[MIPS] SELinux: Add security hooks to mips-mt {get,set}affinity
authorDavid Quigley <dpquigl@tycho.nsa.gov>
Wed, 28 Jun 2006 13:36:46 +0000 (09:36 -0400)
committerRalf Baechle <ralf@linux-mips.org>
Tue, 6 Feb 2007 16:53:21 +0000 (16:53 +0000)
This patch adds LSM hooks into the setaffinity and getaffinity functions
for the mips architecture to enable security modules to control these
operations between tasks with different security attributes. This
implementation uses the existing task_setscheduler and task_getscheduler
LSM hooks.

Signed-Off-By: David Quigley <dpquigl@tycho.nsa.gov>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
arch/mips/kernel/mips-mt.c

index c1373a6e668bec45583c7ff498e697b0a30355ca..a32f6797353aa32fc6b25b770a1b867cf62f2909 100644 (file)
@@ -96,6 +96,10 @@ asmlinkage long mipsmt_sys_sched_setaffinity(pid_t pid, unsigned int len,
                goto out_unlock;
        }
 
+       retval = security_task_setscheduler(p, 0, NULL);
+       if (retval)
+               goto out_unlock;
+
        /* Record new user-specified CPU set for future reference */
        p->thread.user_cpus_allowed = new_mask;
 
@@ -141,8 +145,9 @@ asmlinkage long mipsmt_sys_sched_getaffinity(pid_t pid, unsigned int len,
        p = find_process_by_pid(pid);
        if (!p)
                goto out_unlock;
-
-       retval = 0;
+       retval = security_task_getscheduler(p);
+       if (retval)
+               goto out_unlock;
 
        cpus_and(mask, p->thread.user_cpus_allowed, cpu_possible_map);