projects / linux-2.6-microblaze.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3f4f1f8) | patch
security: add trace event for cap_capable
authorJordan Rome <linux@jordanrome.com>
Wed, 4 Dec 2024 15:59:11 +0000 (07:59 -0800)
committerSerge Hallyn <sergeh@kernel.org>
Thu, 5 Dec 2024 02:59:21 +0000 (20:59 -0600)
commitd48da4d5ed7b4a022a4e54f210575baac71f58af
tree45c776f59fbef900cbfeb679e63fb4c9cbc5e797tree
parent3f4f1f8a1ab75314ff5cc14f9ed134bc038926bdcommit | diff
security: add trace event for cap_capable

In cases where we want a stable way to observe/trace
cap_capable (e.g. protection from inlining and API updates)
add a tracepoint that passes:
- The credentials used
- The user namespace of the resource being accessed
- The user namespace in which the credential provides the
capability to access the targeted resource
- The capability to check for
- The return value of the check

Signed-off-by: Jordan Rome <linux@jordanrome.com>
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Reviewed-by: Paul Moore <paul@paul-moore.com>
Reviewed-by: Serge Hallyn <serge@hallyn.com>
Link: https://lore.kernel.org/r/20241204155911.1817092-1-linux@jordanrome.com
Signed-off-by: Serge Hallyn <sergeh@kernel.org>
MAINTAINERS diff | blob | history
include/trace/events/capability.h [new file with mode: 0644] blob
security/commoncap.c diff | blob | history
MicroBlaze GIT Repository