Re: [PATCH net-next v7 4/5] selinux: bpf: Add selinux check for eBPF syscall operations

On Wed, Oct 18, 2017 at 4:00 PM, Chenbo Feng wrote: > From: Chenbo Feng > > Implement the actual checks introduced to eBPF related syscalls. This > implementation use the security field inside bpf object to store a sid that > identify the bpf object. And when processes try to access the object, >

Re: [PATCH net-next v7 4/5] selinux: bpf: Add selinux check for eBPF syscall operations

On Wed, 18 Oct 2017, Chenbo Feng wrote: > From: Chenbo Feng > > Implement the actual checks introduced to eBPF related syscalls. This > implementation use the security field inside bpf object to store a sid that > identify the bpf object. And when processes try to access the object, > selinux wi

[PATCH net-next v7 4/5] selinux: bpf: Add selinux check for eBPF syscall operations

From: Chenbo Feng Implement the actual checks introduced to eBPF related syscalls. This implementation use the security field inside bpf object to store a sid that identify the bpf object. And when processes try to access the object, selinux will check if processes have the right privileges. The