Re: [patch] [sg]etaffinity hooks

• Previous message: Chris Wright: "Re: graft_tree/attach_mnt rfc"
• In reply to: Stephen Smalley: "[patch] [sg]etaffinity hooks"
• Next in thread: Stephen Smalley: "Re: [patch] [sg]etaffinity hooks"
• Reply: Stephen Smalley: "Re: [patch] [sg]etaffinity hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

<added two lines of diff context>

* Stephen Smalley (sdsat_private) wrote:
> 
> --- lsm-2.5/kernel/sched.c	2002/10/03 16:38:33	1.31
> +++ lsm-2.5/kernel/sched.c	2002/10/07 16:08:19
> @@ -1597,6 +1597,10 @@
> 		retval = -EPERM;
> 		if ((current->euid != p->euid) && (current->euid != p->uid) && 
>  			!capable(CAP_SYS_NICE))
>  		goto out_unlock;

I don't see a nice way to collapse this w/out basically DAC out...any
ideas?

>  
> +	retval = security_ops->task_setaffinity(p, new_mask);
> +	if (retval) 
> +		goto out_unlock;
> +
>  	retval = 0;
>  	set_cpus_allowed(p, new_mask);

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Stephen Smalley: "Re: [patch] [sg]etaffinity hooks"
• Previous message: Chris Wright: "Re: graft_tree/attach_mnt rfc"
• In reply to: Stephen Smalley: "[patch] [sg]etaffinity hooks"
• Next in thread: Stephen Smalley: "Re: [patch] [sg]etaffinity hooks"
• Reply: Stephen Smalley: "Re: [patch] [sg]etaffinity hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Oct 08 2002 - 01:47:21 PDT