linux/Documentation
Matthew Garrett 000d388ed3 security: Add a static lockdown policy LSM
While existing LSMs can be extended to handle lockdown policy,
distributions generally want to be able to apply a straightforward
static policy. This patch adds a simple LSM that can be configured to
reject either integrity or all lockdown queries, and can be configured
at runtime (through securityfs), boot time (via a kernel parameter) or
build time (via a kconfig option). Based on initial code by David
Howells.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
2019-08-19 21:54:15 -07:00
..
ABI Char/Misc driver fixes for 5.2-rc6 2019-06-21 10:18:16 -07:00
accelerators
accounting psi: introduce psi monitor 2019-05-14 19:52:48 -07:00
acpi/dsd LED updates for 5.2-rc1. 2019-05-07 18:02:51 -07:00
admin-guide security: Add a static lockdown policy LSM 2019-08-19 21:54:15 -07:00
aoe
arm ARM: 8833/1: Ensure that NEON code always compiles with Clang 2019-02-12 15:20:09 +00:00
arm64 arm64/sve: Fix missing SVE/FPSIMD endianness conversions 2019-06-13 10:07:19 +01:00
auxdisplay
backlight
block block/switching-sched.txt: Update to blk-mq schedulers 2019-06-13 03:00:30 -06:00
blockdev zram: idle writeback fixes and cleanup 2019-01-08 17:15:10 -08:00
bpf bpf: btf: fix the brackets of BTF_INT_OFFSET() 2019-05-14 10:05:18 +02:00
bus-devices
cdrom
cgroup-v1 Merge branch 'for-5.2-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup 2019-06-14 17:46:14 -10:00
cma
connector
console
core-api lib: Move mathematic helpers to separate folder 2019-05-14 19:52:49 -07:00
cpu-freq Documentation: cpu-freq: Frequencies aren't always sorted 2018-11-07 13:29:04 +01:00
crypto crypto: shash - remove shash_desc::flags 2019-04-25 15:38:12 +08:00
dev-tools gcov: docs: add a note on GCC vs Clang differences 2019-05-14 19:52:51 -07:00
device-mapper dm integrity: add a bitmap mode 2019-05-08 13:41:58 -04:00
devicetree dt-bindings: riscv: resolve 'make dt_binding_check' warnings 2019-06-26 10:28:53 -07:00
doc-guide docs: doc-guide: remove the extension from .rst files 2019-04-19 12:46:27 -06:00
driver-api doc: fix documentation about UIO_MEM_LOGICAL using 2019-06-19 19:31:21 +02:00
driver-model i2c: core: add device-managed version of i2c_new_dummy 2019-05-17 19:29:40 +02:00
early-userspace Correct gen_init_cpio tool's documentation 2018-11-25 12:25:53 -07:00
EDID Docs/EDID: Calculate CRC while building the code 2018-11-06 07:36:22 -07:00
extcon
fault-injection doc: fault-injection: fix macro name in example 2019-01-07 15:36:11 -07:00
fb docs: fb: Add TER16x32 to the available font names 2019-06-19 19:21:48 +02:00
features Merge branch 'parisc-5.2-1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux 2019-05-07 19:34:17 -07:00
filesystems ovl: doc: add non-standard corner cases 2019-05-31 11:27:25 +02:00
firmware_class
firmware-guide docs: fix multiple doc build warnings in enumeration.rst 2019-05-23 09:27:39 -06:00
fmc
fpga
gpio docs: gpio: convert docs to ReST and rename to *.rst 2019-04-23 23:30:07 +02:00
gpu drm: add drm_format_helper.c to kerneldoc 2019-04-17 09:39:22 +02:00
hid HID: doc: fix wrong data structure reference for UHID_OUTPUT 2018-12-18 14:55:22 +01:00
hwmon hwmon: (lm75) Add support for TMP75B 2019-05-03 13:16:18 -07:00
i2c i2c-piix4: Add Hygon Dhyana SMBus support 2019-05-03 16:47:54 +02:00
ia64
ide
iio
infiniband Documentation/infiniband: update from locked to pinned_vm 2019-02-07 12:56:23 -07:00
