]> git.ipfire.org Git - thirdparty/linux.git/commit
projects / thirdparty / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 644132a) | patch
selinux: prune /sys/fs/selinux/disable
authorStephen Smalley <stephen.smalley.work@gmail.com>
Tue, 5 May 2026 12:49:49 +0000 (08:49 -0400)
committerPaul Moore <paul@paul-moore.com>
Tue, 5 May 2026 19:27:43 +0000 (15:27 -0400)
commit19cfa0099024bb9cd40f6d950caa7f47ff8e77f6
tree5bcf148f6aa8c0c7fc9699f59cc003f3ac550113tree | snapshot
parent644132a48f4e28a1d949d162160869286f3e75decommit | diff
selinux: prune /sys/fs/selinux/disable

Commit f22f9aaf6c3d ("selinux: remove the runtime disable
functionality") removed the underlying SELinux runtime disable
functionality but left everything else intact and started logging an
error message to warn any residual users.

Prune it to just log an error message once and to return count
(i.e. all bytes written successfully) to avoid breaking
userspace. This also fixes a local DoS from logspam.

Cc: stable@vger.kernel.org
Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
security/selinux/selinuxfs.c diff | blob | blame | history
A mirror of Linus' kernel repository