xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security: define new LSM hook named security_kernel_load_data

Browse Source 
Differentiate between the kernel reading a file specified by userspace
from the kernel loading a buffer containing data provided by userspace.
This patch defines a new LSM hook named security_kernel_load_data().

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: Eric Biederman <ebiederm@xmission.com>
Cc: Luis R. Rodriguez <mcgrof@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: Serge Hallyn <serge@hallyn.com>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <james.morris@microsoft.com>
This commit is contained in:
Mimi Zohar
2018-07-13 14:05:56 -04:00
committed by James Morris
parent 57b54d74dd
commit 377179cd28
3 changed files with 38 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
security/security.c
View File

@@ -1056,6 +1056,11 @@ int security_kernel_post_read_file(struct file *file, char *buf, loff_t size,
}
EXPORT_SYMBOL_GPL(security_kernel_post_read_file);
int security_kernel_load_data(enum kernel_load_data_id id)
{
return call_int_hook(kernel_load_data, 0, id);
}
int security_task_fix_setuid(struct cred *new, const struct cred *old,
int flags)
{