Message ID | 201001060023.o060Ns76078068@www262.sakura.ne.jp |
---|---|
State | Not Applicable, archived |
Delegated to: | David Miller |
Headers | show |
Quoting Tetsuo Handa (penguin-kernel@I-love.SAKURA.ne.jp): > [PATCH] LSM: Update comment on security_sock_rcv_skb > > It is not permitted to do sleeping operation inside security_sock_rcv_skb(). > > Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Acked-by: Serge Hallyn <serue@us.ibm.com> Thank you for sending this. -serge > -- > diff --git a/include/linux/security.h b/include/linux/security.h > index 466cbad..3696ca3 100644 > --- a/include/linux/security.h > +++ b/include/linux/security.h > @@ -978,6 +978,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) > * Check permissions on incoming network packets. This hook is distinct > * from Netfilter's IP input hooks since it is the first time that the > * incoming sk_buff @skb has been associated with a particular socket, @sk. > + * Must not sleep inside this hook because some callers hold spinlocks. > * @sk contains the sock (not socket) associated with the incoming sk_buff. > * @skb contains the incoming network data. > * @socket_getpeersec_stream: > -- > To unsubscribe from this list: send the line "unsubscribe linux-security-module" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wed, 6 Jan 2010, Tetsuo Handa wrote: > [PATCH] LSM: Update comment on security_sock_rcv_skb > > It is not permitted to do sleeping operation inside security_sock_rcv_skb(). > > Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Applied to git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6#next
diff --git a/include/linux/security.h b/include/linux/security.h index 466cbad..3696ca3 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -978,6 +978,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * Check permissions on incoming network packets. This hook is distinct * from Netfilter's IP input hooks since it is the first time that the * incoming sk_buff @skb has been associated with a particular socket, @sk. + * Must not sleep inside this hook because some callers hold spinlocks. * @sk contains the sock (not socket) associated with the incoming sk_buff. * @skb contains the incoming network data. * @socket_getpeersec_stream:
[PATCH] LSM: Update comment on security_sock_rcv_skb It is not permitted to do sleeping operation inside security_sock_rcv_skb(). Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> -- -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html