kernel_realme_nemo/security/apparmor/include at bka - kernel_realme_nemo - Evolution X Git

Evolution-X-Devices/kernel_realme_nemo

Files

History

Micah Morton a4cbef76b0 BACKPORT: LSM: generalize flag passing to security_capable

This patch provides a general mechanism for passing flags to the
security_capable LSM hook. It replaces the specific 'audit' flag that is
used to tell security_capable whether it should log an audit message for
the given capability check. The reason for generalizing this flag
passing is so we can add an additional flag that signifies whether
security_capable is being called by a setid syscall (which is needed by
the proposed SafeSetID LSM).

Change-Id: I4ff373b2041e13808422201744f2aac23ec5b4c2
Signed-off-by: Micah Morton <mortonm@chromium.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <james.morris@microsoft.com>
Signed-off-by: Naveen <133593113+elohim-etz@users.noreply.github.com>

2025-12-24 11:48:38 +00:00

..

apparmor.h

apparmor: add mount mediation

2017-09-22 13:00:57 -07:00

apparmorfs.h

apparmor: add policy revision file interface

2017-06-10 17:11:27 -07:00

audit.h

apparmor: fix resource audit messages when auditing peer

2018-04-19 08:56:18 +02:00

capability.h

BACKPORT: LSM: generalize flag passing to security_capable

2025-12-24 11:48:38 +00:00

context.h

apparmor: don't try to replace stale label in ptrace access check

2020-01-27 14:46:04 +01:00

crypto.h

apparmor: allow introspecting the loaded policy pre internal transform

2017-01-16 01:18:42 -08:00

domain.h

Merge tag 'apparmor-pr-2017-09-22' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor

2017-09-23 05:33:29 -10:00

file.h

apparmor: Refactor to remove bprm_secureexec hook

2017-08-01 12:03:06 -07:00

ipc.h

apparmor: add the ability to mediate signals

2017-09-22 13:00:57 -07:00

label.h

apparmor: add support for absolute root view based labels

2017-09-22 13:00:58 -07:00

lib.h

apparmor: move exec domain mediation to using labels

2017-06-10 17:11:46 -07:00

match.h

apparmor: fix restricted endian type warnings for dfa unpack

2017-01-16 01:18:54 -08:00

mount.h

apparmor: add mount mediation

2017-09-22 13:00:57 -07:00

path.h

macro: introduce COUNT_ARGS() macro

2025-12-24 11:35:14 +00:00

perms.h

apparmor: fix ptrace label match when matching stacked labels

2018-01-17 09:45:27 +01:00

policy_ns.h

apparmor: switch from profiles to using labels on contexts

2017-06-10 17:11:38 -07:00

policy_unpack.h

apparmor: move to per loaddata files, instead of replicating in profiles

2017-06-08 12:51:49 -07:00

policy.h

Revert "apparmor: add base infastructure for socket mediation"

2017-10-26 19:35:35 +02:00

procattr.h

apparmor: switch getprocattr to using label_print fns()

2017-06-10 17:11:39 -07:00

resource.h

apparmor: move resource checks to using labels

2017-06-10 17:11:40 -07:00

secid.h

apparmor: rename sid to secid

2017-01-16 00:42:17 -08:00

sig_names.h

apparmor: fix logging of the existence test for signals

2018-04-19 08:56:18 +02:00