diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-01-06 09:23:54 +0900 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-01-11 08:53:23 +1100 |
commit | 0ed731859e24cd6e3ec058cf2b49b2a0df80e86b (patch) | |
tree | d3af7dc11eb8de2ed96d4153c19449f0a46dd54c | |
parent | f737d95ddfea4df68a36ffc9231db4bf34b06d13 (diff) |
LSM: Update comment on security_sock_rcv_skb
It is not permitted to do sleeping operation inside security_sock_rcv_skb().
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Acked-by: Serge Hallyn <serue@us.ibm.com>
--
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | include/linux/security.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index 466cbadbd1e..3696ca34574 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -978,6 +978,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * Check permissions on incoming network packets. This hook is distinct * from Netfilter's IP input hooks since it is the first time that the * incoming sk_buff @skb has been associated with a particular socket, @sk. + * Must not sleep inside this hook because some callers hold spinlocks. * @sk contains the sock (not socket) associated with the incoming sk_buff. * @skb contains the incoming network data. * @socket_getpeersec_stream: |