[PATCH] fix deadlock in audit_log_task_context()
GFP_KERNEL allocations in non-blocking context; fixed by killing an idiotic use of security_getprocattr(). Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Al Viro
Linus Torvalds
parent
baab1087c6
commit
c4823bce03
|
|
@ -739,28 +739,26 @@ static inline void audit_free_context(struct audit_context *context)
|
||||||
void audit_log_task_context(struct audit_buffer *ab)
|
void audit_log_task_context(struct audit_buffer *ab)
|
||||||
{
|
{
|
||||||
char *ctx = NULL;
|
char *ctx = NULL;
|
||||||
ssize_t len = 0;
|
unsigned len;
|
||||||
|
int error;
|
||||||
|
u32 sid;
|
||||||
|
|
||||||
len = security_getprocattr(current, "current", NULL, 0);
|
selinux_get_task_sid(current, &sid);
|
||||||
if (len < 0) {
|
if (!sid)
|
||||||
if (len != -EINVAL)
|
return;
|
||||||
|
|
||||||
|
error = selinux_sid_to_string(sid, &ctx, &len);
|
||||||
|
if (error) {
|
||||||
|
if (error != -EINVAL)
|
||||||
goto error_path;
|
goto error_path;
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx = kmalloc(len, GFP_KERNEL);
|
|
||||||
if (!ctx)
|
|
||||||
goto error_path;
|
|
||||||
|
|
||||||
len = security_getprocattr(current, "current", ctx, len);
|
|
||||||
if (len < 0 )
|
|
||||||
goto error_path;
|
|
||||||
|
|
||||||
audit_log_format(ab, " subj=%s", ctx);
|
audit_log_format(ab, " subj=%s", ctx);
|
||||||
|
kfree(ctx);
|
||||||
return;
|
return;
|
||||||
|
|
||||||
error_path:
|
error_path:
|
||||||
kfree(ctx);
|
|
||||||
audit_panic("error in audit_log_task_context");
|
audit_panic("error in audit_log_task_context");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue