diff options
Diffstat (limited to 'net/netlabel')
-rw-r--r-- | net/netlabel/netlabel_unlabeled.c | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index a1d4ae51db04..07283e1dfad2 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c | |||
@@ -47,7 +47,8 @@ | |||
47 | #include "netlabel_unlabeled.h" | 47 | #include "netlabel_unlabeled.h" |
48 | 48 | ||
49 | /* Accept unlabeled packets flag */ | 49 | /* Accept unlabeled packets flag */ |
50 | static atomic_t netlabel_unlabel_accept_flg = ATOMIC_INIT(0); | 50 | static DEFINE_SPINLOCK(netlabel_unlabel_acceptflg_lock); |
51 | static u8 netlabel_unlabel_acceptflg = 0; | ||
51 | 52 | ||
52 | /* NetLabel Generic NETLINK CIPSOv4 family */ | 53 | /* NetLabel Generic NETLINK CIPSOv4 family */ |
53 | static struct genl_family netlbl_unlabel_gnl_family = { | 54 | static struct genl_family netlbl_unlabel_gnl_family = { |
@@ -82,8 +83,12 @@ static void netlbl_unlabel_acceptflg_set(u8 value, | |||
82 | struct audit_buffer *audit_buf; | 83 | struct audit_buffer *audit_buf; |
83 | u8 old_val; | 84 | u8 old_val; |
84 | 85 | ||
85 | old_val = atomic_read(&netlabel_unlabel_accept_flg); | 86 | rcu_read_lock(); |
86 | atomic_set(&netlabel_unlabel_accept_flg, value); | 87 | old_val = netlabel_unlabel_acceptflg; |
88 | spin_lock(&netlabel_unlabel_acceptflg_lock); | ||
89 | netlabel_unlabel_acceptflg = value; | ||
90 | spin_unlock(&netlabel_unlabel_acceptflg_lock); | ||
91 | rcu_read_unlock(); | ||
87 | 92 | ||
88 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_UNLBL_ALLOW, | 93 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_UNLBL_ALLOW, |
89 | audit_info); | 94 | audit_info); |
@@ -148,9 +153,11 @@ static int netlbl_unlabel_list(struct sk_buff *skb, struct genl_info *info) | |||
148 | goto list_failure; | 153 | goto list_failure; |
149 | } | 154 | } |
150 | 155 | ||
156 | rcu_read_lock(); | ||
151 | ret_val = nla_put_u8(ans_skb, | 157 | ret_val = nla_put_u8(ans_skb, |
152 | NLBL_UNLABEL_A_ACPTFLG, | 158 | NLBL_UNLABEL_A_ACPTFLG, |
153 | atomic_read(&netlabel_unlabel_accept_flg)); | 159 | netlabel_unlabel_acceptflg); |
160 | rcu_read_unlock(); | ||
154 | if (ret_val != 0) | 161 | if (ret_val != 0) |
155 | goto list_failure; | 162 | goto list_failure; |
156 | 163 | ||
@@ -236,10 +243,17 @@ int netlbl_unlabel_genl_init(void) | |||
236 | */ | 243 | */ |
237 | int netlbl_unlabel_getattr(struct netlbl_lsm_secattr *secattr) | 244 | int netlbl_unlabel_getattr(struct netlbl_lsm_secattr *secattr) |
238 | { | 245 | { |
239 | if (atomic_read(&netlabel_unlabel_accept_flg) == 1) | 246 | int ret_val; |
240 | return netlbl_secattr_init(secattr); | 247 | |
248 | rcu_read_lock(); | ||
249 | if (netlabel_unlabel_acceptflg == 1) { | ||
250 | netlbl_secattr_init(secattr); | ||
251 | ret_val = 0; | ||
252 | } else | ||
253 | ret_val = -ENOMSG; | ||
254 | rcu_read_unlock(); | ||
241 | 255 | ||
242 | return -ENOMSG; | 256 | return ret_val; |
243 | } | 257 | } |
244 | 258 | ||
245 | /** | 259 | /** |