Merge tag 'xtensa-for-next-20140221-1' into for_next

Xtensa fixes for 3.14: - allow booting xtfpga on boards with new uBoot and >128MBytes memory; - drop nonexistent GPIO32 support from fsf variant; - don't select USE_GENERIC_SMP_HELPERS; - enable common clock framework support, set up ethoc clock on xtfpga; - wire up sched_setattr and sched_getattr syscalls. Signed-off-by: Chris Zankel <chris@zankel.net>
author: Chris Zankel <chris@zankel.net> 2014-02-24 03:34:36 -0500
committer: Chris Zankel <chris@zankel.net> 2014-02-24 03:34:36 -0500
commit: b3fdfc1b4b641d372e35ced98814289bc60bc5d1 (patch)
tree: 5f11d5ba885031dde45690745646519fb887f447 /security/selinux/hooks.c
parent: c0e50d41126e4786d9cf1105bdf783e55c99f915 (diff)
parent: f63b6d7555cd4064554b39da4d44c4cbbc9d6a4a (diff)
1 files changed, 19 insertions, 8 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 6625699f497c..4b34847208cc 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -82,7 +82,6 @@
 #include <linux/syslog.h>
 #include <linux/user_namespace.h>
 #include <linux/export.h>
-#include <linux/security.h>
 #include <linux/msg.h>
 #include <linux/shm.h>
@@ -234,6 +233,14 @@ static int inode_alloc_security(struct inode *inode)
        return 0;
 }
+static void inode_free_rcu(struct rcu_head *head)
+{
+        struct inode_security_struct *isec;
+        isec = container_of(head, struct inode_security_struct, rcu);
+        kmem_cache_free(sel_inode_cache, isec);
+}
 static void inode_free_security(struct inode *inode)
 {
        struct inode_security_struct *isec = inode->i_security;
@@ -244,8 +251,16 @@ static void inode_free_security(struct inode *inode)
                list_del_init(&isec->list);
        spin_unlock(&sbsec->isec_lock);
-        inode->i_security = NULL;
+        /*
-        kmem_cache_free(sel_inode_cache, isec);
+         * The inode may still be referenced in a path walk and
+         * a call to selinux_inode_permission() can be made
+         * after inode_free_security() is called. Ideally, the VFS
+         * wouldn't do this, but fixing that is a much harder
+         * job. For now, simply free the i_security via RCU, and
+         * leave the current inode->i_security pointer intact.
+         * The inode will be freed after the RCU grace period too.
+         */
+        call_rcu(&isec->rcu, inode_free_rcu);
 }
 static int file_alloc_security(struct file *file)
@@ -4474,14 +4489,10 @@ static int selinux_inet_conn_request(struct sock *sk, struct sk_buff *skb,
 {
        struct sk_security_struct *sksec = sk->sk_security;
        int err;
-        u16 family = sk->sk_family;
+        u16 family = req->rsk_ops->family;
        u32 connsid;
        u32 peersid;
-        /* handle mapped IPv4 packets arriving via IPv6 sockets */
-        if (family == PF_INET6 && skb->protocol == htons(ETH_P_IP))
-                family = PF_INET;
        err = selinux_skb_peerlbl_sid(skb, family, &peersid);
        if (err)
                return err;
author	Chris Zankel <chris@zankel.net>	2014-02-24 03:34:36 -0500
committer	Chris Zankel <chris@zankel.net>	2014-02-24 03:34:36 -0500
commit	b3fdfc1b4b641d372e35ced98814289bc60bc5d1 (patch)
tree	5f11d5ba885031dde45690745646519fb887f447 /security/selinux/hooks.c
parent	c0e50d41126e4786d9cf1105bdf783e55c99f915 (diff)
parent	f63b6d7555cd4064554b39da4d44c4cbbc9d6a4a (diff)