[PATCH] SELinux/MIPS: Add security hooks to mips-mt {get,set}affinity
From: James Morris
Date: Wed Jun 28 2006 - 09:35:48 EST
From: David Quigley <dpquigl@xxxxxxxxxxxxx>
This patch adds LSM hooks into the setaffinity and getaffinity functions
for the mips architecture to enable security modules to control these
operations between tasks with different security attributes. This
implementation uses the existing task_setscheduler and task_getscheduler
LSM hooks.
Please apply.
Signed-Off-By: David Quigley <dpquigl@xxxxxxxxxxxxx>
Acked-by: Stephen Smalley <sds@xxxxxxxxxxxxx>
Signed-off-by: James Morris <jmorris@xxxxxxxxx>
---
arch/mips/kernel/mips-mt.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff -uprN -X /home/dpquigl/dontdiff linux-2.6.17-mm3/arch/mips/kernel/mips-mt.c linux-2.6.17-mm3-affiniy/arch/mips/kernel/mips-mt.c
--- linux-2.6.17-mm3/arch/mips/kernel/mips-mt.c 2006-06-17 21:49:35.000000000 -0400
+++ linux-2.6.17-mm3-affiniy/arch/mips/kernel/mips-mt.c 2006-06-27 15:47:46.000000000 -0400
@@ -95,6 +95,10 @@ asmlinkage long mipsmt_sys_sched_setaffi
goto out_unlock;
}
+ retval = security_task_setscheduler(p, 0, NULL);
+ if (retval)
+ goto out_unlock;
+
/* Record new user-specified CPU set for future reference */
p->thread.user_cpus_allowed = new_mask;
@@ -140,8 +144,9 @@ asmlinkage long mipsmt_sys_sched_getaffi
p = find_process_by_pid(pid);
if (!p)
goto out_unlock;
-
- retval = 0;
+ retval = security_task_getscheduler(p);
+ if (retval)
+ goto out_unlock;
cpus_and(mask, p->thread.user_cpus_allowed, cpu_possible_map);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/