diff options
| author | Paul E. McKenney <paulmck@linux.vnet.ibm.com> | 2008-04-21 18:12:33 -0700 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2008-04-22 15:37:23 +1000 |
| commit | 618442509128fe4514be94de70ce54075cd9a706 (patch) | |
| tree | 9aea814978791abd8c4f9a5c60de879b2811c063 /security/selinux | |
| parent | 0f5e64200f20fc8f5b759c4010082f577ab0af3f (diff) | |
| download | linux-3.10-618442509128fe4514be94de70ce54075cd9a706.tar.gz linux-3.10-618442509128fe4514be94de70ce54075cd9a706.tar.bz2 linux-3.10-618442509128fe4514be94de70ce54075cd9a706.zip | |
SELinux fixups needed for preemptable RCU from -rt
The attached patch needs to move from -rt to mainline given preemptable RCU.
This patch fixes SELinux code that implicitly assumes that disabling
preemption prevents an RCU grace period from completing, an assumption that
is valid for Classic RCU, but not necessarily for preemptable RCU. Explicit
rcu_read_lock() calls are thus added.
Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Acked-by: Steven Rostedt <srostedt@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux')
| -rw-r--r-- | security/selinux/avc.c | 9 | ||||
| -rw-r--r-- | security/selinux/netif.c | 2 |
2 files changed, 11 insertions, 0 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 1d69f6649bf..95a8ef4a507 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -312,6 +312,7 @@ static inline int avc_reclaim_node(void) if (!spin_trylock_irqsave(&avc_cache.slots_lock[hvalue], flags)) continue; + rcu_read_lock(); list_for_each_entry(node, &avc_cache.slots[hvalue], list) { if (atomic_dec_and_test(&node->ae.used)) { /* Recently Unused */ @@ -319,11 +320,13 @@ static inline int avc_reclaim_node(void) avc_cache_stats_incr(reclaims); ecx++; if (ecx >= AVC_CACHE_RECLAIM) { + rcu_read_unlock(); spin_unlock_irqrestore(&avc_cache.slots_lock[hvalue], flags); goto out; } } } + rcu_read_unlock(); spin_unlock_irqrestore(&avc_cache.slots_lock[hvalue], flags); } out: @@ -821,8 +824,14 @@ int avc_ss_reset(u32 seqno) for (i = 0; i < AVC_CACHE_SLOTS; i++) { spin_lock_irqsave(&avc_cache.slots_lock[i], flag); + /* + * With preemptable RCU, the outer spinlock does not + * prevent RCU grace periods from ending. + */ + rcu_read_lock(); list_for_each_entry(node, &avc_cache.slots[i], list) avc_node_delete(node); + rcu_read_unlock(); spin_unlock_irqrestore(&avc_cache.slots_lock[i], flag); } diff --git a/security/selinux/netif.c b/security/selinux/netif.c index c658b84c319..b4e14bc0bf3 100644 --- a/security/selinux/netif.c +++ b/security/selinux/netif.c @@ -239,11 +239,13 @@ static void sel_netif_kill(int ifindex) { struct sel_netif *netif; + rcu_read_lock(); spin_lock_bh(&sel_netif_lock); netif = sel_netif_find(ifindex); if (netif) sel_netif_destroy(netif); spin_unlock_bh(&sel_netif_lock); + rcu_read_unlock(); } /** |