diff options
author | Janne Karhunen <janne.karhunen@gmail.com> | 2019-06-14 14:20:14 +0200 |
---|---|---|
committer | Mimi Zohar <zohar@linux.ibm.com> | 2019-06-14 15:02:42 +0200 |
commit | 42df744c4166af6959eda2df1ee5cde744d4a1c3 (patch) | |
tree | 0596cb76c814d03ee71a967fe3bd48b50ca42eb1 /security/selinux | |
parent | x86/ima: fix the Kconfig dependency for IMA_ARCH_POLICY (diff) | |
download | linux-42df744c4166af6959eda2df1ee5cde744d4a1c3.tar.xz linux-42df744c4166af6959eda2df1ee5cde744d4a1c3.zip |
LSM: switch to blocking policy update notifiers
Atomic policy updaters are not very useful as they cannot
usually perform the policy updates on their own. Since it
seems that there is no strict need for the atomicity,
switch to the blocking variant. While doing so, rename
the functions accordingly.
Signed-off-by: Janne Karhunen <janne.karhunen@gmail.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by: James Morris <jamorris@linux.microsoft.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/hooks.c | 2 | ||||
-rw-r--r-- | security/selinux/selinuxfs.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index c61787b15f27..c1e37018c8eb 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -197,7 +197,7 @@ static int selinux_lsm_notifier_avc_callback(u32 event) { if (event == AVC_CALLBACK_RESET) { sel_ib_pkey_flush(); - call_lsm_notifier(LSM_POLICY_CHANGE, NULL); + call_blocking_lsm_notifier(LSM_POLICY_CHANGE, NULL); } return 0; diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index 145ee62f205a..1e2e3e4b5fdb 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -180,7 +180,7 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf, selnl_notify_setenforce(new_value); selinux_status_update_setenforce(state, new_value); if (!new_value) - call_lsm_notifier(LSM_POLICY_CHANGE, NULL); + call_blocking_lsm_notifier(LSM_POLICY_CHANGE, NULL); } length = count; out: |