Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 1c9904297451f558191e211a48d8838b4bf792b0
commit1c9904297451f558191e211a48d8838b4bf792b0[log] [tgz]
authorAndi Kleen <ak@linux.intel.com>Thu Apr 21 17:23:19 2011 -0700
committerEric Paris <eparis@redhat.com>Mon Apr 25 10:20:32 2011 -0400
tree9c7cabec6ce3d6604147de73953cfaca672f1c0d
parent6b697323a78bed254ee372f71b1a6a2901bb4b7a [diff]
SECURITY: Move exec_permission RCU checks into security modules

Right now all RCU walks fall back to reference walk when CONFIG_SECURITY
is enabled, even though just the standard capability module is active.
This is because security_inode_exec_permission unconditionally fails
RCU walks.

Move this decision to the low level security module. This requires
passing the RCU flags down the security hook. This way at least
the capability module and a few easy cases in selinux/smack work
with RCU walks with CONFIG_SECURITY=y

Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
5 files changed
tree: 9c7cabec6ce3d6604147de73953cfaca672f1c0d
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS