android/android_kernel_samsung_sm8650
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c29722fad4
android_kernel_samsung_sm8650/security
History
Christian Göttsche c29722fad4 selinux: log anon inode class name 
Log the anonymous inode class name in the security hook
inode_init_security_anon.  This name is the key for name based type
transitions on the anon_inode security class on creation.  Example:

    type=AVC msg=audit(02/16/22 22:02:50.585:216) : avc:  granted \
        { create } for  pid=2136 comm=mariadbd anonclass=[io_uring] \
        scontext=system_u:system_r:mysqld_t:s0 \
        tcontext=system_u:system_r:mysqld_iouring_t:s0 tclass=anon_inode

Add a new LSM audit data type holding the inode and the class name.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
[PM: adjusted 'anonclass' to be a trusted string, cgzones approved]
Signed-off-by: Paul Moore <paul@paul-moore.com>
2022-05-03 16:09:03 -04:00
..
apparmor tracehook: Remove tracehook.h 2022-03-10 16:51:51 -06:00
bpf bpf: Implement task local storage 2020-11-06 08:08:37 -08:00
integrity Networking changes for 5.18. 2022-03-24 13:13:26 -07:00
keys ARM driver updates for 5.18 2022-03-23 18:23:13 -07:00
landlock landlock: Use square brackets around "landlock-ruleset" 2022-02-04 14:07:44 +01:00
loadpin LSM: Add "contents" flag to kernel_read_file hook 2020-10-05 13:37:03 +02:00
lockdown Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2020-06-02 17:36:24 -07:00
safesetid LSM: SafeSetID: Mark safesetid_initialized as __initdata 2021-06-10 09:52:32 -07:00
selinux selinux: log anon inode class name 2022-05-03 16:09:03 -04:00
smack Fix incorrect type in assignment of ipv6 port for audit 2022-02-28 15:45:32 -08:00
tomoyo drm for 5.18-rc1 2022-03-24 16:19:43 -07:00
yama task_work: cleanup notification modes 2020-10-17 15:05:30 -06:00
commoncap.c fs: support mapped mounts of mapped filesystems 2021-12-05 10:28:57 +01:00
device_cgroup.c bpf: Make BPF_PROG_RUN_ARRAY return -err instead of allow boolean 2022-01-19 12:51:30 -08:00
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
Kconfig hardening updates for v5.18-rc1-fix1 2022-03-31 11:43:01 -07:00
Kconfig.hardening gcc-plugins/stackleak: Provide verbose mode 2022-02-06 10:49:57 -08:00
lsm_audit.c selinux: log anon inode class name 2022-05-03 16:09:03 -04:00
Makefile security: remove unneeded subdir-$(CONFIG_...) 2021-09-03 08:17:20 +09:00
min_addr.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
security.c selinux/stable-5.18 PR 20220321 2022-03-21 20:47:54 -07:00