forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/security
History
Daniel Rosenberg e81cea2a6f ANDROID: vfs: Add permission2 for filesystems with per mount permissions 
This allows filesystems to use their mount private data to
influence the permssions they return in permission2. It has
been separated into a new call to avoid disrupting current
permission users.

Bug: 35848445
Bug: 120446149
Change-Id: I9d416e3b8b6eca84ef3e336bd2af89ddd51df6ca
Signed-off-by: Daniel Rosenberg <drosen@google.com>
[AmitP: Minor refactoring of original patch to align with
        changes from the following upstream commit
        4bfd054ae1 ("fs: fold __inode_permission() into inode_permission()").
        Also introduce vfs_mkobj2(), because do_create()
        moved from using vfs_create() to vfs_mkobj()
        eecec19d9e ("mqueue: switch to vfs_mkobj(), quit abusing ->d_fsdata")
        do_create() is dropped/cleaned-up upstream so a
        minor refactoring there as well.
        066cc813e9 ("do_mq_open(): move all work prior to dentry_open() into a helper")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
[astrachan: Folded the following changes into this patch:
            f46c9d62dd81 ("ANDROID: fs: Export vfs_rmdir2")
            9992eb8b9a1e ("ANDROID: xattr: Pass EOPNOTSUPP to permission2")]
Signed-off-by: Alistair Strachan <astrachan@google.com>
2018-12-05 09:48:14 -08:00
..
apparmor apparmor: Fix uninitialized value in aa_split_fqname 2018-11-27 16:13:00 +01:00
integrity ima: open a new file instance if no read permissions 2018-11-13 11:08:46 -08:00
keys Revert "uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name" 2018-09-25 13:28:58 +02:00
loadpin module: replace the existing LSM hook in init_module 2018-07-16 12:31:57 -07:00
selinux selinux: check length properly in SCTP bind hook 2018-11-21 09:19:24 +01:00
smack Smack: ptrace capability use fixes 2018-11-13 11:08:36 -08:00
tomoyo Kbuild updates for v4.19 2018-08-15 12:09:03 -07:00
yama pids: introduce find_get_task_by_vpid() helper 2018-02-06 18:32:46 -08:00
commoncap.c cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() 2018-08-11 02:05:53 -05:00
device_cgroup.c docs: fix broken references with multiple hints 2018-06-15 18:10:01 -03:00
inode.c ANDROID: vfs: Add permission2 for filesystems with per mount permissions 2018-12-05 09:48:14 -08:00
Kconfig ANDROID: security,perf: Allow further restriction of perf_event_open 2018-12-05 09:48:13 -08:00
lsm_audit.c audit: use inline function to get audit context 2018-05-14 17:24:18 -04:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c ANDROID: sdcardfs: Enable modular sdcardfs 2018-12-05 09:48:13 -08:00