linux/security
Andreas Gruenbacher 5d226df4ed selinux: Revalidate invalid inode security labels
When fetching an inode's security label, check if it is still valid, and
try reloading it if it is not. Reloading will fail when we are in RCU
context which doesn't allow sleeping, or when we can't find a dentry for
the inode.  (Reloading happens via iop->getxattr which takes a dentry
parameter.)  When reloading fails, continue using the old, invalid
label.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-12-24 11:09:40 -05:00
..
apparmor apparmor: clarify CRYPTO dependency 2015-10-22 11:11:28 +11:00
integrity mm, page_alloc: rename __GFP_WAIT to __GFP_RECLAIM 2015-11-06 17:50:42 -08:00
keys Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2015-11-05 15:32:38 -08:00
selinux selinux: Revalidate invalid inode security labels 2015-12-24 11:09:40 -05:00
smack security: Make inode argument of inode_getsecid non-const 2015-12-24 11:09:39 -05:00
tomoyo LSM: Switch to lists of hooks 2015-05-12 15:00:41 +10:00
yama Adding YAMA hooks also when YAMA is not stacked. 2015-08-04 01:36:18 +10:00
commoncap.c capabilities: add a securebit to disable PR_CAP_AMBIENT_RAISE 2015-09-04 16:54:41 -07:00
device_cgroup.c security/device_cgroup: Fix RCU_LOCKDEP_WARN() condition 2015-09-03 18:13:10 -07:00
inode.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-07-04 19:36:06 -07:00
Kconfig Yama: remove needless CONFIG_SECURITY_YAMA_STACKED 2015-07-28 13:18:19 +10:00
lsm_audit.c Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into next 2015-08-15 13:29:57 +10:00
Makefile LSM: Switch to lists of hooks 2015-05-12 15:00:41 +10:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c security: Add hook to invalidate inode security labels 2015-12-24 11:09:40 -05:00