Merge tag 'selinux-pr-20200210' of git://git.kernel.org/pub/scm/linux/kernel/git...

Pull SELinux fixes from Paul Moore:
 "Two small fixes: one fixes a locking problem in the recently merged
  label translation code, the other fixes an embarrassing 'binderfs' /
  'binder' filesystem name check"

* tag 'selinux-pr-20200210' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
  selinux: fix sidtab string cache locking
  selinux: fix typo in filesystem name

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 4b6991e..1659b59 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -698,7 +698,7 @@ static int selinux_set_mnt_opts(struct super_block *sb,
 
        if (!strcmp(sb->s_type->name, "debugfs") ||
            !strcmp(sb->s_type->name, "tracefs") ||
-           !strcmp(sb->s_type->name, "binderfs") ||
+           !strcmp(sb->s_type->name, "binder") ||
            !strcmp(sb->s_type->name, "pstore"))
                sbsec->flags |= SE_SBGENFS;
 

diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c
index a308ce1..f511ffc 100644 (file)
--- a/security/selinux/ss/sidtab.c
+++ b/security/selinux/ss/sidtab.c
@@ -518,19 +518,13 @@ void sidtab_sid2str_put(struct sidtab *s, struct sidtab_entry *entry,
                        const char *str, u32 str_len)
 {
        struct sidtab_str_cache *cache, *victim = NULL;
+       unsigned long flags;
 
        /* do not cache invalid contexts */
        if (entry->context.len)
                return;
 
-       /*
-        * Skip the put operation when in non-task context to avoid the need
-        * to disable interrupts while holding s->cache_lock.
-        */
-       if (!in_task())
-               return;
-
-       spin_lock(&s->cache_lock);
+       spin_lock_irqsave(&s->cache_lock, flags);
 
        cache = rcu_dereference_protected(entry->cache,
                                          lockdep_is_held(&s->cache_lock));
@@ -561,7 +555,7 @@ void sidtab_sid2str_put(struct sidtab *s, struct sidtab_entry *entry,
        rcu_assign_pointer(entry->cache, cache);
 
 out_unlock:
-       spin_unlock(&s->cache_lock);
+       spin_unlock_irqrestore(&s->cache_lock, flags);
        kfree_rcu(victim, rcu_member);
 }