qiurui
/
linux-kernelorg-stable
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-kernelorg-stable/security
History
Stephen Boyd ce0d73ef8d loadpin: Prevent SECURITY_LOADPIN_ENFORCE=y without module decompression 
If modules are built compressed, and LoadPin is enforcing by default, we
must have in-kernel module decompression enabled (MODULE_DECOMPRESS).
Modules will fail to load without decompression built into the kernel
because they'll be blocked by LoadPin. Add a depends on clause to
prevent this combination.

Cc: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Cc: Douglas Anderson <dianders@chromium.org>
Signed-off-by: Stephen Boyd <swboyd@chromium.org>
Link: https://lore.kernel.org/r/20240514224839.2526112-1-swboyd@chromium.org
Signed-off-by: Kees Cook <keescook@chromium.org>
 		2024-05-18 13:46:10 -07:00
..
apparmor lsm: use 32-bit compatible data types in LSM syscalls 2024-03-14 11:31:26 -04:00
bpf
integrity lsm/stable-6.9 PR 20240312 2024-03-12 20:03:34 -07:00
keys
landlock landlock: Use f_cred in security_file_open() hook 2024-03-08 18:22:16 +01:00
loadpin loadpin: Prevent SECURITY_LOADPIN_ENFORCE=y without module decompression 2024-05-18 13:46:10 -07:00
lockdown
safesetid
selinux lsm: use 32-bit compatible data types in LSM syscalls 2024-03-14 11:31:26 -04:00
smack lsm: use 32-bit compatible data types in LSM syscalls 2024-03-14 11:31:26 -04:00
tomoyo tomoyo: fix UAF write bug in tomoyo_write_control() 2024-03-01 11:14:00 -08:00
yama
Kconfig fortify: drop Clang version check for 12.0.1 or newer 2024-02-22 15:38:54 -08:00
Kconfig.hardening
Makefile
commoncap.c
device_cgroup.c
inode.c
lsm_audit.c
lsm_syscalls.c lsm: use 32-bit compatible data types in LSM syscalls 2024-03-14 11:31:26 -04:00
min_addr.c
security.c lsm: handle the NULL buffer case in lsm_fill_user_ctx() 2024-03-14 11:31:26 -04:00