acrn-kernel

History

Wang Weiyang 35fe1c2384 device_cgroup: Roll back to original exceptions after copy failure commit `e68bfbd3b3` upstream. When add the 'a : rwm' entry to devcgroup A's whitelist, at first A's exceptions will be cleaned and A's behavior is changed to DEVCG_DEFAULT_ALLOW. Then parent's exceptions will be copyed to A's whitelist. If copy failure occurs, just return leaving A to grant permissions to all devices. And A may grant more permissions than parent. Backup A's whitelist and recover original exceptions after copy failure. Cc: stable@vger.kernel.org Fixes: `4cef7299b4` ("device_cgroup: add proper checking when changing default behavior") Signed-off-by: Wang Weiyang <wangweiyang2@huawei.com> Reviewed-by: Aristeu Rozanski <aris@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2023-01-07 11:11:56 +01:00
..
apparmor	apparmor: Fix memleak in alloc_ns()	2022-12-31 13:32:31 +01:00
bpf	…
integrity	ima: Fix memory leak in __ima_inode_hash()	2023-01-07 11:11:52 +01:00
keys	KEYS: encrypted: fix key instantiation with user-provided data	2022-12-21 17:48:11 +01:00
landlock	…
loadpin	LoadPin: Ignore the "contents" argument of the LSM hooks	2022-12-31 13:33:07 +01:00
lockdown	…
safesetid	…
selinux	selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()	2022-10-19 09:55:53 -04:00
smack	whack-a-mole: constifying struct path *	2022-10-06 17:31:02 -07:00
tomoyo	…
yama	…
Kconfig	…
Kconfig.hardening	security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6	2022-12-31 13:33:10 +01:00
Makefile	…
commoncap.c	capabilities: fix potential memleak on error path from vfs_getxattr_alloc()	2022-10-28 06:44:33 -04:00
device_cgroup.c	device_cgroup: Roll back to original exceptions after copy failure	2023-01-07 11:11:56 +01:00
inode.c	…
lsm_audit.c	…
min_addr.c	…
security.c	powerpc updates for 6.1	2022-10-09 14:05:15 -07:00