates for v5.19-rc1	2022-05-24 13:09:13 -07:00