summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndreas Gruenbacher <agruenba@redhat.com>2016-02-18 12:04:08 +0100
committerPaul Moore <paul@paul-moore.com>2016-02-19 16:29:19 -0500
commite817c2f33efb4aa7f02c98dfab9a5f8ff383ea7e (patch)
treee572b7e4fa493fba5cc7252d4bab26b1c81624dc
parentb197367ed1ba81b0d26f7e7f76f61731ac6e5842 (diff)
downloadop-kernel-dev-e817c2f33efb4aa7f02c98dfab9a5f8ff383ea7e.zip
op-kernel-dev-e817c2f33efb4aa7f02c98dfab9a5f8ff383ea7e.tar.gz
selinux: Don't sleep inside inode_getsecid hook
The inode_getsecid hook is called from contexts in which sleeping is not allowed, so we cannot revalidate inode security labels from there. Use the non-validating version of inode_security() instead. Reported-by: Benjamin Coddington <bcodding@redhat.com> Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com>
-rw-r--r--security/selinux/hooks.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index f8110cf..f1ab715 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3249,7 +3249,7 @@ static int selinux_inode_listsecurity(struct inode *inode, char *buffer, size_t
static void selinux_inode_getsecid(struct inode *inode, u32 *secid)
{
- struct inode_security_struct *isec = inode_security(inode);
+ struct inode_security_struct *isec = inode_security_novalidate(inode);
*secid = isec->sid;
}
OpenPOWER on IntegriCloud