WSL2-Linux-Kernel/Documentation
Micah Morton aeca4e2ca6 LSM: add SafeSetID module that gates setid calls
SafeSetID gates the setid family of syscalls to restrict UID/GID
transitions from a given UID/GID to only those approved by a
system-wide whitelist. These restrictions also prohibit the given
UIDs/GIDs from obtaining auxiliary privileges associated with
CAP_SET{U/G}ID, such as allowing a user to set up user namespace UID
mappings. For now, only gating the set*uid family of syscalls is
supported, with support for set*gid coming in a future patch set.

Signed-off-by: Micah Morton <mortonm@chromium.org>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <james.morris@microsoft.com>
2019-01-25 11:22:45 -08:00
..
ABI for-linus-20190112 2019-01-12 13:40:51 -08:00
EDID
PCI
RCU
accelerators
accounting
acpi
admin-guide LSM: add SafeSetID module that gates setid calls 2019-01-25 11:22:45 -08:00
aoe
arm
arm64 arm64 festive updates for 4.21 2018-12-25 17:41:56 -08:00
auxdisplay
backlight
block block: doc: add slice_idle_us to bfq documentation 2019-01-09 07:38:48 -07:00
blockdev zram: idle writeback fixes and cleanup 2019-01-08 17:15:10 -08:00
bpf bpf, doc: update design qa to reflect kern_version requirement 2019-01-07 15:52:00 -08:00
bus-devices
cdrom
cgroup-v1
cma
connector
console
core-api A handful of late-arriving documentation fixes. 2019-01-05 18:35:02 -08:00
cpu-freq
cpuidle
crypto crypto: skcipher - remove remnants of internal IV generators 2018-12-23 11:52:45 +08:00
dev-tools A fairly normal cycle for documentation stuff. We have a new 2018-12-29 11:21:49 -08:00
device-mapper
devicetree Devicetree fixes for v5.0: 2019-01-18 06:15:28 +12:00
doc-guide
driver-api pci-v4.21-changes 2019-01-05 17:57:34 -08:00
driver-model Documentation: driver core: remove use of BUS_ATTR 2019-01-08 15:17:45 +01:00
early-userspace
extcon
fault-injection
fb fbdev: fbmem: convert CONFIG_FB_LOGO_CENTER into a cmd line option 2019-01-16 17:42:35 +01:00
features Documentation/features: Add csky kernel features 2019-01-07 22:22:16 +08:00
filesystems Documentation: driver core: remove use of BUS_ATTR 2019-01-08 15:17:45 +01:00
firmware_class
fmc
fpga
gpio
gpu A fairly normal cycle for documentation stuff. We have a new 2018-12-29 11:21:49 -08:00
hid HID: doc: fix wrong data structure reference for UHID_OUTPUT 2018-12-18 14:55:22 +01:00
hwmon hwmon: Introduce SENSOR_DEVICE_ATTR_{RO, RW, WO} and variants 2018-12-16 15:13:22 -08:00
i2c
ia64
ide
iio
infiniband
input
ioctl
isdn
kbuild kbuild: generate asm-generic wrappers if mandatory headers are missing 2019-01-06 09:46:51 +09:00
kdump
kernel-hacking
laptops
leds
lightnvm
livepatch
locking
m68k
maintainer
md
media A fairly normal cycle for documentation stuff. We have a new 2018-12-29 11:21:49 -08:00
memory-devices
mic
mips
misc-devices
mmc
mtd
namespaces
netlabel
networking doc: net: fix bad references to network drivers 2019-01-18 11:03:31 -08:00
nfc
nios2
nvdimm libnvdimm/security: Add documentation for nvdimm security support 2018-12-21 12:44:41 -08:00
nvmem
openrisc
parisc
pcmcia
perf
phy
platform
power
powerpc powerpc/fadump: Reservationless firmware assisted dump 2018-12-21 11:32:49 +11:00
pps
process docs: fix Co-Developed-by docs 2019-01-04 13:13:48 -08:00
pti
ptp
rapidio
riscv
s390
scheduler
scsi SCSI misc on 20181224 2018-12-28 14:48:06 -08:00
security Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-01-02 09:43:14 -08:00
serial
sh sh: remove board_time_init() callback 2018-12-18 16:13:04 +01:00
sound
sparc
sphinx
sphinx-static
spi
sysctl kernel/sysctl: add panic_print into sysctl 2019-01-04 13:13:47 -08:00
target
thermal
timers
trace Merge branches 'pm-cpuidle', 'pm-cpufreq' and 'pm-sleep' 2019-01-11 10:09:51 +01:00
translations
usb
userspace-api Merge branch 'next-seccomp' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-01-02 09:48:13 -08:00
virtual Documentation/virtual/kvm: Update URL for AMD SEV API specification 2019-01-11 18:38:07 +01:00
vm A fairly normal cycle for documentation stuff. We have a new 2018-12-29 11:21:49 -08:00
w1
watchdog watchdog: docs: kernel-api: don't reference removed functions 2018-12-24 13:15:06 +01:00
wimax
x86 x86/cache: Rename config option to CONFIG_X86_RESCTRL 2019-01-09 10:29:03 +01:00
xilinx
xtensa
.gitignore
Changes
CodingStyle
DMA-API-HOWTO.txt
DMA-API.txt dma-mapping: deprecate dma_zalloc_coherent 2018-12-20 08:14:09 +01:00
DMA-ISA-LPC.txt
DMA-attributes.txt
IPMI.txt
IRQ-affinity.txt
IRQ-domain.txt
IRQ.txt
Intel-IOMMU.txt
Makefile kbuild: Add support for DT binding schema checks 2018-12-13 09:41:32 -06:00
SAK.txt
SM501.txt
SubmittingPatches
atomic_bitops.txt
atomic_t.txt
bt8xxgpio.txt
btmrvl.txt
bus-virt-phys-mapping.txt
clearing-warn-once.txt
conf.py
cpu-load.txt
cputopology.txt
crc32.txt
dcdbas.txt
debugging-modules.txt
debugging-via-ohci1394.txt
dell_rbu.txt
digsig.txt
docutils.conf
dontdiff
efi-stub.txt
eisa.txt
flexible-arrays.txt
futex-requeue-pi.txt
gcc-plugins.txt
highuid.txt
hw_random.txt
hwspinlock.txt
index.rst
intel_txt.txt
io-mapping.txt
io_ordering.txt
iostats.txt
irqflags-tracing.txt
isa.txt
isapnp.txt
kernel-per-CPU-kthreads.txt
kobject.txt
kprobes.txt
kref.txt
ldm.txt
lockup-watchdogs.txt
logo.gif
logo.txt
lsm.txt
lzo.txt
mailbox.txt
memory-barriers.txt
men-chameleon-bus.txt
nommu-mmap.txt
ntb.txt
numastat.txt
padata.txt
parport-lowlevel.txt
percpu-rw-semaphore.txt
phy.txt
pi-futex.txt
pnp.txt
preempt-locking.txt
pwm.txt
rbtree.txt
remoteproc.txt
rfkill.txt
robust-futex-ABI.txt
robust-futexes.txt
rpmsg.txt
rtc.txt
sgi-ioc4.txt
siphash.txt
smsc_ece1099.txt
speculation.txt
static-keys.txt
svga.txt
switchtec.txt
sync_file.txt
tee.txt
this_cpu_ops.txt
unaligned-memory-access.txt
vfio-mediated-device.txt
vfio.txt
video-output.txt
xillybus.txt
xz.txt
zorro.txt