Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / ab763c7112ce0e2559c73f921617c81dc7287ca6
commitab763c7112ce0e2559c73f921617c81dc7287ca6[log] [tgz]
authorAndrew G. Morgan <morgan@kernel.org>Wed Jul 23 21:28:25 2008 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>Thu Jul 24 10:47:22 2008 -0700
tree110f60462a54e869402346b5ae9cfaed012cf8f4
parent5459c164f0591ee75ed0203bb8f3817f25948e2f [diff]
security: filesystem capabilities refactor kernel code

To date, we've tried hard to confine filesystem support for capabilities
to the security modules.  This has left a lot of the code in
kernel/capability.c in a state where it looks like it supports something
that filesystem support for capabilities actually suppresses when the LSM
security/commmoncap.c code runs.  What is left is a lot of code that uses
sub-optimal locking in the main kernel

With this change we refactor the main kernel code and make it explicit
which locks are needed and that the only remaining kernel races in this
area are associated with non-filesystem capability code.

Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1 file changed
tree: 110f60462a54e869402346b5ae9cfaed012cf8f4
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. usr/
  20. virt/
  21. .gitignore
  22. .mailmap
  23. COPYING
  24. CREDITS
  25. Kbuild
  26. MAINTAINERS
  27. Makefile
  28. README
  29. REPORTING-BUGS