torvalds/linux
3
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-03-22 07:27:12 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
345123d650db724d53ffee84d7365008c6f729de
linux/security
History
Jann Horn 345123d650 ima: add dont_audit action to suppress audit actions 
"measure", "appraise" and "hash" actions all have corresponding "dont_*"
actions, but "audit" currently lacks that. This means it is not
currently possible to have a policy that audits everything by default,
but excludes specific cases.

This seems to have been an oversight back when the "audit" action was
added.

Add a corresponding "dont_audit" action to enable such uses.

Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2025-10-16 11:12:20 -04:00
..
apparmor
Merge tag 'pull-f_path' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2025-10-03 16:32:36 -07:00
bpf
bpf: lsm: Remove hook to bpf_task_storage_free
2024-12-16 12:32:31 -08:00
integrity
ima: add dont_audit action to suppress audit actions
2025-10-16 11:12:20 -04:00
ipe
Merge tag 'ipe-pr-20250728' of git://git.kernel.org/pub/scm/linux/kernel/git/wufan/ipe
2025-07-31 09:42:20 -07:00
keys
security: keys: use menuconfig for KEYS symbol
2025-10-04 17:25:35 +03:00
landlock
fs: add an icount_read helper
2025-09-01 12:41:09 +02:00
loadpin
loadpin: remove MODULE_COMPRESS_NONE as it is no longer supported
2025-03-03 09:35:50 -08:00
lockdown
lockdown: initialize local array before use to quiet static analysis
2025-01-05 12:48:43 -05:00
safesetid
safesetid: check size of policy writes
2025-01-04 22:46:09 -05:00
selinux
Merge tag 'pull-qstr' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2025-10-03 11:14:02 -07:00
smack
Merge tag 'pull-qstr' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2025-10-03 11:14:02 -07:00
tomoyo
copy_process: pass clone_flags as u64 across calltree
2025-09-01 15:31:34 +02:00
yama
yama: don't abuse rcu_read_lock/get_task_struct in yama_task_prctl()
2025-03-07 19:58:05 -08:00
commoncap.c
exec: Correct the permission check for unsafe exec
2025-06-23 10:38:39 -05:00
device_cgroup.c
device_cgroup: Fix kernel-doc warnings in device_cgroup
2023-06-21 09:30:49 -04:00
inode.c
make securityfs_remove() remove the entire subtree
2025-06-11 18:19:46 -04:00
Kconfig
lsm: CONFIG_LSM can depend on CONFIG_SECURITY
2025-09-11 16:32:04 -04:00
Kconfig.hardening
rust: add bitmap API.
2025-09-22 15:52:44 -04:00
lsm_audit.c
net: Retire DCCP socket.
2025-04-11 18:58:10 -07:00
lsm_syscalls.c
lsm: use 32-bit compatible data types in LSM syscalls
2024-03-14 11:31:26 -04:00
Makefile
lsm: Only build lsm_audit.c if CONFIG_SECURITY and CONFIG_AUDIT are set
2025-01-04 11:50:44 -05:00
min_addr.c
security: use umax() to improve code
2025-08-18 15:41:47 -04:00
security.c
Merge tag 'pull-qstr' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2025-10-03 11:14:02 -07:00