diff options
author | Josef Bacik <jbacik@redhat.com> | 2008-04-04 09:35:05 +1100 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-04-04 09:35:05 +1100 |
commit | a02fe13297af26c13d004b1d44f391c077094ea0 (patch) | |
tree | d75879f0da229eec87e3b4a95a4c28db2ea4d713 | |
parent | 9597362d354f8655ece324b01d0c640a0e99c077 (diff) |
selinux: prevent rentry into the FS
BUG fix. Keep us from re-entering the fs when we aren't supposed to.
See discussion at
http://marc.info/?t=120716967100004&r=1&w=2
Signed-off-by: Josef Bacik <jbacik@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/selinux/hooks.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index c2fef7b12dc..820d07a60ab 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -180,7 +180,7 @@ static int inode_alloc_security(struct inode *inode) struct task_security_struct *tsec = current->security; struct inode_security_struct *isec; - isec = kmem_cache_zalloc(sel_inode_cache, GFP_KERNEL); + isec = kmem_cache_zalloc(sel_inode_cache, GFP_NOFS); if (!isec) return -ENOMEM; @@ -2429,7 +2429,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir, return -EOPNOTSUPP; if (name) { - namep = kstrdup(XATTR_SELINUX_SUFFIX, GFP_KERNEL); + namep = kstrdup(XATTR_SELINUX_SUFFIX, GFP_NOFS); if (!namep) return -ENOMEM; *name = namep; |