git.baikalelectronics.ru Git - kernel.git/commit

author	Andi Kleen <ak@linux.intel.com>
	Fri, 22 Apr 2011 00:23:19 +0000 (17:23 -0700)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Fri, 22 Apr 2011 23:17:29 +0000 (16:17 -0700)
commit	5140f24125c7ec07063c803c2d67b6c50a71e655
tree	7595dd217545593675d40f85cfb11d69697a8300	tree \| snapshot
parent	00f0771ef7935f1f2f928d09dc86427d14bc6c4d	commit \| diff

SECURITY: Move exec_permission RCU checks into security modules

Right now all RCU walks fall back to reference walk when CONFIG_SECURITY
is enabled, even though just the standard capability module is active.
This is because security_inode_exec_permission unconditionally fails
RCU walks.

Move this decision to the low level security module. This requires
passing the RCU flags down the security hook. This way at least
the capability module and a few easy cases in selinux/smack work
with RCU walks with CONFIG_SECURITY=y

Signed-off-by: Andi Kleen <ak@linux.intel.com>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

include/linux/security.h		diff \| blob \| history
security/capability.c		diff \| blob \| history
security/security.c		diff \| blob \| history
security/selinux/hooks.c		diff \| blob \| history
security/smack/smack_lsm.c		diff \| blob \| history