[PATCH] selinux: Clear selinux_enabled flag upon runtime disable.

Clear selinux_enabled flag upon runtime disable of SELinux by userspace, and make sure it is defined even if selinux= boot parameter support is not enabled in configuration. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: James Morris <jmorris@namei.org> Tested-by: Jon Smirl <jonsmirl@gmail.com> Acked-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
author: Stephen Smalley <sds@tycho.nsa.gov> 2006-05-03 10:52:36 -0400
committer: Linus Torvalds <torvalds@g5.osdl.org> 2006-05-03 13:08:11 -0400
commit: 30d55280b867aa0cae99f836ad0181bb0bf8f9cb (patch)
tree: 8df537addd3709f36f24dbd654662568b79ca943 /security/selinux/hooks.c
parent: e17df688f7064dae1417ce425dd1e4b71d24d63b (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 3cf368a16448..d987048d3f33 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -101,6 +101,8 @@ static int __init selinux_enabled_setup(char *str)
        return 1;
 }
 __setup("selinux=", selinux_enabled_setup);
+#else
+int selinux_enabled = 1;
 #endif
 /* Original (dummy) security module. */
@@ -4535,6 +4537,7 @@ int selinux_disable(void)
        printk(KERN_INFO "SELinux:  Disabled at runtime.\n");
        selinux_disabled = 1;
+        selinux_enabled = 0;
        /* Reset security_ops to the secondary module, dummy or capability. */
        security_ops = secondary_ops;
author	Stephen Smalley <sds@tycho.nsa.gov>	2006-05-03 10:52:36 -0400
committer	Linus Torvalds <torvalds@g5.osdl.org>	2006-05-03 13:08:11 -0400
commit	30d55280b867aa0cae99f836ad0181bb0bf8f9cb (patch)
tree	8df537addd3709f36f24dbd654662568b79ca943 /security/selinux/hooks.c
parent	e17df688f7064dae1417ce425dd1e4b71d24d63b (diff)