Message ID | 152234045636.19153.4897050357891895124.stgit@localhost.localdomain |
---|---|
State | Awaiting Upstream |
Delegated to: | Pablo Neira |
Headers | show
Return-Path: <netfilter-devel-owner@vger.kernel.org> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=<UNKNOWN>) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=virtuozzo.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=virtuozzo.com header.i=@virtuozzo.com header.b="Xw0Xa2re"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 40BqkT1mmZz9s0t for <incoming@patchwork.ozlabs.org>; Fri, 30 Mar 2018 03:21:21 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752425AbeC2QVO (ORCPT <rfc822;incoming@patchwork.ozlabs.org>); Thu, 29 Mar 2018 12:21:14 -0400 Received: from mail-eopbgr00097.outbound.protection.outlook.com ([40.107.0.97]:51524 "EHLO EUR02-AM5-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751714AbeC2QVG (ORCPT <rfc822; netfilter-devel@vger.kernel.org>); Thu, 29 Mar 2018 12:21:06 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=virtuozzo.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=hfFuzRrR25I3e+sdAfl4uSDXrIzq+nKaD91W1XY047E=; b=Xw0Xa2reA0c7bvp2LGfYDWZtyDcd5+Rrxk1s1v6NET0ffSVA4E4/pX8wBMbalg4CMWpBMktcQ4KjlImrBR8MtjXkPvMIGaq7r8GdsMZUwEsNgGSKOSbudHKxpv//2BNDV+7MpwZTMlQS/xM094jukim+XwhnW1ZqNCabA7oQPEM= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=ktkhai@virtuozzo.com; Received: from localhost.localdomain (195.214.232.6) by DB6PR0801MB1336.eurprd08.prod.outlook.com (2603:10a6:4:b::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.609.10; Thu, 29 Mar 2018 16:21:00 +0000 Subject: [PATCH net-next 3/5] security: Remove rtnl_lock() in selinux_xfrm_notify_policyload() From: Kirill Tkhai <ktkhai@virtuozzo.com> To: dledford@redhat.com, jgg@ziepe.ca, davem@davemloft.net, pablo@netfilter.org, kadlec@blackhole.kfki.hu, fw@strlen.de, pshelar@ovn.org, johannes@sipsolutions.net, paul@paul-moore.com, sds@tycho.nsa.gov, eparis@parisplace.org, jmorris@namei.org, serge@hallyn.com, leon@kernel.org, yuval.shaia@oracle.com, parav@mellanox.com, danielj@mellanox.com, ktkhai@virtuozzo.com, majd@mellanox.com, nicolas.dichtel@6wind.com, vyasevic@redhat.com, paulmck@linux.vnet.ibm.com, vyasevich@gmail.com, gregkh@linuxfoundation.org, daniel@iogearbox.net, jakub.kicinski@netronome.com, ast@kernel.org, brouer@redhat.com, linux@rasmusvillemoes.dk, john.fastabend@gmail.com, dsahern@gmail.com, jiri@mellanox.com, idosch@mellanox.com, vvs@virtuozzo.com, avagin@virtuozzo.com, roman.kapl@sysgo.com, lucien.xin@gmail.com, christian.brauner@ubuntu.com, jbenc@redhat.com, pombredanne@nexb.com, linux-rdma@vger.kernel.org, netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, dev@openvswitch.org, linux-wireless@vger.kernel.org, selinux@tycho.nsa.gov, linux-security-module@vger.kernel.org Date: Thu, 29 Mar 2018 19:20:56 +0300 Message-ID: <152234045636.19153.4897050357891895124.stgit@localhost.localdomain> In-Reply-To: <152234005959.19153.17907173734141707348.stgit@localhost.localdomain> References: <152234005959.19153.17907173734141707348.stgit@localhost.localdomain> User-Agent: StGit/0.18 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [195.214.232.6] X-ClientProxiedBy: HE1PR0701CA0050.eurprd07.prod.outlook.com (2603:10a6:3:9e::18) To DB6PR0801MB1336.eurprd08.prod.outlook.com (2603:10a6:4:b::8) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 006c2eed-1dba-4a28-e822-08d595911166 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(4534165)(7168020)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:DB6PR0801MB1336; X-Microsoft-Exchange-Diagnostics: 1; DB6PR0801MB1336; 3:B5Cm2aool9HNsO8xaHDrwOpF/pf65xzI3nfJkAhMakZkskp7iiCFhAUxu0z8HDJ29P6t05x9eZlniBakdlkBmy1BH73WkZYP2m8MmkDNbCOLaG1INarOnH2mBdTEs6IchyYTPAyNz63gvnsUVN8MRIr7fybj6y8vLp9NScCmla9DpQvO1UTmOwSIcW4oF+aalLtyEQOfEifQQYrHPtjCai8Hf82ctswfEubDDcaI07Bg45QQ9eS0F5vQjLsaHJ3k; 25:He+3ZLZf93x+KL3hn7eEDhksLndjOGWiURZwke8f60lxENbw+GgNdID/nS44sMY+raJa7sClT4Hg9Ej/PQTpuYe8UMRmKInLDog2vad7XEEz+U6s8IPs5gUTW4zaKd1lrTM06RwFQL8AXTb2WNwBcWsAh6BYGDjdKcwksL0wS6QG0AWHF5HoHBfSRWdjfPf/1u9BpFItm3sQxgRpiCtppHUkQk5U8yts4h47jfnHS9TwuxhW07bHHD0Wk8EYgBhGXypjxnPbHIf9sqJ6kUAm8FS2uGSG1bNvecIkhWGYbHlC/XQq66J4dXb/3LXbCkWja6yQAS9WjmLifDThrRZ++A==; 31:zvjT/ehNWr74m5w8T3kGa5pY7GVIoCVdA8bS6Gjpd8drvj0+pLRgHWVYuOneLz0cOqH3nYJ6dyy5u+70O0tKl+Vwh5qqBHwo0RJS+zlm86n3Wl+jrwCZRKNgpra4ZF5uSY3Iwq5mwB7mum2rOeXLa/Ndh85m2W3AM4y7QJZsQnbJR92PqC6b6LSq/1D1FvDw0JR7QNR51u8l0yS1shq5LEEdwiW8idFWZhWRdFAd58o= X-MS-TrafficTypeDiagnostic: DB6PR0801MB1336: X-Microsoft-Exchange-Diagnostics: 1; DB6PR0801MB1336; 20:8vkWxutkAqfS6MqTpRTx8/IQkbPeeYoBjnNhwpFoQzDEcBLIL5SFpwm0zeN74LLZyS3qlpXD3jjvzSQyf2ii72hTYc3dH4ZMZu+LkrGgWKSw+siytH8C2PskBgeCCJd6hyZylMoOHmRRwHMEKje9LbLKlYdK0PaWW92yxRx/245HdtORSfqPjoI8/q2WedKoJlqanZc5WBYYCDmiGCs+mcP2kjTTtO7WYhhCuFybQEc6BQXoKBKZtP2HaVpX5wKrztYNNUFPfG1+pUGlpeewI6Iy3/JjpZjiMlUUfrOVbYimeCjZHHhXWEzM8KqRUyqJliqOnZJletYYHgZOGYtE39C+zP4emJ9MnjtxdezEvZppWHbPoNaqKRjqOaZBTVLRKXtVr0hS8YQ/L37sazoo4XioYcLsydHn7+uYpm4AOoE1h+Ss/bnPXEJou6nH6vohuwRLQN3T3vlfVI9W/rE6NJt0AzBpYlDg8o3t8VaCRTwAvnE2LmpYRFkAksertXr5; 4:h0DIcnqw453iHIUs0mnwC/lYksUMTYgFpASePANITSrp1qUHopkhBPls6NZkIagslv9ChJI8g/PANvNOb6JLeqXMeGcuBJo66AWpKvCZhE4BoerQkr5uZ572YoGZ5ezZPYOwAyPCQCrHlgclQjYt2bQmH8dSUpItKPQRyyizug8c4bFUSxkbulnbKXLGRScyxmQo4/0IUPp3QF01F1RIYR5TrLn3KLFTPvaK8evBnGrhC3EsA2kYnJc5BC6/entsDh1txYyc34L0UFYEx3j1+oar2RyKTDTI2mUbD8rMrJcAI6dvDj+BfjpomLc7kWAh X-Microsoft-Antispam-PRVS: <DB6PR0801MB1336498A8EF0EA2F3C85E7F2CDA20@DB6PR0801MB1336.eurprd08.prod.outlook.com> X-Exchange-Antispam-Report-Test: UriScan:(192374486261705); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(8121501046)(5005006)(3231221)(944501327)(52105095)(93006095)(93001095)(3002001)(10201501046)(6041310)(20161123562045)(20161123558120)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:DB6PR0801MB1336; BCL:0; PCL:0; RULEID:; SRVR:DB6PR0801MB1336; X-Forefront-PRVS: 