[PATCH] selinux: Clear selinux_enabled flag upon runtime disable. Clear selinux_enabled flag upon runtime disable of SELinux by userspace, and make sure it is defined even if selinux= boot parameter support is not enabled in configuration. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: James Morris <jmorris@namei.org> Tested-by: Jon Smirl <jonsmirl@gmail.com> Acked-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

commit: 30d55280b867aa0cae99f836ad0181bb0bf8f9cb [log] [tgz]
author: Stephen Smalley <sds@tycho.nsa.gov> Wed May 03 10:52:36 2006 -0400
committer: Linus Torvalds <torvalds@g5.osdl.org> Wed May 03 10:08:11 2006 -0700
tree: 8df537addd3709f36f24dbd654662568b79ca943
parent: e17df688f7064dae1417ce425dd1e4b71d24d63b [diff] [blame]
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 3cf368a..d987048 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c

@@ -101,6 +101,8 @@
 	return 1;
 }
 __setup("selinux=", selinux_enabled_setup);
+#else
+int selinux_enabled = 1;
 #endif
 
 /* Original (dummy) security module. */
@@ -4535,6 +4537,7 @@
 	printk(KERN_INFO "SELinux:  Disabled at runtime.\n");
 
 	selinux_disabled = 1;
+	selinux_enabled = 0;
 
 	/* Reset security_ops to the secondary module, dummy or capability. */
 	security_ops = secondary_ops;
commit	30d55280b867aa0cae99f836ad0181bb0bf8f9cb	[log] [tgz]
author	Stephen Smalley <sds@tycho.nsa.gov>	Wed May 03 10:52:36 2006 -0400
committer	Linus Torvalds <torvalds@g5.osdl.org>	Wed May 03 10:08:11 2006 -0700
tree	8df537addd3709f36f24dbd654662568b79ca943
parent	e17df688f7064dae1417ce425dd1e4b71d24d63b [diff] [blame]