Re: [origin tree boot crash] Revert "selinux: clean up avc nodecache when disabling selinux"

[Ingo Molnar]

* Eric Paris <eparis@xxxxxxxxxx> wrote:

> On Sat, 2009-09-12 at 09:24 +0200, Ingo Molnar wrote:
> > James - i did not see a security pull request email from you in my 
> > lkml folder so i created this new thread. -tip testing found the 
> > easy crash below. It reverts cleanly so i went that easy route.
> > 
> > At a really quick 10-seconds glance the crash happens because we 
> > destroy the slab cache twice, if the sysctl is toggled twice?
> 
> No, it's only being free'd once (and can only be freed once since 
> the /selinuxfs file disappears when it happens).  It's being freed 
> while there are still entries in it.
> 
> This actually points out to me that SELinux was leaking memory 
> when disabled at run time (not when disabled from the kernel 
> command line) and that's the real problem.
> 
> I'll take a look at it tonight, James, if you haven't ask Linus to 
> pull can you hold off until I get this long standing memory leak 
> fixed?  If Linus already took the change we should revert and do 
> them both again. (This patch is right, just obviously incomplete)

FYI, the changes went all upstream yesterday.

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/