linux_dsm_epyc7002/security/keys
Linus Torvalds 7a1e8b80fb Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
 "Highlights:

   - TPM core and driver updates/fixes
   - IPv6 security labeling (CALIPSO)
   - Lots of Apparmor fixes
   - Seccomp: remove 2-phase API, close hole where ptrace can change
     syscall #"

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (156 commits)
  apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling
  tpm: Add TPM 2.0 support to the Nuvoton i2c driver (NPCT6xx family)
  tpm: Factor out common startup code
  tpm: use devm_add_action_or_reset
  tpm2_i2c_nuvoton: add irq validity check
  tpm: read burstcount from TPM_STS in one 32-bit transaction
  tpm: fix byte-order for the value read by tpm2_get_tpm_pt
  tpm_tis_core: convert max timeouts from msec to jiffies
  apparmor: fix arg_size computation for when setprocattr is null terminated
  apparmor: fix oops, validate buffer size in apparmor_setprocattr()
  apparmor: do not expose kernel stack
  apparmor: fix module parameters can be changed after policy is locked
  apparmor: fix oops in profile_unpack() when policy_db is not present
  apparmor: don't check for vmalloc_addr if kvzalloc() failed
  apparmor: add missing id bounds check on dfa verification
  apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task
  apparmor: use list_next_entry instead of list_entry_next
  apparmor: fix refcount race when finding a child profile
  apparmor: fix ref count leak when profile sha1 hash is read
  apparmor: check that xindex is in trans_table bounds
  ...
2016-07-29 17:38:46 -07:00
..
encrypted-keys KEYS: Use skcipher 2016-01-27 20:36:03 +08:00
big_key.c KEYS: Use skcipher for big keys 2016-06-24 21:24:58 +08:00
compat.c KEYS: Add placeholder for KDF usage with DH 2016-06-03 16:14:34 +10:00
dh.c KEYS: Add placeholder for KDF usage with DH 2016-06-03 16:14:34 +10:00
gc.c KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring 2015-10-15 17:21:37 +01:00
internal.h KEYS: Add placeholder for KDF usage with DH 2016-06-03 16:14:34 +10:00
Kconfig KEYS: Add KEYCTL_DH_COMPUTE command 2016-04-12 19:54:58 +01:00
key.c KEYS: potential uninitialized variable 2016-06-16 17:15:04 -10:00
keyctl.c KEYS: Add placeholder for KDF usage with DH 2016-06-03 16:14:34 +10:00
keyring.c KEYS: Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTED 2016-04-11 22:44:15 +01:00
Makefile KEYS: Add KEYCTL_DH_COMPUTE command 2016-04-12 19:54:58 +01:00
permission.c KEYS: Move the flags representing required permission to linux/key.h 2014-03-14 17:44:49 +00:00
persistent.c KEYS: Strip trailing spaces 2016-06-14 10:29:44 +01:00
proc.c KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y 2015-01-22 22:34:32 +00:00
process_keys.c KEYS: Add a facility to restrict new links into a keyring 2016-04-11 22:37:37 +01:00
request_key_auth.c KEYS: Add a facility to restrict new links into a keyring 2016-04-11 22:37:37 +01:00
request_key.c KEYS: Strip trailing spaces 2016-06-14 10:29:44 +01:00
sysctl.c security: Convert use of typedef ctl_table to struct ctl_table 2014-04-15 13:39:58 +10:00
trusted.c tpm: fix checks for policy digest existence in tpm2_seal_trusted() 2016-02-10 04:10:55 +02:00
trusted.h keys, trusted: move struct trusted_key_options to trusted-type.h 2015-10-19 01:01:21 +02:00
user_defined.c KEYS: user_update should use copy of payload made during preparsing 2016-04-12 19:54:58 +01:00