• S
    [PATCH] SELinux: fix deadlock on dcache lock · 219f0817
    Stephen Smalley 提交于
    This fixes a deadlock on the dcache lock detected during testing at IBM
    by moving the logging of the current executable information from the
    SELinux avc_audit function to audit_log_exit (via an audit_log_task_info
    helper) for processing upon syscall exit. 
    
    For consistency, the patch also removes the logging of other
    task-related information from avc_audit, deferring handling to
    audit_log_exit instead. 
    
    This allows simplification of the avc_audit code, allows the exe
    information to be obtained more reliably, always includes the comm
    information (useful for scripts), and avoids including bogus task
    information for checks performed from irq or softirq. 
    Signed-off-by: NStephen Smalley <sds@tycho.nsa.gov>
    Signed-off-by: NJames Morris <jmorris@redhat.com>
    Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
    219f0817
avc.c 22.8 KB