xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security: create task_free security callback

Browse Source 
The current LSM interface to cred_free is not sufficient for allowing
an LSM to track the life and death of a task. This patch adds the
task_free hook so that an LSM can clean up resources on task death.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Kees Cook
2011-12-21 12:17:03 -08:00
committed by James Morris
parent 9e3ff38647
commit 1a2a4d06e1
4 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
security/capability.c
View File

@@ -358,6 +358,10 @@ static int cap_task_create(unsigned long clone_flags)
return 0;
}
static void cap_task_free(struct task_struct *task)
{
}
static int cap_cred_alloc_blank(struct cred *cred, gfp_t gfp)
{
return 0;
@@ -954,6 +958,7 @@ void __init security_fixup_ops(struct security_operations *ops)
set_to_cap_if_null(ops, file_receive);
set_to_cap_if_null(ops, dentry_open);
set_to_cap_if_null(ops, task_create);
set_to_cap_if_null(ops, task_free);
set_to_cap_if_null(ops, cred_alloc_blank);
set_to_cap_if_null(ops, cred_free);
set_to_cap_if_null(ops, cred_prepare);