Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-5.4 / 25354c4fee169710fd9da15f3bb2abaa24dcf933
commit25354c4fee169710fd9da15f3bb2abaa24dcf933[log] [tgz]
authorEric Paris <eparis@redhat.com>Thu Aug 13 09:45:03 2009 -0400
committerJames Morris <jmorris@namei.org>Fri Aug 14 11:18:40 2009 +1000
tree7fb462945c15ce09392ae858c8ae757290b5ed2d
parent9188499cdb117d86a1ea6b04374095b098d56936 [diff]
SELinux: add selinux_kernel_module_request

This patch adds a new selinux hook so SELinux can arbitrate if a given
process should be allowed to trigger a request for the kernel to try to
load a module.  This is a different operation than a process trying to load
a module itself, which is already protected by CAP_SYS_MODULE.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
3 files changed
tree: 7fb462945c15ce09392ae858c8ae757290b5ed2d
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. MAINTAINERS
  28. Makefile
  29. README
  30. REPORTING-BUGS