Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2024-12-28 16:52:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
d48da4d5ed
linux-next/security
History
Jordan Rome d48da4d5ed
security: add trace event for cap_capable 
In cases where we want a stable way to observe/trace
cap_capable (e.g. protection from inlining and API updates)
add a tracepoint that passes:
- The credentials used
- The user namespace of the resource being accessed
- The user namespace in which the credential provides the
capability to access the targeted resource
- The capability to check for
- The return value of the check

Signed-off-by: Jordan Rome <linux@jordanrome.com>
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Reviewed-by: Paul Moore <paul@paul-moore.com>
Reviewed-by: Serge Hallyn <serge@hallyn.com>
Link: https://lore.kernel.org/r/20241204155911.1817092-1-linux@jordanrome.com
Signed-off-by: Serge Hallyn <sergeh@kernel.org>
2024-12-04 20:59:21 -06:00
..
apparmor apparmor: lift new_profile declaration to remove C23 extension warning 2024-11-26 19:21:06 -08:00
bpf bpf: lsm: Set bpf_lsm_blob_sizes.lbs_task to 0 2024-09-11 10:11:36 -07:00
integrity lsm/stable-6.13 PR 20241129 2024-11-30 18:14:56 -08:00
ipe ipe: fallback to platform keyring also if key in trusted keyring is rejected 2024-10-18 12:14:53 -07:00
keys KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation 2024-11-04 21:24:24 +02:00
landlock the bulk of struct fd memory safety stuff 2024-11-18 12:24:06 -08:00
loadpin fdget(), more trivial conversions 2024-11-03 01:28:06 -05:00
lockdown lockdown: Make lockdown_lsmid static 2024-08-15 12:11:42 -04:00
safesetid lsm: mark the lsm_id variables are marked as static 2023-11-12 22:54:42 -05:00
selinux - The series "resource: A couple of cleanups" from Andy Shevchenko 2024-11-25 16:09:48 -08:00
smack lsm: remove lsm_prop scaffolding 2024-10-11 14:34:16 -04:00
tomoyo tomoyo: revert CONFIG_SECURITY_TOMOYO_LKM support 2024-10-04 11:41:22 -04:00
yama sysctl: treewide: constify the ctl_table argument of proc_handlers 2024-07-24 20:59:29 +02:00
commoncap.c security: add trace event for cap_capable 2024-12-04 20:59:21 -06:00
device_cgroup.c device_cgroup: Fix kernel-doc warnings in device_cgroup 2023-06-21 09:30:49 -04:00
inode.c lsm: Use IS_ERR_OR_NULL() helper function 2024-08-29 11:12:13 -04:00
Kconfig lsm/stable-6.12 PR 20240911 2024-09-16 18:19:47 +02:00
Kconfig.hardening hardening: Adjust dependencies in selection of MODVERSIONS 2024-09-28 13:56:03 -07:00
lsm_audit.c security: replace memcpy() with get_task_comm() 2024-11-05 17:12:29 -08:00
lsm_syscalls.c lsm: use 32-bit compatible data types in LSM syscalls 2024-03-14 11:31:26 -04:00
Makefile lsm: add IPE lsm 2024-08-19 22:36:26 -04:00
min_addr.c sysctl: treewide: constify the ctl_table argument of proc_handlers 2024-07-24 20:59:29 +02:00
security.c \n 2024-11-21 09:55:45 -08:00