diff options
| author | Stephen Boyd <sboyd@codeaurora.org> | 2015-10-02 11:15:13 -0700 |
|---|---|---|
| committer | Stephen Boyd <sboyd@codeaurora.org> | 2015-10-02 11:22:23 -0700 |
| commit | 9f30a04d768f64280dc0c40b730746e82f298d88 (patch) | |
| tree | e112853eb73627ed7b9a2ef8e4feab6685a0200e /security/security.c | |
| parent | 9e294bf88a583825a413df408b9fe9e658fb93ac (diff) | |
| parent | 7aba4f5201d1b7b3ddb0b03883d9edf69851ddad (diff) | |
Merge branch 'for-4.3-rc/ti-clk-fixes' of https://github.com/t-kristo/linux-pm into clk-fixes
Pull fixes from Tero Kristo:
"A few TI clock driver fixes to pull against 4.3-rc"
* 'for-4.3-rc/ti-clk-fixes' of https://github.com/t-kristo/linux-pm: (3 commits)
clk: ti: dflt: fix enable_reg validity check
clk: ti: fix dual-registration of uart4_ick
clk: ti: clk-7xx: Remove hardwired ABE clock configuration
Diffstat (limited to 'security/security.c')
| -rw-r--r-- | security/security.c | 24 |
1 files changed, 10 insertions, 14 deletions
diff --git a/security/security.c b/security/security.c index 595fffab48b0a..46f405ce6b0fb 100644 --- a/security/security.c +++ b/security/security.c @@ -56,18 +56,13 @@ int __init security_init(void) pr_info("Security Framework initialized\n"); /* - * Always load the capability module. + * Load minor LSMs, with the capability module always first. */ capability_add_hooks(); -#ifdef CONFIG_SECURITY_YAMA_STACKED - /* - * If Yama is configured for stacking load it next. - */ yama_add_hooks(); -#endif + /* - * Load the chosen module if there is one. - * This will also find yama if it is stacking + * Load all the remaining security modules. */ do_security_initcalls(); @@ -380,8 +375,8 @@ int security_inode_init_security(struct inode *inode, struct inode *dir, return 0; if (!initxattrs) - return call_int_hook(inode_init_security, 0, inode, dir, qstr, - NULL, NULL, NULL); + return call_int_hook(inode_init_security, -EOPNOTSUPP, inode, + dir, qstr, NULL, NULL, NULL); memset(new_xattrs, 0, sizeof(new_xattrs)); lsm_xattr = new_xattrs; ret = call_int_hook(inode_init_security, -EOPNOTSUPP, inode, dir, qstr, @@ -409,8 +404,8 @@ int security_old_inode_init_security(struct inode *inode, struct inode *dir, { if (unlikely(IS_PRIVATE(inode))) return -EOPNOTSUPP; - return call_int_hook(inode_init_security, 0, inode, dir, qstr, - name, value, len); + return call_int_hook(inode_init_security, -EOPNOTSUPP, inode, dir, + qstr, name, value, len); } EXPORT_SYMBOL(security_old_inode_init_security); @@ -776,7 +771,7 @@ static inline unsigned long mmap_prot(struct file *file, unsigned long prot) * ditto if it's not on noexec mount, except that on !MMU we need * NOMMU_MAP_EXEC (== VM_MAYEXEC) in this case */ - if (!(file->f_path.mnt->mnt_flags & MNT_NOEXEC)) { + if (!path_noexec(&file->f_path)) { #ifndef CONFIG_MMU if (file->f_op->mmap_capabilities) { unsigned caps = file->f_op->mmap_capabilities(file); @@ -1281,7 +1276,8 @@ int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) { - return call_int_hook(socket_getpeersec_dgram, 0, sock, skb, secid); + return call_int_hook(socket_getpeersec_dgram, -ENOPROTOOPT, sock, + skb, secid); } EXPORT_SYMBOL(security_socket_getpeersec_dgram); |