diff options
author | Kevin Hilman <khilman@linaro.org> | 2015-11-18 08:57:08 -0800 |
---|---|---|
committer | Kevin Hilman <khilman@linaro.org> | 2015-11-18 08:57:08 -0800 |
commit | b6982cb01827323f75ff15c18ba5a90840d798da (patch) | |
tree | fb37cde365a4c97591b38d1dbbbed24b79eed141 | |
parent | 6679a18a14a4ff9fae7fb0ee554e7161619308ad (diff) | |
parent | a9ac1262ce80c287562e604f3bb24f232fcb686e (diff) |
Merge branch 'android-3.18' of ../../android/aosp into linux-linaro-lsk-v3.18-androidlsk-v3.18-15.11-android
* 'android-3.18' of ../../android/aosp:
ANDROID: exec_domains: Disable request_module() call for personalities
UPSTREAM: pagemap: do not leak physical addresses to non-privileged userspace
-rw-r--r-- | kernel/exec_domain.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/kernel/exec_domain.c b/kernel/exec_domain.c index 83d4382f5699..e0a3c71f2734 100644 --- a/kernel/exec_domain.c +++ b/kernel/exec_domain.c @@ -68,7 +68,14 @@ lookup_exec_domain(unsigned int personality) goto out; } -#ifdef CONFIG_MODULES +/* + * Disable the request_module here to avoid trying to + * load the personality-8 module, which doesn't exist, + * and results in selinux audit noise. + * Disabling this here avoids folks adding module_request + * to their sepolicy, which is maybe too generous + */ +#if 0 read_unlock(&exec_domains_lock); request_module("personality-%d", pers); read_lock(&exec_domains_lock); |