Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 350311aa authored by Kirill Tkhai's avatar Kirill Tkhai Committed by David S. Miller
Browse files

security: Remove rtnl_lock() in selinux_xfrm_notify_policyload() 



rt_genid_bump_all() consists of ipv4 and ipv6 part.
ipv4 part is incrementing of net::ipv4::rt_genid,
and I see many places, where it's read without rtnl_lock().

ipv6 part calls __fib6_clean_all(), and it's also
called without rtnl_lock() in other places.

So, rtnl_lock() here was used to iterate net_namespace_list only,
and we can remove it.

Signed-off-by: default avatarKirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 10256deb

security/selinux/include/xfrm.h

+0 −2
Original line number Diff line number Diff line
@@ -47,12 +47,10 @@ static inline void selinux_xfrm_notify_policyload(void) 
{

	struct net *net;



	rtnl_lock();

	down_read(&net_rwsem);

	for_each_net(net)

		rt_genid_bump_all(net);

	up_read(&net_rwsem);

	rtnl_unlock();

}

#else

static inline int selinux_xfrm_enabled(void)