The seqlock pattern used in selinux_status_update_setenforce() and
selinux_status_update_policyload() requires memory barriers to ensure
correct ordering of the sequence counter updates relative to the data
writes. Add comments to the smp_wmb() calls to make this ordering
explicit and self-documenting.

Signed-off-by: Oliwier Iwan <oliwieriwan@mailbox.org>
---
 security/selinux/status.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/security/selinux/status.c b/security/selinux/status.c
index dffca22ce..52d3a40a3 100644
--- a/security/selinux/status.c
+++ b/security/selinux/status.c
@@ -46,7 +46,7 @@ struct page *selinux_kernel_status_page(void)
 
 	mutex_lock(&selinux_state.status_lock);
 	if (!selinux_state.status_page) {
-		selinux_state.status_page = alloc_page(GFP_KERNEL|__GFP_ZERO);
+		selinux_state.status_page = alloc_page(GFP_KERNEL | __GFP_ZERO);
 
 		if (selinux_state.status_page) {
 			status = page_address(selinux_state.status_page);
@@ -85,11 +85,11 @@ void selinux_status_update_setenforce(bool enforcing)
 		status = page_address(selinux_state.status_page);
 
 		status->sequence++;
-		smp_wmb();
+		smp_wmb(); /* ensure sequence increment visible before data update */
 
 		status->enforcing = enforcing ? 1 : 0;
 
-		smp_wmb();
+		smp_wmb(); /* ensure data update visible before sequence increment */
 		status->sequence++;
 	}
 	mutex_unlock(&selinux_state.status_lock);
@@ -110,12 +110,12 @@ void selinux_status_update_policyload(u32 seqno)
 		status = page_address(selinux_state.status_page);
 
 		status->sequence++;
-		smp_wmb();
+		smp_wmb(); /* ensure sequence increment visible before data update */
 
 		status->policyload = seqno;
 		status->deny_unknown = !security_get_allow_unknown();
 
-		smp_wmb();
+		smp_wmb(); /* ensure data update visible before sequence update */
 		status->sequence++;
 	}
 	mutex_unlock(&selinux_state.status_lock);
-- 
2.54.0