diff options
| author | Steve French <sfrench@us.ibm.com> | 2008-04-15 14:38:29 -0400 |
|---|---|---|
| committer | Steve French <sfrench@us.ibm.com> | 2008-04-15 14:38:29 -0400 |
| commit | e48d199ba10bb8267f491a3a585ca4a833e950a4 (patch) | |
| tree | c7d308a42479c8f21aaef889abfa004b0f1bb482 /security/selinux/hooks.c | |
| parent | cce246ee5f3c7f4d3539ea41d13feb7a07859145 (diff) | |
| parent | 0de19a456cb59106420864927fdec152310f70b6 (diff) | |
Merge branch 'master' of /pub/scm/linux/kernel/git/torvalds/linux-2.6
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 820d07a60ab0..d39b59cf8a08 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -760,13 +760,13 @@ static void selinux_sb_clone_mnt_opts(const struct super_block *oldsb, | |||
| 760 | * this early in the boot process. */ | 760 | * this early in the boot process. */ |
| 761 | BUG_ON(!ss_initialized); | 761 | BUG_ON(!ss_initialized); |
| 762 | 762 | ||
| 763 | /* this might go away sometime down the line if there is a new user | ||
| 764 | * of clone, but for now, nfs better not get here... */ | ||
| 765 | BUG_ON(newsbsec->initialized); | ||
| 766 | |||
| 767 | /* how can we clone if the old one wasn't set up?? */ | 763 | /* how can we clone if the old one wasn't set up?? */ |
| 768 | BUG_ON(!oldsbsec->initialized); | 764 | BUG_ON(!oldsbsec->initialized); |
| 769 | 765 | ||
| 766 | /* if fs is reusing a sb, just let its options stand... */ | ||
| 767 | if (newsbsec->initialized) | ||
| 768 | return; | ||
| 769 | |||
| 770 | mutex_lock(&newsbsec->lock); | 770 | mutex_lock(&newsbsec->lock); |
| 771 | 771 | ||
| 772 | newsbsec->flags = oldsbsec->flags; | 772 | newsbsec->flags = oldsbsec->flags; |
| @@ -1143,7 +1143,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent | |||
| 1143 | } | 1143 | } |
| 1144 | 1144 | ||
| 1145 | len = INITCONTEXTLEN; | 1145 | len = INITCONTEXTLEN; |
| 1146 | context = kmalloc(len, GFP_KERNEL); | 1146 | context = kmalloc(len, GFP_NOFS); |
| 1147 | if (!context) { | 1147 | if (!context) { |
| 1148 | rc = -ENOMEM; | 1148 | rc = -ENOMEM; |
| 1149 | dput(dentry); | 1149 | dput(dentry); |
| @@ -1161,7 +1161,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent | |||
| 1161 | } | 1161 | } |
| 1162 | kfree(context); | 1162 | kfree(context); |
| 1163 | len = rc; | 1163 | len = rc; |
| 1164 | context = kmalloc(len, GFP_KERNEL); | 1164 | context = kmalloc(len, GFP_NOFS); |
| 1165 | if (!context) { | 1165 | if (!context) { |
| 1166 | rc = -ENOMEM; | 1166 | rc = -ENOMEM; |
| 1167 | dput(dentry); | 1167 | dput(dentry); |
| @@ -1185,7 +1185,8 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent | |||
| 1185 | rc = 0; | 1185 | rc = 0; |
| 1186 | } else { | 1186 | } else { |
| 1187 | rc = security_context_to_sid_default(context, rc, &sid, | 1187 | rc = security_context_to_sid_default(context, rc, &sid, |
| 1188 | sbsec->def_sid); | 1188 | sbsec->def_sid, |
| 1189 | GFP_NOFS); | ||
| 1189 | if (rc) { | 1190 | if (rc) { |
| 1190 | printk(KERN_WARNING "%s: context_to_sid(%s) " | 1191 | printk(KERN_WARNING "%s: context_to_sid(%s) " |
| 1191 | "returned %d for dev=%s ino=%ld\n", | 1192 | "returned %d for dev=%s ino=%ld\n", |