projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f3d4650)
device_cgroup: use css_has_online_children() instead of has_children()
authorTejun Heo <tj@kernel.org>
Fri, 16 May 2014 17:22:52 +0000 (13:22 -0400)
committerTejun Heo <tj@kernel.org>
Fri, 16 May 2014 17:22:52 +0000 (13:22 -0400)
devcgroup_update_access() wants to know whether there are child
cgroups which are online and visible to userland and has_children()
may return false positive.  Replace it with css_has_online_children().

Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Aristeu Rozanski <aris@redhat.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Li Zefan <lizefan@huawei.com>
security/device_cgroup.c patch | blob | blame | history

diff --git a/security/device_cgroup.c b/security/device_cgroup.c
index 084c8e417564aced290b90e703ddca2cc6bc3108..d9d69e6930edf5266e1c2bc77fff39528fee5467 100644 (file)
--- a/security/device_cgroup.c
+++ b/security/device_cgroup.c
@@ -587,21 +587,6 @@ static int propagate_exception(struct dev_cgroup *devcg_root,
        return rc;
 }
 
-static inline bool has_children(struct dev_cgroup *devcgroup)
-{
-       bool ret;
-
-       /*
-        * FIXME: There may be lingering offline csses and this function
-        * may return %true when there isn't any userland-visible child
-        * which is incorrect for our purposes.
-        */
-       rcu_read_lock();
-       ret = css_next_child(NULL, &devcgroup->css);
-       rcu_read_unlock();
-       return ret;
-}
-
 /*
  * Modify the exception list using allow/deny rules.
  * CAP_SYS_ADMIN is needed for this.  It's at least separate from CAP_MKNOD
@@ -634,7 +619,7 @@ static int devcgroup_update_access(struct dev_cgroup *devcgroup,
        case 'a':
                switch (filetype) {
                case DEVCG_ALLOW:
-                       if (has_children(devcgroup))
+                       if (css_has_online_children(&devcgroup->css))
                                return -EINVAL;
 
                        if (!may_allow_all(parent))
@@ -650,7 +635,7 @@ static int devcgroup_update_access(struct dev_cgroup *devcgroup,
                                return rc;
                        break;
                case DEVCG_DENY:
-                       if (has_children(devcgroup))
+                       if (css_has_online_children(&devcgroup->css))
                                return -EINVAL;
 
                        dev_exception_clean(devcgroup);