security: Remove rtnl_lock() in selinux_xfrm_notify_policyload()
rt_genid_bump_all() consists of ipv4 and ipv6 part. ipv4 part is incrementing of net::ipv4::rt_genid, and I see many places, where it's read without rtnl_lock(). ipv6 part calls __fib6_clean_all(), and it's also called without rtnl_lock() in other places. So, rtnl_lock() here was used to iterate net_namespace_list only, and we can remove it. Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Kirill Tkhai
David S. Miller
parent
10256debb9
commit
350311aab4
|
|
@ -47,12 +47,10 @@ static inline void selinux_xfrm_notify_policyload(void)
|
||||||
{
|
{
|
||||||
struct net *net;
|
struct net *net;
|
||||||
|
|
||||||
rtnl_lock();
|
|
||||||
down_read(&net_rwsem);
|
down_read(&net_rwsem);
|
||||||
for_each_net(net)
|
for_each_net(net)
|
||||||
rt_genid_bump_all(net);
|
rt_genid_bump_all(net);
|
||||||
up_read(&net_rwsem);
|
up_read(&net_rwsem);
|
||||||
rtnl_unlock();
|
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
static inline int selinux_xfrm_enabled(void)
|
static inline int selinux_xfrm_enabled(void)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue