From: Parag Warudkar Date: Tue, 2 Jan 2007 20:09:31 +0000 (+0100) Subject: [PATCH] selinux: fix selinux_netlbl_inode_permission() locking X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=9883a13c72dbf8c518814b6091019643cdb34429;p=GitHub%2FLineageOS%2FG12%2Fandroid_kernel_amlogic_linux-4.9.git [PATCH] selinux: fix selinux_netlbl_inode_permission() locking do not call a sleeping lock API in an RCU read section. lock_sock_nested can sleep, its BH counterpart doesn't. selinux_netlbl_inode_permission() needs to use the BH counterpart unconditionally. Compile tested. From: Ingo Molnar added BH disabling, because this function can be called from non-atomic contexts too, so a naked bh_lock_sock() would be deadlock-prone. Boot-tested the resulting kernel. Signed-off-by: Parag Warudkar Signed-off-by: Ingo Molnar Signed-off-by: Linus Torvalds --- diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index bdb7070dd3dc..ee0581557966 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -2660,9 +2660,11 @@ int selinux_netlbl_inode_permission(struct inode *inode, int mask) rcu_read_unlock(); return 0; } - lock_sock(sock->sk); + local_bh_disable(); + bh_lock_sock_nested(sock->sk); rc = selinux_netlbl_socket_setsid(sock, sksec->sid); - release_sock(sock->sk); + bh_unlock_sock(sock->sk); + local_bh_enable(); rcu_read_unlock(); return rc;