commit 86c3a7645c05a7d06b72653aa4b2bea4e7229d1b
author David Quigley <dpquigl@tycho.nsa.gov> Fri Jun 23 02:04:02 2006 -0700
committer Linus Torvalds <torvalds@g5.osdl.org> Fri Jun 23 07:42:54 2006 -0700
tree ac68280e9c44dbc6ca4c88dc1e9c72a8f56be95e
parent 35601547baf92d984b6e59cf3583649da04baea5

[PATCH] SELinux: add security_task_movememory calls to mm code

This patch inserts security_task_movememory hook calls into memory management
code to enable security modules to mediate this operation between tasks.

Since the last posting, the hook has been renamed following feedback from
Christoph Lameter.

Signed-off-by: David Quigley <dpquigl@tycho.nsa.gov>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
Cc: Andi Kleen <ak@muc.de>
Acked-by: Christoph Lameter <clameter@sgi.com>
Acked-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

mm/mempolicy.c

diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index 05b84ac..ec4a1a9 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -88,6 +88,7 @@
 #include <linux/proc_fs.h>
 #include <linux/migrate.h>
 #include <linux/rmap.h>
+#include <linux/security.h>
 
 #include <asm/tlbflush.h>
 #include <asm/uaccess.h>
@@ -942,6 +943,10 @@
 		goto out;
 	}
 
+	err = security_task_movememory(task);
+	if (err)
+		goto out;
+
 	err = do_migrate_pages(mm, &old, &new,
 		capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE);
 out: