[PATCH v4] LSM: generalize flag passing to security_capable
Micah Morton
mortonm at chromium.org
Thu Jan 10 23:03:58 UTC 2019
Sounds good, thanks!
On Thu, Jan 10, 2019 at 2:31 PM James Morris <jmorris at namei.org> wrote:
>
> On Mon, 7 Jan 2019, mortonm at chromium.org wrote:
>
> > From: Micah Morton <mortonm at chromium.org>
> >
> > This patch provides a general mechanism for passing flags to the
> > security_capable LSM hook. It replaces the specific 'audit' flag that is
> > used to tell security_capable whether it should log an audit message for
> > the given capability check. The reason for generalizing this flag
> > passing is so we can add an additional flag that signifies whether
> > security_capable is being called by a setid syscall (which is needed by
> > the proposed SafeSetID LSM).
> >
> > Signed-off-by: Micah Morton <mortonm at chromium.org>
>
> Applied to
> git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-general
> and next-testing
>
> --
> James Morris
> <jmorris at namei.org>
>
More information about the Linux-security-module-archive
mailing list