Re: [PATCH 1/2] selinux: treat atomic flags more carefully

[PATCH 0/2] LSM: Drop security_delete_hooks() · Ondrej Mosnacek <omosnace@redhat.com> · 2020-01-07
[PATCH 1/2] selinux: treat atomic flags more carefully · Ondrej Mosnacek <omosnace@redhat.com> · 2020-01-07
Re: [PATCH 1/2] selinux: treat atomic flags more carefully · Stephen Smalley <hidden> · 2020-01-07
Re: [PATCH 1/2] selinux: treat atomic flags more carefully · Kees Cook <hidden> · 2020-01-07
Re: [PATCH 1/2] selinux: treat atomic flags more carefully · James Morris <jmorris@namei.org> · 2020-01-07
Re: [PATCH 1/2] selinux: treat atomic flags more carefully · Paul Moore <paul@paul-moore.com> · 2020-01-10
Re: [PATCH 1/2] selinux: treat atomic flags more carefully · Paul Moore <paul@paul-moore.com> · 2020-01-10
[PATCH 2/2] security,selinux: get rid of security_delete_hooks() · Ondrej Mosnacek <omosnace@redhat.com> · 2020-01-07
Re: [PATCH 2/2] security, selinux: get rid of security_delete_hooks() · Stephen Smalley <hidden> · 2020-01-07
Re: [PATCH 2/2] security, selinux: get rid of security_delete_hooks() · Paul Moore <paul@paul-moore.com> · 2020-01-08
Re: [PATCH 2/2] security, selinux: get rid of security_delete_hooks() · Ondrej Mosnacek <omosnace@redhat.com> · 2020-01-08
Re: [PATCH 2/2] security, selinux: get rid of security_delete_hooks() · Paul Moore <paul@paul-moore.com> · 2020-01-08
Re: [PATCH 2/2] security, selinux: get rid of security_delete_hooks() · Stephen Smalley <hidden> · 2020-01-08
Re: [PATCH 2/2] security,selinux: get rid of security_delete_hooks() · Casey Schaufler <casey@schaufler-ca.com> · 2020-01-07
Re: [PATCH 2/2] security,selinux: get rid of security_delete_hooks() · Kees Cook <hidden> · 2020-01-07
Re: [PATCH 2/2] security,selinux: get rid of security_delete_hooks() · James Morris <jmorris@namei.org> · 2020-01-07
Re: [PATCH 2/2] security,selinux: get rid of security_delete_hooks() · Ondrej Mosnacek <omosnace@redhat.com> · 2020-01-08
Re: [PATCH 2/2] security,selinux: get rid of security_delete_hooks() · James Morris <jmorris@namei.org> · 2020-01-08

From: Paul Moore <paul@paul-moore.com>
Date: 2020-01-10 20:21:49
Also in: selinux

On Tue, Jan 7, 2020 at 8:32 AM Ondrej Mosnacek [off-list ref] wrote:

The disabled/enforcing/initialized flags are all accessed concurrently
by threads so use the appropriate accessors that ensure atomicity and
document that it is expected.

Use smp_load/acquire...() helpers (with memory barriers) for the
initialized flag, since it gates access to the rest of the state
structures.

Note that the disabled flag is currently not used for anything other
than avoiding double disable, but it will be used for bailing out of
hooks once security_delete_hooks() is removed.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
---
 security/selinux/hooks.c            | 21 ++++++++--------
 security/selinux/include/security.h | 33 +++++++++++++++++++++++--
 security/selinux/ss/services.c      | 38 ++++++++++++++---------------
 3 files changed, 61 insertions(+), 31 deletions(-)

Merged into selinux/next, thanks Ondrej!

-- 
paul moore
www.paul-moore.com

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help