Merge branch 'linus' into sched/core

Conflicts: fs/proc/array.c Merge reason: resolve conflict and queue up dependent patch. Signed-off-by: Ingo Molnar <mingo@elte.hu>
author: Ingo Molnar <mingo@elte.hu> 2009-10-25 17:30:53 +0100
committer: Ingo Molnar <mingo@elte.hu> 2009-10-25 17:30:53 +0100
commit: 0b9e31e9264f1bad89856afb96da1688292f13b4 (patch)
tree: 7a9e9b6456dce993efeed8734de0a15a1f16ae94 /security/selinux/avc.c
parent: cf82ff7ea7695b0e82ba07bc5e9f1bd03a74e1aa (diff)
parent: 964fe080d94db82a3268443e9b9ece4c60246414 (diff)
1 files changed, 15 insertions, 4 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 1ed0f076aad..b4b5da1c0a4 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -868,8 +868,19 @@ u32 avc_policy_seqno(void)
 
 void avc_disable(void)
 {
-	avc_flush();
-	synchronize_rcu();
-	if (avc_node_cachep)
-		kmem_cache_destroy(avc_node_cachep);
+	/*
+	 * If you are looking at this because you have realized that we are
+	 * not destroying the avc_node_cachep it might be easy to fix, but
+	 * I don't know the memory barrier semantics well enough to know.  It's
+	 * possible that some other task dereferenced security_ops when
+	 * it still pointed to selinux operations.  If that is the case it's
+	 * possible that it is about to use the avc and is about to need the
+	 * avc_node_cachep.  I know I could wrap the security.c security_ops call
+	 * in an rcu_lock, but seriously, it's not worth it.  Instead I just flush
+	 * the cache and get that memory back.
+	 */
+	if (avc_node_cachep) {
+		avc_flush();
+		/* kmem_cache_destroy(avc_node_cachep); */
+	}
 }
author	Ingo Molnar <mingo@elte.hu>	2009-10-25 17:30:53 +0100
committer	Ingo Molnar <mingo@elte.hu>	2009-10-25 17:30:53 +0100
commit	0b9e31e9264f1bad89856afb96da1688292f13b4 (patch)
tree	7a9e9b6456dce993efeed8734de0a15a1f16ae94 /security/selinux/avc.c
parent	cf82ff7ea7695b0e82ba07bc5e9f1bd03a74e1aa (diff)
parent	964fe080d94db82a3268443e9b9ece4c60246414 (diff)