[PATCH v2 33/50] selinuxfs: don't stash the dentry of /policy_capabilities
Paul Moore
paul at paul-moore.com
Wed Oct 29 11:08:07 AEDT 2025
On Mon, Oct 27, 2025 at 8:46 PM Al Viro <viro at zeniv.linux.org.uk> wrote:
>
> Don't bother to store the dentry of /policy_capabilities - it belongs
> to invariant part of tree and we only use it to populate that directory,
> so there's no reason to keep it around afterwards.
>
> Same situation as with /avc, /ss, etc. There are two directories that
> get replaced on policy load - /class and /booleans. These we need to
> stash (and update the pointers on policy reload); /policy_capabilities
> is not in the same boat.
>
> Signed-off-by: Al Viro <viro at zeniv.linux.org.uk>
> ---
> security/selinux/selinuxfs.c | 21 +++++++++------------
> 1 file changed, 9 insertions(+), 12 deletions(-)
Acked-by: Paul Moore <paul at paul-moore.com>
--
paul-moore.com
More information about the Linuxppc-dev
mailing list