aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorCasey Schaufler2012-04-17 20:55:46 -0500
committerJames Morris2012-04-17 21:02:28 -0500
commit86812bb0de1a3758dc6c7aa01a763158a7c0638a (patch)
tree41cb41cd7fe52730a3fe8c88ca298c2494f9040a /security/smack
parent592fe8980688e7cba46897685d014c7fb3018a67 (diff)
downloadkernel-common-86812bb0de1a3758dc6c7aa01a763158a7c0638a.tar.gz
kernel-common-86812bb0de1a3758dc6c7aa01a763158a7c0638a.tar.xz
kernel-common-86812bb0de1a3758dc6c7aa01a763158a7c0638a.zip
Smack: move label list initialization
A kernel with Smack enabled will fail if tmpfs has xattr support. Move the initialization of predefined Smack label list entries to the LSM initialization from the smackfs setup. This became an issue when tmpfs acquired xattr support, but was never correct. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'security/smack')
-rw-r--r--security/smack/smack_lsm.c44
-rw-r--r--security/smack/smackfs.c14
2 files changed, 33 insertions, 25 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 10056f2f6df..45c32f07416 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -3640,8 +3640,38 @@ struct security_operations smack_ops = {
3640}; 3640};
3641 3641
3642 3642
3643static __init void init_smack_know_list(void) 3643static __init void init_smack_known_list(void)
3644{ 3644{
3645 /*
3646 * Initialize CIPSO locks
3647 */
3648 spin_lock_init(&smack_known_huh.smk_cipsolock);
3649 spin_lock_init(&smack_known_hat.smk_cipsolock);
3650 spin_lock_init(&smack_known_star.smk_cipsolock);
3651 spin_lock_init(&smack_known_floor.smk_cipsolock);
3652 spin_lock_init(&smack_known_invalid.smk_cipsolock);
3653 spin_lock_init(&smack_known_web.smk_cipsolock);
3654 /*
3655 * Initialize rule list locks
3656 */
3657 mutex_init(&smack_known_huh.smk_rules_lock);
3658 mutex_init(&smack_known_hat.smk_rules_lock);
3659 mutex_init(&smack_known_floor.smk_rules_lock);
3660 mutex_init(&smack_known_star.smk_rules_lock);
3661 mutex_init(&smack_known_invalid.smk_rules_lock);
3662 mutex_init(&smack_known_web.smk_rules_lock);
3663 /*
3664 * Initialize rule lists
3665 */
3666 INIT_LIST_HEAD(&smack_known_huh.smk_rules);
3667 INIT_LIST_HEAD(&smack_known_hat.smk_rules);
3668 INIT_LIST_HEAD(&smack_known_star.smk_rules);
3669 INIT_LIST_HEAD(&smack_known_floor.smk_rules);
3670 INIT_LIST_HEAD(&smack_known_invalid.smk_rules);
3671 INIT_LIST_HEAD(&smack_known_web.smk_rules);
3672 /*
3673 * Create the known labels list
3674 */
3645 list_add(&smack_known_huh.list, &smack_known_list); 3675 list_add(&smack_known_huh.list, &smack_known_list);
3646 list_add(&smack_known_hat.list, &smack_known_list); 3676 list_add(&smack_known_hat.list, &smack_known_list);
3647 list_add(&smack_known_star.list, &smack_known_list); 3677 list_add(&smack_known_star.list, &smack_known_list);
@@ -3676,16 +3706,8 @@ static __init int smack_init(void)
3676 cred = (struct cred *) current->cred; 3706 cred = (struct cred *) current->cred;
3677 cred->security = tsp; 3707 cred->security = tsp;
3678 3708
3679 /* initialize the smack_know_list */ 3709 /* initialize the smack_known_list */
3680 init_smack_know_list(); 3710 init_smack_known_list();
3681 /*
3682 * Initialize locks
3683 */
3684 spin_lock_init(&smack_known_huh.smk_cipsolock);
3685 spin_lock_init(&smack_known_hat.smk_cipsolock);
3686 spin_lock_init(&smack_known_star.smk_cipsolock);
3687 spin_lock_init(&smack_known_floor.smk_cipsolock);
3688 spin_lock_init(&smack_known_invalid.smk_cipsolock);
3689 3711
3690 /* 3712 /*
3691 * Register with LSM 3713 * Register with LSM
diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
index 5c32f36ff70..038811cb7e6 100644
--- a/security/smack/smackfs.c
+++ b/security/smack/smackfs.c
@@ -1614,20 +1614,6 @@ static int __init init_smk_fs(void)
1614 smk_cipso_doi(); 1614 smk_cipso_doi();
1615 smk_unlbl_ambient(NULL); 1615 smk_unlbl_ambient(NULL);
1616 1616
1617 mutex_init(&smack_known_floor.smk_rules_lock);
1618 mutex_init(&smack_known_hat.smk_rules_lock);
1619 mutex_init(&smack_known_huh.smk_rules_lock);
1620 mutex_init(&smack_known_invalid.smk_rules_lock);
1621 mutex_init(&smack_known_star.smk_rules_lock);
1622 mutex_init(&smack_known_web.smk_rules_lock);
1623
1624 INIT_LIST_HEAD(&smack_known_floor.smk_rules);
1625 INIT_LIST_HEAD(&smack_known_hat.smk_rules);
1626 INIT_LIST_HEAD(&smack_known_huh.smk_rules);
1627 INIT_LIST_HEAD(&smack_known_invalid.smk_rules);
1628 INIT_LIST_HEAD(&smack_known_star.smk_rules);
1629 INIT_LIST_HEAD(&smack_known_web.smk_rules);
1630
1631 return err; 1617 return err;
1632} 1618}
1633 1619