| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <152234045636.19153.4897050357891895124.stgit@localhost.localdomain>
Date: Thu, 29 Mar 2018 19:20:56 +0300
From: Kirill Tkhai <ktkhai@...tuozzo.com>
To: dledford@...hat.com, jgg@...pe.ca, davem@...emloft.net,
pablo@...filter.org, kadlec@...ckhole.kfki.hu, fw@...len.de,
pshelar@....org, johannes@...solutions.net, paul@...l-moore.com,
sds@...ho.nsa.gov, eparis@...isplace.org, jmorris@...ei.org,
serge@...lyn.com, leon@...nel.org, yuval.shaia@...cle.com,
parav@...lanox.com, danielj@...lanox.com, ktkhai@...tuozzo.com,
majd@...lanox.com, nicolas.dichtel@...nd.com, vyasevic@...hat.com,
paulmck@...ux.vnet.ibm.com, vyasevich@...il.com,
gregkh@...uxfoundation.org, daniel@...earbox.net,
jakub.kicinski@...ronome.com, ast@...nel.org, brouer@...hat.com,
linux@...musvillemoes.dk, john.fastabend@...il.com,
dsahern@...il.com, jiri@...lanox.com, idosch@...lanox.com,
vvs@...tuozzo.com, avagin@...tuozzo.com, roman.kapl@...go.com,
lucien.xin@...il.com, christian.brauner@...ntu.com,
jbenc@...hat.com, pombredanne@...b.com, linux-rdma@...r.kernel.org,
netdev@...r.kernel.org, netfilter-devel@...r.kernel.org,
coreteam@...filter.org, dev@...nvswitch.org,
linux-wireless@...r.kernel.org, selinux@...ho.nsa.gov,
linux-security-module@...r.kernel.org
Subject: [PATCH net-next 3/5] security: Remove rtnl_lock() in
selinux_xfrm_notify_policyload()
rt_genid_bump_all() consists of ipv4 and ipv6 part.
ipv4 part is incrementing of net::ipv4::rt_genid,
and I see many places, where it's read without rtnl_lock().
ipv6 part calls __fib6_clean_all(), and it's also
called without rtnl_lock() in other places.
So, rtnl_lock() here was used to iterate net_namespace_list only,
and we can remove it.
Signed-off-by: Kirill Tkhai <ktkhai@...tuozzo.com>
---
security/selinux/include/xfrm.h | 2 --
1 file changed, 2 deletions(-)
diff --git a/security/selinux/include/xfrm.h b/security/selinux/include/xfrm.h
index 31d66431be1e..a0b465316292 100644
--- a/security/selinux/include/xfrm.h
+++ b/security/selinux/include/xfrm.h
@@ -47,12 +47,10 @@ static inline void selinux_xfrm_notify_policyload(void)
{
struct net *net;
- rtnl_lock();
down_read(&net_rwsem);
for_each_net(net)
rt_genid_bump_all(net);
up_read(&net_rwsem);
- rtnl_unlock();
}
#else
static inline int selinux_xfrm_enabled(void)
Powered by blists - more mailing lists