diff options
author | Christian Göttsche <cgzones@googlemail.com> | 2023-04-20 17:05:00 +0200 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2023-05-08 22:45:36 +0200 |
commit | 757010002b97ad0ed89a3b4499c93d23cae429eb (patch) | |
tree | 2e320812feda7acb4e1609a2e7c2e1d7d7cb76e2 /security | |
parent | selinux: adjust typos in comments (diff) | |
download | linux-757010002b97ad0ed89a3b4499c93d23cae429eb.tar.xz linux-757010002b97ad0ed89a3b4499c93d23cae429eb.zip |
selinux: avc: drop unused function avc_disable()
Since commit f22f9aaf6c3d ("selinux: remove the runtime disable
functionality") the function avc_disable() is no longer used.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/avc.c | 19 | ||||
-rw-r--r-- | security/selinux/include/avc.h | 3 |
2 files changed, 0 insertions, 22 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index eaed5c2da02b..6bc65830e1a9 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -1203,22 +1203,3 @@ u32 avc_policy_seqno(void) { return selinux_avc.avc_cache.latest_notif; } - -void avc_disable(void) -{ - /* - * If you are looking at this because you have realized that we are - * not destroying the avc_node_cachep it might be easy to fix, but - * I don't know the memory barrier semantics well enough to know. It's - * possible that some other task dereferenced security_ops when - * it still pointed to selinux operations. If that is the case it's - * possible that it is about to use the avc and is about to need the - * avc_node_cachep. I know I could wrap the security.c security_ops call - * in an rcu_lock, but seriously, it's not worth it. Instead I just flush - * the cache and get that memory back. - */ - if (avc_node_cachep) { - avc_flush(); - /* kmem_cache_destroy(avc_node_cachep); */ - } -} diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h index 9301222c8e55..9e055f74daf6 100644 --- a/security/selinux/include/avc.h +++ b/security/selinux/include/avc.h @@ -168,9 +168,6 @@ int avc_get_hash_stats(char *page); unsigned int avc_get_cache_threshold(void); void avc_set_cache_threshold(unsigned int cache_threshold); -/* Attempt to free avc node cache */ -void avc_disable(void); - #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS DECLARE_PER_CPU(struct avc_cache_stats, avc_cache_stats); #endif |