diff options
| author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2012-03-29 03:19:05 -0400 |
|---|---|---|
| committer | Casey Schaufler <cschaufler@vaio-ubuntu.(none)> | 2012-05-15 01:47:44 -0400 |
| commit | ceffec5541cc22486d3ff492e3d76a33a68fbfa3 (patch) | |
| tree | d1eaebc1b1894ed9391959cc9f5846543a4b4e42 /security/smack | |
| parent | 2267b13a7cad1f9dfe0073c1f902d45953f9faff (diff) | |
gfp flags for security_inode_alloc()?
Dave Chinner wrote:
> Yes, because you have no idea what the calling context is except
> for the fact that is from somewhere inside filesystem code and the
> filesystem could be holding locks. Therefore, GFP_NOFS is really the
> only really safe way to allocate memory here.
I see. Thank you.
I'm not sure, but can call trace happen where somewhere inside network
filesystem or stackable filesystem code with locks held invokes operations that
involves GFP_KENREL memory allocation outside that filesystem?
----------
[PATCH] SMACK: Fix incorrect GFP_KERNEL usage.
new_inode_smack() which can be called from smack_inode_alloc_security() needs
to use GFP_NOFS like SELinux's inode_alloc_security() does, for
security_inode_alloc() is called from inode_init_always() and
inode_init_always() is called from xfs_inode_alloc() which is using GFP_NOFS.
smack_inode_init_security() needs to use GFP_NOFS like
selinux_inode_init_security() does, for initxattrs() callback function (e.g.
btrfs_initxattrs()) which is called from security_inode_init_security() is
using GFP_NOFS.
smack_audit_rule_match() needs to use GFP_ATOMIC, for
security_audit_rule_match() can be called from audit_filter_user_rules() and
audit_filter_user_rules() is called from audit_filter_user() with RCU read lock
held.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Casey Schaufler <cschaufler@cschaufler-intel.(none)>
Diffstat (limited to 'security/smack')
| -rw-r--r-- | security/smack/smack_lsm.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index df45d3939188..5f80075d7713 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c | |||
| @@ -79,7 +79,7 @@ struct inode_smack *new_inode_smack(char *smack) | |||
| 79 | { | 79 | { |
| 80 | struct inode_smack *isp; | 80 | struct inode_smack *isp; |
| 81 | 81 | ||
| 82 | isp = kzalloc(sizeof(struct inode_smack), GFP_KERNEL); | 82 | isp = kzalloc(sizeof(struct inode_smack), GFP_NOFS); |
| 83 | if (isp == NULL) | 83 | if (isp == NULL) |
| 84 | return NULL; | 84 | return NULL; |
| 85 | 85 | ||
| @@ -563,7 +563,7 @@ static int smack_inode_init_security(struct inode *inode, struct inode *dir, | |||
| 563 | int may; | 563 | int may; |
| 564 | 564 | ||
| 565 | if (name) { | 565 | if (name) { |
| 566 | *name = kstrdup(XATTR_SMACK_SUFFIX, GFP_KERNEL); | 566 | *name = kstrdup(XATTR_SMACK_SUFFIX, GFP_NOFS); |
| 567 | if (*name == NULL) | 567 | if (*name == NULL) |
| 568 | return -ENOMEM; | 568 | return -ENOMEM; |
| 569 | } | 569 | } |
| @@ -586,7 +586,7 @@ static int smack_inode_init_security(struct inode *inode, struct inode *dir, | |||
| 586 | issp->smk_flags |= SMK_INODE_CHANGED; | 586 | issp->smk_flags |= SMK_INODE_CHANGED; |
| 587 | } | 587 | } |
| 588 | 588 | ||
| 589 | *value = kstrdup(isp, GFP_KERNEL); | 589 | *value = kstrdup(isp, GFP_NOFS); |
| 590 | if (*value == NULL) | 590 | if (*value == NULL) |
| 591 | return -ENOMEM; | 591 | return -ENOMEM; |
| 592 | } | 592 | } |
| @@ -3426,7 +3426,7 @@ static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule, | |||
| 3426 | char *rule = vrule; | 3426 | char *rule = vrule; |
| 3427 | 3427 | ||
| 3428 | if (!rule) { | 3428 | if (!rule) { |
| 3429 | audit_log(actx, GFP_KERNEL, AUDIT_SELINUX_ERR, | 3429 | audit_log(actx, GFP_ATOMIC, AUDIT_SELINUX_ERR, |
| 3430 | "Smack: missing rule\n"); | 3430 | "Smack: missing rule\n"); |
| 3431 | return -ENOENT; | 3431 | return -ENOENT; |
| 3432 | } | 3432 | } |