android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

kernel: selinux: rules: Micro-optimize get_policydb() and fix illegal RCU lock usage in handle_sepolicy() (#2695)

Browse Source 
Signed-off-by: Tashfin Shakeer Rhythm <tashfinshakeerrhythm@gmail.com>
This commit is contained in:
Tashfin Shakeer Rhythm
2025-08-13 07:07:06 +06:00
committed by ShirkNeko
parent 6b2bf23946
commit f6337e2d52
1 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
kernel/selinux/rules.c
View File

@@ -19,7 +19,7 @@
static struct policydb *get_policydb(void) static struct policydb *get_policydb(void)
{ {
struct policydb *db; struct policydb *db;
struct selinux_policy *policy = rcu_dereference(selinux_state.policy); struct selinux_policy *policy = selinux_state.policy;
db = &policy->policydb; db = &policy->policydb;
return db; return db;
} }
@@ -215,6 +215,8 @@ static void reset_avc_cache()
int handle_sepolicy(unsigned long arg3, void __user *arg4) int handle_sepolicy(unsigned long arg3, void __user *arg4)
{ {
struct policydb *db;
if (!arg4) { if (!arg4) {
return -1; return -1;
} }
@@ -276,9 +278,9 @@ int handle_sepolicy(unsigned long arg3, void __user *arg4)
subcmd = data.subcmd; subcmd = data.subcmd;
#endif #endif
rcu_read_lock(); mutex_lock(&ksu_rules);
struct policydb *db = get_policydb(); db = get_policydb();
int ret = -1; int ret = -1;
if (cmd == CMD_NORMAL_PERM) { if (cmd == CMD_NORMAL_PERM) {
@@ -528,7 +530,7 @@ int handle_sepolicy(unsigned long arg3, void __user *arg4)
} }
exit: exit:
rcu_read_unlock(); mutex_unlock(&ksu_rules);
// only allow and xallow needs to reset avc cache, but we cannot do that because // only allow and xallow needs to reset avc cache, but we cannot do that because
// we are in atomic context. so we just reset it every time. // we are in atomic context. so we just reset it every time.