path: root/fs/nfs/super.c
diff options
authorAl Viro <viro@zeniv.linux.org.uk>2018-12-10 17:30:41 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2018-12-21 11:47:19 -0500
commit6a0440e5b7562512c021aa1b5a706fcc545773db (patch)
tree1949ceff7d2c7d417d8927420bb3b966e6d9cdbf /fs/nfs/super.c
parenta65001e8a4d465693d0191297a6fd864c96b3147 (diff)
nfs_remount(): don't leak, don't ignore LSM options quietly
* if mount(2) passes something like "context=foo" with MS_REMOUNT in flags (/sbin/mount.nfs will _not_ do that - you need to issue the syscall manually), you'll get leaked copies for LSM options. The reason is that instead of nfs_{alloc,free}_parsed_mount_data() nfs_remount() uses kzalloc/kfree, which lacks the needed cleanup. * selinux options are not changed on remount (as for any other fs), but in case of NFS the failure is quiet - they are not compared to what we used to have, with complaint in case of attempted changes. Trivially fixed by converting to use of security_sb_remount(). Reviewed-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs/nfs/super.c')
1 files changed, 4 insertions, 2 deletions
diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index f9c8847171e8..300bdd1d4a09 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -2254,7 +2254,7 @@ nfs_remount(struct super_block *sb, int *flags, char *raw_data)
options->version <= 6))))
return 0;
- data = kzalloc(sizeof(*data), GFP_KERNEL);
+ data = nfs_alloc_parsed_mount_data();
if (data == NULL)
return -ENOMEM;
@@ -2293,8 +2293,10 @@ nfs_remount(struct super_block *sb, int *flags, char *raw_data)
/* compare new mount options with old ones */
error = nfs_compare_remount_data(nfss, data);
+ if (!error)
+ error = security_sb_remount(sb, &data->lsm_opts);
- kfree(data);
+ nfs_free_parsed_mount_data(data);
return error;