diff mbox series

[-next] selinux: update comment on selinux_hooks[]

Message ID 20230804034652.281266-1-xiujianfeng@huaweicloud.com (mailing list archive)
State Accepted
Delegated to: Paul Moore
Headers show
Series [-next] selinux: update comment on selinux_hooks[] | expand

Commit Message

Xiu Jianfeng Aug. 4, 2023, 3:46 a.m. UTC 
From: Xiu Jianfeng <xiujianfeng@huawei.com>

After commit f22f9aaf6c3d ("selinux: remove the runtime disable
functionality"), the comment on selinux_hooks[] is out-of-date,
remove the last paragraph about runtime disable functionality.

Signed-off-by: Xiu Jianfeng <xiujianfeng@huawei.com>
---
 security/selinux/hooks.c | 4 ----
 1 file changed, 4 deletions(-)

Comments

Paul Moore Aug. 8, 2023, 5:28 p.m. UTC | #1 
On Aug  3, 2023 Xiu Jianfeng <xiujianfeng@huaweicloud.com> wrote:
> 
> After commit f22f9aaf6c3d ("selinux: remove the runtime disable
> functionality"), the comment on selinux_hooks[] is out-of-date,
> remove the last paragraph about runtime disable functionality.
> 
> Signed-off-by: Xiu Jianfeng <xiujianfeng@huawei.com>
> ---
>  security/selinux/hooks.c | 4 ----
>  1 file changed, 4 deletions(-)

Merged into selinux/next, thanks!

--
paul-moore.com
diff mbox series

Patch

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 2906fdaf7371..d0da19add17e 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -6961,10 +6961,6 @@  static int selinux_uring_cmd(struct io_uring_cmd *ioucmd)
  *    hooks ("allocating" hooks).
  *
  * Please follow block comment delimiters in the list to keep this order.
- *
- * This ordering is needed for SELinux runtime disable to work at least somewhat
- * safely. Breaking the ordering rules above might lead to NULL pointer derefs
- * when disabling SELinux at runtime.
  */
 static struct security_hook_list selinux_hooks[] __ro_after_init = {
 	LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr),