leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ec27c3568a
linux/security/selinux
History
Chenbo Feng ec27c3568a selinux: bpf: Add selinux check for eBPF syscall operations 
Implement the actual checks introduced to eBPF related syscalls. This
implementation use the security field inside bpf object to store a sid that
identify the bpf object. And when processes try to access the object,
selinux will check if processes have the right privileges. The creation
of eBPF object are also checked at the general bpf check hook and new
cmd introduced to eBPF domain can also be checked there.

Signed-off-by: Chenbo Feng <fengc@google.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Reviewed-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-10-20 13:32:59 +01:00
..
include selinux: bpf: Add selinux check for eBPF syscall operations 2017-10-20 13:32:59 +01:00
ss selinux: update my email address 2017-08-17 15:32:55 -04:00
.gitignore SELinux: add .gitignore files for dynamic classes 2009-10-24 09:42:27 +08:00
avc.c selinux/stable-4.14 PR 20170831 2017-09-12 13:21:00 -07:00
exports.c selinux: sparse fix: include selinux.h in exports.c 2011-09-09 16:56:32 -07:00
hooks.c selinux: bpf: Add selinux check for eBPF syscall operations 2017-10-20 13:32:59 +01:00
ibpkey.c selinux: Add a cache for quicker retreival of PKey SIDs 2017-05-23 12:28:12 -04:00
Kconfig security: introduce CONFIG_SECURITY_WRITABLE_HOOKS 2017-03-06 11:00:12 +11:00
Makefile selinux: Add a cache for quicker retreival of PKey SIDs 2017-05-23 12:28:12 -04:00
netif.c Merge commit 'v3.17' into next 2014-11-19 21:32:12 +11:00
netlabel.c calipso: Add a label cache. 2016-06-27 15:06:17 -04:00
netlink.c selinux: replace obsolete NLMSG_* with type safe nlmsg_* 2013-03-28 14:25:49 -04:00
netnode.c selinux: remove unused variabled in the netport, netnode, and netif caches 2014-08-07 20:55:30 -04:00
netport.c selinux: remove unused variabled in the netport, netnode, and netif caches 2014-08-07 20:55:30 -04:00
nlmsgtab.c rtnetlink: add NEWCACHEREPORT message type 2017-06-21 11:22:52 -04:00
selinuxfs.c Merge branch 'work.memdup_user' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-05 16:05:24 -07:00
xfrm.c netfilter: Remove spurios included of netfilter.h 2015-06-18 21:14:32 +02:00