0626C21B10 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(6069001)(376002)(366004)(39380400002)(346002)(396003)(39850400004)(199004)(189003)(6116002)(8676002)(81156014)(9686003)(103116003)(3846002)(575784001)(25786009)(230700001)(2906002)(97736004)(39060400002)(26005)(186003)(305945005)(15650500001)(7736002)(6666003)(68736007)(16526019)(5660300001)(81166006)(86362001)(105586002)(55236004)(8936002)(33896004)(6506007)(386003)(7406005)(7416002)(478600001)(55016002)(106356001)(76176011)(52116002)(7696005)(956004)(58126008)(316002)(66066001)(47776003)(53936002)(61506002)(59450400001)(2486003)(23676004)(486005)(50466002)(11346002)(486005)(446003)(476003)(921003)(1121003); DIR:OUT; SFP:1102; SCL:1; SRVR:DB6PR0801MB1336; H:localhost.localdomain; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: virtuozzo.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?q?1=3BDB6PR0801MB1336=3B23=3AaC?= =?utf-8?q?l8qiIoyteOY5sZbA2ciiJMRzk1F0kb8pci5S0hG0iUu31+UQyK9PAt9V?= =?utf-8?q?R3NEWQwsL/4fRkOeA1aspMcrjqJlq2PebwayHUIayO8+oDWgDfext4Vx?= =?utf-8?q?5bD0udwJq020R4knl01V7xwuhEC1KgIuJovifPyC3gjYe7y9R6zzgH/y?= =?utf-8?q?EJRYvwWIjpHH69przzBbd00oD8egAQJOb0GHyhCS0A5fCGb7NAnEZMdy?= =?utf-8?q?WFaLRzEwQpMrzTlcfi4vzNMkqS7KrZY/w/ymApmOFK+q/laa5Fosn0dR?= =?utf-8?q?bCpzUeYZr70pAoFwkoVa3w7m6EGNWGkoEdQEfoCdpacUbuIuQ4PmPLnZ?= =?utf-8?q?o/Eo2EOiWs/fuznFuYrz0SXPMVZ15alutbRBq0YxmJm4bpbGchGv1VoT?= =?utf-8?q?o98EYenGAen9eHjan+YTmF+WMznWWFL+NvaFcrFwEuUzIyva1jJPGI0a?= =?utf-8?q?3NwyZ4IbI+PnNA68zFD0CBSGy7uIp+iD7Co60mplGwxECXg2njgJMkYi?= =?utf-8?q?fpgLVhOtg0JtJA/kAt2yi+f89LfH/uXZDnTz0fYQJnHexQSF8c6pzd7q?= =?utf-8?q?+ASDfRausYeHFe85TBDfO0Aw4lMgk7M3/ugjbmAiUyxDIFK1r9FNXNz0?= =?utf-8?q?LGx7A8wf5nPN5mi1zB/OLgtS/McB+jFR1ZKoNjdkm7KzFzm1V/nt0UMo?= =?utf-8?q?TxzR7ZIP8zPZlbi08A/XYHgQ9zUXKPbeoso/OELwJ134rlLl1qs1hV/V?= =?utf-8?q?TsBbXn9Vb0msi5JlTKO16QgaC3SKneCMxizEbewlGsEJjBB0tEISZIxc?= =?utf-8?q?xUG+daK0ll9pugOO/e+n1YXXDlmjVtjD76TyRYs67a7HQeuSyxZW/wm1?= =?utf-8?q?LcXjgBcJftVfugIRAbHZLUJs+n+hpdyZ5Hk4qmBdqlPP82YKUTIqMKee?= =?utf-8?q?l7ia72WJnFYccnE7GBNQY9bqfy5ia9i40Tg/LA3b5mcBMmsh/33476/e?= =?utf-8?q?37+nqoekfjlZI3h/OD0sJL9eJOgJIppRSejBUkUE9KWStJqlA78Ye/ZW?= =?utf-8?q?pWyp6+jLl2811YZZ4v+d/qga0yOTPrIzsSeit2Wnfd/dzjxPNrF1P87n?= =?utf-8?q?Wk7h5b28Q1WL4Nz17n+p/vi/dVMMCo4ohFkQka7xNlJSsSG8xbHiRbqP?= =?utf-8?q?synhCbstIoTRj8UIjhz14wT+6F8TuwGJtDLHr/4UyKDdU8NBClxy98xB?= =?utf-8?q?ErrE3SNCMOT8okGeYIwc8drIDGoahg8ck/eC06kKf+riQD5atGhtoccz?= =?utf-8?q?cUZ063OnuihTeknYACaKapSGLrRSibTBrQLkRrQdlA9L7WrSXWic1ani?= =?utf-8?q?eO/d3w5mdUSD7nc6FHCn+UV2QWM2DRNbmMndyfVzfkuHL/q7CCquauDC?= =?utf-8?q?jrKC8rzClz3h47U5g1GdMU6XYajfHQ08aC4DjR7lMjAOMw4IjKtfv8Sl?= =?utf-8?q?4vim7Vt3y2V4nS1kNiXS4S3LPyeg=3D=3D?