Re: [PATCH 2/3] SELinux: add security_task_movememory calls to mmcode
From: Christoph Lameter
Date: Wed Jun 21 2006 - 17:42:46 EST
On Wed, 21 Jun 2006, James Morris wrote:
> diff -purN -X dontdiff linux-2.6.17-mm1.p/mm/mempolicy.c linux-2.6.17-mm1.w/mm/mempolicy.c
> --- linux-2.6.17-mm1.p/mm/mempolicy.c 2006-06-21 11:54:12.000000000 -0400
> +++ linux-2.6.17-mm1.w/mm/mempolicy.c 2006-06-21 17:18:00.000000000 -0400
> @@ -88,6 +88,7 @@
> #include <linux/proc_fs.h>
> #include <linux/migrate.h>
> #include <linux/rmap.h>
> +#include <linux/security.h>
>
> #include <asm/tlbflush.h>
> #include <asm/uaccess.h>
> @@ -946,6 +947,10 @@ asmlinkage long sys_migrate_pages(pid_t
> goto out;
> }
>
> + err = security_task_movememory(task);
> + if (err)
> + goto out;
> +
> err = do_migrate_pages(mm, &old, &new,
> capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE);
> out:
Acked-by: Christoph Lameter <clameter@xxxxxxx>
> diff -purN -X dontdiff linux-2.6.17-mm1.p/mm/migrate.c linux-2.6.17-mm1.w/mm/migrate.c
> --- linux-2.6.17-mm1.p/mm/migrate.c 2006-06-21 11:54:12.000000000 -0400
> +++ linux-2.6.17-mm1.w/mm/migrate.c 2006-06-21 17:17:52.000000000 -0400
> @@ -27,6 +27,7 @@
> #include <linux/writeback.h>
> #include <linux/mempolicy.h>
> #include <linux/vmalloc.h>
> +#include <linux/security.h>
>
> #include "internal.h"
>
> @@ -903,6 +904,11 @@ asmlinkage long sys_move_pages(pid_t pid
> goto out2;
> }
>
> + err = security_task_movememory(task);
> + if (err)
> + goto out2;
> +
> +
> task_nodes = cpuset_mems_allowed(task);
>
> /* Limit nr_pages so that the multiplication may not overflow */
>
This check is before the validity of nodes has been verified but
the check in sys_migrate_pages is after the checking of the nodes.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/