aboutsummaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorAndrew G. Morgan <morgan@kernel.org>2008-07-23 21:28:25 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2008-07-24 10:47:22 -0700
commitab763c7112ce0e2559c73f921617c81dc7287ca6 (patch)
tree110f60462a54e869402346b5ae9cfaed012cf8f4 /security
parent5459c164f0591ee75ed0203bb8f3817f25948e2f (diff)
security: filesystem capabilities refactor kernel code
To date, we've tried hard to confine filesystem support for capabilities to the security modules. This has left a lot of the code in kernel/capability.c in a state where it looks like it supports something that filesystem support for capabilities actually suppresses when the LSM security/commmoncap.c code runs. What is left is a lot of code that uses sub-optimal locking in the main kernel With this change we refactor the main kernel code and make it explicit which locks are needed and that the only remaining kernel races in this area are associated with non-filesystem capability code. Signed-off-by: Andrew G. Morgan <morgan@kernel.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions