(Al, this is a fix for the -mm patch audit-support-for-context-based-audit-filtering-2.patch. Please fold in with lspp.b7 3811b185122022cd5e59b1ca85342b820e3b3e22 on next rebase.) Use list_for_each_entry_safe() in selinux_audit_rule_update() to protect against call_rcu() on list entries while traversing. Signed-off-by: Amy Griffis <amy.griffis(a)hp.com&gt; --- kernel/auditfilter.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) 71476af7bf618dee43c9ac86b0227882df412152 diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 7b91a1e..f1151a2 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -1397,7 +1397,7 @@ static inline int audit_rule_has_selinux * updated rule. */ int selinux_audit_rule_update(void) { - struct audit_entry *entry, *nentry; + struct audit_entry *entry, *n, *nentry; struct audit_watch *watch; int i, err = 0; @@ -1405,7 +1405,7 @@ int selinux_audit_rule_update(void) mutex_lock(&audit_filter_mutex); for (i = 0; i < AUDIT_NR_FILTERS; i++) { - list_for_each_entry(entry, &audit_filter_list[i], list) { + list_for_each_entry_safe(entry, n, &audit_filter_list[i], list) { if (!audit_rule_has_selinux(&entry->rule)) continue; -- 1.3.0