From patchwork Wed Jan 6 00:23:54 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tetsuo Handa X-Patchwork-Id: 42230 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 6802AB6EF3 for ; Wed, 6 Jan 2010 11:24:40 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754658Ab0AFAYe (ORCPT ); Tue, 5 Jan 2010 19:24:34 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1754349Ab0AFAYd (ORCPT ); Tue, 5 Jan 2010 19:24:33 -0500 Received: from www262.sakura.ne.jp ([202.181.97.72]:55182 "EHLO www262.sakura.ne.jp" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752036Ab0AFAYc (ORCPT ); Tue, 5 Jan 2010 19:24:32 -0500 Received: from www262.sakura.ne.jp (ksav32.sakura.ne.jp [210.224.165.212]) by www262.sakura.ne.jp (8.14.3/8.14.3) with ESMTP id o060NuJK078082; Wed, 6 Jan 2010 09:23:56 +0900 (JST) (envelope-from from-linux-security-module@i-love.sakura.ne.jp) Received: from www262.sakura.ne.jp (localhost [127.0.0.1]) by www262.sakura.ne.jp (8.14.3/8.14.3) with ESMTP id o060NsaK078069; Wed, 6 Jan 2010 09:23:54 +0900 (JST) (envelope-from from-linux-security-module@i-love.sakura.ne.jp) Received: (from i-love@localhost) by www262.sakura.ne.jp (8.14.3/8.14.3/Submit) id o060Ns76078068; Wed, 6 Jan 2010 09:23:54 +0900 (JST) (envelope-from from-linux-security-module@i-love.sakura.ne.jp) Message-Id: <201001060023.o060Ns76078068@www262.sakura.ne.jp> X-Authentication-Warning: www262.sakura.ne.jp: i-love set sender to from-linux-security-module@i-love.sakura.ne.jp using -f Subject: [PATCH] LSM: Update comment on security_sock_rcv_skb From: Tetsuo Handa To: linux-security-module@vger.kernel.org, jmorris@namei.org Cc: serue@us.ibm.com, sam@synack.fr, kaber@trash.net, zbr@ioremap.net, nhorman@tuxdriver.com, netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, hadi@cyberus.ca MIME-Version: 1.0 Date: Wed, 06 Jan 2010 09:23:54 +0900 References: <1262437456-24476-1-git-send-email-sam@synack.fr> <1262537872.10218.27.camel@bigi> <201001050820.o058Kuwx087793@www262.sakura.ne.jp> <20100105140917.GA6624@us.ibm.com> In-Reply-To: <20100105140917.GA6624@us.ibm.com> X-Anti-Virus: K-Prox Anti-Virus Powered by Kaspersky, bases: 05012010 #3099178, status: clean Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org [PATCH] LSM: Update comment on security_sock_rcv_skb It is not permitted to do sleeping operation inside security_sock_rcv_skb(). Signed-off-by: Tetsuo Handa Acked-by: Serge Hallyn --- -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/include/linux/security.h b/include/linux/security.h index 466cbad..3696ca3 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -978,6 +978,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * Check permissions on incoming network packets. This hook is distinct * from Netfilter's IP input hooks since it is the first time that the * incoming sk_buff @skb has been associated with a particular socket, @sk. + * Must not sleep inside this hook because some callers hold spinlocks. * @sk contains the sock (not socket) associated with the incoming sk_buff. * @skb contains the incoming network data. * @socket_getpeersec_stream: