bianbu-repo-mirror/bianbu-linux-6.6
1
0
Fork 0
mirror of https://gitee.com/bianbu-linux/linux-6.6 synced 2025-04-26 14:17:26 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

security: Add hooks to rule on setting a watch

Browse source 
Add security hooks that will allow an LSM to rule on whether or not a watch
may be set.  More than one hook is required as the watches watch different
types of object.

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jamorris@linux.microsoft.com>
cc: Casey Schaufler <casey@schaufler-ca.com>
cc: Stephen Smalley <sds@tycho.nsa.gov>
cc: linux-security-module@vger.kernel.org
This commit is contained in:
David Howells 2020-02-12 13:58:35 +00:00
parent c73be61ced
commit 998f50407f
4 changed files with 25 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
include/linux/lsm_hooks.h
View file

@ -1446,6 +1446,11 @@
* @cred: The event-triggerer's credentials
* @n: The notification being posted
*
* @watch_key:
* Check to see if a process is allowed to watch for event notifications
* from a key or keyring.
* @key: The key to watch.
*
* Security hooks for using the eBPF maps and programs functionalities through
* eBPF syscalls.
*