GitHub-Mirror/linux-bl808
2
0
Fork 0
mirror of https://github.com/Fishwaldo/linux-bl808.git synced 2025-06-17 20:25:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

audit: add netlink audit protocol bind to check capabilities on multicast join

Browse source 
Register a netlink per-protocol bind fuction for audit to check userspace
process capabilities before allowing a multicast group connection.

Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Richard Guy Briggs 2014-04-22 21:31:56 -04:00 committed by David S. Miller
parent 7774d5e03f
commit 3a101b8de0
3 changed files with 17 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

7
include/uapi/linux/capability.h
View file

@ -347,7 +347,12 @@ struct vfs_cap_data {
#define CAP_BLOCK_SUSPEND 36
#define CAP_LAST_CAP CAP_BLOCK_SUSPEND
/* Allow reading the audit log via multicast netlink socket */
#define CAP_AUDIT_READ 37
#define CAP_LAST_CAP CAP_AUDIT_READ
#define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP)