Yes, minor issue. I appreciate the advice.
On Mon, Mar 2, 2015 at 4:42 PM, Andrew Morton <a...@linux-foundation.org> wrote: > On Mon, 2 Mar 2015 09:20:32 -0800 Jeff Vander Stoep <je...@google.com> wrote: > >> A userspace call to mmap(MAP_LOCKED) may result in the successful >> locking of memory while also producing a confusing audit log denial. >> can_do_mlock checks capable and rlimit. If either of these return >> positive can_do_mlock returns true. The capable check leads to an LSM >> hook used by apparmour and selinux which produce the audit denial. >> Reordering so rlimit is checked first eliminates the denial on success, >> only recording a denial when the lock is unsuccessful as a result of >> the denial. > > I'm assuming that this is a minor issue - a bogus audit log, no other > consequences. And based on this I queued the patch for 4.0 with no > -stable backport. > > All of this might have been wrong - the changelog wasn't very helpful > in making such decisions (hint). -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
