path: root/security/smack/smack.h
diff options
authorHimanshu Shukla <himanshu.sh@samsung.com>2016-11-23 11:59:19 +0530
committerCasey Schaufler <casey@schaufler-ca.com>2017-01-10 09:47:20 -0800
commit3d4f673a6988f57e6f6ccd1a3b79eee171545e08 (patch)
tree9247044b309b7395a75f92b4e9247adad3eb6e5a /security/smack/smack.h
parentd54a197964e7eb636a0c64fb0dbdd67759eb71f2 (diff)
SMACK: Free the i_security blob in inode using RCU
There is race condition issue while freeing the i_security blob in SMACK module. There is existing condition where i_security can be freed while inode_permission is called from path lookup on second CPU. There has been observed the page fault with such condition. VFS code and Selinux module takes care of this condition by freeing the inode and i_security field using RCU via call_rcu(). But in SMACK directly the i_secuirty blob is being freed. Use call_rcu() to fix this race condition issue. Signed-off-by: Himanshu Shukla <himanshu.sh@samsung.com> Signed-off-by: Vishal Goel <vishal.goel@samsung.com> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Diffstat (limited to 'security/smack/smack.h')
1 files changed, 1 insertions, 0 deletions
diff --git a/security/smack/smack.h b/security/smack/smack.h
index 2fac3b5bf44a..612b810fbbc6 100644
--- a/security/smack/smack.h
+++ b/security/smack/smack.h
@@ -114,6 +114,7 @@ struct inode_smack {
struct smack_known *smk_mmap; /* label of the mmap domain */
struct mutex smk_lock; /* initialization lock */
int smk_flags; /* smack inode flags */
+ struct rcu_head smk_rcu; /* for freeing inode_smack */
struct task_smack {