AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-03-04 10:26:24 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
2e72d51b4a
linux_dsm_epyc7002/security
History
Kees Cook 2e72d51b4a security: introduce kernel_module_from_file hook 
Now that kernel module origins can be reasoned about, provide a hook to
the LSMs to make policy decisions about the module file. This will let
Chrome OS enforce that loadable kernel modules can only come from its
read-only hash-verified root filesystem. Other LSMs can, for example,
read extended attributes for signatures, etc.

Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Acked-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-12-14 13:05:24 +10:30
..
apparmor apparmor: fix IRQ stack overflow during free_profile 2012-10-25 02:12:50 +11:00
integrity
keys Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux 2012-10-14 13:39:34 -07:00
selinux selinux: fix sel_netnode_insert() suspicious rcu dereference 2012-11-21 21:55:32 +11:00
smack consitify do_mount() arguments 2012-10-11 20:02:04 -04:00
tomoyo consitify do_mount() arguments 2012-10-11 20:02:04 -04:00
yama
capability.c security: introduce kernel_module_from_file hook 2012-12-14 13:05:24 +10:30
commoncap.c
device_cgroup.c device_cgroup: fix RCU usage 2012-11-06 12:25:51 -08:00
inode.c
Kconfig
lsm_audit.c
Makefile
min_addr.c
security.c security: introduce kernel_module_from_file hook 2012-12-14 13:05:24 +10:30