diff options
author | Tejun Heo <tj@kernel.org> | 2014-05-16 13:22:48 -0400 |
---|---|---|
committer | Tejun Heo <tj@kernel.org> | 2014-05-16 13:22:48 -0400 |
commit | 5877019d97ab827b808e8759c71ef8d31490907a (patch) | |
tree | b7fb8eb3c632b5a64cbf038181e46af5753d42c4 | |
parent | ea280e7b408ca0dad195ce9836feccdd1dc32131 (diff) | |
download | op-kernel-dev-5877019d97ab827b808e8759c71ef8d31490907a.zip op-kernel-dev-5877019d97ab827b808e8759c71ef8d31490907a.tar.gz |
device_cgroup: remove direct access to cgroup->children
Currently, devcg::has_children() directly tests cgroup->children for
list emptiness. The field is not a published field and scheduled to
go away. In addition, the test isn't strictly correct as devcg should
only care about children which are visible to userland.
This patch converts has_children() to use css_next_child() instead.
The subtle incorrectness is noted and will be dealt with later.
Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Aristeu Rozanski <aris@redhat.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Li Zefan <lizefan@huawei.com>
-rw-r--r-- | security/device_cgroup.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/security/device_cgroup.c b/security/device_cgroup.c index ce14a31..084c8e4 100644 --- a/security/device_cgroup.c +++ b/security/device_cgroup.c @@ -589,9 +589,17 @@ static int propagate_exception(struct dev_cgroup *devcg_root, static inline bool has_children(struct dev_cgroup *devcgroup) { - struct cgroup *cgrp = devcgroup->css.cgroup; + bool ret; - return !list_empty(&cgrp->children); + /* + * FIXME: There may be lingering offline csses and this function + * may return %true when there isn't any userland-visible child + * which is incorrect for our purposes. + */ + rcu_read_lock(); + ret = css_next_child(NULL, &devcgroup->css); + rcu_read_unlock(); + return ret; } /* |