]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: dc62931) | patch
apparmor: change how profile replacement update is done
authorJohn Johansen <john.johansen@canonical.com>
Thu, 11 Jul 2013 04:07:43 +0000 (21:07 -0700)
committerJohn Johansen <john.johansen@canonical.com>
Wed, 14 Aug 2013 18:42:06 +0000 (11:42 -0700)
commitac7590a2897113a6b3948c735edcda741446b6fe
treeb0b2c38b79969ac7b9439389888f6a1ac14a32a7tree | snapshot
parentdc6293107b1638dafce7be1d29dba68ff91f72cfcommit | diff
apparmor: change how profile replacement update is done

remove the use of replaced by chaining and move to profile invalidation
and lookup to handle task replacement.

Replacement chaining can result in large chains of profiles being pinned
in memory when one profile in the chain is use. With implicit labeling
this will be even more of a problem, so move to a direct lookup method.

Signed-off-by: John Johansen <john.johansen@canonical.com>
security/apparmor/context.c diff | blob | history
security/apparmor/domain.c diff | blob | history
security/apparmor/include/context.h diff | blob | history
security/apparmor/include/policy.h diff | blob | history
security/apparmor/lsm.c diff | blob | history
security/apparmor/policy.c diff | blob | history
Linux Kernel Source Tree.