Commit c7eba4a9 authored by Eric Paris's avatar Eric Paris
Browse files

capabilities: introduce security_capable_noaudit 



Exactly like security_capable except don't audit any denials.  This is for
places where the kernel may make decisions about what to do if a task has a
given capability, but which failing that capability is not a sign of a
security policy violation.  An example is checking if a task has
CAP_SYS_ADMIN to lower it's likelyhood of being killed by the oom killer.
This check is not a security violation if it is denied.

Signed-off-by: default avatarEric Paris <eparis@redhat.com>
Acked-by: default avatarSerge E. Hallyn <serge.hallyn@canonical.com>
parent b7e724d3

include/linux/security.h

+7 −0
Original line number Diff line number Diff line
@@ -1668,6 +1668,8 @@ int security_capset(struct cred *new, const struct cred *old, 
		    const kernel_cap_t *permitted);

int security_capable(const struct cred *cred, struct user_namespace *ns,

			int cap);

int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns,

			     int cap);

int security_real_capable(struct task_struct *tsk, struct user_namespace *ns,

			int cap);

int security_real_capable_noaudit(struct task_struct *tsk,
@@ -1869,6 +1871,11 @@ static inline int security_capable(const struct cred *cred, 
	return cap_capable(cred, ns, cap, SECURITY_CAP_AUDIT);

}



static inline int security_capable_noaudit(const struct cred *cred,

					   struct user_namespace *ns, int cap) {

	return cap_capable(cred, ns, cap, SECURITY_CAP_NOAUDIT);

}



static inline int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, int cap)

{

	int ret;

security/security.c

+6 −0
Original line number Diff line number Diff line
@@ -160,6 +160,12 @@ int security_capable(const struct cred *cred, struct user_namespace *ns, 
	return security_ops->capable(cred, ns, cap, SECURITY_CAP_AUDIT);

}



int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns,

			     int cap)

{

	return security_ops->capable(cred, ns, cap, SECURITY_CAP_NOAUDIT);

}



int security_real_capable(struct task_struct *tsk, struct user_namespace *ns,

			  int cap)

{

CRA Git | Maintained and supported by SUSTech CRA and CCSE