[GIT PULL] SafeSetID LSM changes for v5.8
Micah Morton
mortonm at chromium.org
Tue Jun 9 18:26:39 UTC 2020
The following changes since commit 3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162:
Linux 5.7 (2020-05-31 16:49:15 -0700)
are available in the Git repository at:
https://github.com/micah-morton/linux.git tags/LSM-add-setgid-hook-5.8
for you to fetch changes up to 04d244bcf92f525011e3df34b21fc39b0591ba93:
security: Add LSM hooks to set*gid syscalls (2020-06-09 10:22:13 -0700)
----------------------------------------------------------------
Add additional LSM hooks for SafeSetID
SafeSetID is capable of making allow/deny decisions for set*uid calls
on a system, and we want to add similar functionality for set*gid
calls. The work to do that is not yet complete, so probably won't make
it in for v5.8, but we are looking to get this simple patch in for
v5.8 since we have it ready. We are planning on the rest of the work
for extending the SafeSetID LSM being merged during the v5.9 merge
window.
This patch was sent to the security mailing list and there were no objections.
Signed-off-by: Micah Morton <mortonm at chromium.org>
----------------------------------------------------------------
Micah Morton (1):
security: Add LSM hooks to set*gid syscalls
include/linux/lsm_hook_defs.h | 2 ++
include/linux/lsm_hooks.h | 9 +++++++++
include/linux/security.h | 9 +++++++++
kernel/sys.c | 15 ++++++++++++++-
security/security.c | 6 ++++++
5 files changed, 40 insertions(+), 1 deletion(-)
More information about the Linux-security-module-archive
mailing list