5 files changed, 24 insertions, 21 deletions

diff --git a/drivers/infiniband/core/device.c b/drivers/infiniband/core/device.c
index 78dc07c6ac4b..61c0c93a2e73 100644
--- a/drivers/infiniband/core/device.c
+++ b/drivers/infiniband/core/device.c
@@ -2499,7 +2499,7 @@ static int __init ib_core_init(void)
                 goto err_mad;
         }
 
-        ret = register_lsm_notifier(&ibdev_lsm_nb);
+        ret = register_blocking_lsm_notifier(&ibdev_lsm_nb);
         if (ret) {
                 pr_warn("Couldn't register LSM notifier. ret %d\n", ret);
                 goto err_sa;
@@ -2518,7 +2518,7 @@ static int __init ib_core_init(void)
         return 0;
 
 err_compat:
-        unregister_lsm_notifier(&ibdev_lsm_nb);
+        unregister_blocking_lsm_notifier(&ibdev_lsm_nb);
 err_sa:
         ib_sa_cleanup();
 err_mad:
@@ -2544,7 +2544,7 @@ static void __exit ib_core_cleanup(void)
         nldev_exit();
         rdma_nl_unregister(RDMA_NL_LS);
         unregister_pernet_device(&rdma_dev_net_ops);
-        unregister_lsm_notifier(&ibdev_lsm_nb);
+        unregister_blocking_lsm_notifier(&ibdev_lsm_nb);
         ib_sa_cleanup();
         ib_mad_cleanup();
         addr_cleanup();
diff --git a/include/linux/security.h b/include/linux/security.h
index 659071c2e57c..5f7441abbf42 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -189,9 +189,9 @@ static inline const char *kernel_load_data_id_str(enum kernel_load_data_id id)
 
 #ifdef CONFIG_SECURITY
 
-int call_lsm_notifier(enum lsm_event event, void *data);
-int register_lsm_notifier(struct notifier_block *nb);
-int unregister_lsm_notifier(struct notifier_block *nb);
+int call_blocking_lsm_notifier(enum lsm_event event, void *data);
+int register_blocking_lsm_notifier(struct notifier_block *nb);
+int unregister_blocking_lsm_notifier(struct notifier_block *nb);
 
 /* prototypes */
 extern int security_init(void);
@@ -394,17 +394,17 @@ int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen);
 int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen);
 #else /* CONFIG_SECURITY */
 
-static inline int call_lsm_notifier(enum lsm_event event, void *data)
+static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data)
 {
         return 0;
 }
 
-static inline int register_lsm_notifier(struct notifier_block *nb)
+static inline int register_blocking_lsm_notifier(struct notifier_block *nb)
 {
         return 0;
 }
 
-static inline  int unregister_lsm_notifier(struct notifier_block *nb)
+static inline  int unregister_blocking_lsm_notifier(struct notifier_block *nb)
 {
         return 0;
 }
diff --git a/security/security.c b/security/security.c
index 613a5c00e602..47e5849d7557 100644
--- a/security/security.c
+++ b/security/security.c
@@ -39,7 +39,7 @@
 #define LSM_COUNT (__end_lsm_info - __start_lsm_info)
 
 struct security_hook_heads security_hook_heads __lsm_ro_after_init;
-static ATOMIC_NOTIFIER_HEAD(lsm_notifier_chain);
+static BLOCKING_NOTIFIER_HEAD(blocking_lsm_notifier_chain);
 
 static struct kmem_cache *lsm_file_cache;
 static struct kmem_cache *lsm_inode_cache;
@@ -430,23 +430,26 @@ void __init security_add_hooks(struct security_hook_list *hooks, int count,
                 panic("%s - Cannot get early memory.\n", __func__);
 }
 
-int call_lsm_notifier(enum lsm_event event, void *data)
+int call_blocking_lsm_notifier(enum lsm_event event, void *data)
 {
-        return atomic_notifier_call_chain(&lsm_notifier_chain, event, data);
+        return blocking_notifier_call_chain(&blocking_lsm_notifier_chain,
+                                            event, data);
 }
-EXPORT_SYMBOL(call_lsm_notifier);
+EXPORT_SYMBOL(call_blocking_lsm_notifier);
 
-int register_lsm_notifier(struct notifier_block *nb)
+int register_blocking_lsm_notifier(struct notifier_block *nb)
 {
-        return atomic_notifier_chain_register(&lsm_notifier_chain, nb);
+        return blocking_notifier_chain_register(&blocking_lsm_notifier_chain,
+                                                nb);
 }
-EXPORT_SYMBOL(register_lsm_notifier);
+EXPORT_SYMBOL(register_blocking_lsm_notifier);
 
-int unregister_lsm_notifier(struct notifier_block *nb)
+int unregister_blocking_lsm_notifier(struct notifier_block *nb)
 {
-        return atomic_notifier_chain_unregister(&lsm_notifier_chain, nb);
+        return blocking_notifier_chain_unregister(&blocking_lsm_notifier_chain,
+                                                  nb);
 }
-EXPORT_SYMBOL(unregister_lsm_notifier);
+EXPORT_SYMBOL(unregister_blocking_lsm_notifier);
 
 /**
  * lsm_cred_alloc - allocate a composite cred blob
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index c61787b15f27..c1e37018c8eb 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -197,7 +197,7 @@ static int selinux_lsm_notifier_avc_callback(u32 event)
 {
         if (event == AVC_CALLBACK_RESET) {
                 sel_ib_pkey_flush();
-                call_lsm_notifier(LSM_POLICY_CHANGE, NULL);
+                call_blocking_lsm_notifier(LSM_POLICY_CHANGE, NULL);
         }
 
         return 0;
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index 145ee62f205a..1e2e3e4b5fdb 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -180,7 +180,7 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf,
                 selnl_notify_setenforce(new_value);
                 selinux_status_update_setenforce(state, new_value);
                 if (!new_value)
-                        call_lsm_notifier(LSM_POLICY_CHANGE, NULL);
+                        call_blocking_lsm_notifier(LSM_POLICY_CHANGE, NULL);
         }
         length = count;
 out: