On Thu, Aug 01, 2019 at 04:02:39PM +0200, Ondrej Mosnacek wrote: > After hours and hours of getting familiar with dcache and debugging, > I think I finally found a solution that works and hopefully stands a > chance of being committed. > > The series still doesn't address the lack of atomicity of the policy > reload transition, but this is part of a wider problem and can be > resolved later. Let's fix at least the userspace-triggered lockup > first. I don't think this is the right approach. Consider the related problem: what happens if somebody has mounted something upon a selinuxfs file? That is the hard part here, and AFAICS your variant doesn't help it at all...
