capabilities: introduce security_capable_noaudit Exactly like security_capable except don't audit any denials. This is for places where the kernel may make decisions about what to do if a task has a given capability, but which failing that capability is not a sign of a security policy violation. An example is checking if a task has CAP_SYS_ADMIN to lower it's likelyhood of being killed by the oom killer. This check is not a security violation if it is denied. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com>

commit: c7eba4a97563fd8b431787f7ad623444f2da80c6 [log] [tgz]
author: Eric Paris <eparis@redhat.com> Tue Jan 03 12:25:15 2012 -0500
committer: Eric Paris <eparis@redhat.com> Thu Jan 05 18:52:54 2012 -0500
tree: 12041949c45c2f394d6a96041c39e07ad6df720b
parent: b7e724d303b684655e4ca3dabd5a6840ad19012d [diff] [blame]
diff --git a/security/security.c b/security/security.c
index b9e57f4..b7edaae 100644
--- a/security/security.c
+++ b/security/security.c

@@ -160,6 +160,12 @@
 	return security_ops->capable(cred, ns, cap, SECURITY_CAP_AUDIT);
 }
 
+int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns,
+			     int cap)
+{
+	return security_ops->capable(cred, ns, cap, SECURITY_CAP_NOAUDIT);
+}
+
 int security_real_capable(struct task_struct *tsk, struct user_namespace *ns,
 			  int cap)
 {
commit	c7eba4a97563fd8b431787f7ad623444f2da80c6	[log] [tgz]
author	Eric Paris <eparis@redhat.com>	Tue Jan 03 12:25:15 2012 -0500
committer	Eric Paris <eparis@redhat.com>	Thu Jan 05 18:52:54 2012 -0500
tree	12041949c45c2f394d6a96041c39e07ad6df720b
parent	b7e724d303b684655e4ca3dabd5a6840ad19012d [diff] [blame]