linux/security
David Howells e0e817392b CRED: Add some configurable debugging [try #6]
Add a config option (CONFIG_DEBUG_CREDENTIALS) to turn on some debug checking
for credential management.  The additional code keeps track of the number of
pointers from task_structs to any given cred struct, and checks to see that
this number never exceeds the usage count of the cred struct (which includes
all references, not just those from task_structs).

Furthermore, if SELinux is enabled, the code also checks that the security
pointer in the cred struct is never seen to be invalid.

This attempts to catch the bug whereby inode_has_perm() faults in an nfsd
kernel thread on seeing cred->security be a NULL pointer (it appears that the
credential struct has been previously released):

	http://www.kerneloops.org/oops.php?number=252883

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-09-02 21:29:01 +10:00
..
integrity/ima integrity: add ima_counts_put (updated) 2009-06-29 08:59:10 +10:00
keys kernel: rename is_single_threaded(task) to current_is_single_threaded(void) 2009-07-17 09:10:42 +10:00
selinux CRED: Add some configurable debugging [try #6] 2009-09-02 21:29:01 +10:00
smack security/smack: Use AF_INET for sin_family field 2009-08-06 08:46:15 +10:00
tomoyo TOMOYO: Remove next_domain from tomoyo_find_next_domain(). 2009-06-19 18:48:18 +10:00
capability.c lsm: Add hooks to the TUN driver 2009-09-01 08:29:48 +10:00
commoncap.c Security/SELinux: seperate lsm specific mmap_min_addr 2009-08-17 15:09:11 +10:00
device_cgroup.c devcgroup: skip superfluous checks when found the DEV_ALL elem 2009-06-18 13:03:47 -07:00
inode.c securityfs: securityfs_remove should handle IS_ERR pointers 2009-05-12 11:06:11 +10:00
Kconfig security: Fix prompt for LSM_MMAP_MIN_ADDR 2009-08-19 08:42:56 +10:00
lsm_audit.c SELinux: Convert avc_audit to use lsm_audit.h 2009-08-17 08:37:18 +10:00
Makefile Security/SELinux: seperate lsm specific mmap_min_addr 2009-08-17 15:09:11 +10:00
min_addr.c Security/SELinux: seperate lsm specific mmap_min_addr 2009-08-17 15:09:11 +10:00
root_plug.c rootplug: Remove redundant initialization. 2009-05-27 13:30:46 +10:00
security.c lsm: Add hooks to the TUN driver 2009-09-01 08:29:48 +10:00