The following (backported) patch removes a hook which has already been removed upstream. [1] Reason is that a permission denial can lead to soft lockups and zombies. A reproducer can be found in the initial report. [2] I hence consider this a bugfix which is allowed for stable branches. Background: To reduce divergence of 4.9 to upstream before proposing to apply upstream commit 3dfc9b02864bt (LSM: Initialize security_hook_heads upon registration.) I'm checking which changes to the LSM hooks may be applicable to 4.9 as doing so after backporting 33dfc9b02864bt will lead to conflicts for each such commit. [1] https://patchwork.kernel.org/project/linux-security-module/patch/1484069312-26653-1-git-send-email-sds@xxxxxxxxxxxxx/ [2] https://patchwork.kernel.org/project/selinux/patch/58736B2E.90201@xxxxxxxxxx Stephen Smalley (1): security,selinux,smack: kill security_task_wait hook include/linux/lsm_hooks.h | 7 ------- include/linux/security.h | 6 ------ kernel/exit.c | 19 ++----------------- security/security.c | 6 ------ security/selinux/hooks.c | 6 ------ security/smack/smack_lsm.c | 20 -------------------- 6 files changed, 2 insertions(+), 62 deletions(-) -- 2.25.1
