linux.git - Linus' kernel tree

diff options

author	Tahera Fahimi <fahimitahera@gmail.com>	2024-09-04 18:13:55 -0600
committer	Mickaël Salaün <mic@digikod.net>	2024-09-16 23:50:45 +0200
commit	21d52e295ad2afc76bbd105da82a003b96f6ac77 (patch)
tree	3d9ed5b828c60e65d8a6d16ce59126c7a6f79053 /tools/perf/scripts/python
parent	a430d95c5efa2b545d26a094eb5f624e36732af0 (diff)

landlock: Add abstract UNIX socket scoping

Introduce a new "scoped" member to landlock_ruleset_attr that can specify LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET to restrict connection to abstract UNIX sockets from a process outside of the socket's domain. Two hooks are implemented to enforce these restrictions: unix_stream_connect and unix_may_send. Closes: https://github.com/landlock-lsm/linux/issues/7 Signed-off-by: Tahera Fahimi <fahimitahera@gmail.com> Link: https://lore.kernel.org/r/5f7ad85243b78427242275b93481cfc7c127764b.1725494372.git.fahimitahera@gmail.com [mic: Fix commit message formatting, improve documentation, simplify hook_unix_may_send(), and cosmetic fixes including rename of LANDLOCK_SCOPED_ABSTRACT_UNIX_SOCKET] Co-developed-by: Mickaël Salaün <mic@digikod.net> Signed-off-by: Mickaël Salaün <mic@digikod.net>

Diffstat (limited to 'tools/perf/scripts/python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: