mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2026-02-14 05:34:49 -05:00
6252e917b9
Pull selinux updates from Paul Moore: - Add support for SELinux based access control of BPF tokens We worked with the BPF devs to add the necessary LSM hooks when the BPF token code was first introduced, but it took us a bit longer to add the SELinux wiring and support. In order to preserve existing token-unaware SELinux policies, the new code is gated by the new "bpf_token_perms" policy capability. Additional details regarding the new permissions, and behaviors can be found in the associated commit. - Remove a BUG() from the SELinux capability code We now perform a similar check during compile time so we can safely remove the BUG() call. * tag 'selinux-pr-20260203' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: drop the BUG() in cred_has_capability() selinux: fix a capabilities parsing typo in selinux_bpf_token_capable() selinux: add support for BPF token access control selinux: move the selinux_blob_sizes struct