selinux: avc: drop unused function avc_disable()
Since commit f22f9aaf6c
("selinux: remove the runtime disable
functionality") the function avc_disable() is no longer used.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
parent
3d9047a064
commit
757010002b
|
@ -1203,22 +1203,3 @@ u32 avc_policy_seqno(void)
|
|||
{
|
||||
return selinux_avc.avc_cache.latest_notif;
|
||||
}
|
||||
|
||||
void avc_disable(void)
|
||||
{
|
||||
/*
|
||||
* If you are looking at this because you have realized that we are
|
||||
* not destroying the avc_node_cachep it might be easy to fix, but
|
||||
* I don't know the memory barrier semantics well enough to know. It's
|
||||
* possible that some other task dereferenced security_ops when
|
||||
* it still pointed to selinux operations. If that is the case it's
|
||||
* possible that it is about to use the avc and is about to need the
|
||||
* avc_node_cachep. I know I could wrap the security.c security_ops call
|
||||
* in an rcu_lock, but seriously, it's not worth it. Instead I just flush
|
||||
* the cache and get that memory back.
|
||||
*/
|
||||
if (avc_node_cachep) {
|
||||
avc_flush();
|
||||
/* kmem_cache_destroy(avc_node_cachep); */
|
||||
}
|
||||
}
|
||||
|
|
|
@ -168,9 +168,6 @@ int avc_get_hash_stats(char *page);
|
|||
unsigned int avc_get_cache_threshold(void);
|
||||
void avc_set_cache_threshold(unsigned int cache_threshold);
|
||||
|
||||
/* Attempt to free avc node cache */
|
||||
void avc_disable(void);
|
||||
|
||||
#ifdef CONFIG_SECURITY_SELINUX_AVC_STATS
|
||||
DECLARE_PER_CPU(struct avc_cache_stats, avc_cache_stats);
|
||||
#endif
|
||||
|
|
Loading…
Reference in New Issue