From baac35c4155a8aa826c70acee6553368ca5243a2 Mon Sep 17 00:00:00 2001 From: Xiaotian Feng Date: Wed, 24 Feb 2010 18:39:02 +0800 Subject: security: fix error return path in ima_inode_alloc If radix_tree_preload is failed in ima_inode_alloc, we don't need radix_tree_preload_end because kernel is alread preempt enabled Signed-off-by: Xiaotian Feng Signed-off-by: Mimi Zohar Signed-off-by: James Morris --- security/integrity/ima/ima_iint.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'security') diff --git a/security/integrity/ima/ima_iint.c b/security/integrity/ima/ima_iint.c index 0d83edcfc40..2d4d05d92fd 100644 --- a/security/integrity/ima/ima_iint.c +++ b/security/integrity/ima/ima_iint.c @@ -63,12 +63,11 @@ int ima_inode_alloc(struct inode *inode) spin_lock(&ima_iint_lock); rc = radix_tree_insert(&ima_iint_store, (unsigned long)inode, iint); spin_unlock(&ima_iint_lock); + radix_tree_preload_end(); out: if (rc < 0) kmem_cache_free(iint_cache, iint); - radix_tree_preload_end(); - return rc; } -- cgit v1.2.3-18-g5258 From c36f74e67fa12202dbcb4ad92c5ac844f9d36b98 Mon Sep 17 00:00:00 2001 From: Joshua Roys Date: Wed, 24 Feb 2010 18:52:44 -0500 Subject: netlabel: fix export of SELinux categories > 127 This fixes corrupted CIPSO packets when SELinux categories greater than 127 are used. The bug occured on the second (and later) loops through the while; the inner for loop through the ebitmap->maps array used the same index as the NetLabel catmap->bitmap array, even though the NetLabel bitmap is twice as long as the SELinux bitmap. Signed-off-by: Joshua Roys Acked-by: Paul Moore Signed-off-by: James Morris --- security/selinux/ss/ebitmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'security') diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c index 68c7348d1ac..04b6145d767 100644 --- a/security/selinux/ss/ebitmap.c +++ b/security/selinux/ss/ebitmap.c @@ -128,7 +128,7 @@ int ebitmap_netlbl_export(struct ebitmap *ebmap, cmap_idx = delta / NETLBL_CATMAP_MAPSIZE; cmap_sft = delta % NETLBL_CATMAP_MAPSIZE; c_iter->bitmap[cmap_idx] - |= e_iter->maps[cmap_idx] << cmap_sft; + |= e_iter->maps[i] << cmap_sft; } e_iter = e_iter->next; } -- cgit v1.2.3-18-g5258 From e7b0a61b7929632d36cf052d9e2820ef0a9c1bfe Mon Sep 17 00:00:00 2001 From: "Paul E. McKenney" Date: Mon, 22 Feb 2010 17:04:56 -0800 Subject: security: Apply lockdep-based checking to rcu_dereference() uses Apply lockdep-ified RCU primitives to key_gc_keyring() and keyring_destroy(). Cc: David Howells Signed-off-by: Paul E. McKenney Cc: laijs@cn.fujitsu.com Cc: dipankar@in.ibm.com Cc: mathieu.desnoyers@polymtl.ca Cc: josh@joshtriplett.org Cc: dvhltc@us.ibm.com Cc: niv@us.ibm.com Cc: peterz@infradead.org Cc: rostedt@goodmis.org Cc: Valdis.Kletnieks@vt.edu Cc: dhowells@redhat.com LKML-Reference: <1266887105-1528-12-git-send-email-paulmck@linux.vnet.ibm.com> Signed-off-by: Ingo Molnar --- security/keys/gc.c | 3 ++- security/keys/keyring.c | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'security') diff --git a/security/keys/gc.c b/security/keys/gc.c index 4770be375ff..19902319d09 100644 --- a/security/keys/gc.c +++ b/security/keys/gc.c @@ -77,7 +77,8 @@ static bool key_gc_keyring(struct key *keyring, time_t limit) goto dont_gc; /* scan the keyring looking for dead keys */ - klist = rcu_dereference(keyring->payload.subscriptions); + klist = rcu_dereference_check(keyring->payload.subscriptions, + lockdep_is_held(&key_serial_lock)); if (!klist) goto dont_gc; diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 8ec02746ca9..e814d2109f8 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -151,7 +151,9 @@ static void keyring_destroy(struct key *keyring) write_unlock(&keyring_name_lock); } - klist = rcu_dereference(keyring->payload.subscriptions); + klist = rcu_dereference_check(keyring->payload.subscriptions, + rcu_read_lock_held() || + atomic_read(&keyring->usage) == 0); if (klist) { for (loop = klist->nkeys - 1; loop >= 0; loop--) key_put(klist->keys[loop]); -- cgit v1.2.3-18-g5258