summaryrefslogtreecommitdiffstats
path: root/security/selinux/include/av_inherit.h
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2009-09-20 21:23:01 -0400
committerJames Morris <jmorris@namei.org>2009-09-30 19:17:06 +1000
commitaf8ff04917169805b151280155bf772d3ca9bec0 (patch)
tree1a1ec17d0926b4bbe9f8b243231582dde02ef1f5 /security/selinux/include/av_inherit.h
parent1669b049db50fc7f1d4e694fb115a0f408c63fce (diff)
SELinux: reset the security_ops before flushing the avc cache
This patch resets the security_ops to the secondary_ops before it flushes the avc. It's still possible that a task on another processor could have already passed the security_ops dereference and be executing an selinux hook function which would add a new avc entry. That entry would still not be freed. This should however help to reduce the number of needless avcs the kernel has when selinux is disabled at run time. There is no wasted memory if selinux is disabled on the command line or not compiled. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/include/av_inherit.h')
0 files changed, 0 insertions, 0 deletions