diff options
Diffstat (limited to 'security/selinux/ss/services.c')
-rw-r--r-- | security/selinux/ss/services.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 47295acd09c9..5fd54f2bbaac 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
@@ -680,7 +680,8 @@ out: | |||
680 | 680 | ||
681 | } | 681 | } |
682 | 682 | ||
683 | static int security_context_to_sid_core(char *scontext, u32 scontext_len, u32 *sid, u32 def_sid) | 683 | static int security_context_to_sid_core(char *scontext, u32 scontext_len, |
684 | u32 *sid, u32 def_sid, gfp_t gfp_flags) | ||
684 | { | 685 | { |
685 | char *scontext2; | 686 | char *scontext2; |
686 | struct context context; | 687 | struct context context; |
@@ -709,7 +710,7 @@ static int security_context_to_sid_core(char *scontext, u32 scontext_len, u32 *s | |||
709 | null suffix to the copy to avoid problems with the existing | 710 | null suffix to the copy to avoid problems with the existing |
710 | attr package, which doesn't view the null terminator as part | 711 | attr package, which doesn't view the null terminator as part |
711 | of the attribute value. */ | 712 | of the attribute value. */ |
712 | scontext2 = kmalloc(scontext_len+1,GFP_KERNEL); | 713 | scontext2 = kmalloc(scontext_len+1, gfp_flags); |
713 | if (!scontext2) { | 714 | if (!scontext2) { |
714 | rc = -ENOMEM; | 715 | rc = -ENOMEM; |
715 | goto out; | 716 | goto out; |
@@ -809,7 +810,7 @@ out: | |||
809 | int security_context_to_sid(char *scontext, u32 scontext_len, u32 *sid) | 810 | int security_context_to_sid(char *scontext, u32 scontext_len, u32 *sid) |
810 | { | 811 | { |
811 | return security_context_to_sid_core(scontext, scontext_len, | 812 | return security_context_to_sid_core(scontext, scontext_len, |
812 | sid, SECSID_NULL); | 813 | sid, SECSID_NULL, GFP_KERNEL); |
813 | } | 814 | } |
814 | 815 | ||
815 | /** | 816 | /** |
@@ -829,10 +830,11 @@ int security_context_to_sid(char *scontext, u32 scontext_len, u32 *sid) | |||
829 | * Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient | 830 | * Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient |
830 | * memory is available, or 0 on success. | 831 | * memory is available, or 0 on success. |
831 | */ | 832 | */ |
832 | int security_context_to_sid_default(char *scontext, u32 scontext_len, u32 *sid, u32 def_sid) | 833 | int security_context_to_sid_default(char *scontext, u32 scontext_len, u32 *sid, |
834 | u32 def_sid, gfp_t gfp_flags) | ||
833 | { | 835 | { |
834 | return security_context_to_sid_core(scontext, scontext_len, | 836 | return security_context_to_sid_core(scontext, scontext_len, |
835 | sid, def_sid); | 837 | sid, def_sid, gfp_flags); |
836 | } | 838 | } |
837 | 839 | ||
838 | static int compute_sid_handle_invalid_context( | 840 | static int compute_sid_handle_invalid_context( |