projects / linux-2.6-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e6b1db9) | patch
security: Add a "locked down" LSM hook
authorMatthew Garrett <matthewgarrett@google.com>
Tue, 20 Aug 2019 00:17:38 +0000 (17:17 -0700)
committerJames Morris <jmorris@namei.org>
Tue, 20 Aug 2019 04:54:15 +0000 (21:54 -0700)
commit9e47d31d6a57b5babaca36d42b0d11b6db6019b7
treefcc41c716dbdeb3f8237903284e54ea524d2f463tree | snapshot
parente6b1db98cf4d54d9ea59cfcc195f70dc946fdd38commit | diff
security: Add a "locked down" LSM hook

Add a mechanism to allow LSMs to make a policy decision around whether
kernel functionality that would allow tampering with or examining the
runtime state of the kernel should be permitted.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: James Morris <jmorris@namei.org>
include/linux/lsm_hooks.h diff | blob | blame | history
include/linux/security.h diff | blob | blame | history
security/security.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)