diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2018-12-29 20:21:49 +0100 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2018-12-29 20:21:49 +0100 |
commit | 3868772b99e3146d02cf47e739d79022eba1d77c (patch) | |
tree | d32c0283496e6955937b618981766b5f0878724f /Documentation/security | |
parent | Merge branch 'for-4.21' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/c... (diff) | |
parent | docs: improve pathname-lookup document structure (diff) | |
download | linux-3868772b99e3146d02cf47e739d79022eba1d77c.tar.xz linux-3868772b99e3146d02cf47e739d79022eba1d77c.zip |
Merge tag 'docs-5.0' of git://git.lwn.net/linux
Pull documentation update from Jonathan Corbet:
"A fairly normal cycle for documentation stuff. We have a new document
on perf security, more Italian translations, more improvements to the
memory-management docs, improvements to the pathname lookup
documentation, and the usual array of smaller fixes.
As is often the case, there are a few reaches outside of
Documentation/ to adjust kerneldoc comments"
* tag 'docs-5.0' of git://git.lwn.net/linux: (38 commits)
docs: improve pathname-lookup document structure
configfs: fix wrong name of struct in documentation
docs/mm-api: link slab_common.c to "The Slab Cache" section
slab: make kmem_cache_create{_usercopy} description proper kernel-doc
doc:process: add links where missing
docs/core-api: make mm-api.rst more structured
x86, boot: documentation whitespace fixup
Documentation: devres: note checking needs when converting
doc:it: add some process/* translations
doc:it: fixes in process/1.Intro
Documentation: convert path-lookup from markdown to resturctured text
Documentation/admin-guide: update admin-guide index.rst
Documentation/admin-guide: introduce perf-security.rst file
scripts/kernel-doc: Fix struct and struct field attribute processing
Documentation: dev-tools: Fix typos in index.rst
Correct gen_init_cpio tool's documentation
Document /proc/pid PID reuse behavior
Documentation: update path-lookup.md for parallel lookups
Documentation: Use "while" instead of "whilst"
dmaengine: Add mailing list address to the documentation
...
Diffstat (limited to 'Documentation/security')
-rw-r--r-- | Documentation/security/credentials.rst | 8 | ||||
-rw-r--r-- | Documentation/security/keys/request-key.rst | 2 |
2 files changed, 5 insertions, 5 deletions
diff --git a/Documentation/security/credentials.rst b/Documentation/security/credentials.rst index 5bb7125faeee..282e79feee6a 100644 --- a/Documentation/security/credentials.rst +++ b/Documentation/security/credentials.rst @@ -291,7 +291,7 @@ for example), it must be considered immutable, barring two exceptions: 1. The reference count may be altered. - 2. Whilst the keyring subscriptions of a set of credentials may not be + 2. While the keyring subscriptions of a set of credentials may not be changed, the keyrings subscribed to may have their contents altered. To catch accidental credential alteration at compile time, struct task_struct @@ -358,7 +358,7 @@ Once a reference has been obtained, it must be released with ``put_cred()``, Accessing Another Task's Credentials ------------------------------------ -Whilst a task may access its own credentials without the need for locking, the +While a task may access its own credentials without the need for locking, the same is not true of a task wanting to access another task's credentials. It must use the RCU read lock and ``rcu_dereference()``. @@ -382,7 +382,7 @@ This should be used inside the RCU read lock, as in the following example:: } Should it be necessary to hold another task's credentials for a long period of -time, and possibly to sleep whilst doing so, then the caller should get a +time, and possibly to sleep while doing so, then the caller should get a reference on them using:: const struct cred *get_task_cred(struct task_struct *task); @@ -442,7 +442,7 @@ duplicate of the current process's credentials, returning with the mutex still held if successful. It returns NULL if not successful (out of memory). The mutex prevents ``ptrace()`` from altering the ptrace state of a process -whilst security checks on credentials construction and changing is taking place +while security checks on credentials construction and changing is taking place as the ptrace state may alter the outcome, particularly in the case of ``execve()``. diff --git a/Documentation/security/keys/request-key.rst b/Documentation/security/keys/request-key.rst index 21e27238cec6..600ad67d1707 100644 --- a/Documentation/security/keys/request-key.rst +++ b/Documentation/security/keys/request-key.rst @@ -132,7 +132,7 @@ Negative Instantiation And Rejection Rather than instantiating a key, it is possible for the possessor of an authorisation key to negatively instantiate a key that's under construction. This is a short duration placeholder that causes any attempt at re-requesting -the key whilst it exists to fail with error ENOKEY if negated or the specified +the key while it exists to fail with error ENOKEY if negated or the specified error if rejected. This is provided to prevent excessive repeated spawning of /sbin/request-key |