diff options
author | Oleg Nesterov <oleg@redhat.com> | 2009-04-29 18:01:23 +0200 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-05-01 08:49:29 +1000 |
commit | 78a3d9d5654a7fd99cf8b2ab06b9497b9c7aad64 (patch) | |
tree | 763ab08a72b381327b2868702818d527f91bce50 /security/integrity | |
parent | ecd6de3c88e8cbcad175b2eab48ba05c2014f7b6 (diff) | |
download | lwn-78a3d9d5654a7fd99cf8b2ab06b9497b9c7aad64.tar.gz lwn-78a3d9d5654a7fd99cf8b2ab06b9497b9c7aad64.zip |
do_wait: do take security_task_wait() into account
I was never able to understand what should we actually do when
security_task_wait() fails, but the current code doesn't look right.
If ->task_wait() returns the error, we update *notask_error correctly.
But then we either reap the child (despite the fact this was forbidden)
or clear *notask_error (and hide the securiy policy problems).
This patch assumes that "stolen by ptrace" doesn't matter. If selinux
denies the child we should ignore it but make sure we report -EACCESS
instead of -ECHLD if there are no other eligible children.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Roland McGrath <roland@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/integrity')
0 files changed, 0 insertions, 0 deletions