Closed pcmoore closed 8 years ago
Upstream discussion:
Upstream discussion (part two):
Revert merged into netdev/master, yet absent in 4.9-rc2; it should appear during the week:
commit 2a73306b6096fafd5c2ae06ded1f92bbacb39df2
Author: Paul Moore <paul@paul-moore.com>
Date: Fri Oct 21 21:49:14 2016 -0400
netns: revert "netns: avoid disabling irq for netns id"
This reverts commit bc51dddf98c9 ("netns: avoid disabling irq for
netns id") as it was found to cause problems with systems running
SELinux/audit, see the mailing list thread below:
* http://marc.info/?t=147694653900002&r=1&w=2
Eventually we should be able to reintroduce this code once we have
rewritten the audit multicast code to queue messages much the same
way we do for unicast messages. A tracking issue for this can be
found below:
* https://github.com/linux-audit/audit-kernel/issues/23
Reported-by: Stephen Smalley <sds@tycho.nsa.gov>
Reported-by: Elad Raz <e@eladraz.com>
Cc: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The patch above is in Linus' v4.9-rc4 tree, marking this as closed.
The commit below, present in the v4.9-rcX kernels, causes a regression in the selinux-testsuite that appears to be triggered whenever audit_log() is called under write_lock_irq(). Thanks to @stephensmalley for identifying the problem and contacting the patch's author. We are currently awaiting a fix from the author.