linux_dsm_epyc7002/fs/nfs
Linus Torvalds e24dd9ee53 Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security layer updates from James Morris:

 - a major update for AppArmor. From JJ:

     * several bug fixes and cleanups

     * the patch to add symlink support to securityfs that was floated
       on the list earlier and the apparmorfs changes that make use of
       securityfs symlinks

     * it introduces the domain labeling base code that Ubuntu has been
       carrying for several years, with several cleanups applied. And it
       converts the current mediation over to using the domain labeling
       base, which brings domain stacking support with it. This finally
       will bring the base upstream code in line with Ubuntu and provide
       a base to upstream the new feature work that Ubuntu carries.

     * This does _not_ contain any of the newer apparmor mediation
       features/controls (mount, signals, network, keys, ...) that
       Ubuntu is currently carrying, all of which will be RFC'd on top
       of this.

 - Notable also is the Infiniband work in SELinux, and the new file:map
   permission. From Paul:

      "While we're down to 21 patches for v4.13 (it was 31 for v4.12),
       the diffstat jumps up tremendously with over 2k of line changes.

       Almost all of these changes are the SELinux/IB work done by
       Daniel Jurgens; some other noteworthy changes include a NFS v4.2
       labeling fix, a new file:map permission, and reporting of policy
       capabilities on policy load"

   There's also now genfscon labeling support for tracefs, which was
   lost in v4.1 with the separation from debugfs.

 - Smack incorporates a safer socket check in file_receive, and adds a
   cap_capable call in privilege check.

 - TPM as usual has a bunch of fixes and enhancements.

 - Multiple calls to security_add_hooks() can now be made for the same
   LSM, to allow LSMs to have hook declarations across multiple files.

 - IMA now supports different "ima_appraise=" modes (eg. log, fix) from
   the boot command line.

