mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2026-01-11 17:10:13 +00:00
5703357ede
-----BEGIN PGP SIGNATURE----- iQJIBAABCgAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAmkgxTMUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQ6iDy2pc3iXMaFw//ceP1tRSZcpCEkgkks3hkSxANfqdZ WbuSlI/bzEJjmmM/FAA1KM1+5b/FrO5gzrkfi1eEJ5DlI9Biy0Qa1qgi+21JbOGO yC0f7poMwDtDZFl9OLtI6yJ8XyO/HP8+HIc7LqJgSjUvF4S0m8MVHS2acRvOuEGU adw80uwnW64pBX+mgZOsf3GAZLpNFMlFwLQ2s2ERd0Hl4X1hmOgkejCTjS4BhAVE BSOxRyNLiEjmrjypP+pmjZoedsnq5LaUZD5tj+0IieQ0SYCg//2GSwh8fpfNjRCx C8rnBOT632VTKkUdIkHHOe8PzDN8L+WJYtiCiSyuCm+ExdElfibN+/N0jwhck/bF pXHwtIaXbxMaWDbfJyrjblBZQwlfMwUzQtoNCeKtuVANCQqz77aDMsMxGXw/FXYm c5Wut0FDGPnoITJu1b2hwA6XWPwBFB/lI+7M8l54ofssC27M4wp6xw5z1vVGz4bb x3ypzOxoa0VkZrbXjb7o2FMOqsHdb/J23tXN2YRnVTeUGdK48KFBcrvMwQKZV+rD AYmdJkzMLiFX0NLpviYqJT61tEQviWLVmeB2ACm8RbxN7+aE6ecZz6QvrtCsPqz9 iKeSNfSqwdHPQPe935pzfa/LcLDdvpEhSzuAcQICPhY3M33J4xc8y/0ZXkH6katL nU75VPpt6EVU5XI= =32VE -----END PGP SIGNATURE----- Merge tag 'selinux-pr-20251121' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux Pull selinux fixes from Paul Moore: "Three SELinux patches for v6.18 to fix issues around accessing the per-task decision cache that we introduced in v6.16 to help reduce SELinux overhead on path walks. The problem was that despite the cache being located in the SELinux "task_security_struct", the parent struct wasn't actually tied to the task, it was tied to a cred. Historically SELinux did locate the task_security_struct in the task_struct's security blob, but it was later relocated to the cred struct when the cred work happened, as it made the most sense at the time. Unfortunately we never did the task_security_struct to cred_security_struct rename work (avoid code churn maybe? who knows) because it didn't really matter at the time. However, it suddenly became a problem when we added a per-task cache to a per-cred object and didn't notice because of the old, no-longer-correct struct naming. Thanks to KCSAN for flagging this, as the silly humans running things forgot that the task_security_struct was a big lie. This contains three patches, only one of which actually fixes the problem described above and moves the SELinux decision cache from the per-cred struct to a newly (re)created per-task struct. The other two patches, which form the bulk of the diffstat, take care of the associated renaming tasks so we can hopefully avoid making the same stupid mistake in the future. For the record, I did contemplate sending just a fix for the cache, leaving the renaming patches for the upcoming merge window, but the type/variable naming ended up being pretty awful and would have made v6.18 an outlier stuck between the "old" names and the "new" names in v6.19. The renaming patches are also fairly mechanical/trivial and shouldn't pose much risk despite their size. TLDR; naming things may be hard, but if you mess it up bad things happen" * tag 'selinux-pr-20251121' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: rename the cred_security_struct variables to "crsec" selinux: move avdcache to per-task security struct selinux: rename task_security_struct to cred_security_struct
Linux kernel
============
There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.
In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``. The formatted documentation can also be read online at:
https://www.kernel.org/doc/html/latest/
There are various text files in the Documentation/ subdirectory,
several of them using the reStructuredText markup notation.
Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.