diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/Kconfig | 4 | ||||
-rw-r--r-- | security/selinux/hooks.c | 3 |
2 files changed, 4 insertions, 3 deletions
diff --git a/security/Kconfig b/security/Kconfig index 9c60c346a91d..4c865345caa0 100644 --- a/security/Kconfig +++ b/security/Kconfig | |||
@@ -114,9 +114,9 @@ config SECURITY_ROOTPLUG | |||
114 | If you are unsure how to answer this question, answer N. | 114 | If you are unsure how to answer this question, answer N. |
115 | 115 | ||
116 | config LSM_MMAP_MIN_ADDR | 116 | config LSM_MMAP_MIN_ADDR |
117 | int "Low address space for LSM to from user allocation" | 117 | int "Low address space for LSM to protect from user allocation" |
118 | depends on SECURITY && SECURITY_SELINUX | 118 | depends on SECURITY && SECURITY_SELINUX |
119 | default 65535 | 119 | default 65536 |
120 | help | 120 | help |
121 | This is the portion of low virtual memory which should be protected | 121 | This is the portion of low virtual memory which should be protected |
122 | from userspace allocation. Keeping a user from writing to low pages | 122 | from userspace allocation. Keeping a user from writing to low pages |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 254b7983657d..6d0b1ccb5b99 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -1285,6 +1285,8 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent | |||
1285 | rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX, | 1285 | rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX, |
1286 | context, len); | 1286 | context, len); |
1287 | if (rc == -ERANGE) { | 1287 | if (rc == -ERANGE) { |
1288 | kfree(context); | ||
1289 | |||
1288 | /* Need a larger buffer. Query for the right size. */ | 1290 | /* Need a larger buffer. Query for the right size. */ |
1289 | rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX, | 1291 | rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX, |
1290 | NULL, 0); | 1292 | NULL, 0); |
@@ -1292,7 +1294,6 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent | |||
1292 | dput(dentry); | 1294 | dput(dentry); |
1293 | goto out_unlock; | 1295 | goto out_unlock; |
1294 | } | 1296 | } |
1295 | kfree(context); | ||
1296 | len = rc; | 1297 | len = rc; |
1297 | context = kmalloc(len+1, GFP_NOFS); | 1298 | context = kmalloc(len+1, GFP_NOFS); |
1298 | if (!context) { | 1299 | if (!context) { |