Re: [PATCH v1 0/2] Fix misuse of security_capable()
From: Kees Cook
Date: Tue Nov 17 2020 - 16:09:29 EST
On Fri, 30 Oct 2020 13:38:47 +0100, Mickaël Salaün wrote:
> This series replaces all the use of security_capable(current_cred(),
> ...) with ns_capable{,_noaudit}() which set PF_SUPERPRIV.
>
> This initially come from a review of Landlock by Jann Horn:
> https://lore.kernel.org/lkml/CAG48ez1FQVkt78129WozBwFbVhAPyAr9oJAHFHAbbNxEBr9h1g@xxxxxxxxxxxxxx/
>
> Mickaël Salaün (2):
> ptrace: Set PF_SUPERPRIV when checking capability
> seccomp: Set PF_SUPERPRIV when checking capability
>
> [...]
Applied to for-linus/seccomp, thanks!
[1/2] ptrace: Set PF_SUPERPRIV when checking capability
https://git.kernel.org/kees/c/cf23705244c9
[2/2] seccomp: Set PF_SUPERPRIV when checking capability
https://git.kernel.org/kees/c/fb14528e4436
--
Kees Cook