On Wed, 18 Mar 2020, David Howells wrote: > Add a security hook that allows an LSM to rule on whether a notification > message is allowed to be inserted into a particular watch queue. > > The hook is given the following information: > > (1) The credentials of the triggerer (which may be init_cred for a system > notification, eg. a hardware error). > > (2) The credentials of the whoever set the watch. > > (3) The notification message. > > Signed-off-by: David Howells <dhowells@xxxxxxxxxx> > cc: Casey Schaufler <casey@xxxxxxxxxxxxxxxx> > cc: Stephen Smalley <sds@xxxxxxxxxxxxx> > cc: linux-security-module@xxxxxxxxxxxxxxx > --- > > include/linux/lsm_hooks.h | 14 ++++++++++++++ > include/linux/security.h | 14 ++++++++++++++ > security/security.c | 9 +++++++++ > 3 files changed, 37 insertions(+) Acked-by: James Morris <jamorris@xxxxxxxxxxxxxxxxxxx> -- James Morris <jmorris@xxxxxxxxx>
