[PATCH v1 0/2] Fix misuse of security_capable()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This series replaces all the use of security_capable(current_cred(),
...) with ns_capable{,_noaudit}() which set PF_SUPERPRIV.

This initially come from a review of Landlock by Jann Horn:
https://lore.kernel.org/lkml/CAG48ez1FQVkt78129WozBwFbVhAPyAr9oJAHFHAbbNxEBr9h1g@xxxxxxxxxxxxxx/

Mickaël Salaün (2):
  ptrace: Set PF_SUPERPRIV when checking capability
  seccomp: Set PF_SUPERPRIV when checking capability

 kernel/ptrace.c  | 18 ++++++------------
 kernel/seccomp.c |  5 ++---
 2 files changed, 8 insertions(+), 15 deletions(-)


base-commit: 3650b228f83adda7e5ee532e2b90429c03f7b9ec
-- 
2.28.0
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux