www.infradead.org Git - users/jedix/linux-maple.git/commit

author	"Kipp N. Davis" <kippndavis.work@gmx.com>
	Tue, 11 Feb 2025 18:21:59 +0000 (13:21 -0500)
committer	Paul Moore <paul@paul-moore.com>
	Wed, 26 Feb 2025 20:14:43 +0000 (15:14 -0500)
commit	2c2b1e059792f610bae4fee8ed517b8ce9c585fb
tree	c695fa52327953b3f9140a8f7004dbccba147091	tree
parent	5fc80fb5b776fa22b01472baecec4d26d1af811b	commit \| diff

selinux: add permission checks for loading other kinds of kernel files

Although the LSM hooks for loading kernel modules were later generalized
to cover loading other kinds of files, SELinux didn't implement
corresponding permission checks, leaving only the module case covered.
Define and add new permission checks for these other cases.

Signed-off-by: Cameron K. Williams <ckwilliams.work@gmail.com>
Signed-off-by: Kipp N. Davis <kippndavis.work@gmx.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
[PM: merge fuzz, line length, and spacing fixes]
Signed-off-by: Paul Moore <paul@paul-moore.com>

security/selinux/hooks.c		diff \| blob \| history
security/selinux/include/classmap.h		diff \| blob \| history