git.baikalelectronics.ru Git - kernel.git/commit

author	Lokesh Gidra <lokeshgidra@google.com>
	Fri, 8 Jan 2021 22:22:20 +0000 (14:22 -0800)
committer	Paul Moore <paul@paul-moore.com>
	Thu, 14 Jan 2021 22:28:24 +0000 (17:28 -0500)
commit	1b6b51047aa36d74fb18b28b7cc7e06418ca3caa
tree	70382b40681e709a8f7790d03cc00adbad4726fa	tree \| snapshot
parent	73d7ffb853b5ba57446e61831b0b1df840fe5dee	commit \| diff

security: add inode_init_security_anon() LSM hook

This change adds a new LSM hook, inode_init_security_anon(), that will
be used while creating secure anonymous inodes. The hook allows/denies
its creation and assigns a security context to the inode.

The new hook accepts an optional context_inode parameter that callers
can use to provide additional contextual information to security modules
for granting/denying permission to create an anon-inode of the same type.
This context_inode's security_context can also be used to initialize the
newly created anon-inode's security_context.

Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Reviewed-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

include/linux/lsm_hook_defs.h		diff \| blob \| history
include/linux/lsm_hooks.h		diff \| blob \| history
include/linux/security.h		diff \| blob \| history
security/security.c		diff \| blob \| history