diff options
author | Kees Cook <kees.cook@canonical.com> | 2010-06-28 22:34:04 -0700 |
---|---|---|
committer | Leann Ogasawara <leann.ogasawara@canonical.com> | 2010-08-11 07:42:01 -0700 |
commit | 58c06d53b968885e1faa24ff25a729f36b7684dc (patch) | |
tree | 2664ca1f07d8cb81b4a1fe6ed02b5d0a43e351ae /security/capability.c | |
parent | e667051aaa0f0c7e7d953a10c33b1feae69493b5 (diff) |
UBUNTU: SAUCE: security: create task_free security callback
The current LSM interface to cred_free is not sufficient for allowing
an LSM to track the life and death of a task. This patch adds the
task_free hook so that an LSM can clean up resources on task death.
Signed-off-by: Kees Cook <kees.cook@canonical.com>
Signed-off-by: Leann Ogasawara <leann.ogasawara@canonical.com>
Diffstat (limited to 'security/capability.c')
-rw-r--r-- | security/capability.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/security/capability.c b/security/capability.c index 8168e3ecd5b..2bcc955def9 100644 --- a/security/capability.c +++ b/security/capability.c @@ -354,6 +354,9 @@ static int cap_task_create(unsigned long clone_flags) return 0; } +static void cap_task_free(struct task_struct *task) +{ } + static int cap_cred_alloc_blank(struct cred *cred, gfp_t gfp) { return 0; @@ -937,6 +940,7 @@ void __init security_fixup_ops(struct security_operations *ops) set_to_cap_if_null(ops, file_receive); set_to_cap_if_null(ops, dentry_open); set_to_cap_if_null(ops, task_create); + set_to_cap_if_null(ops, task_free); set_to_cap_if_null(ops, cred_alloc_blank); set_to_cap_if_null(ops, cred_free); set_to_cap_if_null(ops, cred_prepare); |