aboutsummaryrefslogtreecommitdiffstats
path: root/security/security.c
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2018-12-10 17:30:41 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2018-12-21 11:47:19 -0500
commit6a0440e5b7562512c021aa1b5a706fcc545773db (patch)
tree1949ceff7d2c7d417d8927420bb3b966e6d9cdbf /security/security.c
parentbtrfs: sanitize security_mnt_opts use (diff)
downloadlinux-dev-6a0440e5b7562512c021aa1b5a706fcc545773db.tar.xz
linux-dev-6a0440e5b7562512c021aa1b5a706fcc545773db.zip
nfs_remount(): don't leak, don't ignore LSM options quietly
* if mount(2) passes something like "context=foo" with MS_REMOUNT in flags (/sbin/mount.nfs will _not_ do that - you need to issue the syscall manually), you'll get leaked copies for LSM options. The reason is that instead of nfs_{alloc,free}_parsed_mount_data() nfs_remount() uses kzalloc/kfree, which lacks the needed cleanup. * selinux options are not changed on remount (as for any other fs), but in case of NFS the failure is quiet - they are not compared to what we used to have, with complaint in case of attempted changes. Trivially fixed by converting to use of security_sb_remount(). Reviewed-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'security/security.c')
0 files changed, 0 insertions, 0 deletions