diff options
author | Kirill Tkhai <ktkhai@virtuozzo.com> | 2018-03-29 19:20:56 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2018-03-29 13:47:53 -0400 |
commit | 350311aab4c0b2477f9cf3fb03cef2e4cd6c3b18 (patch) | |
tree | c29d81b825a786a6ad8bb54f807e58729127d753 | |
parent | 10256debb918aea083d0ddada64d29014c642a7b (diff) |
security: Remove rtnl_lock() in selinux_xfrm_notify_policyload()
rt_genid_bump_all() consists of ipv4 and ipv6 part.
ipv4 part is incrementing of net::ipv4::rt_genid,
and I see many places, where it's read without rtnl_lock().
ipv6 part calls __fib6_clean_all(), and it's also
called without rtnl_lock() in other places.
So, rtnl_lock() here was used to iterate net_namespace_list only,
and we can remove it.
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | security/selinux/include/xfrm.h | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/security/selinux/include/xfrm.h b/security/selinux/include/xfrm.h index 31d66431be1e..a0b465316292 100644 --- a/security/selinux/include/xfrm.h +++ b/security/selinux/include/xfrm.h @@ -47,12 +47,10 @@ static inline void selinux_xfrm_notify_policyload(void) { struct net *net; - rtnl_lock(); down_read(&net_rwsem); for_each_net(net) rt_genid_bump_all(net); up_read(&net_rwsem); - rtnl_unlock(); } #else static inline int selinux_xfrm_enabled(void) |