Re: [RFC PATCH] selinux: use GFP_KERNEL while reading binary policy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Aug 7, 2023 at 2:42 PM Christian Göttsche
<cgzones@xxxxxxxxxxxxxx> wrote:
>
> Use GFP_KERNEL instead of GFP_ATOMIC while reading a binary policy in
> sens_read() and cat_read(), similar to surrounding code.
>
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>

Congrats, you found something that appears to have been present since
before SELinux went into mainline Linux 2.6.0-test3. Going back to my
old CVS history, it looks like we switched the other allocations from
GFP_ATOMIC to GFP_KERNEL at a time when all of the MLS-related
functions were still in mls.c rather than policydb.c, but those didn't
get updated and were subsequently moved over.

Acked-by: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>

> ---
>  security/selinux/ss/policydb.c | 10 +++++-----
>  1 file changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
> index a424997c79eb..bb850b608dc6 100644
> --- a/security/selinux/ss/policydb.c
> +++ b/security/selinux/ss/policydb.c
> @@ -1597,7 +1597,7 @@ static int sens_read(struct policydb *p, struct symtab *s, void *fp)
>         __le32 buf[2];
>         u32 len;
>
> -       levdatum = kzalloc(sizeof(*levdatum), GFP_ATOMIC);
> +       levdatum = kzalloc(sizeof(*levdatum), GFP_KERNEL);
>         if (!levdatum)
>                 return -ENOMEM;
>
> @@ -1608,12 +1608,12 @@ static int sens_read(struct policydb *p, struct symtab *s, void *fp)
>         len = le32_to_cpu(buf[0]);
>         levdatum->isalias = le32_to_cpu(buf[1]);
>
> -       rc = str_read(&key, GFP_ATOMIC, fp, len);
> +       rc = str_read(&key, GFP_KERNEL, fp, len);
>         if (rc)
>                 goto bad;
>
>         rc = -ENOMEM;
> -       levdatum->level = kmalloc(sizeof(*levdatum->level), GFP_ATOMIC);
> +       levdatum->level = kmalloc(sizeof(*levdatum->level), GFP_KERNEL);
>         if (!levdatum->level)
>                 goto bad;
>
> @@ -1638,7 +1638,7 @@ static int cat_read(struct policydb *p, struct symtab *s, void *fp)
>         __le32 buf[3];
>         u32 len;
>
> -       catdatum = kzalloc(sizeof(*catdatum), GFP_ATOMIC);
> +       catdatum = kzalloc(sizeof(*catdatum), GFP_KERNEL);
>         if (!catdatum)
>                 return -ENOMEM;
>
> @@ -1650,7 +1650,7 @@ static int cat_read(struct policydb *p, struct symtab *s, void *fp)
>         catdatum->value = le32_to_cpu(buf[1]);
>         catdatum->isalias = le32_to_cpu(buf[2]);
>
> -       rc = str_read(&key, GFP_ATOMIC, fp, len);
> +       rc = str_read(&key, GFP_KERNEL, fp, len);
>         if (rc)
>                 goto bad;
>
> --
> 2.40.1
>
[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux