From: Huang, Tao <huangtao@rock-chips.com>
Date: Tue, 27 Oct 2015 11:25:27 +0000 (+0800)
Subject: rockchip: quiet module_request personality-8
X-Git-Tag: firefly_0821_release~3675
X-Git-Url: http://plrg.eecs.uci.edu/git/?a=commitdiff_plain;h=24220c2bb4c935d2a9e7f62ad2d23a4614deeb97;p=firefly-linux-kernel-4.4.55.git

rockchip: quiet module_request personality-8

In Android-M, below change in bionic was introduced
https://android-review.googlesource.com/122131

Which caused lot of SELinux denials to be logged regarding
module_request (similar to below one) for 32bit systems,
There is quite a lot of module_request denials when any 32bit
executable is executed.

type=1400 audit(946685139.719:12): avc: denied { module_request }
for pid=1970 comm="tzdatacheck" kmod="personality-8"
scontext=u:r:tzdatacheck:s0 tcontext=u:r:kernel:s0 tclass=system
permissive=1

So we patch the kernel to not attempt module loading for alternate
execution environments.

Change-Id: I7bd2c5fc08fd00fa7ff53d3ced401564b474fad4
Signed-off-by: Huang, Tao <huangtao@rock-chips.com>
---

diff --git a/kernel/exec_domain.c b/kernel/exec_domain.c
index 0dbeae374225..eb0eda8e3339 100644
--- a/kernel/exec_domain.c
+++ b/kernel/exec_domain.c
@@ -69,6 +69,7 @@ lookup_exec_domain(unsigned int personality)
 	}
 
 #ifdef CONFIG_MODULES
+#ifndef CONFIG_ARCH_ROCKCHIP
 	read_unlock(&exec_domains_lock);
 	request_module("personality-%d", pers);
 	read_lock(&exec_domains_lock);
@@ -78,6 +79,7 @@ lookup_exec_domain(unsigned int personality)
 			if (try_module_get(ep->module))
 				goto out;
 	}
+#endif
 #endif
 
 	ep = &default_exec_domain;