Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-23 04:31:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
1c99042974
linux/security/selinux
History
Andi Kleen 1c99042974 SECURITY: Move exec_permission RCU checks into security modules 
Right now all RCU walks fall back to reference walk when CONFIG_SECURITY
is enabled, even though just the standard capability module is active.
This is because security_inode_exec_permission unconditionally fails
RCU walks.

Move this decision to the low level security module. This requires
passing the RCU flags down the security hook. This way at least
the capability module and a few easy cases in selinux/smack work
with RCU walks with CONFIG_SECURITY=y

Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
2011-04-25 10:20:32 -04:00
..
include SELinux: security_read_policy should take a size_t not ssize_t 2011-04-25 10:19:02 -04:00
ss SELinux: security_read_policy should take a size_t not ssize_t 2011-04-25 10:19:02 -04:00
.gitignore SELinux: add .gitignore files for dynamic classes 2009-10-24 09:42:27 +08:00
avc.c SELinux: special dontaudit for access checks 2010-08-02 15:35:07 +10:00
exports.c secmark: make secmark object handling generic 2010-10-21 10:12:48 +11:00
hooks.c SECURITY: Move exec_permission RCU checks into security modules 2011-04-25 10:20:32 -04:00
Kconfig selinux: Deprecate and schedule the removal of the the compat_net functionality 2008-12-31 12:54:11 -05:00
Makefile selinux: change to new flag variable 2010-10-21 10:12:40 +11:00
netif.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
netlabel.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
netlink.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
netnode.c SELinux: silence build warning when !CONFIG_BUG 2011-04-25 10:18:27 -04:00
netport.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
nlmsgtab.c SELinux: define permissions for DCB netlink messages 2010-12-16 12:50:17 -05:00
selinuxfs.c selinux: add type_transition with name extension support for selinuxfs 2011-04-01 17:13:23 -04:00
xfrm.c selinux: Fix check for xfrm selinux context algorithm 2011-02-25 15:00:44 -05:00