2273 |
|
|
2274 |
@ Use rcu_read_lock() for find_task_by_pid(). |
@ Use rcu_read_lock() for find_task_by_pid(). |
2275 |
|
|
2276 |
Since kernel 2.6.16 , caller of find_task_by_pid() needs to call |
Since kernel 2.6.18 , caller of find_task_by_pid() needs to call |
2277 |
rcu_read_lock() rather than read_lock(&tasklist_lock) because find_pid() |
rcu_read_lock() rather than read_lock(&tasklist_lock) because find_pid() |
2278 |
uses RCU primitives but spinlock does not prevent RCU callback if |
uses RCU primitives but spinlock does not prevent RCU callback if |
2279 |
preemptive RCU ( CONFIG_PREEMPT_RCU or CONFIG_TREE_PREEMPT_RCU ) is |
preemptive RCU ( CONFIG_PREEMPT_RCU or CONFIG_TREE_PREEMPT_RCU ) is |
2280 |
enabled. |
enabled. |
2281 |
|
|
2282 |
|
Fix 2009/12/15 |
2283 |
|
|
2284 |
|
@ Allow deleting "quota_exceeded" and "transition_failed" entries. |
2285 |
|
|
2286 |
|
To notify users of "this domain has too many entries to hold" and "some |
2287 |
|
process in this domain was not able to perform domain transition", |
2288 |
|
"quota_exceeded" and "transition_failed" messages are used respectively. |
2289 |
|
These messages were not deletable. But it is more convenient for users |
2290 |
|
to be notified again if such events occurred again after tuning policy. |
2291 |
|
Thus, I made these messages deletable. |
2292 |
|
|
2293 |
|
Fix 2009/12/17 |
2294 |
|
|
2295 |
|
@ Don't check read permission in ccs_try_alt_exec(). |
2296 |
|
|
2297 |
|
While I was trying to remove ccs_execve_list list for GC optimization |
2298 |
|
between TOMOYO 1.7.0 and 1.7.1 , I made a mistake which made TOMOYO to |
2299 |
|
check allow_read permission of the programs specified by execute_handler |
2300 |
|
and denied_execute_handler keywords. |
2301 |
|
|
2302 |
|
@ Don't check DAC permission if disabled mode. |
2303 |
|
|
2304 |
|
I was checking DAC permissions regarding directory entry modification |
2305 |
|
operations (e.g. mkdir()) even if mode=disabled . It is a waste of CPU |
2306 |
|
resource to check DAC permissions when MAC permissions are not checked. |
2307 |
|
Thus, I modified to skip DAC permission checks if mode=disabled . |
2308 |
|
|
2309 |
|
Fix 2009/12/19 |
2310 |
|
|
2311 |
|
@ Fix memory leak in ccs_environ(). |
2312 |
|
|
2313 |
|
When I fixed a bug that a permission like |
2314 |
|
|
2315 |
|
allow_env PATH if exec.envp["PATH"]="/" |
2316 |
|
|
2317 |
|
was not working (2009/11/02), I allocated two buffers but only one buffer |
2318 |
|
was released. |
2319 |
|
|
2320 |
|
This bug will trigger OOM killer if environment variable checking is |
2321 |
|
enabled. |