linux-next/security at d48da4d5ed7b4a022a4e54f210575baac71f58af - linux-next - MyRedstone

Kernel/linux-next

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-15 21:23:23 +00:00

History

Jordan Rome d48da4d5ed

security: add trace event for cap_capable

In cases where we want a stable way to observe/trace
cap_capable (e.g. protection from inlining and API updates)
add a tracepoint that passes:
- The credentials used
- The user namespace of the resource being accessed
- The user namespace in which the credential provides the
capability to access the targeted resource
- The capability to check for
- The return value of the check

Signed-off-by: Jordan Rome <linux@jordanrome.com>
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Reviewed-by: Paul Moore <paul@paul-moore.com>
Reviewed-by: Serge Hallyn <serge@hallyn.com>
Link: https://lore.kernel.org/r/20241204155911.1817092-1-linux@jordanrome.com
Signed-off-by: Serge Hallyn <sergeh@kernel.org>

2024-12-04 20:59:21 -06:00

..

apparmor: lift new_profile declaration to remove C23 extension warning

2024-11-26 19:21:06 -08:00

bpf: lsm: Set bpf_lsm_blob_sizes.lbs_task to 0

2024-09-11 10:11:36 -07:00

lsm/stable-6.13 PR 20241129

2024-11-30 18:14:56 -08:00

ipe: fallback to platform keyring also if key in trusted keyring is rejected

2024-10-18 12:14:53 -07:00

KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation

2024-11-04 21:24:24 +02:00

the bulk of struct fd memory safety stuff

2024-11-18 12:24:06 -08:00

fdget(), more trivial conversions

2024-11-03 01:28:06 -05:00

lockdown: Make lockdown_lsmid static

2024-08-15 12:11:42 -04:00

lsm: mark the lsm_id variables are marked as static

2023-11-12 22:54:42 -05:00

- The series "resource: A couple of cleanups" from Andy Shevchenko

2024-11-25 16:09:48 -08:00

lsm: remove lsm_prop scaffolding

2024-10-11 14:34:16 -04:00

tomoyo: revert CONFIG_SECURITY_TOMOYO_LKM support

2024-10-04 11:41:22 -04:00

sysctl: treewide: constify the ctl_table argument of proc_handlers

2024-07-24 20:59:29 +02:00

commoncap.c

security: add trace event for cap_capable

2024-12-04 20:59:21 -06:00

device_cgroup.c

device_cgroup: Fix kernel-doc warnings in device_cgroup

2023-06-21 09:30:49 -04:00

inode.c

lsm: Use IS_ERR_OR_NULL() helper function

2024-08-29 11:12:13 -04:00

Kconfig

lsm/stable-6.12 PR 20240911

2024-09-16 18:19:47 +02:00

Kconfig.hardening

hardening: Adjust dependencies in selection of MODVERSIONS

2024-09-28 13:56:03 -07:00

lsm_audit.c

security: replace memcpy() with get_task_comm()

2024-11-05 17:12:29 -08:00

lsm_syscalls.c

lsm: use 32-bit compatible data types in LSM syscalls

2024-03-14 11:31:26 -04:00

Makefile

lsm: add IPE lsm

2024-08-19 22:36:26 -04:00

min_addr.c

sysctl: treewide: constify the ctl_table argument of proc_handlers

2024-07-24 20:59:29 +02:00

security.c

\n

2024-11-21 09:55:45 -08:00