rockchip: quiet module_request personality-8

In Android-M, below change in bionic was introduced
https://android-review.googlesource.com/122131

Which caused lot of SELinux denials to be logged regarding
module_request (similar to below one) for 32bit systems,
There is quite a lot of module_request denials when any 32bit
executable is executed.

type=1400 audit(946685139.719:12): avc: denied { module_request }
for pid=1970 comm="tzdatacheck" kmod="personality-8"
scontext=u:r:tzdatacheck:s0 tcontext=u:r:kernel:s0 tclass=system
permissive=1

So we patch the kernel to not attempt module loading for alternate
execution environments.

Change-Id: I7bd2c5fc08fd00fa7ff53d3ced401564b474fad4
Signed-off-by: Huang, Tao <huangtao@rock-chips.com>

diff --git a/kernel/exec_domain.c b/kernel/exec_domain.c
index 0dbeae37422509d376e23b4d7b05237150479dd6..eb0eda8e33396c941930582f89749a96e9da7155 100644 (file)
--- a/kernel/exec_domain.c
+++ b/kernel/exec_domain.c
@@ -69,6 +69,7 @@ lookup_exec_domain(unsigned int personality)
        }
 
 #ifdef CONFIG_MODULES
+#ifndef CONFIG_ARCH_ROCKCHIP
        read_unlock(&exec_domains_lock);
        request_module("personality-%d", pers);
        read_lock(&exec_domains_lock);
@@ -78,6 +79,7 @@ lookup_exec_domain(unsigned int personality)
                        if (try_module_get(ep->module))
                                goto out;
        }
+#endif
 #endif
 
        ep = &default_exec_domain;