diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/integrity/ima/ima_iint.c | 3 | ||||
| -rw-r--r-- | security/keys/gc.c | 3 | ||||
| -rw-r--r-- | security/keys/keyring.c | 4 | ||||
| -rw-r--r-- | security/selinux/ss/ebitmap.c | 2 |
4 files changed, 7 insertions, 5 deletions
diff --git a/security/integrity/ima/ima_iint.c b/security/integrity/ima/ima_iint.c index 0d83edcfc40..2d4d05d92fd 100644 --- a/security/integrity/ima/ima_iint.c +++ b/security/integrity/ima/ima_iint.c @@ -63,12 +63,11 @@ int ima_inode_alloc(struct inode *inode) spin_lock(&ima_iint_lock); rc = radix_tree_insert(&ima_iint_store, (unsigned long)inode, iint); spin_unlock(&ima_iint_lock); + radix_tree_preload_end(); out: if (rc < 0) kmem_cache_free(iint_cache, iint); - radix_tree_preload_end(); - return rc; } diff --git a/security/keys/gc.c b/security/keys/gc.c index 4770be375ff..19902319d09 100644 --- a/security/keys/gc.c +++ b/security/keys/gc.c @@ -77,7 +77,8 @@ static bool key_gc_keyring(struct key *keyring, time_t limit) goto dont_gc; /* scan the keyring looking for dead keys */ - klist = rcu_dereference(keyring->payload.subscriptions); + klist = rcu_dereference_check(keyring->payload.subscriptions, + lockdep_is_held(&key_serial_lock)); if (!klist) goto dont_gc; diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 8ec02746ca9..e814d2109f8 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -151,7 +151,9 @@ static void keyring_destroy(struct key *keyring) write_unlock(&keyring_name_lock); } - klist = rcu_dereference(keyring->payload.subscriptions); + klist = rcu_dereference_check(keyring->payload.subscriptions, + rcu_read_lock_held() || + atomic_read(&keyring->usage) == 0); if (klist) { for (loop = klist->nkeys - 1; loop >= 0; loop--) key_put(klist->keys[loop]); diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c index 68c7348d1ac..04b6145d767 100644 --- a/security/selinux/ss/ebitmap.c +++ b/security/selinux/ss/ebitmap.c @@ -128,7 +128,7 @@ int ebitmap_netlbl_export(struct ebitmap *ebmap, cmap_idx = delta / NETLBL_CATMAP_MAPSIZE; cmap_sft = delta % NETLBL_CATMAP_MAPSIZE; c_iter->bitmap[cmap_idx] - |= e_iter->maps[cmap_idx] << cmap_sft; + |= e_iter->maps[i] << cmap_sft; } e_iter = e_iter->next; } |