Re: [PATCH v4] LSM: generalize flag passing to security_capable

[PATCH] LSM: add SafeSetID module that gates setid calls · mortonm@chromium.org · 2018-10-31
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · "Serge E. Hallyn" <serge@hallyn.com> · 2018-10-31
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Kees Cook <hidden> · 2018-10-31
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Casey Schaufler <casey@schaufler-ca.com> · 2018-10-31
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2018-11-01
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · "Serge E. Hallyn" <serge@hallyn.com> · 2018-11-01
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Casey Schaufler <casey@schaufler-ca.com> · 2018-11-01
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · "Serge E. Hallyn" <serge@hallyn.com> · 2018-11-01
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2018-11-01
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · "Serge E. Hallyn" <serge@hallyn.com> · 2018-11-01
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2018-11-01
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2018-11-01
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2018-11-01
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Casey Schaufler <casey@schaufler-ca.com> · 2018-11-01
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2018-11-01
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Casey Schaufler <casey@schaufler-ca.com> · 2018-11-02
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2018-11-02
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Casey Schaufler <casey@schaufler-ca.com> · 2018-11-02
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · "Serge E. Hallyn" <serge@hallyn.com> · 2018-11-02
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Casey Schaufler <casey@schaufler-ca.com> · 2018-11-02
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · "Serge E. Hallyn" <serge@hallyn.com> · 2018-11-02
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2018-11-08
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Casey Schaufler <casey@schaufler-ca.com> · 2018-11-08
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2018-11-09
[PATCH] LSM: generalize flag passing to security_capable · mortonm@chromium.org · 2018-11-09
[PATCH] LSM: add SafeSetID module that gates setid calls · mortonm@chromium.org · 2018-11-21
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Kees Cook <hidden> · 2018-12-06
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2018-12-06
[PATCH v2] LSM: add SafeSetID module that gates setid calls · mortonm@chromium.org · 2019-01-11
Re: [PATCH v2] LSM: add SafeSetID module that gates setid calls · Kees Cook <hidden> · 2019-01-15
[PATCH v3 1/2] LSM: mark all set*uid call sites in kernel/sys.c · mortonm@chromium.org · 2019-01-15
Re: [PATCH v3 1/2] LSM: mark all set*uid call sites in kernel/sys.c · Kees Cook <hidden> · 2019-01-15
[PATCH v3 2/2] LSM: add SafeSetID module that gates setid calls · mortonm@chromium.org · 2019-01-15
Re: [PATCH v3 2/2] LSM: add SafeSetID module that gates setid calls · Kees Cook <hidden> · 2019-01-15
[PATCH v4 2/2] LSM: add SafeSetID module that gates setid calls · mortonm@chromium.org · 2019-01-15
Re: [PATCH v4 2/2] LSM: add SafeSetID module that gates setid calls · Kees Cook <hidden> · 2019-01-15
[PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · mortonm@chromium.org · 2019-01-16
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · Casey Schaufler <casey@schaufler-ca.com> · 2019-01-16
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2019-01-22
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · James Morris <jmorris@namei.org> · 2019-01-22
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2019-01-22
[PATCH v3 1/2] LSM: add SafeSetID module that gates setid calls · mortonm@chromium.org · 2019-01-22
Re: [PATCH v3 1/2] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2019-01-25
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · James Morris <jmorris@namei.org> · 2019-01-25
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2019-01-25
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2019-01-28
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · Kees Cook <hidden> · 2019-01-28
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · James Morris <jmorris@namei.org> · 2019-01-28
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2019-01-28
[PATCH] LSM: Add 'name' field for SafeSetID in DEFINE_LSM · mortonm@chromium.org · 2019-01-28
