diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2018-05-21 14:54:57 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2018-05-21 14:54:57 -0400 |
| commit | 5997aab0a11ea27ee8e520ecc551ed18fd3e8296 (patch) | |
| tree | 671f8ec1616f646614f2994537fc32704251465d /security/selinux/hooks.c | |
| parent | 3b78ce4a34b761c7fe13520de822984019ff1a8f (diff) | |
| parent | baf10564fbb66ea222cae66fbff11c444590ffd9 (diff) | |
Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull vfs fixes from Al Viro:
"Assorted fixes all over the place"
* 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
aio: fix io_destroy(2) vs. lookup_ioctx() race
ext2: fix a block leak
nfsd: vfs_mkdir() might succeed leaving dentry negative unhashed
cachefiles: vfs_mkdir() might succeed leaving dentry negative unhashed
unfuck sysfs_mount()
kernfs: deal with kernfs_fill_super() failures
cramfs: Fix IS_ENABLED typo
befs_lookup(): use d_splice_alias()
affs_lookup: switch to d_splice_alias()
affs_lookup(): close a race with affs_remove_link()
fix breakage caused by d_find_alias() semantics change
fs: don't scan the inode cache before SB_BORN is set
do d_instantiate/unlock_new_inode combinations safely
iov_iter: fix memory leak in pipe_get_pages_alloc()
iov_iter: fix return type of __pipe_get_pages()
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index be5817df0a9d..179dd20bec0a 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -1568,8 +1568,15 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent | |||
| 1568 | /* Called from d_instantiate or d_splice_alias. */ | 1568 | /* Called from d_instantiate or d_splice_alias. */ |
| 1569 | dentry = dget(opt_dentry); | 1569 | dentry = dget(opt_dentry); |
| 1570 | } else { | 1570 | } else { |
| 1571 | /* Called from selinux_complete_init, try to find a dentry. */ | 1571 | /* |
| 1572 | * Called from selinux_complete_init, try to find a dentry. | ||
| 1573 | * Some filesystems really want a connected one, so try | ||
| 1574 | * that first. We could split SECURITY_FS_USE_XATTR in | ||
| 1575 | * two, depending upon that... | ||
| 1576 | */ | ||
| 1572 | dentry = d_find_alias(inode); | 1577 | dentry = d_find_alias(inode); |
| 1578 | if (!dentry) | ||
| 1579 | dentry = d_find_any_alias(inode); | ||
| 1573 | } | 1580 | } |
| 1574 | if (!dentry) { | 1581 | if (!dentry) { |
| 1575 | /* | 1582 | /* |
| @@ -1674,14 +1681,19 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent | |||
| 1674 | if ((sbsec->flags & SE_SBGENFS) && !S_ISLNK(inode->i_mode)) { | 1681 | if ((sbsec->flags & SE_SBGENFS) && !S_ISLNK(inode->i_mode)) { |
| 1675 | /* We must have a dentry to determine the label on | 1682 | /* We must have a dentry to determine the label on |
| 1676 | * procfs inodes */ | 1683 | * procfs inodes */ |
| 1677 | if (opt_dentry) | 1684 | if (opt_dentry) { |
| 1678 | /* Called from d_instantiate or | 1685 | /* Called from d_instantiate or |
| 1679 | * d_splice_alias. */ | 1686 | * d_splice_alias. */ |
| 1680 | dentry = dget(opt_dentry); | 1687 | dentry = dget(opt_dentry); |
| 1681 | else | 1688 | } else { |
| 1682 | /* Called from selinux_complete_init, try to | 1689 | /* Called from selinux_complete_init, try to |
| 1683 | * find a dentry. */ | 1690 | * find a dentry. Some filesystems really want |
| 1691 | * a connected one, so try that first. | ||
| 1692 | */ | ||
| 1684 | dentry = d_find_alias(inode); | 1693 | dentry = d_find_alias(inode); |
| 1694 | if (!dentry) | ||
| 1695 | dentry = d_find_any_alias(inode); | ||
| 1696 | } | ||
| 1685 | /* | 1697 | /* |
| 1686 | * This can be hit on boot when a file is accessed | 1698 | * This can be hit on boot when a file is accessed |
| 1687 | * before the policy is loaded. When we load policy we | 1699 | * before the policy is loaded. When we load policy we |