From: Eric Paris <eparis@redhat.com>
Date: Thu, 13 Aug 2009 13:44:57 +0000 (-0400)
Subject: security: introducing security_request_module
X-Git-Tag: v2.6.32-rc1~737^2^2~29
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9188499cdb117d86a1ea6b04374095b098d56936;p=pandora-kernel.git

security: introducing security_request_module

Calling request_module() will trigger a userspace upcall which will load a
new module into the kernel.  This can be a dangerous event if the process
able to trigger request_module() is able to control either the modprobe
binary or the module binary.  This patch adds a new security hook to
request_module() which can be used by an LSM to control a processes ability
to call request_module().

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
---

Reading git-diff-tree failed