Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-14 15:13:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
6a9e261cbb
linux/security/selinux/include
History
Paul Moore 6a9e261cbb selinux: don't sleep when CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE is true 
Unfortunately commit 81200b0265 ("selinux: checkreqprot is
deprecated, add some ssleep() discomfort") added a five second sleep
during early kernel boot, e.g. start_kernel(), which could cause a
"scheduling while atomic" panic.  This patch fixes this problem by
moving the sleep out of checkreqprot_set() and into
sel_write_checkreqprot() so that we only sleep when the checkreqprot
setting is set during runtime, after the kernel has booted.  The
error message remains the same in both cases.

Fixes: 81200b0265 ("selinux: checkreqprot is deprecated, add some ssleep() discomfort")
Reported-by: J. Bruce Fields <bfields@fieldses.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>
2022-04-14 16:44:21 -04:00
..
audit.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
avc_ss.h selinux: wrap AVC state 2018-03-20 16:58:17 -04:00
avc.h selinux: kill 'flags' argument in avc_has_perm_flags() and avc_audit() 2021-06-11 13:11:45 -04:00
classmap.h selinux: remove the SELinux lockdown implementation 2021-09-30 10:12:33 -04:00
conditional.h selinux: move policy commit after updating selinuxfs 2020-08-17 20:50:22 -04:00
ibpkey.h selinux: move ibpkeys code under CONFIG_SECURITY_INFINIBAND. 2020-01-10 11:56:37 -05:00
ima.h selinux: measure state and policy capabilities 2021-03-08 19:39:07 -05:00
initial_sid_to_string.h selinux: remove unused initial SIDs and improve handling 2020-02-27 19:34:24 -05:00
netif.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
netlabel.h security: pass asoc to sctp_assoc_request and sctp_sk_clone 2021-11-03 11:09:20 +00:00
netnode.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295 2019-06-05 17:36:38 +02:00
netport.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295 2019-06-05 17:36:38 +02:00
objsec.h LSM: Infrastructure management of the superblock 2021-04-22 12:22:10 -07:00
policycap_names.h selinux: shorten the policy capability enum names 2022-03-02 11:37:03 -05:00
policycap.h selinux: shorten the policy capability enum names 2022-03-02 11:37:03 -05:00
security.h selinux: don't sleep when CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE is true 2022-04-14 16:44:21 -04:00
xfrm.h selinux: delete selinux_xfrm_policy_lookup() useless argument 2021-05-10 21:38:31 -04:00