diff options
author | Josef Bacik <jbacik@redhat.com> | 2008-04-03 18:35:05 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-04-03 18:35:05 -0400 |
commit | a02fe13297af26c13d004b1d44f391c077094ea0 (patch) | |
tree | d75879f0da229eec87e3b4a95a4c28db2ea4d713 /security/selinux | |
parent | 9597362d354f8655ece324b01d0c640a0e99c077 (diff) |
selinux: prevent rentry into the FS
BUG fix. Keep us from re-entering the fs when we aren't supposed to.
See discussion at
http://marc.info/?t=120716967100004&r=1&w=2
Signed-off-by: Josef Bacik <jbacik@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/hooks.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index c2fef7b12dc7..820d07a60ab0 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -180,7 +180,7 @@ static int inode_alloc_security(struct inode *inode) | |||
180 | struct task_security_struct *tsec = current->security; | 180 | struct task_security_struct *tsec = current->security; |
181 | struct inode_security_struct *isec; | 181 | struct inode_security_struct *isec; |
182 | 182 | ||
183 | isec = kmem_cache_zalloc(sel_inode_cache, GFP_KERNEL); | 183 | isec = kmem_cache_zalloc(sel_inode_cache, GFP_NOFS); |
184 | if (!isec) | 184 | if (!isec) |
185 | return -ENOMEM; | 185 | return -ENOMEM; |
186 | 186 | ||
@@ -2429,7 +2429,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir, | |||
2429 | return -EOPNOTSUPP; | 2429 | return -EOPNOTSUPP; |
2430 | 2430 | ||
2431 | if (name) { | 2431 | if (name) { |
2432 | namep = kstrdup(XATTR_SELINUX_SUFFIX, GFP_KERNEL); | 2432 | namep = kstrdup(XATTR_SELINUX_SUFFIX, GFP_NOFS); |
2433 | if (!namep) | 2433 | if (!namep) |
2434 | return -ENOMEM; | 2434 | return -ENOMEM; |
2435 | *name = namep; | 2435 | *name = namep; |