• Linus Torvalds's avatar
    Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security · 7a1e8b80
    Linus Torvalds authored
    Pull security subsystem updates from James Morris:
       - TPM core and driver updates/fixes
       - IPv6 security labeling (CALIPSO)
       - Lots of Apparmor fixes
       - Seccomp: remove 2-phase API, close hole where ptrace can change
         syscall #"
    * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (156 commits)
      apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling
      tpm: Add TPM 2.0 support to the Nuvoton i2c driver (NPCT6xx family)
      tpm: Factor out common startup code
      tpm: use devm_add_action_or_reset
      tpm2_i2c_nuvoton: add irq validity check
      tpm: read burstcount from TPM_STS in one 32-bit transaction
      tpm: fix byte-order for the value read by tpm2_get_tpm_pt
      tpm_tis_core: convert max timeouts from msec to jiffies
      apparmor: fix arg_size computation for when setprocattr is null terminated
      apparmor: fix oops, validate buffer size in apparmor_setprocattr()
      apparmor: do not expose kernel stack
      apparmor: fix module parameters can be changed after policy is locked
      apparmor: fix oops in profile_unpack() when policy_db is not present
      apparmor: don't check for vmalloc_addr if kvzalloc() failed
      apparmor: add missing id bounds check on dfa verification
      apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task
      apparmor: use list_next_entry instead of list_entry_next
      apparmor: fix refcount race when finding a child profile
      apparmor: fix ref count leak when profile sha1 hash is read
      apparmor: check that xindex is in trans_table bounds
Kconfig 2.96 KB