Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2025-01-01 07:42:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
e80b18599a
linux/security
History
Tetsuo Handa e80b18599a tomoyo: Add a kernel config option for fuzzing testing. 
syzbot is reporting kernel panic triggered by memory allocation fault
injection before loading TOMOYO's policy [1]. To make the fuzzing tests
useful, we need to assign a profile other than "disabled" (no-op) mode.
Therefore, let's allow syzbot to load TOMOYO's built-in policy for
"learning" mode using a kernel config option. This option must not be
enabled for kernels built for production system, for this option also
disables domain/program checks when modifying policy configuration via
/sys/kernel/security/tomoyo/ interface.

[1] https://syzkaller.appspot.com/bug?extid=29569ed06425fcf67a95

Reported-by: syzbot <syzbot+e1b8084e532b6ee7afab@syzkaller.appspotmail.com>
Reported-by: syzbot <syzbot+29569ed06425fcf67a95@syzkaller.appspotmail.com>
Reported-by: syzbot <syzbot+2ee3f8974c2e7dc69feb@syzkaller.appspotmail.com>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jamorris@linux.microsoft.com>
2019-05-10 14:58:11 -07:00
..
apparmor Merge branch 'work.icache' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-05-07 10:57:05 -07:00
integrity audit/stable-5.2 PR 20190507 2019-05-07 19:06:04 -07:00
keys Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-05-07 08:39:54 -07:00
loadpin LoadPin: Initialize as ordered LSM 2019-01-08 13:18:43 -08:00
safesetid LSM: fix return value check in safesetid_init_securityfs() 2019-02-12 10:59:22 -08:00
selinux selinux: do not report error on connect(AF_UNSPEC) 2019-05-08 09:45:38 -07:00
smack Smack: Fix kbuild reported build error 2019-04-30 14:13:32 -07:00
tomoyo tomoyo: Add a kernel config option for fuzzing testing. 2019-05-10 14:58:11 -07:00
yama Yama: mark function as static 2019-04-10 10:36:45 -07:00
commoncap.c audit/stable-5.1 PR 20190305 2019-03-07 12:20:11 -08:00
device_cgroup.c device_cgroup: fix RCU imbalance in error case 2019-03-19 10:46:15 -07:00
inode.c securityfs: switch to ->free_inode() 2019-05-01 22:43:26 -04:00
Kconfig compiler-based memory initialization 2019-05-07 12:44:49 -07:00
Kconfig.hardening security: Implement Clang's stack initialization 2019-04-24 14:00:56 -07:00
lsm_audit.c missing barriers in some of unix_sock ->addr and ->path accesses 2019-02-20 20:06:28 -08:00
Makefile LSM: add SafeSetID module that gates setid calls 2019-01-25 11:22:45 -08:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c Merge branch 'work.mount-syscalls' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-05-07 20:17:51 -07:00