summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/smack/smack_lsm.c64
1 files changed, 24 insertions, 40 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index bc3c3e553133..7a3e9ab137d8 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -550,23 +550,22 @@ static int smack_sb_alloc_security(struct super_block *sb)
}
struct smack_mnt_opts {
- const char *fsdefault, *fsfloor, *fshat, *fsroot, *fstransmute;
+ const char *fsdefault;
+ const char *fsfloor;
+ const char *fshat;
+ const char *fsroot;
+ const char *fstransmute;
};
static void smack_free_mnt_opts(void *mnt_opts)
{
- struct smack_mnt_opts *opts = mnt_opts;
- kfree(opts->fsdefault);
- kfree(opts->fsfloor);
- kfree(opts->fshat);
- kfree(opts->fsroot);
- kfree(opts->fstransmute);
- kfree(opts);
+ kfree(mnt_opts);
}
static int smack_add_opt(int token, const char *s, void **mnt_opts)
{
struct smack_mnt_opts *opts = *mnt_opts;
+ struct smack_known *skp;
if (!opts) {
opts = kzalloc(sizeof(struct smack_mnt_opts), GFP_KERNEL);
@@ -577,31 +576,35 @@ static int smack_add_opt(int token, const char *s, void **mnt_opts)
if (!s)
return -ENOMEM;
+ skp = smk_import_entry(s, 0);
+ if (IS_ERR(skp))
+ return PTR_ERR(skp);
+
switch (token) {
case Opt_fsdefault:
if (opts->fsdefault)
goto out_opt_err;
- opts->fsdefault = s;
+ opts->fsdefault = skp->smk_known;
break;
case Opt_fsfloor:
if (opts->fsfloor)
goto out_opt_err;
- opts->fsfloor = s;
+ opts->fsfloor = skp->smk_known;
break;
case Opt_fshat:
if (opts->fshat)
goto out_opt_err;
- opts->fshat = s;
+ opts->fshat = skp->smk_known;
break;
case Opt_fsroot:
if (opts->fsroot)
goto out_opt_err;
- opts->fsroot = s;
+ opts->fsroot = skp->smk_known;
break;
case Opt_fstransmute:
if (opts->fstransmute)
goto out_opt_err;
- opts->fstransmute = s;
+ opts->fstransmute = skp->smk_known;
break;
}
return 0;
@@ -629,33 +632,14 @@ static int smack_fs_context_dup(struct fs_context *fc,
fc->security = kzalloc(sizeof(struct smack_mnt_opts), GFP_KERNEL);
if (!fc->security)
return -ENOMEM;
+
dst = fc->security;
+ dst->fsdefault = src->fsdefault;
+ dst->fsfloor = src->fsfloor;
+ dst->fshat = src->fshat;
+ dst->fsroot = src->fsroot;
+ dst->fstransmute = src->fstransmute;
- if (src->fsdefault) {
- dst->fsdefault = kstrdup(src->fsdefault, GFP_KERNEL);
- if (!dst->fsdefault)
- return -ENOMEM;
- }
- if (src->fsfloor) {
- dst->fsfloor = kstrdup(src->fsfloor, GFP_KERNEL);
- if (!dst->fsfloor)
- return -ENOMEM;
- }
- if (src->fshat) {
- dst->fshat = kstrdup(src->fshat, GFP_KERNEL);
- if (!dst->fshat)
- return -ENOMEM;
- }
- if (src->fsroot) {
- dst->fsroot = kstrdup(src->fsroot, GFP_KERNEL);
- if (!dst->fsroot)
- return -ENOMEM;
- }
- if (src->fstransmute) {
- dst->fstransmute = kstrdup(src->fstransmute, GFP_KERNEL);
- if (!dst->fstransmute)
- return -ENOMEM;
- }
return 0;
}
@@ -712,8 +696,8 @@ static int smack_sb_eat_lsm_opts(char *options, void **mnt_opts)
if (token != Opt_error) {
arg = kmemdup_nul(arg, from + len - arg, GFP_KERNEL);
rc = smack_add_opt(token, arg, mnt_opts);
+ kfree(arg);
if (unlikely(rc)) {
- kfree(arg);
if (*mnt_opts)
smack_free_mnt_opts(*mnt_opts);
*mnt_opts = NULL;
@@ -1477,7 +1461,7 @@ static int smack_inode_getsecurity(struct mnt_idmap *idmap,
struct socket_smack *ssp;
struct socket *sock;
struct super_block *sbp;
- struct inode *ip = (struct inode *)inode;
+ struct inode *ip = inode;
struct smack_known *isp;
if (strcmp(name, XATTR_SMACK_SUFFIX) == 0)