input doc: Change LXR references to elixir.bootlin.com 2019-02-01 16:05:03 -07:00
interconnect interconnect: Add generic on-chip interconnect API 2019-01-22 13:37:25 +01:00
ioctl seccomp: add a return code to trap to userspace 2018-12-11 16:28:41 -08:00
isdn
kbuild kbuild: drop support for cc-ldoption 2019-05-21 00:02:59 +09:00
kdump Documentation: kdump: fix minor typo 2019-05-21 09:31:28 -06:00
kernel-hacking
laptops Documentation: fix lg-laptop.rst warnings 2019-02-11 08:27:47 -07:00
leds Documentation: Use "while" instead of "whilst" 2018-11-20 09:30:43 -07:00
lightnvm
livepatch docs/livepatch: Unify style of livepatch documentation in the ReST format 2019-05-07 16:06:28 -06:00
locking Documentation/locking/lockdep: Drop last two chars of sample states 2019-03-04 12:55:18 -07:00
m68k
maintainer
md
media media updates for v5.2-rc1 2019-05-16 11:57:16 -07:00
memory-devices
mic
mips
misc-devices Documentation: add ibmvmc to toctree(index) and fix warnings 2019-01-14 08:37:17 -07:00
mmc
mtd
namespaces
netlabel
networking tcp: add tcp_min_snd_mss sysctl 2019-06-15 18:47:31 -07:00
nfc
nios2
nvdimm libnvdimm/security: Add documentation for nvdimm security support 2018-12-21 12:44:41 -08:00
nvmem
openrisc
parisc
PCI
pcmcia
perf Documentation: perf: Add documentation for ThunderX2 PMU uncore driver 2018-12-06 12:29:47 +00:00
phy
platform
power PM/EM: Document the Energy Model framework 2019-01-27 12:29:37 +01:00
powerpc Documentation: powerpc: Expand the DAWR acronym 2019-05-03 02:54:58 +10:00
pps
process A reasonably busy cycle for docs, including: 2019-05-08 12:42:50 -07:00
pti
ptp
rapidio
RCU doc: Fix typos and otherwise modernize checklist.txt 2019-03-26 14:37:06 -07:00
riscv
s390 Documentation: Use "while" instead of "whilst" 2018-11-20 09:30:43 -07:00
scheduler sched/doc: Document Energy Aware Scheduling 2019-01-27 12:29:37 +01:00
scsi scsi: ufs-bsg: Allow reading descriptors 2019-02-27 09:00:02 -05:00
security doc: security: Add kern-doc for lsm_hooks.h 2019-02-22 08:54:09 -07:00
serial docs: serial: convert docs to ReST and rename to *.rst 2019-04-25 11:37:42 +02:00
sh sh: remove board_time_init() callback 2018-12-18 16:13:04 +01:00
sound ALSA: doc: my_chip has no element ioport 2019-04-03 11:55:47 +02:00
sparc docs: sparc: convert to ReST 2019-05-08 17:13:35 -07:00
sphinx doc: Cope with the deprecation of AutoReporter 2019-05-23 09:23:11 -06:00
sphinx-static
spi spi-summary: document set_cs_timing 2019-04-08 14:13:43 +07:00
sysctl userfaultfd/sysctl: add vm.unprivileged_userfaultfd 2019-05-14 09:47:45 -07:00
target scsi: target/core: Remove the write_pending_status() callback function 2019-02-04 21:23:59 -05:00
thermal docs: hwmon: Add an index file and rename docs to *.rst 2019-04-17 10:37:23 -07:00
timers Docs: Correct /proc/stat path 2019-02-22 08:50:17 -07:00
trace The major changes in this tracing update includes: 2019-05-15 16:05:47 -07:00
translations Some late arriving documentation changes. In particular, this contains the 2019-05-10 13:24:53 -04:00
usb USB: rio500: update Documentation 2019-05-21 10:11:19 +02:00
userspace-api Documentation: seccomp: unify list indentation 2019-03-18 12:00:28 -06:00
virtual KVM: x86: Modify struct kvm_nested_state to have explicit fields for data 2019-06-19 16:11:52 +02:00
vm mm: fix Documentation/vm/hmm.rst Sphinx warnings 2019-06-01 15:51:31 -07:00
w1
watchdog Documentation/watchdog: Add documentation mlx-wdt driver 2019-03-02 15:28:20 +01:00
wimax