= X-Microsoft-Antispam-Message-Info: qQCJkuzy0oeU5aT8UC0ks+eW3gCpLANH/eKoWEjrM4vWPQXX7waunbMeyPgRvSRxeSTKT8lWaqqYdhmZnIAlYedwLIa88k5m9Q36lnIrbokyBNB5Td0T9QgOHkZQL9Xu49QaUdruVw3F7GQlcDvFMHiQhn1craz4GWVRJVeN926on/8wEw46CuOPe8Al8wji X-Microsoft-Exchange-Diagnostics: 1; DB6PR0801MB1336; 6:Zw5SQkAcp5K70PiU5nJymoZTF7fVF3kEWRx88fYFIzVjyop+zFgmj4H5tNZqID+v3ij+ig8Jix3kClZnsVgyacf7piCfJdxPh3gpTk2kNcxAxpnOG4D6a2HyWs7PhrFbm9Z3h44MlvJXNG9GdcW7Z37pt7Rrl1qQ3SaPhN1VUJP9jhx/ZcAPei8iylSGr+LNlItW/OyE+zoUi0+isNFA2r3+IwOuK8dGLuBjmM4w+xUZJNiebxfk07YvQ7hMEFaEehPkP1iZZmYNI44wTlDbqxDjzJcTmfBFBI0LGljI2uQcYa2xnpDGEAjMAqwYl/je9JpTjvz5gCpgYFE2OLYANyPMD8RbJg70ap2SbQm6ERFkUZWbHt/XcOR1SfWIYUx+xxckraqKeIQZXc1GlsOOrPoiPWHqIf5dNYo+Ot1QvQW0/bUextQgkRYenaTDvI+Z+I+e9X/Kn4tSWYHif5Gp3A==; 5:BqhO9QtS8wY2xjAJ7d+RI5ZEKE1rrDdDHBXF7uWOO9YYLTaNI6tcLLLlFYW8zuPvx+60u+7wNg8zCL0NofOeHOLNj+AerGe/hKFEYF32IOFSkkHlvPoxUpeGL3y32Eg6xyaNbzgg/LFWe3Cm/CB5MVM/DGKjOzp8G+axm/QuIEs=; 24:1mo1EgJD/qiqe/Q/rByk+aEMn6ZCCmHS1zzu+fFCyfrmktkQWyD0tYUaYasSsSPzc+s61uq2Dvaxd1QT703eel9QdUPBLfsuQ1wRDi7Iu/A= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DB6PR0801MB1336; 7:Ca+/la4H5rsfm/2fsoTsLS+aJKuy2nEgD4706Tgz0HBWU5HKZpx3PDCGj+0M/DQuP6Ms4EmRL8cjjMZNG1UZDXKR2UcuY1E9hOpfgPp3H+muD46CfpE90aU86A0KuNQFZCvIDOlVaolcDZAx2LKrtW0J+Blw/Rc8O5HrA2ZeiQWa0Y+NVKRBjKCfL/5NzRmJMTXeM3K54FKnUcU1iLCRAJr6Pzf3c0omMphRNPZjgF96SCgwhBba0k0EKfT8TK1c; 20:qftKTClOrFkpwtx9t067HrOb5TmVQBWG76qD+5vOD7sfa9dWh2y2leM/aykVCECmLhcwjrzQzQHLCVEFWIPqLiQVq3gtJcmGSYUMiLjdgjA8C1nJCqCks/THAHf0nORKqNWp/U+pJeT48Xrg98iSvDKXvNtWJ7Nirdn3lARURYo= X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Mar 2018 16:21:00.0045 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 006c2eed-1dba-4a28-e822-08d595911166 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 0bc7f26d-0264-416e-a6fc-8352af79c58f X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0801MB1336 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: <netfilter-devel.vger.kernel.org> X-Mailing-List: netfilter-devel@vger.kernel.org |
Series |
Introduce net_rwsem to protect net_namespace_list
|
expand
|
diff --git a/security/selinux/include/xfrm.h b/security/selinux/include/xfrm.h index 31d66431be1e..a0b465316292 100644 --- a/security/selinux/include/xfrm.h +++ b/security/selinux/include/xfrm.h @@ -47,12 +47,10 @@ static inline void selinux_xfrm_notify_policyload(void) { struct net *net; - rtnl_lock(); down_read(&net_rwsem); for_each_net(net) rt_genid_bump_all(net); up_read(&net_rwsem); - rtnl_unlock(); } #else static inline int selinux_xfrm_enabled(void)
rt_genid_bump_all() consists of ipv4 and ipv6 part. ipv4 part is incrementing of net::ipv4::rt_genid, and I see many places, where it's read without rtnl_lock(). ipv6 part calls __fib6_clean_all(), and it's also called without rtnl_lock() in other places. So, rtnl_lock() here was used to iterate net_namespace_list only, and we can remove it. Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com> --- security/selinux/include/xfrm.h | 2 -- 1 file changed, 2 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html