diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-01-05 19:23:54 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-01-10 16:53:23 -0500 |
commit | 0ed731859e24cd6e3ec058cf2b49b2a0df80e86b (patch) | |
tree | d3af7dc11eb8de2ed96d4153c19449f0a46dd54c | |
parent | f737d95ddfea4df68a36ffc9231db4bf34b06d13 (diff) |
LSM: Update comment on security_sock_rcv_skb
It is not permitted to do sleeping operation inside security_sock_rcv_skb().
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Acked-by: Serge Hallyn <serue@us.ibm.com>
--
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | include/linux/security.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index 466cbadbd1ef..3696ca345745 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
@@ -978,6 +978,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |||
978 | * Check permissions on incoming network packets. This hook is distinct | 978 | * Check permissions on incoming network packets. This hook is distinct |
979 | * from Netfilter's IP input hooks since it is the first time that the | 979 | * from Netfilter's IP input hooks since it is the first time that the |
980 | * incoming sk_buff @skb has been associated with a particular socket, @sk. | 980 | * incoming sk_buff @skb has been associated with a particular socket, @sk. |
981 | * Must not sleep inside this hook because some callers hold spinlocks. | ||
981 | * @sk contains the sock (not socket) associated with the incoming sk_buff. | 982 | * @sk contains the sock (not socket) associated with the incoming sk_buff. |
982 | * @skb contains the incoming network data. | 983 | * @skb contains the incoming network data. |
983 | * @socket_getpeersec_stream: | 984 | * @socket_getpeersec_stream: |