linux-stable-rt/security/selinux
Oleg Nesterov 3b5e9e53c6 signals: cleanup security_task_kill() usage/implementation
Every implementation of ->task_kill() does nothing when the signal comes from
the kernel.  This is correct, but means that check_kill_permission() should
call security_task_kill() only for SI_FROMUSER() case, and we can remove the
same check from ->task_kill() implementations.

(sadly, check_kill_permission() is the last user of signal->session/__session
 but we can't s/task_session_nr/task_session/ here).

NOTE: Eric W.  Biederman pointed out cap_task_kill() should die, and I think
he is very right.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Serge Hallyn <serue@us.ibm.com>
Cc: Roland McGrath <roland@redhat.com>
Cc: Casey Schaufler <casey@schaufler-ca.com>
Cc: David Quigley <dpquigl@tycho.nsa.gov>
Cc: Eric Paris <eparis@redhat.com>
Cc: Harald Welte <laforge@gnumonks.org>
Cc: Pavel Emelyanov <xemul@openvz.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-04-30 08:29:34 -07:00
..
include Security: Make secctx_to_secid() take const secdata 2008-04-29 13:22:56 -07:00
ss Security: Make secctx_to_secid() take const secdata 2008-04-29 13:22:56 -07:00
Kconfig
Makefile
avc.c Audit: standardize string audit interfaces 2008-04-28 06:19:22 -04:00
exports.c
hooks.c signals: cleanup security_task_kill() usage/implementation 2008-04-30 08:29:34 -07:00
netif.c SELinux fixups needed for preemptable RCU from -rt 2008-04-22 15:37:23 +10:00
netlabel.c
netlink.c
netnode.c SELinux: Made netnode cache adds faster 2008-04-28 09:36:23 +10:00
netport.c SELinux: Fix a RCU free problem with the netport cache 2008-04-28 09:36:27 +10:00
nlmsgtab.c
selinuxfs.c
xfrm.c