diff options
| author | Mark Brown <broonie@kernel.org> | 2014-09-08 12:05:48 +0100 |
|---|---|---|
| committer | Mark Brown <broonie@kernel.org> | 2014-09-08 12:05:48 +0100 |
| commit | bb0dddf6157bc679de9143507375fce3f13fcd00 (patch) | |
| tree | de120f5da2b49f6c32fb71454a83111a974811a1 /security | |
| parent | 4e65656dfa8cfd0660bac70cba7466d04e565ba6 (diff) | |
| parent | b60edabe236826e659aa814326b0d9c9ecb294c1 (diff) | |
Merge remote-tracking branch 'lsk/v3.10/topic/aosp' into linux-linaro-lsk-android
Conflicts:
arch/arm64/Kconfig
arch/arm64/crypto/Makefile
arch/arm64/crypto/aes-glue.c
arch/arm64/crypto/ghash-ce-core.S
arch/arm64/crypto/ghash-ce-glue.c
arch/arm64/include/asm/ptrace.h
arch/arm64/include/asm/thread_info.h
arch/arm64/kernel/fpsimd.c
crypto/ablk_helper.c
drivers/base/cpu.c
drivers/hid/hid-core.c
net/ipv4/raw.c
Diffstat (limited to 'security')
| -rw-r--r-- | security/Kconfig | 2 | ||||
| -rw-r--r-- | security/apparmor/include/apparmor.h | 1 | ||||
| -rw-r--r-- | security/apparmor/lib.c | 32 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 7 |
4 files changed, 8 insertions, 34 deletions
diff --git a/security/Kconfig b/security/Kconfig index e9c6ac724fef..beb86b500adf 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -103,7 +103,7 @@ config INTEL_TXT config LSM_MMAP_MIN_ADDR int "Low address space for LSM to protect from user allocation" depends on SECURITY && SECURITY_SELINUX - default 32768 if ARM + default 32768 if ARM || (ARM64 && COMPAT) default 65536 help This is the portion of low virtual memory which should be protected diff --git a/security/apparmor/include/apparmor.h b/security/apparmor/include/apparmor.h index 40aedd9f73ea..4a8cbfeef8b3 100644 --- a/security/apparmor/include/apparmor.h +++ b/security/apparmor/include/apparmor.h @@ -65,7 +65,6 @@ extern int apparmor_initialized __initdata; char *aa_split_fqname(char *args, char **ns_name); void aa_info_message(const char *str); void *kvmalloc(size_t size); -void kvfree(void *buffer); /** diff --git a/security/apparmor/lib.c b/security/apparmor/lib.c index 7430298116d6..ce8d9a84ab2d 100644 --- a/security/apparmor/lib.c +++ b/security/apparmor/lib.c @@ -103,35 +103,3 @@ void *kvmalloc(size_t size) } return buffer; } - -/** - * do_vfree - workqueue routine for freeing vmalloced memory - * @work: data to be freed - * - * The work_struct is overlaid to the data being freed, as at the point - * the work is scheduled the data is no longer valid, be its freeing - * needs to be delayed until safe. - */ -static void do_vfree(struct work_struct *work) -{ - vfree(work); -} - -/** - * kvfree - free an allocation do by kvmalloc - * @buffer: buffer to free (MAYBE_NULL) - * - * Free a buffer allocated by kvmalloc - */ -void kvfree(void *buffer) -{ - if (is_vmalloc_addr(buffer)) { - /* Data is no longer valid so just use the allocated space - * as the work_struct - */ - struct work_struct *work = (struct work_struct *) buffer; - INIT_WORK(work, do_vfree); - schedule_work(work); - } else - kfree(buffer); -} diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index e00585266536..a8485c1fc3ae 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -423,6 +423,13 @@ static int sb_finish_set_opts(struct super_block *sb) if (strncmp(sb->s_type->name, "sysfs", sizeof("sysfs")) == 0) sbsec->flags |= SE_SBLABELSUPP; + /* + * Special handling for rootfs. Is genfs but supports + * setting SELinux context on in-core inodes. + */ + if (strncmp(sb->s_type->name, "rootfs", sizeof("rootfs")) == 0) + sbsec->flags |= SE_SBLABELSUPP; + /* Initialize the root inode. */ rc = inode_doinit_with_dentry(root_inode, root); |