aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/device_cgroup.c20
-rw-r--r--security/keys/process_keys.c2
-rw-r--r--security/selinux/nlmsgtab.c3
3 files changed, 19 insertions, 6 deletions
diff --git a/security/device_cgroup.c b/security/device_cgroup.c
index b08d20c66c2e..19ecc8de9e6b 100644
--- a/security/device_cgroup.c
+++ b/security/device_cgroup.c
@@ -82,6 +82,8 @@ static int dev_exceptions_copy(struct list_head *dest, struct list_head *orig)
82{ 82{
83 struct dev_exception_item *ex, *tmp, *new; 83 struct dev_exception_item *ex, *tmp, *new;
84 84
85 lockdep_assert_held(&devcgroup_mutex);
86
85 list_for_each_entry(ex, orig, list) { 87 list_for_each_entry(ex, orig, list) {
86 new = kmemdup(ex, sizeof(*ex), GFP_KERNEL); 88 new = kmemdup(ex, sizeof(*ex), GFP_KERNEL);
87 if (!new) 89 if (!new)
@@ -107,6 +109,8 @@ static int dev_exception_add(struct dev_cgroup *dev_cgroup,
107{ 109{
108 struct dev_exception_item *excopy, *walk; 110 struct dev_exception_item *excopy, *walk;
109 111
112 lockdep_assert_held(&devcgroup_mutex);
113
110 excopy = kmemdup(ex, sizeof(*ex), GFP_KERNEL); 114 excopy = kmemdup(ex, sizeof(*ex), GFP_KERNEL);
111 if (!excopy) 115 if (!excopy)
112 return -ENOMEM; 116 return -ENOMEM;
@@ -137,6 +141,8 @@ static void dev_exception_rm(struct dev_cgroup *dev_cgroup,
137{ 141{
138 struct dev_exception_item *walk, *tmp; 142 struct dev_exception_item *walk, *tmp;
139 143
144 lockdep_assert_held(&devcgroup_mutex);
145
140 list_for_each_entry_safe(walk, tmp, &dev_cgroup->exceptions, list) { 146 list_for_each_entry_safe(walk, tmp, &dev_cgroup->exceptions, list) {
141 if (walk->type != ex->type) 147 if (walk->type != ex->type)
142 continue; 148 continue;
@@ -163,6 +169,8 @@ static void dev_exception_clean(struct dev_cgroup *dev_cgroup)
163{ 169{
164 struct dev_exception_item *ex, *tmp; 170 struct dev_exception_item *ex, *tmp;
165 171
172 lockdep_assert_held(&devcgroup_mutex);
173
166 list_for_each_entry_safe(ex, tmp, &dev_cgroup->exceptions, list) { 174 list_for_each_entry_safe(ex, tmp, &dev_cgroup->exceptions, list) {
167 list_del_rcu(&ex->list); 175 list_del_rcu(&ex->list);
168 kfree_rcu(ex, rcu); 176 kfree_rcu(ex, rcu);
@@ -172,7 +180,7 @@ static void dev_exception_clean(struct dev_cgroup *dev_cgroup)
172/* 180/*
173 * called from kernel/cgroup.c with cgroup_lock() held. 181 * called from kernel/cgroup.c with cgroup_lock() held.
174 */ 182 */
175static struct cgroup_subsys_state *devcgroup_create(struct cgroup *cgroup) 183static struct cgroup_subsys_state *devcgroup_css_alloc(struct cgroup *cgroup)
176{ 184{
177 struct dev_cgroup *dev_cgroup, *parent_dev_cgroup; 185 struct dev_cgroup *dev_cgroup, *parent_dev_cgroup;
178 struct cgroup *parent_cgroup; 186 struct cgroup *parent_cgroup;
@@ -202,7 +210,7 @@ static struct cgroup_subsys_state *devcgroup_create(struct cgroup *cgroup)
202 return &dev_cgroup->css; 210 return &dev_cgroup->css;
203} 211}
204 212
205static void devcgroup_destroy(struct cgroup *cgroup) 213static void devcgroup_css_free(struct cgroup *cgroup)
206{ 214{
207 struct dev_cgroup *dev_cgroup; 215 struct dev_cgroup *dev_cgroup;
208 216
@@ -298,6 +306,10 @@ static int may_access(struct dev_cgroup *dev_cgroup,
298 struct dev_exception_item *ex; 306 struct dev_exception_item *ex;
299 bool match = false; 307 bool match = false;
300 308
309 rcu_lockdep_assert(rcu_read_lock_held() ||
310 lockdep_is_held(&devcgroup_mutex),
311 "device_cgroup::may_access() called without proper synchronization");
312
301 list_for_each_entry_rcu(ex, &dev_cgroup->exceptions, list) { 313 list_for_each_entry_rcu(ex, &dev_cgroup->exceptions, list) {
302 if ((refex->type & DEV_BLOCK) && !(ex->type & DEV_BLOCK)) 314 if ((refex->type & DEV_BLOCK) && !(ex->type & DEV_BLOCK))
303 continue; 315 continue;
@@ -552,8 +564,8 @@ static struct cftype dev_cgroup_files[] = {
552struct cgroup_subsys devices_subsys = { 564struct cgroup_subsys devices_subsys = {
553 .name = "devices", 565 .name = "devices",
554 .can_attach = devcgroup_can_attach, 566 .can_attach = devcgroup_can_attach,
555 .create = devcgroup_create, 567 .css_alloc = devcgroup_css_alloc,
556 .destroy = devcgroup_destroy, 568 .css_free = devcgroup_css_free,
557 .subsys_id = devices_subsys_id, 569 .subsys_id = devices_subsys_id,
558 .base_cftypes = dev_cgroup_files, 570 .base_cftypes = dev_cgroup_files,
559 571
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index a58f712605d8..86468f385fc8 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -358,8 +358,6 @@ key_ref_t search_my_process_keyrings(struct key_type *type,
358 358
359 switch (PTR_ERR(key_ref)) { 359 switch (PTR_ERR(key_ref)) {
360 case -EAGAIN: /* no key */ 360 case -EAGAIN: /* no key */
361 if (ret)
362 break;
363 case -ENOKEY: /* negative key */ 361 case -ENOKEY: /* negative key */
364 ret = key_ref; 362 ret = key_ref;
365 break; 363 break;
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index d309e7f472d8..370a6468b3ba 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -67,6 +67,9 @@ static struct nlmsg_perm nlmsg_route_perms[] =
67 { RTM_GETADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_READ }, 67 { RTM_GETADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_READ },
68 { RTM_GETDCB, NETLINK_ROUTE_SOCKET__NLMSG_READ }, 68 { RTM_GETDCB, NETLINK_ROUTE_SOCKET__NLMSG_READ },
69 { RTM_SETDCB, NETLINK_ROUTE_SOCKET__NLMSG_WRITE }, 69 { RTM_SETDCB, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
70 { RTM_NEWNETCONF, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
71 { RTM_GETNETCONF, NETLINK_ROUTE_SOCKET__NLMSG_READ },
72 { RTM_GETMDB, NETLINK_ROUTE_SOCKET__NLMSG_READ },
70}; 73};
71 74
72static struct nlmsg_perm nlmsg_tcpdiag_perms[] = 75static struct nlmsg_perm nlmsg_tcpdiag_perms[] =
generated by cgit v1.2.2 (git 2.25.0) at 2025-12-30 05:41:31 -0500