Merge tag 'selinux-pr-20240911' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
Pull selinux updates from Paul Moore: - Ensure that both IPv4 and IPv6 connections are properly initialized While we always properly initialized IPv4 connections early in their life, we missed the necessary IPv6 change when we were adding IPv6 support. - Annotate the SELinux inode revalidation function to quiet KCSAN KCSAN correctly identifies a race in __inode_security_revalidate() when we check to see if an inode's SELinux has been properly initialized. While KCSAN is correct, it is an intentional choice made for performance reasons; if necessary, we check the state a second time, this time with a lock held, before initializing the inode's state. - Code cleanups, simplification, etc. A handful of individual patches to simplify some SELinux kernel logic, improve return code granularity via ERR_PTR(), follow the guidance on using KMEM_CACHE(), and correct some minor style problems. * tag 'selinux-pr-20240911' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: fix style problems in security/selinux/include/audit.h selinux: simplify avc_xperms_audit_required() selinux: mark both IPv4 and IPv6 accepted connection sockets as labeled selinux: replace kmem_cache_create() with KMEM_CACHE() selinux: annotate false positive data race to avoid KCSAN warnings selinux: refactor code to return ERR_PTR in selinux_netlbl_sock_genattr selinux: Streamline type determination in security_compute_sid
Showing
Please register or sign in to comment