Commit 4e6d0bff authored by Eric Paris's avatar Eric Paris Committed by James Morris

SELinux: flush the avc before disabling SELinux

Before SELinux is disabled at boot it can create AVC entries.  This patch
will flush those entries before disabling SELinux.
Signed-off-by: default avatarEric Paris <eparis@redhat.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 008574b1
...@@ -868,6 +868,8 @@ u32 avc_policy_seqno(void) ...@@ -868,6 +868,8 @@ u32 avc_policy_seqno(void)
void avc_disable(void) void avc_disable(void)
{ {
avc_flush();
synchronize_rcu();
if (avc_node_cachep) if (avc_node_cachep)
kmem_cache_destroy(avc_node_cachep); kmem_cache_destroy(avc_node_cachep);
} }
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment