aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Quigley <dpquigl@tycho.nsa.gov>2006-06-23 05:03:59 -0400
committerLinus Torvalds <torvalds@g5.osdl.org>2006-06-23 10:42:53 -0400
commite7834f8fccd791225a1cf91c2c3e740ad8e2e145 (patch)
tree8f48d03d7b1dc32d326825fef1d1c54117a06ac8
parent03e68060636e05989ea94bcb671ab633948f328c (diff)
[PATCH] SELinux: add security hooks to {get,set}affinity
This patch adds LSM hooks into the setaffinity and getaffinity functions to enable security modules to control these operations between tasks with task_setscheduler and task_getscheduler LSM hooks. Signed-off-by: David Quigley <dpquigl@tycho.nsa.gov> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r--kernel/sched.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/kernel/sched.c b/kernel/sched.c
index c13f1bd2df7d..87665132cec1 100644
--- a/kernel/sched.c
+++ b/kernel/sched.c
@@ -3886,6 +3886,10 @@ long sched_setaffinity(pid_t pid, cpumask_t new_mask)
3886 !capable(CAP_SYS_NICE)) 3886 !capable(CAP_SYS_NICE))
3887 goto out_unlock; 3887 goto out_unlock;
3888 3888
3889 retval = security_task_setscheduler(p, 0, NULL);
3890 if (retval)
3891 goto out_unlock;
3892
3889 cpus_allowed = cpuset_cpus_allowed(p); 3893 cpus_allowed = cpuset_cpus_allowed(p);
3890 cpus_and(new_mask, new_mask, cpus_allowed); 3894 cpus_and(new_mask, new_mask, cpus_allowed);
3891 retval = set_cpus_allowed(p, new_mask); 3895 retval = set_cpus_allowed(p, new_mask);
@@ -3954,7 +3958,10 @@ long sched_getaffinity(pid_t pid, cpumask_t *mask)
3954 if (!p) 3958 if (!p)
3955 goto out_unlock; 3959 goto out_unlock;
3956 3960
3957 retval = 0; 3961 retval = security_task_getscheduler(p);
3962 if (retval)
3963 goto out_unlock;
3964
3958 cpus_and(*mask, p->cpus_allowed, cpu_online_map); 3965 cpus_and(*mask, p->cpus_allowed, cpu_online_map);
3959 3966
3960out_unlock: 3967out_unlock: