SECURITY: Move exec_permission RCU checks into security modules - linux-dev - Linux kernel development work

diff options

author	Andi Kleen <ak@linux.intel.com>	2011-04-21 17:23:19 -0700
committer	Eric Paris <eparis@redhat.com>	2011-04-25 10:20:32 -0400
commit	1c9904297451f558191e211a48d8838b4bf792b0 (patch)
tree	9c7cabec6ce3d6604147de73953cfaca672f1c0d /security/selinux/avc.c
parent	SELinux: security_read_policy should take a size_t not ssize_t (diff)
download	linux-dev-1c9904297451f558191e211a48d8838b4bf792b0.tar.xz linux-dev-1c9904297451f558191e211a48d8838b4bf792b0.zip

SECURITY: Move exec_permission RCU checks into security modules

Right now all RCU walks fall back to reference walk when CONFIG_SECURITY is enabled, even though just the standard capability module is active. This is because security_inode_exec_permission unconditionally fails RCU walks. Move this decision to the low level security module. This requires passing the RCU flags down the security hook. This way at least the capability module and a few easy cases in selinux/smack work with RCU walks with CONFIG_SECURITY=y Signed-off-by: Andi Kleen <ak@linux.intel.com> Signed-off-by: Eric Paris <eparis@redhat.com>

Diffstat (limited to 'security/selinux/avc.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: