linux/security
Eric Paris af8ff04917 SELinux: reset the security_ops before flushing the avc cache
This patch resets the security_ops to the secondary_ops before it flushes
the avc.  It's still possible that a task on another processor could have
already passed the security_ops dereference and be executing an selinux hook
function which would add a new avc entry.  That entry would still not be
freed.  This should however help to reduce the number of needless avcs the
kernel has when selinux is disabled at run time.  There is no wasted
memory if selinux is disabled on the command line or not compiled.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-09-30 19:17:06 +10:00
..
integrity/ima seq_file: constify seq_operations 2009-09-23 07:39:29 -07:00
keys KEYS: Have the garbage collector set its timer for live expired keys 2009-09-23 11:03:47 -07:00
selinux SELinux: reset the security_ops before flushing the avc cache 2009-09-30 19:17:06 +10:00
smack seq_file: constify seq_operations 2009-09-23 07:39:29 -07:00
tomoyo KEYS: Add a keyctl to install a process's session keyring on its parent [try #6] 2009-09-02 21:29:22 +10:00
Kconfig Merge commit 'v2.6.31-rc8' into x86/txt 2009-09-02 08:17:56 +02:00
Makefile Security/SELinux: seperate lsm specific mmap_min_addr 2009-08-17 15:09:11 +10:00
capability.c LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information. 2009-09-10 10:11:24 +10:00
commoncap.c Security/SELinux: seperate lsm specific mmap_min_addr 2009-08-17 15:09:11 +10:00
device_cgroup.c cgroups: let ss->can_attach and ss->attach do whole threadgroups at a time 2009-09-24 07:20:58 -07:00
inode.c securityfs: securityfs_remove should handle IS_ERR pointers 2009-05-12 11:06:11 +10:00
lsm_audit.c lsm: Use a compressed IPv6 string format in audit events 2009-09-24 03:50:26 -04:00
min_addr.c sysctl: remove "struct file *" argument of ->proc_handler 2009-09-24 07:21:04 -07:00
root_plug.c rootplug: Remove redundant initialization. 2009-05-27 13:30:46 +10:00
security.c LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information. 2009-09-10 10:11:24 +10:00