selftests/exec: Add 32 tests for AT_EXECVE_CHECK and exec securebits - kernel

diff options

author	Mickaël Salaün <[email protected]>	2024-12-12 17:42:18 +0000
committer	Kees Cook <[email protected]>	2024-12-19 01:00:29 +0000
commit	b083cc815376a8ccfba6535b4d59a396b77601d4 (patch)
tree	cceac0e61b1b3cc1f6c6a03086172f15232c5b82 /drivers/gpu/drm/amd/amdgpu/amdgpu_object.c
parent	security: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits (diff)
download	kernel-b083cc815376a8ccfba6535b4d59a396b77601d4.tar.gz kernel-b083cc815376a8ccfba6535b4d59a396b77601d4.zip

selftests/exec: Add 32 tests for AT_EXECVE_CHECK and exec securebits

Test that checks performed by execveat(..., AT_EXECVE_CHECK) are consistent with noexec mount points and file execute permissions. Test that SECBIT_EXEC_RESTRICT_FILE and SECBIT_EXEC_DENY_INTERACTIVE are inherited by child processes and that they can be pinned with the appropriate SECBIT_EXEC_RESTRICT_FILE_LOCKED and SECBIT_EXEC_DENY_INTERACTIVE_LOCKED bits. Cc: Al Viro <[email protected]> Cc: Christian Brauner <[email protected]> Cc: Kees Cook <[email protected]> Cc: Paul Moore <[email protected]> Cc: Serge Hallyn <[email protected]> Signed-off-by: Mickaël Salaün <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Kees Cook <[email protected]>

Diffstat (limited to 'drivers/gpu/drm/amd/amdgpu/amdgpu_object.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: