提交 7418cb89 编写于 作者: D David Quigley 提交者: Ralf Baechle

[MIPS] SELinux: Add security hooks to mips-mt {get,set}affinity

This patch adds LSM hooks into the setaffinity and getaffinity functions
for the mips architecture to enable security modules to control these
operations between tasks with different security attributes. This
implementation uses the existing task_setscheduler and task_getscheduler
LSM hooks.
Signed-Off-By: NDavid Quigley <dpquigl@tycho.nsa.gov>
Acked-by: NStephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: NJames Morris <jmorris@namei.org>
Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
上级 c9170617
...@@ -96,6 +96,10 @@ asmlinkage long mipsmt_sys_sched_setaffinity(pid_t pid, unsigned int len, ...@@ -96,6 +96,10 @@ asmlinkage long mipsmt_sys_sched_setaffinity(pid_t pid, unsigned int len,
goto out_unlock; goto out_unlock;
} }
retval = security_task_setscheduler(p, 0, NULL);
if (retval)
goto out_unlock;
/* Record new user-specified CPU set for future reference */ /* Record new user-specified CPU set for future reference */
p->thread.user_cpus_allowed = new_mask; p->thread.user_cpus_allowed = new_mask;
...@@ -141,8 +145,9 @@ asmlinkage long mipsmt_sys_sched_getaffinity(pid_t pid, unsigned int len, ...@@ -141,8 +145,9 @@ asmlinkage long mipsmt_sys_sched_getaffinity(pid_t pid, unsigned int len,
p = find_process_by_pid(pid); p = find_process_by_pid(pid);
if (!p) if (!p)
goto out_unlock; goto out_unlock;
retval = security_task_getscheduler(p);
retval = 0; if (retval)
goto out_unlock;
cpus_and(mask, p->thread.user_cpus_allowed, cpu_possible_map); cpus_and(mask, p->thread.user_cpus_allowed, cpu_possible_map);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册