Smack updates for v6.4
-----BEGIN PGP SIGNATURE----- iQJLBAABCAA1FiEEC+9tH1YyUwIQzUIeOKUVfIxDyBEFAmRGv+4XHGNhc2V5QHNj aGF1Zmxlci1jYS5jb20ACgkQOKUVfIxDyBE4QxAAkHiCueaplFsGvYhtx6aeajNC 0ScA84efBMhQJ/jP4FsTh893bGUkbDv+dyasAVOoAdfFPfgpecEOELzhOaaXv5l2 8pZ1CtTPXU9h5Csg7D6idII/EyzBUkKDCLbrZexT6A6ZEl0xTqY6Pz6/3uee/W4J Z/84U1lX/GgI/SzV6JFcO0XYDj2yp7cfdwIzPUHRky5HgPgLm3roB+eZQwONHfYl qYX5xAYCxMx6Uqx3kFb+wgXEJ71lFQGBd7zAZsinGqlrH0vIA63BqpxcHPhYTJNl 9Y/t6Mb9ds2C1CCGhQTPn/m4hcqYcA5oLuhGWNhOeXMX450XBQ4v7nRw45Dkb1Sa IPwJTPfuH2I5r5dOW8cGVCrDp5OT+XQJ5OrsIBtdrPxPGX8x6XyaC4DLG3mympC6 UfBxdP60Jtm/PRuLCX3tX92zzXhFuqt63Gw87b6htlgEPpirJlhZaEiCYKGlshS1 b6+kMn1snCxqbBvE/jI3FKHp/C8F/lKNnuVRid9J6HkoyABubWMZ3UIAY+SkVw6b 9BuF8dn+S/HOqPiijDDnwjnnhHFJQg3F8XRCmNP9MsDqfajcwWHs9ik0NLSMfD50 CXpp3WIZDVGllmNSeYgkkZKuYV+yNbydLU+DaMfWEkOS7euRoaDozShVJdBTRfnV 7PYZ3V4KhWkNCWXWfbw= =Ynnl -----END PGP SIGNATURE----- Merge tag 'Smack-for-6.4' of https://github.com/cschaufler/smack-next Pull smack updates from Casey Schaufler: "There are two changes, one small and one more substantial: - Remove of an unnecessary cast - The mount option processing introduced with the mount rework makes copies of mount option values. There is no good reason to make copies of Smack labels, as they are maintained on a list and never removed. The code now uses pointers to entries on the list, reducing processing time and memory use" * tag 'Smack-for-6.4' of https://github.com/cschaufler/smack-next: Smack: Improve mount process memory use smack_lsm: remove unnecessary type casting
This commit is contained in:
Linus Torvalds
commit
dc7e22a368
|
|
@ -550,23 +550,22 @@ static int smack_sb_alloc_security(struct super_block *sb)
|
|||
}
|
||||
|
||||
struct smack_mnt_opts {
|
||||
const char *fsdefault, *fsfloor, *fshat, *fsroot, *fstransmute;
|
||||
const char *fsdefault;
|
||||
const char *fsfloor;
|
||||
const char *fshat;
|
||||
const char *fsroot;
|
||||
const char *fstransmute;
|
||||
};
|
||||
|
||||
static void smack_free_mnt_opts(void *mnt_opts)
|
||||
{
|
||||
struct smack_mnt_opts *opts = mnt_opts;
|
||||
kfree(opts->fsdefault);
|
||||
kfree(opts->fsfloor);
|
||||
kfree(opts->fshat);
|
||||
kfree(opts->fsroot);
|
||||
kfree(opts->fstransmute);
|
||||
kfree(opts);
|
||||
kfree(mnt_opts);
|
||||
}
|
||||
|
||||
static int smack_add_opt(int token, const char *s, void **mnt_opts)
|
||||
{
|
||||
struct smack_mnt_opts *opts = *mnt_opts;
|
||||
struct smack_known *skp;
|
||||
|
||||
if (!opts) {
|
||||
opts = kzalloc(sizeof(struct smack_mnt_opts), GFP_KERNEL);
|
||||
|
|
@ -577,31 +576,35 @@ static int smack_add_opt(int token, const char *s, void **mnt_opts)
|
|||
if (!s)
|
||||
return -ENOMEM;
|
||||
|
||||
skp = smk_import_entry(s, 0);
|
||||
if (IS_ERR(skp))
|
||||
return PTR_ERR(skp);
|
||||
|
||||
switch (token) {
|
||||
