SELinux: add selinux_kernel_module_request (25354c4f) · Commits · e / devices / android_kernel_fairphone_FP4

security/selinux/hooks.c

+6 −0

Original line number	Diff line number	Diff line
		@@ -3296,6 +3296,11 @@ static int selinux_kernel_create_files_as(struct cred new, struct inode inode)
		return 0;
		}

		static int selinux_kernel_module_request(void)
		{
		return task_has_system(current, SYSTEM__MODULE_REQUEST);
		}

		static int selinux_task_setpgid(struct task_struct *p, pid_t pgid)
		{
		return current_has_perm(p, PROCESS__SETPGID);
		@@ -5404,6 +5409,7 @@ static struct security_operations selinux_ops = {
		.cred_prepare = selinux_cred_prepare,
		.kernel_act_as = selinux_kernel_act_as,
		.kernel_create_files_as = selinux_kernel_create_files_as,
		.kernel_module_request = selinux_kernel_module_request,
		.task_setpgid = selinux_task_setpgid,
		.task_getpgid = selinux_task_getpgid,
		.task_getsid = selinux_task_getsid,

+1 −0

Original line number	Diff line number	Diff line
		@@ -107,6 +107,7 @@
		S_(SECCLASS_SYSTEM, SYSTEM__SYSLOG_READ, "syslog_read")
		S_(SECCLASS_SYSTEM, SYSTEM__SYSLOG_MOD, "syslog_mod")
		S_(SECCLASS_SYSTEM, SYSTEM__SYSLOG_CONSOLE, "syslog_console")
		S_(SECCLASS_SYSTEM, SYSTEM__MODULE_REQUEST, "module_request")
		S_(SECCLASS_CAPABILITY, CAPABILITY__CHOWN, "chown")
		S_(SECCLASS_CAPABILITY, CAPABILITY__DAC_OVERRIDE, "dac_override")
		S_(SECCLASS_CAPABILITY, CAPABILITY__DAC_READ_SEARCH, "dac_read_search")

+1 −0

Original line number	Diff line number	Diff line
		@@ -508,6 +508,7 @@
		#define SYSTEM__SYSLOG_READ 0x00000002UL
		#define SYSTEM__SYSLOG_MOD 0x00000004UL
		#define SYSTEM__SYSLOG_CONSOLE 0x00000008UL
		#define SYSTEM__MODULE_REQUEST 0x00000010UL
		#define CAPABILITY__CHOWN 0x00000001UL
		#define CAPABILITY__DAC_OVERRIDE 0x00000002UL
		#define CAPABILITY__DAC_READ_SEARCH 0x00000004UL