aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/hooks.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r--security/selinux/hooks.c13
1 files changed, 7 insertions, 6 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 4b34847208cc..b332e2cc0954 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -668,7 +668,7 @@ static int selinux_set_mnt_opts(struct super_block *sb,
668 if (flags[i] == SBLABEL_MNT) 668 if (flags[i] == SBLABEL_MNT)
669 continue; 669 continue;
670 rc = security_context_to_sid(mount_options[i], 670 rc = security_context_to_sid(mount_options[i],
671 strlen(mount_options[i]), &sid); 671 strlen(mount_options[i]), &sid, GFP_KERNEL);
672 if (rc) { 672 if (rc) {
673 printk(KERN_WARNING "SELinux: security_context_to_sid" 673 printk(KERN_WARNING "SELinux: security_context_to_sid"
674 "(%s) failed for (dev %s, type %s) errno=%d\n", 674 "(%s) failed for (dev %s, type %s) errno=%d\n",
@@ -2489,7 +2489,8 @@ static int selinux_sb_remount(struct super_block *sb, void *data)
2489 if (flags[i] == SBLABEL_MNT) 2489 if (flags[i] == SBLABEL_MNT)
2490 continue; 2490 continue;
2491 len = strlen(mount_options[i]); 2491 len = strlen(mount_options[i]);
2492 rc = security_context_to_sid(mount_options[i], len, &sid); 2492 rc = security_context_to_sid(mount_options[i], len, &sid,
2493 GFP_KERNEL);
2493 if (rc) { 2494 if (rc) {
2494 printk(KERN_WARNING "SELinux: security_context_to_sid" 2495 printk(KERN_WARNING "SELinux: security_context_to_sid"
2495 "(%s) failed for (dev %s, type %s) errno=%d\n", 2496 "(%s) failed for (dev %s, type %s) errno=%d\n",
@@ -2893,7 +2894,7 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name,
2893 if (rc) 2894 if (rc)
2894 return rc; 2895 return rc;
2895 2896
2896 rc = security_context_to_sid(value, size, &newsid); 2897 rc = security_context_to_sid(value, size, &newsid, GFP_KERNEL);
2897 if (rc == -EINVAL) { 2898 if (rc == -EINVAL) {
2898 if (!capable(CAP_MAC_ADMIN)) { 2899 if (!capable(CAP_MAC_ADMIN)) {
2899 struct audit_buffer *ab; 2900 struct audit_buffer *ab;
@@ -3050,7 +3051,7 @@ static int selinux_inode_setsecurity(struct inode *inode, const char *name,
3050 if (!value || !size) 3051 if (!value || !size)
3051 return -EACCES; 3052 return -EACCES;
3052 3053
3053 rc = security_context_to_sid((void *)value, size, &newsid); 3054 rc = security_context_to_sid((void *)value, size, &newsid, GFP_KERNEL);
3054 if (rc) 3055 if (rc)
3055 return rc; 3056 return rc;
3056 3057
@@ -5529,7 +5530,7 @@ static int selinux_setprocattr(struct task_struct *p,
5529 str[size-1] = 0; 5530 str[size-1] = 0;
5530 size--; 5531 size--;
5531 } 5532 }
5532 error = security_context_to_sid(value, size, &sid); 5533 error = security_context_to_sid(value, size, &sid, GFP_KERNEL);
5533 if (error == -EINVAL && !strcmp(name, "fscreate")) { 5534 if (error == -EINVAL && !strcmp(name, "fscreate")) {
5534 if (!capable(CAP_MAC_ADMIN)) { 5535 if (!capable(CAP_MAC_ADMIN)) {
5535 struct audit_buffer *ab; 5536 struct audit_buffer *ab;
@@ -5638,7 +5639,7 @@ static int selinux_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
5638 5639
5639static int selinux_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) 5640static int selinux_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid)
5640{ 5641{
5641 return security_context_to_sid(secdata, seclen, secid); 5642 return security_context_to_sid(secdata, seclen, secid, GFP_KERNEL);
5642} 5643}
5643 5644
5644static void selinux_release_secctx(char *secdata, u32 seclen) 5645static void selinux_release_secctx(char *secdata, u32 seclen)
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-20 14:34:21 -0500