From 157df04c8ba2c7b081d9385b76d3ac7f868b8fd2 Mon Sep 17 00:00:00 2001
From: Tashfin Shakeer Rhythm <tashfinshakeerrhythm@gmail.com>
Date: Fri, 1 Aug 2025 00:54:50 +0600
Subject: [PATCH] kernel: selinux: rules: Remove unnecessary RCU dereference in
 get_policydb()

get_policydb() uses rcu_dereference() to read pointers to selinux_state.policy.
But in the SELinux implementation, these pointers are assigned once during
initialization and never changed with rcu_assign_pointer(), rendering the
rcu_dereference() call in get_policydb() completely useless. This just adds
unwanted overhead and implies concurrency pattern that is not even present in
the kernel.

Therefore, read the pointers directly since it's safe.

* selinux_state.ss needs more context.

Signed-off-by: Tashfin Shakeer Rhythm <tashfinshakeerrhythm@gmail.com>
---
 kernel/selinux/rules.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/kernel/selinux/rules.c b/kernel/selinux/rules.c
index fddd2d97..645bd354 100644
--- a/kernel/selinux/rules.c
+++ b/kernel/selinux/rules.c
@@ -24,10 +24,10 @@ static struct policydb *get_policydb(void)
 // selinux_state does not exists before 4.19
 #ifdef KSU_COMPAT_USE_SELINUX_STATE
 #ifdef SELINUX_POLICY_INSTEAD_SELINUX_SS
-	struct selinux_policy *policy = rcu_dereference(selinux_state.policy);
+	struct selinux_policy *policy = selinux_state.policy;
 	db = &policy->policydb;
 #else
-	struct selinux_ss *ss = rcu_dereference(selinux_state.ss);
+	struct selinux_ss *ss = selinux_state.ss;
 	db = &ss->policydb;
 #endif
 #else