Merge branch 'android-3.14' of ../../android/aosp into linux-linaro-lsk-v3.14-androidlsk-v3.14-15.11-android

* 'android-3.14' of ../../android/aosp: ANDROID: exec_domains: Disable request_module() call for personalities UPSTREAM: pagemap: do not leak physical addresses to non-privileged userspace
author: Kevin Hilman <khilman@linaro.org> 2015-11-18 08:53:53 -0800
committer: Kevin Hilman <khilman@linaro.org> 2015-11-18 08:53:53 -0800
commit: c4ceab9b6388e9e7079e5d903f96c6bcdacd3dda (patch)
tree: e86ff25495afb43ac5773143e50b6e2b97466f19
parent: 444e6cd9569605e88e4b2317cbeb23849e449093 (diff)
parent: c037c42d164e186809b43838b8772aa1fe7cc8d5 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/kernel/exec_domain.c b/kernel/exec_domain.c
index 0dbeae374225..36cc21da4dd0 100644
--- a/kernel/exec_domain.c
+++ b/kernel/exec_domain.c
@@ -68,7 +68,14 @@ lookup_exec_domain(unsigned int personality)
 				goto out;
 	}
 
-#ifdef CONFIG_MODULES
+/*
+ * Disable the request_module here to avoid trying to
+ * load the personality-8 module, which  doesn't exist,
+ * and results in selinux audit noise.
+ * Disabling this here avoids folks adding module_request
+ * to their sepolicy, which is maybe too generous
+ */
+#if 0
 	read_unlock(&exec_domains_lock);
 	request_module("personality-%d", pers);
 	read_lock(&exec_domains_lock);
author	Kevin Hilman <khilman@linaro.org>	2015-11-18 08:53:53 -0800
committer	Kevin Hilman <khilman@linaro.org>	2015-11-18 08:53:53 -0800
commit	c4ceab9b6388e9e7079e5d903f96c6bcdacd3dda (patch)
tree	e86ff25495afb43ac5773143e50b6e2b97466f19
parent	444e6cd9569605e88e4b2317cbeb23849e449093 (diff)
parent	c037c42d164e186809b43838b8772aa1fe7cc8d5 (diff)