From: Eric Paris Date: Sun, 13 Sep 2009 02:54:23 +0000 (-0400) Subject: SELinux: flush the avc before disabling SELinux X-Git-Tag: upstream/snapshot3+hdmi~17651^2~4 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=4e6d0bffd3d72a32b620525c9007d2482c731775;p=platform%2Fadaptation%2Frenesas_rcar%2Frenesas_kernel.git SELinux: flush the avc before disabling SELinux Before SELinux is disabled at boot it can create AVC entries. This patch will flush those entries before disabling SELinux. Signed-off-by: Eric Paris Signed-off-by: James Morris --- diff --git a/security/selinux/avc.c b/security/selinux/avc.c index f601246..1ed0f076 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -868,6 +868,8 @@ u32 avc_policy_seqno(void) void avc_disable(void) { + avc_flush(); + synchronize_rcu(); if (avc_node_cachep) kmem_cache_destroy(avc_node_cachep); }