Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 86c3a764 authored by David Quigley's avatar David Quigley Committed by Linus Torvalds
Browse files

[PATCH] SELinux: add security_task_movememory calls to mm code 



This patch inserts security_task_movememory hook calls into memory management
code to enable security modules to mediate this operation between tasks.

Since the last posting, the hook has been renamed following feedback from
Christoph Lameter.

Signed-off-by: default avatarDavid Quigley <dpquigl@tycho.nsa.gov>
Acked-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
Cc: Andi Kleen <ak@muc.de>
Acked-by: default avatarChristoph Lameter <clameter@sgi.com>
Acked-by: default avatarChris Wright <chrisw@sous-sol.org>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent 35601547

mm/mempolicy.c

+5 −0
Original line number Diff line number Diff line
@@ -88,6 +88,7 @@ 
#include <linux/proc_fs.h>

#include <linux/migrate.h>

#include <linux/rmap.h>

#include <linux/security.h>



#include <asm/tlbflush.h>

#include <asm/uaccess.h>
@@ -942,6 +943,10 @@ asmlinkage long sys_migrate_pages(pid_t pid, unsigned long maxnode, 
		goto out;

	}



	err = security_task_movememory(task);

	if (err)

		goto out;



	err = do_migrate_pages(mm, &old, &new,

		capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE);

out:

mm/migrate.c

+6 −0
Original line number Diff line number Diff line
@@ -27,6 +27,7 @@ 
#include <linux/writeback.h>

#include <linux/mempolicy.h>

#include <linux/vmalloc.h>

#include <linux/security.h>



#include "internal.h"
@@ -905,6 +906,11 @@ asmlinkage long sys_move_pages(pid_t pid, unsigned long nr_pages, 
		goto out2;

	}



 	err = security_task_movememory(task);

 	if (err)

 		goto out2;





	task_nodes = cpuset_mems_allowed(task);



	/* Limit nr_pages so that the multiplication may not overflow */