[GIT PULL] capabilities update for v7.0

public inbox for linux-security-module@vger.kernel.org
 help / color / mirror / Atom feed

From: "Serge E. Hallyn" <serge@hallyn.com>
To: Linus Torvalds <torvalds@linux-foundation.org>,
	Paul Moore <paul@paul-moore.com>,
	linux-security-module@vger.kernel.org,
	linux-kernel@vger.kernel.org
Cc: Ondrej Mosnacek <omosnace@redhat.com>,
	Ryan Foster <foster.ryan.r@gmail.com>
Subject: [GIT PULL] capabilities update for v7.0
Date: Fri, 13 Feb 2026 16:56:58 -0600	[thread overview]
Message-ID: <aY+sOhXciC+Xerwo@mail.hallyn.com> (raw)

Hi Linus,

The following changes since commit 9ace4753a5202b02191d54e9fdf7f9e3d02b85eb:

  Linux 6.19-rc4 (2026-01-04 14:41:55 -0800)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux.git tags/caps-pr-20260213

for you to fetch changes up to 071588136007482d70fd2667b827036bc60b1f8f:

  ipc: don't audit capability check in ipc_permissions() (2026-01-27 21:30:42 -0600)

----------------------------------------------------------------
Capabilities update for 7.0

This branch contains two patches which have been in linux-next for a
few weeks.  The first,

  security: Add KUnit tests for kuid_root_in_ns and vfsuid_root_in_currentns

adds some tests of core capabilities helpers.  The second

  ipc: don't audit capability check in ipc_permissions()

avoids emitting audit messages when there's not actually a permission
being denied.

----------------------------------------------------------------
Ondrej Mosnacek (1):
      ipc: don't audit capability check in ipc_permissions()

Ryan Foster (1):
      security: Add KUnit tests for kuid_root_in_ns and vfsuid_root_in_currentns

 MAINTAINERS                |   1 +
 include/linux/capability.h |   6 +
 ipc/ipc_sysctl.c           |   2 +-
 security/Kconfig           |  17 +++
 security/commoncap.c       |   4 +
 security/commoncap_test.c  | 288 +++++++++++++++++++++++++++++++++++++++++++++
 6 files changed, 317 insertions(+), 1 deletion(-)
 create mode 100644 security/commoncap_test.c

next             reply	other threads:[~2026-02-13 23:03 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-02-13 22:56 Serge E. Hallyn [this message]
2026-02-14 20:54 ` [GIT PULL] capabilities update for v7.0 pr-tracker-bot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aY+sOhXciC+Xerwo@mail.hallyn.com \
    --to=serge@hallyn.com \
    --cc=foster.ryan.r@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=omosnace@redhat.com \
    --cc=paul@paul-moore.com \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox