git.ipfire.org Git - thirdparty/linux.git/commit

author	Blaise Boscaccy <bboscaccy@linux.microsoft.com>
	Tue, 22 Jul 2025 21:21:34 +0000 (14:21 -0700)
committer	Paul Moore <paul@paul-moore.com>
	Mon, 11 Aug 2025 21:56:09 +0000 (17:56 -0400)
commit	5816bf4273edb32716a88c796e0b04f0e12962eb
tree	539cd5d2886c3651e23124c5ec913cf053bdb843	tree \| snapshot
parent	e5bc887413e513a2cb658370dd09fa9e1702fb3b	commit \| diff

lsm,selinux: Add LSM blob support for BPF objects

This patch introduces LSM blob support for BPF maps, programs, and
tokens to enable LSM stacking and multiplexing of LSM modules that
govern BPF objects. Additionally, the existing BPF hooks used by
SELinux have been updated to utilize the new blob infrastructure,
removing the assumption of exclusive ownership of the security
pointer.

Signed-off-by: Blaise Boscaccy <bboscaccy@linux.microsoft.com>
[PM: dropped local variable init, style fixes]
Signed-off-by: Paul Moore <paul@paul-moore.com>

include/linux/lsm_hooks.h		diff \| blob \| blame \| history
security/security.c		diff \| blob \| blame \| history
security/selinux/hooks.c		diff \| blob \| blame \| history
security/selinux/include/objsec.h		diff \| blob \| blame \| history