linux/security
Andi Kleen 8c9e80ed27 SECURITY: Move exec_permission RCU checks into security modules
Right now all RCU walks fall back to reference walk when CONFIG_SECURITY
is enabled, even though just the standard capability module is active.
This is because security_inode_exec_permission unconditionally fails
RCU walks.

Move this decision to the low level security module. This requires
passing the RCU flags down the security hook. This way at least
the capability module and a few easy cases in selinux/smack work
with RCU walks with CONFIG_SECURITY=y

Signed-off-by: Andi Kleen <ak@linux.intel.com>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-04-22 16:17:29 -07:00
..
apparmor Fix common misspellings 2011-03-31 11:26:23 -03:00
integrity/ima ima: remove unnecessary call to ima_must_measure 2011-02-23 16:38:52 -05:00
keys KEYS: Add an iovec version of KEYCTL_INSTANTIATE 2011-03-08 11:17:22 +11:00
selinux SECURITY: Move exec_permission RCU checks into security modules 2011-04-22 16:17:29 -07:00
smack SECURITY: Move exec_permission RCU checks into security modules 2011-04-22 16:17:29 -07:00
tomoyo Fix common misspellings 2011-03-31 11:26:23 -03:00
Kconfig keys: add new key-type encrypted 2010-11-29 08:55:29 +11:00
Makefile AppArmor: Enable configuring and building of the AppArmor security module 2010-08-02 15:38:34 +10:00
capability.c SECURITY: Move exec_permission RCU checks into security modules 2011-04-22 16:17:29 -07:00
commoncap.c userns: allow ptrace from non-init user namespaces 2011-03-23 19:47:05 -07:00
device_cgroup.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
inode.c convert get_sb_single() users 2010-10-29 04:16:28 -04:00
lsm_audit.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c SECURITY: Move exec_permission RCU checks into security modules 2011-04-22 16:17:29 -07:00