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (126 commits)
  apparmor: put back designators in struct initialisers
  seccomp: Switch from atomic_t to recount_t
  seccomp: Adjust selftests to avoid double-join
  seccomp: Clean up core dump logic
  IMA: update IMA policy documentation to include pcr= option
  ima: Log the same audit cause whenever a file has no signature
  ima: Simplify policy_func_show.
  integrity: Small code improvements
  ima: fix get_binary_runtime_size()
  ima: use ima_parse_buf() to parse template data
  ima: use ima_parse_buf() to parse measurements headers
  ima: introduce ima_parse_buf()
  ima: Add cgroups2 to the defaults list
  ima: use memdup_user_nul
  ima: fix up #endif comments
  IMA: Correct Kconfig dependencies for hash selection
  ima: define is_ima_appraise_enabled()
  ima: define Kconfig IMA_APPRAISE_BOOTPARAM option
  ima: define a set of appraisal rules requiring file signatures
  ima: extend the "ima_policy" boot command line to support multiple policies
  ...
2017-07-05 11:26:35 -07:00
..
blocklayout block: switch bios to blk_status_t 2017-06-09 09:27:32 -06:00
filelayout nfs/filelayout: fix NULL pointer dereference in fl_pnfs_update_layout() 2017-04-28 13:06:59 -04:00
flexfilelayout pNFS/flexfiles: missing error code in ff_layout_alloc_lseg() 2017-05-24 07:52:54 -04:00
cache_lib.c sunrpc/nfs: cleanup procfs/pipefs entry in cache_detail 2017-02-08 17:02:45 -05:00
cache_lib.h NFS: simplify and clean cache library 2013-02-15 10:43:36 -05:00
callback_proc.c NFSv4: Fix an rcu lock leak 2017-05-08 09:27:59 -04:00
callback_xdr.c NFSv4.1: nfs4_callback_free_slot() cannot call nfs4_slot_tbl_drain_complete() 2017-06-27 22:26:23 -04:00
callback.c NFSv4: Fix callback server shutdown 2017-04-27 18:00:16 -04:00
callback.h nfs: add handling for CB_NOTIFY_LOCK in client 2016-09-22 13:56:04 -04:00
client.c NFS client updates for Linux 4.12 2017-05-10 13:03:38 -07:00
delegation.c NFSv4: Optimise away forced revalidation when we know the attributes are OK 2016-12-01 17:21:37 -05:00
delegation.h NFSv4: nfs_inode_find_state_and_recover() should check all stateids 2016-09-27 14:34:35 -04:00
dir.c Revert "NFS: nfs_rename() handle -ERESTARTSYS dentry left behind" 2017-06-27 21:58:14 -04:00
direct.c NFS client updates for Linux 4.12 2017-05-10 13:03:38 -07:00
dns_resolve.c NFS: Enabling v4.2 should not recompile nfsd and lockd 2013-11-19 16:20:40 -05:00
dns_resolve.h NFS: DNS resolver cache per network namespace context introduced 2012-01-31 18:20:26 -05:00
file.c NFSv4: Don't special case "launder" 2017-04-26 13:03:04 -04:00
fscache-index.c NFS: Fabricate fscache server index key correctly 2014-09-25 21:25:18 -04:00
fscache.c nfs: define nfs_inc_fscache_stats and using it as possible 2014-11-24 20:08:47 -05:00
fscache.h NFS: Use i_writecount to control whether to get an fscache cookie in nfs_open() 2013-09-27 18:40:25 +01:00
getroot.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
inode.c NFS: always treat the invocation of nfs_getattr as cache hit when noac is on 2017-05-05 13:01:32 -04:00
internal.h sched/wait: Split out the wait_bit*() APIs from <linux/wait.h> into <linux/wait_bit.h> 2017-06-20 12:19:09 +02:00
io.c NFS: Do not serialise O_DIRECT reads and writes 2016-07-05 19:11:04 -04:00
iostat.h nfs: define nfs_inc_fscache_stats and using it as possible 2014-11-24 20:08:47 -05:00
Kconfig nfs: remove the objlayout driver 2017-04-20 15:51:23 -04:00
Makefile nfs: remove the objlayout driver 2017-04-20 15:51:23 -04:00
mount_clnt.c NFS: Remove unneeded NFS_DEBUG checking before define NFSDBG_FACILITY 2015-10-21 15:49:23 -05:00
namespace.c NFS: Use ERR_CAST() to avoid cross-structure cast 2017-05-28 10:11:47 -07:00
netns.h netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
nfs2super.c NFS: Convert v2 into a module 2012-07-30 19:06:41 -04:00
nfs2xdr.c nfs: save server READ/WRITE/COMMIT status 2015-02-03 11:06:40 -08:00
nfs3_fs.h nfsv3: introduce nfs3_set_ds_client 2015-02-03 11:06:34 -08:00
nfs3acl.c posix_acl: Inode acl caching fixes 2016-03-31 00:30:15 -04:00
nfs3client.c NFS: Remove unused authflavour parameter from nfs_get_client() 2016-12-01 17:46:32 -05:00
nfs3proc.c NFSv3: nfs3_nlm_alloc_call should be declared static 2017-04-25 16:25:06 -04:00
nfs3super.c nfsv3: introduce nfs3_set_ds_client 2015-02-03 11:06:34 -08:00
nfs3xdr.c xprtrdma: Fix large NFS SYMLINK calls 2015-08-05 16:21:28 -04:00
nfs4_fs.h NFS: Use nfs4_setup_sequence() everywhere 2017-01-30 13:14:50 -05:00
nfs4client.c NFSv4.0: Fix a lock leak in nfs40_walk_client_list 2017-05-24 08:05:16 -04:00
nfs4file.c NFSv4: add flock_owner to open context 2016-12-01 17:57:27 -05:00
nfs4getroot.c NFS: Clean up nfs4_get_rootfh() 2017-04-20 13:39:35 -04:00
nfs4idmap.c KEYS: Differentiate uses of rcu_dereference_key() and user_key_payload() 2017-03-02 10:09:00 +11:00
nfs4idmap.h NFS: Move nfs_idmap.h into fs/nfs/ 2015-04-23 15:16:14 -04:00
nfs4namespace.c NFS: Remove extra dprintk()s from nfs4namespace.c 2017-04-20 13:39:35 -04:00
nfs4proc.c Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-07-03 13:08:04 -07:00
nfs4renewd.c NFSv4: Set the connection timeout to match the lease period 2017-02-09 14:15:16 -05:00
nfs4session.c NFSv4.1: Fix regression in callback retry handling 2016-12-01 17:21:38 -05:00
nfs4session.h NFS: Make trace_nfs4_setup_sequence() available to NFS v4.0 2017-01-30 13:14:50 -05:00
nfs4state.c NFS: Trunking detection should handle ERESTARTSYS/EINTR 2017-06-27 21:44:58 -04:00
nfs4super.c NFS: Move nfs_idmap.h into fs/nfs/ 2015-04-23 15:16:14 -04:00
nfs4sysctl.c nfs: do not initialise statics to 0 2015-12-28 09:57:15 -05:00
nfs4trace.c pNFS: Modify pnfs_update_layout tracepoints to use layout stateid 2015-12-28 09:57:14 -05:00
nfs4trace.h NFS: Make trace_nfs4_setup_sequence() available to NFS v4.0 2017-01-30 13:14:50 -05:00
nfs4xdr.c NFSv4: Fix exclusive create attributes encoding 2017-05-08 09:40:59 -04:00
nfs42.h NFS: Add COPY nfs operation 2016-05-17 15:47:55 -04:00
nfs42proc.c NFS fix COMMIT after COPY 2017-05-24 07:52:48 -04:00
nfs42xdr.c NFS append COMMIT after synchronous COPY 2017-05-08 19:01:06 -04:00
nfs.h NFS: Convert v4 into a module 2012-07-30 19:06:52 -04:00
nfsroot.c nfsroot: make nfsroot to accept the 1024 bytes long directory name 2015-10-21 15:49:19 -05:00
nfstrace.c NFSv4: Allow tracing of NFSv4 fsync calls 2015-03-27 12:39:34 -04:00
nfstrace.h NFS client updates for Linux 4.8 2016-07-30 16:33:25 -07:00
pagelist.c NFS: Add an iocounter wait function for async RPC tasks 2017-04-21 10:45:01 -04:00
pnfs_dev.c NFSv4.1: Don't cache deviceids that have no notifications 2015-03-27 12:32:24 -04:00
pnfs_nfs.c pNFS: Fix NULL dereference in pnfs_generic_alloc_ds_commits 2017-05-03 12:29:41 -04:00
pnfs.c pnfs: Fix the check for requests in range of layout segment 2017-05-24 07:55:02 -04:00
pnfs.h pnfs: Fix the check for requests in range of layout segment 2017-05-24 07:55:02 -04:00
proc.c lockd: Introduce nlmclnt_operations 2017-04-21 10:45:01 -04:00
read.c NFS: move rw_mode to nfs_pageio_header 2017-04-20 14:00:41 -04:00
super.c Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2017-07-05 11:26:35 -07:00
symlink.c vfs: remove ".readlink = generic_readlink" assignments 2016-12-09 16:45:04 +01:00
sysctl.c nfs: convert use of typedef ctl_table to struct ctl_table 2014-06-06 16:08:16 -07:00
unlink.c qstr: constify instances in nfs 2016-07-20 23:30:06 -04:00
write.c NFS client updates for Linux 4.12 2017-05-10 13:03:38 -07:00