[PATCH] selinux: fix selinux_netlbl_inode_permission() locking
do not call a sleeping lock API in an RCU read section. lock_sock_nested can sleep, its BH counterpart doesn't. selinux_netlbl_inode_permission() needs to use the BH counterpart unconditionally. Compile tested. From: Ingo Molnar <mingo@elte.hu> added BH disabling, because this function can be called from non-atomic contexts too, so a naked bh_lock_sock() would be deadlock-prone. Boot-tested the resulting kernel. Signed-off-by: Parag Warudkar <paragw@paragw.zapto.org> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
parent
ec8acb6904
commit
9883a13c72
@ -2660,9 +2660,11 @@ int selinux_netlbl_inode_permission(struct inode *inode, int mask)
|
||||
rcu_read_unlock();
|
||||
return 0;
|
||||
}
|
||||
lock_sock(sock->sk);
|
||||
local_bh_disable();
|
||||
bh_lock_sock_nested(sock->sk);
|
||||
rc = selinux_netlbl_socket_setsid(sock, sksec->sid);
|
||||
release_sock(sock->sk);
|
||||
bh_unlock_sock(sock->sk);
|
||||
local_bh_enable();
|
||||
rcu_read_unlock();
|
||||
|
||||
return rc;
|
||||
|
Loading…
Reference in New Issue
Block a user