aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Quigley <dpquigl@tycho.nsa.gov>2006-06-23 05:04:02 -0400
committerLinus Torvalds <torvalds@g5.osdl.org>2006-06-23 10:42:54 -0400
commit86c3a7645c05a7d06b72653aa4b2bea4e7229d1b (patch)
treeac68280e9c44dbc6ca4c88dc1e9c72a8f56be95e
parent35601547baf92d984b6e59cf3583649da04baea5 (diff)
[PATCH] SELinux: add security_task_movememory calls to mm code
This patch inserts security_task_movememory hook calls into memory management code to enable security modules to mediate this operation between tasks. Since the last posting, the hook has been renamed following feedback from Christoph Lameter. Signed-off-by: David Quigley <dpquigl@tycho.nsa.gov> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org> Cc: Andi Kleen <ak@muc.de> Acked-by: Christoph Lameter <clameter@sgi.com> Acked-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r--mm/mempolicy.c5
-rw-r--r--mm/migrate.c6
2 files changed, 11 insertions, 0 deletions
diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index 05b84acf0bb3..ec4a1a950df9 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -88,6 +88,7 @@
88#include <linux/proc_fs.h> 88#include <linux/proc_fs.h>
89#include <linux/migrate.h> 89#include <linux/migrate.h>
90#include <linux/rmap.h> 90#include <linux/rmap.h>
91#include <linux/security.h>
91 92
92#include <asm/tlbflush.h> 93#include <asm/tlbflush.h>
93#include <asm/uaccess.h> 94#include <asm/uaccess.h>
@@ -942,6 +943,10 @@ asmlinkage long sys_migrate_pages(pid_t pid, unsigned long maxnode,
942 goto out; 943 goto out;
943 } 944 }
944 945
946 err = security_task_movememory(task);
947 if (err)
948 goto out;
949
945 err = do_migrate_pages(mm, &old, &new, 950 err = do_migrate_pages(mm, &old, &new,
946 capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE); 951 capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE);
947out: 952out:
diff --git a/mm/migrate.c b/mm/migrate.c
index 033a12f4c949..1c2a71aa05cd 100644
--- a/mm/migrate.c
+++ b/mm/migrate.c
@@ -27,6 +27,7 @@
27#include <linux/writeback.h> 27#include <linux/writeback.h>
28#include <linux/mempolicy.h> 28#include <linux/mempolicy.h>
29#include <linux/vmalloc.h> 29#include <linux/vmalloc.h>
30#include <linux/security.h>
30 31
31#include "internal.h" 32#include "internal.h"
32 33
@@ -905,6 +906,11 @@ asmlinkage long sys_move_pages(pid_t pid, unsigned long nr_pages,
905 goto out2; 906 goto out2;
906 } 907 }
907 908
909 err = security_task_movememory(task);
910 if (err)
911 goto out2;
912
913
908 task_nodes = cpuset_mems_allowed(task); 914 task_nodes = cpuset_mems_allowed(task);
909 915
910 /* Limit nr_pages so that the multiplication may not overflow */ 916 /* Limit nr_pages so that the multiplication may not overflow */