seccomp: Set PF_SUPERPRIV when checking capability - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Mickaël Salaün <[email protected]>	2020-10-30 13:38:49 +0100
committer	Kees Cook <[email protected]>	2020-11-17 12:53:22 -0800
commit	fb14528e443646dd3fd02df4437fcf5265b66baa (patch)
tree	b3db578808d673b8e117351e02a5d20d6f3ebe76 /scripts/gdb/linux
parent	cf23705244c947151179f929774fabf71e239eee (diff)

seccomp: Set PF_SUPERPRIV when checking capability

Replace the use of security_capable(current_cred(), ...) with ns_capable_noaudit() which set PF_SUPERPRIV. Since commit 98f368e9e263 ("kernel: Add noaudit variant of ns_capable()"), a new ns_capable_noaudit() helper is available. Let's use it! Cc: Jann Horn <[email protected]> Cc: Kees Cook <[email protected]> Cc: Tyler Hicks <[email protected]> Cc: Will Drewry <[email protected]> Cc: [email protected] Fixes: e2cfabdfd075 ("seccomp: add system call filtering using BPF") Signed-off-by: Mickaël Salaün <[email protected]> Reviewed-by: Jann Horn <[email protected]> Signed-off-by: Kees Cook <[email protected]> Link: https://lore.kernel.org/r/[email protected]

Diffstat (limited to 'scripts/gdb/linux')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: