On Tue, Mar 15, 2016 at 03:08:50PM +0300, Pavel Tikhomirov wrote: > We probably need to fix superblock leak in patch (v4 "fs: Add user > namesapace member to struct super_block"): > > Imagine posible code path in sget_userns: we iterate through > type->fs_supers and do not find suitable sb, we drop sb_lock to > allocate s and go to retry. After we dropped sb_lock some other > task from different userns takes sb_lock, it is already in retry > stage and has s allocated, so it puts its s in type->fs_supers > list. So in retry we will find these sb in list and check it has > a different userns, and finally we will return without freeing s. > > Signed-off-by: Pavel Tikhomirov <ptikhomirov@xxxxxxxxxxxxx> Good catch. Acked-by: Seth Forshee <seth.forshee@xxxxxxxxxxxxx> _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