case Opt_fsdefault:
|
||||
if (opts->fsdefault)
|
||||
goto out_opt_err;
|
||||
opts->fsdefault = s;
|
||||
opts->fsdefault = skp->smk_known;
|
||||
break;
|
||||
case Opt_fsfloor:
|
||||
if (opts->fsfloor)
|
||||
goto out_opt_err;
|
||||
opts->fsfloor = s;
|
||||
opts->fsfloor = skp->smk_known;
|
||||
break;
|
||||
case Opt_fshat:
|
||||
if (opts->fshat)
|
||||
goto out_opt_err;
|
||||
opts->fshat = s;
|
||||
opts->fshat = skp->smk_known;
|
||||
break;
|
||||
case Opt_fsroot:
|
||||
if (opts->fsroot)
|
||||
goto out_opt_err;
|
||||
opts->fsroot = s;
|
||||
opts->fsroot = skp->smk_known;
|
||||
break;
|
||||
case Opt_fstransmute:
|
||||
if (opts->fstransmute)
|
||||
goto out_opt_err;
|
||||
opts->fstransmute = s;
|
||||
opts->fstransmute = skp->smk_known;
|
||||
break;
|
||||
}
|
||||
return 0;
|
||||
|
|
@ -629,33 +632,14 @@ static int smack_fs_context_dup(struct fs_context *fc,
|
|||
fc->security = kzalloc(sizeof(struct smack_mnt_opts), GFP_KERNEL);
|
||||
if (!fc->security)
|
||||
return -ENOMEM;
|
||||
dst = fc->security;
|
||||
|
||||
if (src->fsdefault) {
|
||||
dst->fsdefault = kstrdup(src->fsdefault, GFP_KERNEL);
|
||||
if (!dst->fsdefault)
|
||||
return -ENOMEM;
|
||||
}
|
||||
if (src->fsfloor) {
|
||||
dst->fsfloor = kstrdup(src->fsfloor, GFP_KERNEL);
|
||||
if (!dst->fsfloor)
|
||||
return -ENOMEM;
|
||||
}
|
||||
if (src->fshat) {
|
||||
dst->fshat = kstrdup(src->fshat, GFP_KERNEL);
|
||||
if (!dst->fshat)
|
||||
return -ENOMEM;
|
||||
}
|
||||
if (src->fsroot) {
|
||||
dst->fsroot = kstrdup(src->fsroot, GFP_KERNEL);
|
||||
if (!dst->fsroot)
|
||||
return -ENOMEM;
|
||||
}
|
||||
if (src->fstransmute) {
|
||||
dst->fstransmute = kstrdup(src->fstransmute, GFP_KERNEL);
|
||||
if (!dst->fstransmute)
|
||||
return -ENOMEM;
|
||||
}
|
||||
dst = fc->security;
|
||||
dst->fsdefault = src->fsdefault;
|
||||
dst->fsfloor = src->fsfloor;
|
||||
dst->fshat = src->fshat;
|
||||
dst->fsroot = src->fsroot;
|
||||
dst->fstransmute = src->fstransmute;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
@ -712,8 +696,8 @@ static int smack_sb_eat_lsm_opts(char *options, void **mnt_opts)
|
|||
if (token != Opt_error) {
|
||||
arg = kmemdup_nul(arg, from + len - arg, GFP_KERNEL);
|
||||
rc = smack_add_opt(token, arg, mnt_opts);
|
||||
kfree(arg);
|
||||
if (unlikely(rc)) {
|
||||
kfree(arg);
|
||||
if (*mnt_opts)
|
||||
smack_free_mnt_opts(*mnt_opts);
|
||||
*mnt_opts = NULL;
|
||||
|
|
@ -1477,7 +1461,7 @@ static int smack_inode_getsecurity(struct mnt_idmap *idmap,
|
|||
struct socket_smack *ssp;
|
||||
struct socket *sock;
|
||||
struct super_block *sbp;
|
||||
struct inode *ip = (struct inode *)inode;
|
||||
struct inode *ip = inode;
|
||||
struct smack_known *isp;
|
||||
|
||||
if (strcmp(name, XATTR_SMACK_SUFFIX) == 0)
|
||||
|
|
|
|||
Loading…
Reference in New Issue