mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/security
History
NeilBrown bda0be7ad9 security: make inode_follow_link RCU-walk aware 
inode_follow_link now takes an inode and rcu flag as well as the
dentry.

inode is used in preference to d_backing_inode(dentry), particularly
in RCU-walk mode.

selinux_inode_follow_link() gets dentry_has_perm() and
inode_has_perm() open-coded into it so that it can call
avc_has_perm_flags() in way that is safe if LOOKUP_RCU is set.

Calling avc_has_perm_flags() with rcu_read_lock() held means
that when avc_has_perm_noaudit calls avc_compute_av(), the attempt
to rcu_read_unlock() before calling security_compute_av() will not
actually drop the RCU read-lock.

However as security_compute_av() is completely in a read_lock()ed
region, it should be safe with the RCU read-lock held.

Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
 		2015-05-11 08:13:11 -04:00
..
apparmor VFS: security/: d_inode() annotations 2015-04-15 15:06:57 -04:00
integrity VFS: security/: d_backing_inode() annotations 2015-04-15 15:06:56 -04:00
keys switch keyctl_instantiate_key_common() to iov_iter 2015-04-11 22:27:12 -04:00
selinux security: make inode_follow_link RCU-walk aware 2015-05-11 08:13:11 -04:00
smack Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-04-26 17:22:07 -07:00
tomoyo Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-04-26 17:22:07 -07:00
yama security/yama: Remove unnecessary selects from Kconfig. 2015-02-27 16:53:10 -08:00
Kconfig kernel: conditionally support non-root users, groups and capabilities 2015-04-15 16:35:22 -07:00
Makefile security: cleanup Makefiles to use standard syntax for specifying sub-directories 2014-02-17 11:08:04 +11:00
capability.c security: make inode_follow_link RCU-walk aware 2015-05-11 08:13:11 -04:00
commoncap.c VFS: security/: d_backing_inode() annotations 2015-04-15 15:06:56 -04:00
device_cgroup.c cgroup: rename cgroup_subsys->base_cftypes to ->legacy_cftypes 2014-07-15 11:05:09 -04:00
inode.c VFS: security/: d_inode() annotations 2015-04-15 15:06:57 -04:00
lsm_audit.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-04-26 17:22:07 -07:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c security: make inode_follow_link RCU-walk aware 2015-05-11 08:13:11 -04:00