Re: [PATCH] LSM: Add 'name' field for SafeSetID in DEFINE_LSM · James Morris <jmorris@namei.org> · 2019-01-28
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2019-01-28
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · James Morris <jmorris@namei.org> · 2019-01-29
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2019-01-29
Re: [PATCH v5 2/2] LSM: add SafeSetID module that gates setid calls · Kees Cook <hidden> · 2019-01-30
[PATCH] LSM: SafeSetID: add selftest · mortonm@chromium.org · 2019-02-06
RE: [PATCH] LSM: SafeSetID: add selftest · Edwin Zimmerman <hidden> · 2019-02-06
Re: [PATCH] LSM: SafeSetID: add selftest · Micah Morton <mortonm@chromium.org> · 2019-02-07
Re: [PATCH] LSM: SafeSetID: add selftest · James Morris <jmorris@namei.org> · 2019-02-12
Re: [PATCH v3 2/2] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2019-01-15
Re: [PATCH v2] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2019-01-15
Re: [PATCH v2] LSM: add SafeSetID module that gates setid calls · Kees Cook <hidden> · 2019-01-15
Re: [PATCH v2] LSM: add SafeSetID module that gates setid calls · James Morris <jmorris@namei.org> · 2019-01-15
Re: [PATCH v2] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2019-01-15
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2018-11-02
[PATCH v2] LSM: add SafeSetID module that gates setid calls · mortonm@chromium.org · 2018-11-06
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · James Morris <jmorris@namei.org> · 2018-11-06
[PATCH v3] LSM: add SafeSetID module that gates setid calls · mortonm@chromium.org · 2018-11-06
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Stephen Smalley <hidden> · 2018-11-02
Re: [PATCH] LSM: add SafeSetID module that gates setid calls · Micah Morton <mortonm@chromium.org> · 2018-11-02
[PATCH] [PATCH] LSM: generalize flag passing to security_capable · mortonm@chromium.org · 2018-11-19
Re: [PATCH] [PATCH] LSM: generalize flag passing to security_capable · Micah Morton <mortonm@chromium.org> · 2018-12-13
Re: [PATCH] [PATCH] LSM: generalize flag passing to security_capable · Casey Schaufler <casey@schaufler-ca.com> · 2018-12-13
Re: [PATCH] [PATCH] LSM: generalize flag passing to security_capable · Micah Morton <mortonm@chromium.org> · 2018-12-14
[PATCH v2] LSM: generalize flag passing to security_capable · mortonm@chromium.org · 2018-12-18
Re: [PATCH v2] LSM: generalize flag passing to security_capable · Micah Morton <mortonm@chromium.org> · 2019-01-07
Re: [PATCH v2] LSM: generalize flag passing to security_capable · Casey Schaufler <casey@schaufler-ca.com> · 2019-01-07
Re: [PATCH v2] LSM: generalize flag passing to security_capable · Micah Morton <mortonm@chromium.org> · 2019-01-07
Re: [PATCH v2] LSM: generalize flag passing to security_capable · Casey Schaufler <casey@schaufler-ca.com> · 2019-01-07
Re: [PATCH v2] LSM: generalize flag passing to security_capable · Micah Morton <mortonm@chromium.org> · 2019-01-07
[PATCH v3] LSM: generalize flag passing to security_capable · mortonm@chromium.org · 2019-01-07
Re: [PATCH v2] LSM: generalize flag passing to security_capable · Kees Cook <hidden> · 2019-01-07
[PATCH v4] LSM: generalize flag passing to security_capable · mortonm@chromium.org · 2019-01-08
Re: [PATCH v4] LSM: generalize flag passing to security_capable · Kees Cook <hidden> · 2019-01-08
Re: [PATCH v4] LSM: generalize flag passing to security_capable · Micah Morton <mortonm@chromium.org> · 2019-01-09
Re: [PATCH v4] LSM: generalize flag passing to security_capable · James Morris <jmorris@namei.org> · 2019-01-10
Re: [PATCH v4] LSM: generalize flag passing to security_capable · Micah Morton <mortonm@chromium.org> · 2019-01-10
Re: [PATCH v2] LSM: generalize flag passing to security_capable · Micah Morton <mortonm@chromium.org> · 2019-01-08

From: James Morris <jmorris@namei.org>
Date: 2019-01-10 22:31:38

On Mon, 7 Jan 2019, mortonm@chromium.org wrote:

From: Micah Morton <mortonm@chromium.org>

This patch provides a general mechanism for passing flags to the
security_capable LSM hook. It replaces the specific 'audit' flag that is
used to tell security_capable whether it should log an audit message for
the given capability check. The reason for generalizing this flag
passing is so we can add an additional flag that signifies whether
security_capable is being called by a setid syscall (which is needed by
the proposed SafeSetID LSM).

Signed-off-by: Micah Morton <mortonm@chromium.org>

Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-general
and next-testing

-- 
James Morris
[off-list ref]

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help