diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2018-12-10 17:30:41 -0500 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2018-12-21 11:47:19 -0500 |
commit | 6a0440e5b7562512c021aa1b5a706fcc545773db (patch) | |
tree | 1949ceff7d2c7d417d8927420bb3b966e6d9cdbf /security/security.c | |
parent | a65001e8a4d465693d0191297a6fd864c96b3147 (diff) |
nfs_remount(): don't leak, don't ignore LSM options quietly
* if mount(2) passes something like "context=foo" with MS_REMOUNT
in flags (/sbin/mount.nfs will _not_ do that - you need to issue
the syscall manually), you'll get leaked copies for LSM options.
The reason is that instead of nfs_{alloc,free}_parsed_mount_data()
nfs_remount() uses kzalloc/kfree, which lacks the needed cleanup.
* selinux options are not changed on remount (as for any other
fs), but in case of NFS the failure is quiet - they are not compared
to what we used to have, with complaint in case of attempted changes.
Trivially fixed by converting to use of security_sb_remount().
Reviewed-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'security/security.c')
0 files changed, 0 insertions, 0 deletions