Add nnp_nosuid_transition policycap and related class/perm definitions. (1b1d133b) · Commits · CodeLinaro / public-release-test / platform / system / sepolicy

Commit 1b1d133b authored 6 years ago by Nick Kralevich

Add nnp_nosuid_transition policycap and related class/perm definitions.

https://github.com/torvalds/linux/commit/af63f4193f9fbbbac50fc766417d74735afd87ef
allows a security policy writer to determine whether transitions under
nosuid / NO_NEW_PRIVS should be allowed or not.

Define these permissions, so that they're usable to policy writers.

This change is modeled after refpolicy
https://github.com/TresysTechnology/refpolicy/commit/1637a8b407c85f67f0b2ca5c6d852cef3c999087

Test: policy compiles and device boots
Test Note: Because this requires a newer kernel, full testing on such
   kernels could not be done.
Change-Id: I9866724b3b97adfc0cdef5aaba6de0ebbfbda72f

parent 8d7d5b42

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 14 additions and 0 deletions

Please register or to comment