x86 x86/speculation/mds: Improve CPU buffer clear documentation 2019-05-16 09:05:12 +02:00
xilinx drivers: Defer probe if firmware is not ready 2019-03-18 13:45:27 +01:00
xtensa xtensa: document boot parameter passing 2019-02-03 18:06:19 -08:00
.gitignore
atomic_bitops.txt docs: atomic_bitops.txt: add a title for this document 2019-04-11 12:37:02 -06:00
atomic_t.txt Documentation/atomic_t: Clarify signed vs unsigned 2019-03-18 10:27:52 -07:00
bt8xxgpio.txt
btmrvl.txt
bus-virt-phys-mapping.txt
Changes
clearing-warn-once.txt A reasonably busy cycle for docs, including: 2019-05-08 12:42:50 -07:00
CodingStyle
conf.py docs: Fix conf.py for Sphinx 2.0 2019-05-24 09:09:32 -06:00
cpu-load.txt
cputopology.txt topology: Simplify cputopology.txt formatting and wording 2019-04-19 10:56:04 +02:00
crc32.txt
dcdbas.txt
debugging-modules.txt
debugging-via-ohci1394.txt
dell_rbu.txt
digsig.txt
DMA-API-HOWTO.txt DMA mapping updates for 5.2 2019-05-09 08:40:55 -07:00
DMA-API.txt virtio: fixes, cleanups 2019-03-10 12:47:57 -07:00
DMA-attributes.txt
DMA-ISA-LPC.txt Documentation/DMA-ISA-LPC: fix an incorrect reference 2019-02-11 08:23:07 -07:00
docutils.conf
dontdiff A reasonably busy cycle for docs, including: 2019-05-08 12:42:50 -07:00
efi-stub.txt
eisa.txt
futex-requeue-pi.txt
gcc-plugins.txt
highuid.txt
hw_random.txt
hwspinlock.txt
index.rst Merge branch 'x86-mds-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2019-05-14 07:57:29 -07:00
intel_txt.txt
Intel-IOMMU.txt
io_ordering.txt
io-mapping.txt
iostats.txt
IPMI.txt
IRQ-affinity.txt
IRQ-domain.txt
IRQ.txt
irqflags-tracing.txt
isa.txt
isapnp.txt
kernel-per-CPU-kthreads.txt
kobject.txt kref/kobject: Improve documentation 2018-12-06 13:57:03 +01:00
kprobes.txt Merge branch 'parisc-5.2-1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux 2019-05-07 19:34:17 -07:00
kref.txt
ldm.txt
lockup-watchdogs.txt
logo.gif
logo.txt
lsm.txt
lzo.txt lib/lzo: fix bugs for very short or empty input 2019-04-05 16:02:30 -10:00
mailbox.txt
Makefile docs: Makefile: use latexmk if available 2019-04-01 14:33:42 -06:00
memory-barriers.txt docs/memory-barriers.txt: Update I/O section to be clearer about CPU vs thread 2019-04-23 13:34:17 +01:00
men-chameleon-bus.txt
nommu-mmap.txt
ntb.txt docs: ntb.txt: add blank lines to clean up some Sphinx warnings 2019-04-11 12:37:03 -06:00
numastat.txt
packing.txt lib: Add support for generic packing operations 2019-05-03 10:49:17 -04:00
padata.txt
parport-lowlevel.txt
percpu-rw-semaphore.txt
phy.txt
pi-futex.txt
pnp.txt
preempt-locking.txt x86/fpu: Remove fpu__restore() 2019-04-09 19:27:42 +02:00
pwm.txt
rbtree.txt
remoteproc.txt
rfkill.txt
robust-futex-ABI.txt
robust-futexes.txt futex: Update comments and docs about return values of arch futex code 2019-04-26 13:57:55 +01:00
rpmsg.txt
rtc.txt Documentation: rtc: Correct location of rtctest.c 2019-03-25 10:34:55 -06:00
SAK.txt
sgi-ioc4.txt
siphash.txt
SM501.txt
smsc_ece1099.txt
speculation.txt docs: speculation.txt: mark example blocks as such 2019-04-11 12:37:03 -06:00
static-keys.txt static_keys.txt: Fix trivial spelling mistake 2019-02-06 16:44:16 -07:00
SubmittingPatches
svga.txt
switchtec.txt
sync_file.txt
tee.txt
this_cpu_ops.txt
unaligned-memory-access.txt docs: unaligned-memory-access.txt: use a lowercase title 2019-04-11 12:37:03 -06:00
vfio-mediated-device.txt
vfio.txt
video-output.txt docs: video-output.txt: convert it to ReST format 2019-04-11 12:37:03 -06:00
xillybus.txt
xz.txt
zorro.txt