Re: [origin tree boot crash] Revert "selinux: clean up avc nodecache when disabling selinux"
From: Eric Paris
Date: Sat Sep 12 2009 - 05:47:50 EST
On Sat, 2009-09-12 at 09:24 +0200, Ingo Molnar wrote:
> James - i did not see a security pull request email from you in my
> lkml folder so i created this new thread. -tip testing found the
> easy crash below. It reverts cleanly so i went that easy route.
>
> At a really quick 10-seconds glance the crash happens because we
> destroy the slab cache twice, if the sysctl is toggled twice?
No, it's only being free'd once (and can only be freed once since
the /selinuxfs file disappears when it happens). It's being freed while
there are still entries in it.
This actually points out to me that SELinux was leaking memory when
disabled at run time (not when disabled from the kernel command line)
and that's the real problem.
I'll take a look at it tonight, James, if you haven't ask Linus to pull
can you hold off until I get this long standing memory leak fixed? If
Linus already took the change we should revert and do them both again.
(This patch is right, just obviously incomplete)
-Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/