[roll] Roll fuchsia [sestarnix] Fix commoncap & yama LSMs to check SELinux permissions

Replace capability checks in commoncap and yama with calls to the
top-level security::check_*_capable() API, so that the SELinux
capability permission can be taken into account.

This requires introducing a security::check_creds_capable() API to
allow checks where the current task is the tracee rather than the
tracer.

Original-Original-Bug: 514690213, 420404373
Original-Original-Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/1637894
Original-Original-Revision: f54027845fd89edfbbdcfa9018d285d59563e845
GitOrigin-RevId: d7fc9d4a655f98b09c5e4a7d5c67716e9f617252
Change-Id: Icf76062b9b3b9c2137385599a73fba027cab8b37
1 file changed
tree: 98c08782a714826d850c437d7bcb73044172735e
  1. ctf/
  2. git-hooks/
  3. infra/
  4. third_party/
  5. cobalt
  6. flower
  7. jiri.lock
  8. MILESTONE
  9. minimal
  10. prebuilts
  11. README.md
  12. stem
  13. test_durations
README.md

Integration

This repository contains Fuchsia's Global Integration manifest files.

Making changes

All changes should be made to the internal version of this repository. Our infrastructure automatically updates this version when the internal one changes.

Currently all changes must be made by a Google employee. Non-Google employees wishing to make a change can ask for assistance in one of the communication channels documented at get involved.

Obtaining the source

First install Jiri.

Next run:

$ jiri init
$ jiri import minimal https://fuchsia.googlesource.com/integration
$ jiri update

Third party

Third party projects should have their own subdirectory in ./third_party.