This is an automated email from the git hooks/post-receive script.

unknown user pushed a change to branch master in repository linux.

from acb4f33713b9 Merge tag 'm68knommu-for-v6.15' of git://git.kernel.org/pu [...] new 112e43e9fd3b Revert "Merge tag 'irq-msi-2025-03-23' of git://git.kernel [...] new 6df401a2ee4a ipe: policy_fs: fix kernel-doc warnings new f174ac5ba2d0 Merge tag 'ipe-pr-20250324' of git://git.kernel.org/pub/sc [...] new 5b3cd801155f ima: limit the number of open-writers integrity violations new a414016218ca ima: limit the number of ToMToU integrity violations new a2d4f473df11 Merge tag 'integrity-v6.15' of git://git.kernel.org/pub/sc [...] new 4ae89b1fe7c2 capability: Remove unused has_capability new 78fb88eca684 Merge tag 'caps-pr-20250327' of git://git.kernel.org/pub/s [...] new d1a088a87273 landlock: Clarify IPC scoping documentation new 624f177d8f62 landlock: Move code to ease future backports new 15383a0d63db landlock: Add the errata interface new 48fce74fe209 landlock: Add erratum for TCP fix new 6d9ac5e4d70e landlock: Prepare to add second errata new 18eb75f3af40 landlock: Always allow signals between threads of the same [...] new bbe72274035a selftests/landlock: Split signal_scoping_threads tests new c5efa393d82c selftests/landlock: Add a new test for setuid() new 9b08a16637ee lsm: Add audit_log_lsm_data() helper new d9d2a68ed44b landlock: Add unique ID generator new 5b95b329befa landlock: Move domain hierarchy management new ae2483a26017 landlock: Prepare to use credential instead of domain for [...] new 93f33f0cb2f0 landlock: Prepare to use credential instead of domain for network new 8d20efa9dc6c landlock: Prepare to use credential instead of domain for scope new 79625f1b3a3d landlock: Prepare to use credential instead of domain for fowner new 14f6c14e9fbd landlock: Identify domain execution crossing new 33e65b0d3add landlock: Add AUDIT_LANDLOCK_ACCESS and log ptrace denials new 1d636984e088 landlock: Add AUDIT_LANDLOCK_DOMAIN and log domain status new c56f649646ec landlock: Log mount-related denials new 2fc80c69df82 landlock: Log file-related denials new e120b3c29302 landlock: Factor out IOCTL hooks new 20fd29549454 landlock: Log truncate and IOCTL denials new 9f74411a40ce landlock: Log TCP bind and connect denials new 1176a15b5ec0 landlock: Log scoped denials new 12bfcda73ac2 landlock: Add LANDLOCK_RESTRICT_SELF_LOG_*_EXEC_* flags new ead9079f7569 landlock: Add LANDLOCK_RESTRICT_SELF_LOG_SUBDOMAINS_OFF new ec2798d85b1c samples/landlock: Enable users to log sandbox denials new ec12a8d4c186 selftests/landlock: Add test for invalid ruleset file descriptor new e178b404ea0c selftests/landlock: Extend tests for landlock_restrict_sel [...] new 6a500b22971c selftests/landlock: Add tests for audit flags and domain IDs new 960ed6ca4c46 selftests/landlock: Test audit with restrict flags new e2893c0a696f selftests/landlock: Add audit tests for ptrace new e1156872efa7 selftests/landlock: Add audit tests for abstract UNIX sock [...] new 316d06b01130 selftests/landlock: Add audit tests for filesystem new a5c369e45b3e selftests/landlock: Add audit tests for network new 8e2dd47b10e7 landlock: Add audit documentation new 72885116069a Merge tag 'landlock-6.15-rc1' of git://git.kernel.org/pub/ [...] new 3371f569223c arm/crc-t10dif: fix use of out-of-scope array in crc_t10di [...] new d48b663f410f arm64/crc-t10dif: fix use of out-of-scope array in crc_t10 [...] new f8a4eba343ca Merge tag 'crc-for-linus' of git://git.kernel.org/pub/scm/ [...] new 17d253af4c2c tpm: do not start chip while suspended new fb3bf46de6d9 tpm: ftpm_tee: remove incorrect of_match_ptr annotation new 668f953bb4df tpm: Lazily flush auth session when getting random data new 6359691b4fbc tpm: Convert warn to dbg in tpm2_start_auth_session() new 7146dffa875c tpm, tpm_tis: Fix timeout handling when waiting for TPM status new de9e33df7762 tpm, tpm_tis: Workaround failed command reception on Infin [...] new 618bf0349ef0 tpm/tpm_ftpm_tee: fix struct ftpm_tee_private documentation new eb93f0734ef1 tpm_crb: ffa_tpm: Implement driver compliant to CRB over FF-A new e0ad11e703e6 tpm_crb: Clean-up and refactor check for idle support new 6a457548030d ACPICA: Add start method for ARM FF-A new 9afb9eaa9f7e tpm_crb: Add support for the ARM FF-A start method new da086d4e7282 Documentation: tpm: Add documentation for the CRB FF-A interface new 1dbf74e00a5f tpm: End any active auth session before shutdown new 372f97a24a70 MAINTAINERS: TPM DEVICE DRIVER: add missing includes new 980a573621ea tpm: Make chip->{status,cancel,req_canceled} opt new 15cb9a2b66fc Merge tag 'tpmdd-next-6.15-rc1' of git://git.kernel.org/pu [...]

The 64 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference.

Summary of changes: Documentation/admin-guide/LSM/index.rst | 1 + Documentation/admin-guide/LSM/landlock.rst | 158 ++++++ Documentation/security/landlock.rst | 13 +- Documentation/security/tpm/index.rst | 1 + Documentation/security/tpm/tpm_ffa_crb.rst | 65 +++ Documentation/userspace-api/landlock.rst | 72 ++- MAINTAINERS | 3 + arch/arm/lib/crc-t10dif-glue.c | 4 +- arch/arm64/lib/crc-t10dif-glue.c | 4 +- drivers/char/tpm/Kconfig | 9 + drivers/char/tpm/Makefile | 1 + drivers/char/tpm/tpm-chip.c | 6 + drivers/char/tpm/tpm-interface.c | 37 +- drivers/char/tpm/tpm2-cmd.c | 1 - drivers/char/tpm/tpm2-sessions.c | 2 +- drivers/char/tpm/tpm_crb.c | 105 +++- drivers/char/tpm/tpm_crb_ffa.c | 348 ++++++++++++ drivers/char/tpm/tpm_crb_ffa.h | 25 + drivers/char/tpm/tpm_ftpm_tee.c | 22 +- drivers/char/tpm/tpm_ftpm_tee.h | 1 - drivers/char/tpm/tpm_tis_core.c | 20 +- drivers/char/tpm/tpm_tis_core.h | 1 + drivers/ntb/msi.c | 22 +- drivers/pci/controller/pci-hyperv.c | 14 +- drivers/pci/msi/api.c | 6 +- drivers/pci/msi/msi.c | 167 +++--- drivers/pci/pci.h | 9 - drivers/pci/tph.c | 44 +- drivers/soc/ti/ti_sci_inta_msi.c | 10 +- drivers/ufs/host/ufs-qcom.c | 75 ++- include/acpi/actbl3.h | 1 + include/linux/capability.h | 5 - include/linux/cleanup.h | 17 - include/linux/irqdomain.h | 2 - include/linux/lsm_audit.h | 8 + include/linux/msi.h | 12 +- include/linux/tpm.h | 1 + include/uapi/linux/audit.h | 4 +- include/uapi/linux/landlock.h | 35 ++ kernel/capability.c | 16 - kernel/irq/msi.c | 161 ++++-- samples/landlock/sandboxer.c | 37 +- security/commoncap.c | 9 +- security/integrity/ima/ima.h | 3 +- security/integrity/ima/ima_main.c | 18 +- security/ipe/policy_fs.c | 8 +- security/landlock/.kunitconfig | 2 + security/landlock/Makefile | 5 + security/landlock/access.h | 25 +- security/landlock/audit.c | 522 ++++++++++++++++++ security/landlock/audit.h | 76 +++ security/landlock/cred.c | 28 +- security/landlock/cred.h | 92 +++- security/landlock/domain.c | 264 +++++++++ security/landlock/domain.h | 174 ++++++ security/landlock/errata.h | 99 ++++ security/landlock/errata/abi-4.h | 15 + security/landlock/errata/abi-6.h | 19 + security/landlock/fs.c | 321 ++++++++--- security/landlock/fs.h | 40 +- security/landlock/id.c | 251 +++++++++ security/landlock/id.h | 25 + security/landlock/limits.h | 7 +- security/landlock/net.c | 78 ++- security/landlock/ruleset.c | 30 +- security/landlock/ruleset.h | 48 +- security/landlock/setup.c | 40 +- security/landlock/setup.h | 3 + security/landlock/syscalls.c | 99 +++- security/landlock/task.c | 257 ++++++--- security/lsm_audit.c | 27 +- tools/testing/kunit/configs/all_tests.config | 2 + tools/testing/selftests/landlock/.gitignore | 1 + tools/testing/selftests/landlock/Makefile | 6 +- tools/testing/selftests/landlock/audit.h | 472 ++++++++++++++++ tools/testing/selftests/landlock/audit_test.c | 551 +++++++++++++++++++ tools/testing/selftests/landlock/base_test.c | 130 ++++- tools/testing/selftests/landlock/common.h | 20 + tools/testing/selftests/landlock/config | 1 + tools/testing/selftests/landlock/fs_test.c | 594 +++++++++++++++++++++ tools/testing/selftests/landlock/net_test.c | 132 +++++ tools/testing/selftests/landlock/ptrace_test.c | 140 +++++ .../selftests/landlock/scoped_abstract_unix_test.c | 111 ++++ .../selftests/landlock/scoped_signal_test.c | 108 +++- .../testing/selftests/landlock/wait-pipe-sandbox.c | 131 +++++ 85 files changed, 5865 insertions(+), 664 deletions(-) create mode 100644 Documentation/admin-guide/LSM/landlock.rst create mode 100644 Documentation/security/tpm/tpm_ffa_crb.rst create mode 100644 drivers/char/tpm/tpm_crb_ffa.c create mode 100644 drivers/char/tpm/tpm_crb_ffa.h create mode 100644 security/landlock/audit.c create mode 100644 security/landlock/audit.h create mode 100644 security/landlock/domain.c create mode 100644 security/landlock/domain.h create mode 100644 security/landlock/errata.h create mode 100644 security/landlock/errata/abi-4.h create mode 100644 security/landlock/errata/abi-6.h create mode 100644 security/landlock/id.c create mode 100644 security/landlock/id.h create mode 100644 tools/testing/selftests/landlock/audit.h create mode 100644 tools/testing/selftests/landlock/audit_test.c create mode 100644 tools/testing/selftests/landlock/wait-pipe-sandbox.c