From c7eba4a97563fd8b431787f7ad623444f2da80c6 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 3 Jan 2012 12:25:15 -0500 Subject: capabilities: introduce security_capable_noaudit Exactly like security_capable except don't audit any denials. This is for places where the kernel may make decisions about what to do if a task has a given capability, but which failing that capability is not a sign of a security policy violation. An example is checking if a task has CAP_SYS_ADMIN to lower it's likelyhood of being killed by the oom killer. This check is not a security violation if it is denied. Signed-off-by: Eric Paris Acked-by: Serge E. Hallyn --- include/linux/security.h | 7 +++++++ security/security.c | 6 ++++++ 2 files changed, 13 insertions(+) diff --git a/include/linux/security.h b/include/linux/security.h index ee969ff..caff54e 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1668,6 +1668,8 @@ int security_capset(struct cred *new, const struct cred *old, const kernel_cap_t *permitted); int security_capable(const struct cred *cred, struct user_namespace *ns, int cap); +int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns, + int cap); int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, int cap); int security_real_capable_noaudit(struct task_struct *tsk, @@ -1869,6 +1871,11 @@ static inline int security_capable(const struct cred *cred, return cap_capable(cred, ns, cap, SECURITY_CAP_AUDIT); } +static inline int security_capable_noaudit(const struct cred *cred, + struct user_namespace *ns, int cap) { + return cap_capable(cred, ns, cap, SECURITY_CAP_NOAUDIT); +} + static inline int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, int cap) { int ret; diff --git a/security/security.c b/security/security.c index b9e57f4..b7edaae 100644 --- a/security/security.c +++ b/security/security.c @@ -160,6 +160,12 @@ int security_capable(const struct cred *cred, struct user_namespace *ns, return security_ops->capable(cred, ns, cap, SECURITY_CAP_AUDIT); } +int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns, + int cap) +{ + return security_ops->capable(cred, ns, cap, SECURITY_CAP_NOAUDIT); +} + int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, int cap) { -- cgit v1.1