diff options
| author | Andrew G. Morgan <[email protected]> | 2008-07-23 21:28:25 -0700 |
|---|---|---|
| committer | Linus Torvalds <[email protected]> | 2008-07-24 10:47:22 -0700 |
| commit | ab763c7112ce0e2559c73f921617c81dc7287ca6 (patch) | |
| tree | 110f60462a54e869402346b5ae9cfaed012cf8f4 /include/linux/debugobjects.h | |
| parent | 5459c164f0591ee75ed0203bb8f3817f25948e2f (diff) | |
security: filesystem capabilities refactor kernel code
To date, we've tried hard to confine filesystem support for capabilities
to the security modules. This has left a lot of the code in
kernel/capability.c in a state where it looks like it supports something
that filesystem support for capabilities actually suppresses when the LSM
security/commmoncap.c code runs. What is left is a lot of code that uses
sub-optimal locking in the main kernel
With this change we refactor the main kernel code and make it explicit
which locks are needed and that the only remaining kernel races in this
area are associated with non-filesystem capability code.
Signed-off-by: Andrew G. Morgan <[email protected]>
Acked-by: Serge Hallyn <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
Diffstat (limited to 'include/linux/debugobjects.h')
0 files changed, 0 insertions, 0 deletions