Quoting aris@xxxxxxxxxx (aris@xxxxxxxxxx):
> This patch is in preparation for hierarchy support.
>
> This patch doesn't introduce any functional changes.
>
> Acked-by: Tejun Heo <tj@xxxxxxxxxx>
> Cc: Tejun Heo <tj@xxxxxxxxxx>
> Cc: Serge Hallyn <serge.hallyn@xxxxxxxxxxxxx>
> Signed-off-by: Aristeu Rozanski <aris@xxxxxxxxxx>
>
> ---
> security/device_cgroup.c | 34 ++++++++++++++++------------------
> 1 file changed, 16 insertions(+), 18 deletions(-)
>
> --- github.orig/security/device_cgroup.c 2013-01-29 11:49:16.374681863 -0500
> +++ github/security/device_cgroup.c 2013-01-29 11:49:16.653686016 -0500
> @@ -212,32 +212,33 @@ static int dev_exception_add(struct dev_
> return rc;
> }
>
> -static void __dev_exception_clean(struct dev_cgroup *dev_cgroup)
> +static void dev_exception_clean(struct list_head *exceptions)
> {
> struct dev_exception_item *ex, *tmp;
>
> - list_for_each_entry_safe(ex, tmp, &dev_cgroup->exceptions, list) {
> - list_del_rcu(&ex->list);
> - kfree_rcu(ex, rcu);
> - }
> - list_for_each_entry_safe(ex, tmp, &dev_cgroup->local.exceptions,
> - list) {
> + list_for_each_entry_safe(ex, tmp, exceptions, list) {
> list_del_rcu(&ex->list);
> kfree_rcu(ex, rcu);
> }
> }
>
> +static void __dev_exception_clean_all(struct dev_cgroup *dev_cgroup)
> +{
> + dev_exception_clean(&dev_cgroup->exceptions);
> + dev_exception_clean(&dev_cgroup->local.exceptions);
> +}
> +
> /**
> - * dev_exception_clean - frees all entries of the exception list
> + * dev_exception_clean_all - frees all entries of the exception list
> * @dev_cgroup: dev_cgroup with the exception list to be cleaned
> *
> * called under devcgroup_mutex
> */
> -static void dev_exception_clean(struct dev_cgroup *dev_cgroup)
> +static void dev_exception_clean_all(struct dev_cgroup *dev_cgroup)
> {
> lockdep_assert_held(&devcgroup_mutex);
>
> - __dev_exception_clean(dev_cgroup);
> + __dev_exception_clean_all(dev_cgroup);
> }
>
> /**
> @@ -303,7 +304,7 @@ static void devcgroup_css_free(struct cg
> struct dev_cgroup *dev_cgroup;
>
> dev_cgroup = cgroup_to_devcgroup(cgroup);
> - __dev_exception_clean(dev_cgroup);
> + __dev_exception_clean_all(dev_cgroup);
> kfree(dev_cgroup);
> }
>
> @@ -508,25 +509,22 @@ memset(&ex, 0, sizeof(ex));
> case DEVCG_ALLOW:
> if (!may_allow_all(parent))
> return -EPERM;
> - dev_exception_clean(devcgroup);
> + dev_exception_clean_all(devcgroup);
> if (parent)
> rc = dev_exceptions_copy(&devcgroup->exceptions,
> &parent->exceptions);
> devcgroup->behavior = DEVCG_DEFAULT_ALLOW;
> devcgroup->local.behavior = DEVCG_DEFAULT_ALLOW;
> -
> - if (rc)
> - return rc;
Was this intentional?
I see that you next add
rc = propagate_behavior(devcgroup);
right here, but this means you're ignoring failure in the
dev_exceptions_copy() call above.
> break;
> case DEVCG_DENY:
> - dev_exception_clean(devcgroup);
> + dev_exception_clean_all(devcgroup);
> devcgroup->behavior = DEVCG_DEFAULT_DENY;
> devcgroup->local.behavior = DEVCG_DEFAULT_DENY;
> break;
> default:
> - return -EINVAL;
> + rc = -EINVAL;
> }
> - return 0;
> + return rc;
> case 'b':
> ex.type = DEV_BLOCK;
> break;
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
To unsubscribe from this list: send the line "unsubscribe cgroups" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
