Commit 869ab514 authored by Stephen Smalley's avatar Stephen Smalley Committed by James Morris

SELinux: more GFP_NOFS fixups to prevent selinux from re-entering the fs code

More cases where SELinux must not re-enter the fs code. Called from the
d_instantiate security hook.
Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent ff09e2af
...@@ -1143,7 +1143,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent ...@@ -1143,7 +1143,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
} }
len = INITCONTEXTLEN; len = INITCONTEXTLEN;
context = kmalloc(len, GFP_KERNEL); context = kmalloc(len, GFP_NOFS);
if (!context) { if (!context) {
rc = -ENOMEM; rc = -ENOMEM;
dput(dentry); dput(dentry);
...@@ -1161,7 +1161,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent ...@@ -1161,7 +1161,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
} }
kfree(context); kfree(context);
len = rc; len = rc;
context = kmalloc(len, GFP_KERNEL); context = kmalloc(len, GFP_NOFS);
if (!context) { if (!context) {
rc = -ENOMEM; rc = -ENOMEM;
dput(dentry); dput(dentry);
...@@ -1185,7 +1185,8 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent ...@@ -1185,7 +1185,8 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
rc = 0; rc = 0;
} else { } else {
rc = security_context_to_sid_default(context, rc, &sid, rc = security_context_to_sid_default(context, rc, &sid,
sbsec->def_sid); sbsec->def_sid,
GFP_NOFS);
if (rc) { if (rc) {
printk(KERN_WARNING "%s: context_to_sid(%s) " printk(KERN_WARNING "%s: context_to_sid(%s) "
"returned %d for dev=%s ino=%ld\n", "returned %d for dev=%s ino=%ld\n",
......
...@@ -86,7 +86,8 @@ int security_sid_to_context(u32 sid, char **scontext, ...@@ -86,7 +86,8 @@ int security_sid_to_context(u32 sid, char **scontext,
int security_context_to_sid(char *scontext, u32 scontext_len, int security_context_to_sid(char *scontext, u32 scontext_len,
u32 *out_sid); u32 *out_sid);
int security_context_to_sid_default(char *scontext, u32 scontext_len, u32 *out_sid, u32 def_sid); int security_context_to_sid_default(char *scontext, u32 scontext_len,
u32 *out_sid, u32 def_sid, gfp_t gfp_flags);
int security_get_user_sids(u32 callsid, char *username, int security_get_user_sids(u32 callsid, char *username,
u32 **sids, u32 *nel); u32 **sids, u32 *nel);
......
...@@ -680,7 +680,8 @@ int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len) ...@@ -680,7 +680,8 @@ int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len)
} }
static int security_context_to_sid_core(char *scontext, u32 scontext_len, u32 *sid, u32 def_sid) static int security_context_to_sid_core(char *scontext, u32 scontext_len,
u32 *sid, u32 def_sid, gfp_t gfp_flags)
{ {
char *scontext2; char *scontext2;
struct context context; struct context context;
...@@ -709,7 +710,7 @@ static int security_context_to_sid_core(char *scontext, u32 scontext_len, u32 *s ...@@ -709,7 +710,7 @@ static int security_context_to_sid_core(char *scontext, u32 scontext_len, u32 *s
null suffix to the copy to avoid problems with the existing null suffix to the copy to avoid problems with the existing
attr package, which doesn't view the null terminator as part attr package, which doesn't view the null terminator as part
of the attribute value. */ of the attribute value. */
scontext2 = kmalloc(scontext_len+1,GFP_KERNEL); scontext2 = kmalloc(scontext_len+1, gfp_flags);
if (!scontext2) { if (!scontext2) {
rc = -ENOMEM; rc = -ENOMEM;
goto out; goto out;
...@@ -809,7 +810,7 @@ static int security_context_to_sid_core(char *scontext, u32 scontext_len, u32 *s ...@@ -809,7 +810,7 @@ static int security_context_to_sid_core(char *scontext, u32 scontext_len, u32 *s
int security_context_to_sid(char *scontext, u32 scontext_len, u32 *sid) int security_context_to_sid(char *scontext, u32 scontext_len, u32 *sid)
{ {
return security_context_to_sid_core(scontext, scontext_len, return security_context_to_sid_core(scontext, scontext_len,
sid, SECSID_NULL); sid, SECSID_NULL, GFP_KERNEL);
} }
/** /**
...@@ -829,10 +830,11 @@ int security_context_to_sid(char *scontext, u32 scontext_len, u32 *sid) ...@@ -829,10 +830,11 @@ int security_context_to_sid(char *scontext, u32 scontext_len, u32 *sid)
* Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient * Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient
* memory is available, or 0 on success. * memory is available, or 0 on success.
*/ */
int security_context_to_sid_default(char *scontext, u32 scontext_len, u32 *sid, u32 def_sid) int security_context_to_sid_default(char *scontext, u32 scontext_len, u32 *sid,
u32 def_sid, gfp_t gfp_flags)
{ {
return security_context_to_sid_core(scontext, scontext_len, return security_context_to_sid_core(scontext, scontext_len,
sid, def_sid); sid, def_sid, gfp_flags);
} }
static int compute_sid_handle_invalid_context( static int compute_sid_handle_invalid_context(
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment