SELinux: flush the avc before disabling SELinux

Before SELinux is disabled at boot it can create AVC entries.  This patch
will flush those entries before disabling SELinux.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Eric Paris 2009-09-12 22:54:23 -04:00 committed by James Morris
parent 008574b111
commit 4e6d0bffd3

View file

@ -868,6 +868,8 @@ u32 avc_policy_seqno(void)
void avc_disable(void)
{
avc_flush();
synchronize_rcu();
if (avc_node_cachep)
kmem_cache_destroy(avc_node_cachep);
}