summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKirill Tkhai <ktkhai@virtuozzo.com>2018-03-29 19:20:56 +0300
committerDavid S. Miller <davem@davemloft.net>2018-03-29 13:47:53 -0400
commit350311aab4c0b2477f9cf3fb03cef2e4cd6c3b18 (patch)
treec29d81b825a786a6ad8bb54f807e58729127d753
parent10256debb918aea083d0ddada64d29014c642a7b (diff)
downloadlinux-350311aab4c0b2477f9cf3fb03cef2e4cd6c3b18.tar.gz
linux-350311aab4c0b2477f9cf3fb03cef2e4cd6c3b18.tar.bz2
linux-350311aab4c0b2477f9cf3fb03cef2e4cd6c3b18.zip
security: Remove rtnl_lock() in selinux_xfrm_notify_policyload()
rt_genid_bump_all() consists of ipv4 and ipv6 part. ipv4 part is incrementing of net::ipv4::rt_genid, and I see many places, where it's read without rtnl_lock(). ipv6 part calls __fib6_clean_all(), and it's also called without rtnl_lock() in other places. So, rtnl_lock() here was used to iterate net_namespace_list only, and we can remove it. Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--security/selinux/include/xfrm.h2
1 files changed, 0 insertions, 2 deletions
diff --git a/security/selinux/include/xfrm.h b/security/selinux/include/xfrm.h
index 31d66431be1e..a0b465316292 100644
--- a/security/selinux/include/xfrm.h
+++ b/security/selinux/include/xfrm.h
@@ -47,12 +47,10 @@ static inline void selinux_xfrm_notify_policyload(void)
{
struct net *net;
- rtnl_lock();
down_read(&net_rwsem);
for_each_net(net)
rt_genid_bump_all(net);
up_read(&net_rwsem);
- rtnl_unlock();
}
#else
static inline int selinux_xfrm_enabled(void)