+ selinux-add-security_task_movememory-calls-to-mm-code.patch added to -mm tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The patch titled

     SELinux: add security_task_movememory calls to mm code

has been added to the -mm tree.  Its filename is

     selinux-add-security_task_movememory-calls-to-mm-code.patch

See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
out what to do about this

------------------------------------------------------
Subject: SELinux: add security_task_movememory calls to mm code
From: David Quigley <dpquigl@xxxxxxxxxxxxx>


This patch inserts security_task_movememory hook calls into memory management
code to enable security modules to mediate this operation between tasks.

Since the last posting, the hook has been renamed following feedback from
Christoph Lameter.

Signed-off-by: David Quigley <dpquigl@xxxxxxxxxxxxx>
Acked-by:  Stephen Smalley <sds@xxxxxxxxxxxxx>
Signed-off-by: James Morris <jmorris@xxxxxxxxx>
Cc: Andi Kleen <ak@xxxxxx>
Acked-by: Christoph Lameter <clameter@xxxxxxx>
Cc: Chris Wright <chrisw@xxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---

 mm/mempolicy.c |    5 +++++
 mm/migrate.c   |    6 ++++++
 2 files changed, 11 insertions(+)

diff -puN mm/mempolicy.c~selinux-add-security_task_movememory-calls-to-mm-code mm/mempolicy.c
--- a/mm/mempolicy.c~selinux-add-security_task_movememory-calls-to-mm-code
+++ a/mm/mempolicy.c
@@ -88,6 +88,7 @@
 #include <linux/proc_fs.h>
 #include <linux/migrate.h>
 #include <linux/rmap.h>
+#include <linux/security.h>
 
 #include <asm/tlbflush.h>
 #include <asm/uaccess.h>
@@ -946,6 +947,10 @@ asmlinkage long sys_migrate_pages(pid_t 
 		goto out;
 	}
 
+	err = security_task_movememory(task);
+	if (err)
+		goto out;
+
 	err = do_migrate_pages(mm, &old, &new,
 		capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE);
 out:
diff -puN mm/migrate.c~selinux-add-security_task_movememory-calls-to-mm-code mm/migrate.c
--- a/mm/migrate.c~selinux-add-security_task_movememory-calls-to-mm-code
+++ a/mm/migrate.c
@@ -27,6 +27,7 @@
 #include <linux/writeback.h>
 #include <linux/mempolicy.h>
 #include <linux/vmalloc.h>
+#include <linux/security.h>
 
 #include "internal.h"
 
@@ -903,6 +904,11 @@ asmlinkage long sys_move_pages(pid_t pid
 		goto out2;
 	}
 
+ 	err = security_task_movememory(task);
+ 	if (err)
+ 		goto out2;
+
+
 	task_nodes = cpuset_mems_allowed(task);
 
 	/* Limit nr_pages so that the multiplication may not overflow */
_

Patches currently in -mm which might be from dpquigl@xxxxxxxxxxxxx are

selinux-add-security-hooks-to-getsetaffinity.patch
selinux-add-security-hook-call-to-mediate-attach_task.patch
selinux-add-task_movememory-hook.patch
selinux-add-security_task_movememory-calls-to-mm-code.patch

-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Kernel Newbies FAQ]     [Kernel Archive]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [Bugtraq]     [Photo]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]

  Powered by Linux