summaryrefslogtreecommitdiff
path: root/drivers/pci/bus.c
diff options
context:
space:
mode:
authorJohn Stultz <john.stultz@linaro.org>2015-11-17 08:35:54 -0800
committerMark Salyzyn <salyzyn@google.com>2015-11-17 23:58:52 +0000
commita9ac1262ce80c287562e604f3bb24f232fcb686e (patch)
tree406a18c61bb0855a31c2941aae8226a3c7623b33 /drivers/pci/bus.c
parent0549ddb90f1553553dcb1b348e2884076e7cba3e (diff)
ANDROID: exec_domains: Disable request_module() call for personalities
With Android M, Android environments use a separate execution domain for 32bit processes. See: https://android-review.googlesource.com/#/c/122131/ This results in systems that use kernel modules to see selinux audit noise like: type=1400 audit(28.989:15): avc: denied { module_request } for pid=1622 comm="app_process32" kmod="personality-8" scontext=u:r:zygote:s0 tcontext=u:r:kernel:s0 tclass=system While using kernel modules is unadvised, some systems do require them. Thus to avoid developers adding sepolicy exceptions to allow for request_module calls, this patch disables the logic which tries to call request_module for the 32bit personality (ie: personality-8), which doesn't actually exist. Change-Id: I6885347e69d5778e69ad5312f56f389be7bb4883 Signed-off-by: John Stultz <john.stultz@linaro.org>
Diffstat (limited to 'drivers/pci/bus.c')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 08:23:35 +0000