linux/security
Al Viro 4259fa01a2 [PATCH] get rid of AVC_PATH postponed treatment
Selinux folks had been complaining about the lack of AVC_PATH
records when audit is disabled.  I must admit my stupidity - I assumed
that avc_audit() really couldn't use audit_log_d_path() because of
deadlocks (== could be called with dcache_lock or vfsmount_lock held).
Shouldn't have made that assumption - it never gets called that way.
It _is_ called under spinlocks, but not those.

        Since audit_log_d_path() uses ab->gfp_mask for allocations,
kmalloc() in there is not a problem.  IOW, the simple fix is sufficient:
let's rip AUDIT_AVC_PATH out and simply generate pathname as part of main
record.  It's trivial to do.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Acked-by: James Morris <jmorris@namei.org>
2007-07-22 09:57:02 -04:00
..
keys mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
selinux [PATCH] get rid of AVC_PATH postponed treatment 2007-07-22 09:57:02 -04:00
capability.c
commoncap.c coredump masking: reimplementation of dumpable using two flags 2007-07-19 10:04:46 -07:00
dummy.c coredump masking: reimplementation of dumpable using two flags 2007-07-19 10:04:46 -07:00
inode.c
Kconfig
Makefile
root_plug.c
security.c