selinux/stable-6.1 PR 20221020
-----BEGIN PGP SIGNATURE----- iQJHBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAmNRY7QUHHBhdWxAcGF1 bC1tb29yZS5jb20ACgkQ6iDy2pc3iXMvRg/48NI0ohEC3ErRlLxhpaQgEOp4qH+h rqvOAyuIHNrdd9j4u5Gm3n2VvNRsAhzFXxlfRpoAGIrO9elest3/RcCI/HiTXK5a Jt+yzBIZXyJutvTJSGuCc78q8ydfhhD+1jGEBPCsiTAdRIiNUPTXutqCWkJW3rn7 apcYQvJ7P65VPipSzkHFngRN7PjyXr3poU3OTKHeA+Uxn+jydk+d6GpGJ9wVkwPz kFlF/7CXUK05PPs5cJJjSIXnDSEkFUB8ZCV1bEMBV5vm6GodEz02forUTJ4yMxtP 0ARGepQLxej76DTmnqWf+9MaijnRCvo0eOwXSltD0CrsVoirulc/nLEq2x4eDiaZ W4iIOqJp8CgTLw4OhJDKrdltypM7xLVSlyAS18hpekfnRldtMLHQTWmUxMmCj9Q1 WF8TTabp8tg2DzlGrDM96BHz8vGeF4e1O5qEE2Wpq9XCIYiHmusFk2mOH7nhuWwO cqUOkFR27DSyPvR/jgNgRRNfB1NzaiNndsknDeEBHXbjOgzeWRtgFjBscRlpIEc3 NgF8DStIVVBmuxQ2MfF4VXxUtjAgLbAP0fTqLmYZVxnQXmRJPXzqTqe/9a81a9Yy ARX23ZW2vpaJTQ5CdFyje+bk30Msi3q5EWFsC34KSXL0oyIyd3/tWsCv4C+9JWbK 2NOTIUZbkRekBw== =Z+5I -----END PGP SIGNATURE----- Merge tag 'selinux-pr-20221020' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux Pull selinux fix from Paul Moore: "A small SELinux fix for a GFP_KERNEL allocation while a spinlock is held. The patch, while still fairly small, is a bit larger than one might expect from a simple s/GFP_KERNEL/GFP_ATOMIC/ conversion because we added support for the function to be called with different gfp flags depending on the context, preserving GFP_KERNEL for those cases that can safely sleep" * tag 'selinux-pr-20221020' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
This commit is contained in:
Коммит
0de0b76837
|
@ -2022,7 +2022,8 @@ static inline int convert_context_handle_invalid_context(
|
|||
* in `newc'. Verify that the context is valid
|
||||
* under the new policy.
|
||||
*/
|
||||
static int convert_context(struct context *oldc, struct context *newc, void *p)
|
||||
static int convert_context(struct context *oldc, struct context *newc, void *p,
|
||||
gfp_t gfp_flags)
|
||||
{
|
||||
struct convert_context_args *args;
|
||||
struct ocontext *oc;
|
||||
|
@ -2036,7 +2037,7 @@ static int convert_context(struct context *oldc, struct context *newc, void *p)
|
|||
args = p;
|
||||
|
||||
if (oldc->str) {
|
||||
s = kstrdup(oldc->str, GFP_KERNEL);
|
||||
s = kstrdup(oldc->str, gfp_flags);
|
||||
if (!s)
|
||||
return -ENOMEM;
|
||||
|
||||
|
|
|
@ -325,7 +325,7 @@ int sidtab_context_to_sid(struct sidtab *s, struct context *context,
|
|||
}
|
||||
|
||||
rc = convert->func(context, &dst_convert->context,
|
||||
convert->args);
|
||||
convert->args, GFP_ATOMIC);
|
||||
if (rc) {
|
||||
context_destroy(&dst->context);
|
||||
goto out_unlock;
|
||||
|
@ -404,7 +404,7 @@ static int sidtab_convert_tree(union sidtab_entry_inner *edst,
|
|||
while (i < SIDTAB_LEAF_ENTRIES && *pos < count) {
|
||||
rc = convert->func(&esrc->ptr_leaf->entries[i].context,
|
||||
&edst->ptr_leaf->entries[i].context,
|
||||
convert->args);
|
||||
convert->args, GFP_KERNEL);
|
||||
if (rc)
|
||||
return rc;
|
||||
(*pos)++;
|
||||
|
|
|
@ -65,7 +65,7 @@ struct sidtab_isid_entry {
|
|||
};
|
||||
|
||||
struct sidtab_convert_params {
|
||||
int (*func)(struct context *oldc, struct context *newc, void *args);
|
||||
int (*func)(struct context *oldc, struct context *newc, void *args, gfp_t gfp_flags);
|
||||
void *args;
|
||||
struct sidtab *target;
|
||||
};
|
||||
|
|
Загрузка…
Ссылка в новой задаче