apfs/linux-apfs
0
0
Fork 0
mirror of https://github.com/linux-apfs/linux-apfs.git synced 2026-05-01 15:00:59 -07:00
Code Issues Packages Projects Releases Wiki Activity

SECURITY: Move exec_permission RCU checks into security modules

Browse Source 
Right now all RCU walks fall back to reference walk when CONFIG_SECURITY
is enabled, even though just the standard capability module is active.
This is because security_inode_exec_permission unconditionally fails
RCU walks.

Move this decision to the low level security module. This requires
passing the RCU flags down the security hook. This way at least
the capability module and a few easy cases in selinux/smack work
with RCU walks with CONFIG_SECURITY=y

Signed-off-by: Andi Kleen <ak@linux.intel.com>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Andi Kleen
2011-04-21 17:23:19 -07:00
committed by Linus Torvalds
parent 8d082f8f3f
commit 8c9e80ed27
5 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
security/capability.c
+1 -1
View File
@@ -181,7 +181,7 @@ static int cap_inode_follow_link(struct dentry *dentry,
return 0;
}
static int cap_inode_permission(struct inode *inode, int mask)
static int cap_inode_permission(struct inode *inode, int mask, unsigned flags)
{
return 0;
}