linux_old1/security
Eric Paris 0dc1ba24f7 SELINUX: Make selinux cache VFS RCU walks safe
Now that the security modules can decide whether they support the
dcache RCU walk or not it's possible to make selinux a bit more
RCU friendly.  The SELinux AVC and security server access decision
code is RCU safe.  A specific piece of the LSM audit code may not
be RCU safe.

This patch makes the VFS RCU walk retry if it would hit the non RCU
safe chunk of code.  It will normally just work under RCU.  This is
done simply by passing the VFS RCU state as a flag down into the
avc_audit() code and returning ECHILD there if it would have an issue.

Based-on-patch-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
2011-04-25 16:24:41 -04:00
..
apparmor Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2011-01-13 10:05:56 -08:00
integrity/ima ima: remove unnecessary call to ima_must_measure 2011-02-23 16:38:52 -05:00
keys KEYS: Add an iovec version of KEYCTL_INSTANTIATE 2011-03-08 11:17:22 +11:00
selinux SELINUX: Make selinux cache VFS RCU walks safe 2011-04-25 16:24:41 -04:00
smack SECURITY: Move exec_permission RCU checks into security modules 2011-04-25 10:20:32 -04:00
tomoyo TOMOYO: Fix memory leak upon file open. 2011-03-03 10:13:26 +11:00
Kconfig keys: add new key-type encrypted 2010-11-29 08:55:29 +11:00
Makefile AppArmor: Enable configuring and building of the AppArmor security module 2010-08-02 15:38:34 +10:00
capability.c SECURITY: Move exec_permission RCU checks into security modules 2011-04-25 10:20:32 -04:00
commoncap.c capabilities/syslog: open code cap_syslog logic to fix build failure 2010-11-15 15:40:01 -08:00
device_cgroup.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
inode.c convert get_sb_single() users 2010-10-29 04:16:28 -04:00
lsm_audit.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c SECURITY: Move exec_permission RCU checks into security modules 2011-04-25 10:20:32 -04:00