diff options
| author | Paul Moore <paul@paul-moore.com> | 2023-08-07 22:57:22 -0400 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2023-08-09 10:51:13 -0400 |
| commit | 817199e006e514e6c39a17ed2e9fece1bd56b898 (patch) | |
| tree | f450f46e3941356c1b9aae3d7fbe26af4e2f9cd4 /security/selinux/include/security.h | |
| parent | 2b86e04bce141311c3a68940be2c8d5984274fca (diff) | |
| download | linux-817199e006e514e6c39a17ed2e9fece1bd56b898.tar.gz linux-817199e006e514e6c39a17ed2e9fece1bd56b898.tar.bz2 linux-817199e006e514e6c39a17ed2e9fece1bd56b898.zip | |
selinux: revert SECINITSID_INIT support
This commit reverts 5b0eea835d4e ("selinux: introduce an initial SID
for early boot processes") as it was found to cause problems on
distros with old SELinux userspace tools/libraries, specifically
Ubuntu 16.04.
Hopefully we will be able to re-add this functionality at a later
date, but let's revert this for now to help ensure a stable and
backwards compatible SELinux tree.
Link: https://lore.kernel.org/selinux/87edkseqf8.fsf@mail.lhotse
Acked-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/selinux/include/security.h')
| -rw-r--r-- | security/selinux/include/security.h | 6 |
1 files changed, 0 insertions, 6 deletions
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 074d439fe9ad..a9de89af8fdc 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h @@ -189,12 +189,6 @@ static inline bool selinux_policycap_ioctl_skip_cloexec(void) selinux_state.policycap[POLICYDB_CAP_IOCTL_SKIP_CLOEXEC]); } -static inline bool selinux_policycap_userspace_initial_context(void) -{ - return READ_ONCE( - selinux_state.policycap[POLICYDB_CAP_USERSPACE_INITIAL_CONTEXT]); -} - struct selinux_policy_convert_data; struct selinux_load_state { |