git.baikalelectronics.ru Git - kernel.git/commit

author	Andi Kleen <ak@linux.intel.com>
	Fri, 22 Apr 2011 00:23:19 +0000 (17:23 -0700)
committer	Eric Paris <eparis@redhat.com>
	Mon, 25 Apr 2011 14:20:32 +0000 (10:20 -0400)
commit	9c351c0687d2d2f68eeadaa774f4699bb58874f3
tree	9c7cabec6ce3d6604147de73953cfaca672f1c0d	tree \| snapshot
parent	88afa82fee4f4b275ab6fc2f9470747dde246a88	commit \| diff

SECURITY: Move exec_permission RCU checks into security modules

Right now all RCU walks fall back to reference walk when CONFIG_SECURITY
is enabled, even though just the standard capability module is active.
This is because security_inode_exec_permission unconditionally fails
RCU walks.

Move this decision to the low level security module. This requires
passing the RCU flags down the security hook. This way at least
the capability module and a few easy cases in selinux/smack work
with RCU walks with CONFIG_SECURITY=y

Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Eric Paris <eparis@redhat.com>

include/linux/security.h		diff \| blob \| history
security/capability.c		diff \| blob \| history
security/security.c		diff \| blob \| history
security/selinux/hooks.c		diff \| blob \| history
security/smack/smack_lsm.c		diff \| blob \| history