On 8/21/2019 10:54 PM, Eric Biggers wrote: > From: Eric Biggers <ebiggers@xxxxxxxxxx> > > inode_smack::smk_lock is taken during smack_d_instantiate(), which is > called during a filesystem transaction when creating a file on ext4. > Therefore to avoid a deadlock, all code that takes this lock must use > GFP_NOFS, to prevent memory reclaim from waiting for the filesystem > transaction to complete. > > Reported-by: syzbot+0eefc1e06a77d327a056@xxxxxxxxxxxxxxxxxxxxxxxxx > Cc: stable@xxxxxxxxxxxxxxx > Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx> I will run tests on this, and will take it in the Smack tree unless there are unexpected failures. > --- > security/smack/smack_access.c | 6 +++--- > security/smack/smack_lsm.c | 2 +- > 2 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c > index f1c93a7be9ec..38ac3da4e791 100644 > --- a/security/smack/smack_access.c > +++ b/security/smack/smack_access.c > @@ -465,7 +465,7 @@ char *smk_parse_smack(const char *string, int len) > if (i == 0 || i >= SMK_LONGLABEL) > return ERR_PTR(-EINVAL); > > - smack = kzalloc(i + 1, GFP_KERNEL); > + smack = kzalloc(i + 1, GFP_NOFS); > if (smack == NULL) > return ERR_PTR(-ENOMEM); > > @@ -500,7 +500,7 @@ int smk_netlbl_mls(int level, char *catset, struct netlbl_lsm_secattr *sap, > if ((m & *cp) == 0) > continue; > rc = netlbl_catmap_setbit(&sap->attr.mls.cat, > - cat, GFP_KERNEL); > + cat, GFP_NOFS); > if (rc < 0) { > netlbl_catmap_free(sap->attr.mls.cat); > return rc; > @@ -536,7 +536,7 @@ struct smack_known *smk_import_entry(const char *string, int len) > if (skp != NULL) > goto freeout; > > - skp = kzalloc(sizeof(*skp), GFP_KERNEL); > + skp = kzalloc(sizeof(*skp), GFP_NOFS); > if (skp == NULL) { > skp = ERR_PTR(-ENOMEM); > goto freeout; > diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c > index 50c536cad85b..7e4d3145a018 100644 > --- a/security/smack/smack_lsm.c > +++ b/security/smack/smack_lsm.c > @@ -288,7 +288,7 @@ static struct smack_known *smk_fetch(const char *name, struct inode *ip, > if (!(ip->i_opflags & IOP_XATTR)) > return ERR_PTR(-EOPNOTSUPP); > > - buffer = kzalloc(SMK_LONGLABEL, GFP_KERNEL); > + buffer = kzalloc(SMK_LONGLABEL, GFP_NOFS); > if (buffer == NULL) > return ERR_PTR(-ENOMEM); >