alex/torvalds-linux
1
0
Fork 0
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-01-23 00:15:24 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity
c460f972d3
torvalds-linux/security/selinux/include
History
Ondrej Mosnacek 65cddd5098 selinux: treat atomic flags more carefully 
The disabled/enforcing/initialized flags are all accessed concurrently
by threads so use the appropriate accessors that ensure atomicity and
document that it is expected.

Use smp_load/acquire...() helpers (with memory barriers) for the
initialized flag, since it gates access to the rest of the state
structures.

Note that the disabled flag is currently not used for anything other
than avoiding double disable, but it will be used for bailing out of
hooks once security_delete_hooks() is removed.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: James Morris <jamorris@linux.microsoft.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
2020-01-10 15:19:39 -05:00
..
audit.h
avc_ss.h
avc.h selinux: fall back to ref-walk if audit is required 2019-12-09 18:37:47 -05:00
classmap.h security,lockdown,selinux: implement SELinux lockdown 2019-12-09 17:53:58 -05:00
conditional.h
ibpkey.h selinux: move ibpkeys code under CONFIG_SECURITY_INFINIBAND. 2020-01-10 11:56:37 -05:00
initial_sid_to_string.h
netif.h
netlabel.h
netnode.h
netport.h
objsec.h selinux: randomize layout of key structures 2019-12-18 21:26:06 -05:00
security.h selinux: treat atomic flags more carefully 2020-01-10 15:19:39 -05:00
xfrm.h