linux-sg2042/security/selinux/include
Eric Paris 9ade0cf440 SELINUX: Make selinux cache VFS RCU walks safe
Now that the security modules can decide whether they support the
dcache RCU walk or not it's possible to make selinux a bit more
RCU friendly.  The SELinux AVC and security server access decision
code is RCU safe.  A specific piece of the LSM audit code may not
be RCU safe.

This patch makes the VFS RCU walk retry if it would hit the non RCU
safe chunk of code.  It will normally just work under RCU.  This is
done simply by passing the VFS RCU state as a flag down into the
avc_audit() code and returning ECHILD there if it would have an issue.

Based-on-patch-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-04-25 18:16:32 -07:00
..
audit.h SELinux: keep the code clean formating and syntax 2008-07-14 15:01:36 +10:00
avc.h SELINUX: Make selinux cache VFS RCU walks safe 2011-04-25 18:16:32 -07:00
avc_ss.h selinux: dynamic class/perm discovery 2009-10-07 21:56:42 +11:00
classmap.h SELinux: Auto-generate security_is_socket_class 2011-03-03 15:19:43 -05:00
conditional.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
initial_sid_to_string.h selinux: const strings in tables 2010-03-08 09:33:53 +11:00
netif.h SELinux: Convert the netif code to use ifindex values 2008-01-30 08:17:21 +11:00
netlabel.h selinux: always call sk_security_struct sksec 2010-04-08 09:17:02 +10:00
netnode.h SELinux: Add a network node caching mechanism similar to the sel_netif_*() functions 2008-01-30 08:17:23 +11:00
netport.h SELinux: add netport.[ch] 2008-04-18 20:26:17 +10:00
objsec.h switch selinux delayed superblock handling to iterate_supers() 2010-05-21 18:31:17 -04:00
security.h SELinux: Use dentry name in new object labeling 2011-02-01 11:12:30 -05:00
xfrm.h xfrm: Mark flowi arg to security_xfrm_state_pol_flow_match() const. 2011-02-22 18:13:15 -08:00