diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/Kconfig | 4 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 3 |
2 files changed, 4 insertions, 3 deletions
diff --git a/security/Kconfig b/security/Kconfig index 9c60c346a91d..4c865345caa0 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -114,9 +114,9 @@ config SECURITY_ROOTPLUG If you are unsure how to answer this question, answer N. config LSM_MMAP_MIN_ADDR - int "Low address space for LSM to from user allocation" + int "Low address space for LSM to protect from user allocation" depends on SECURITY && SECURITY_SELINUX - default 65535 + default 65536 help This is the portion of low virtual memory which should be protected from userspace allocation. Keeping a user from writing to low pages diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 254b7983657d..6d0b1ccb5b99 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1285,6 +1285,8 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX, context, len); if (rc == -ERANGE) { + kfree(context); + /* Need a larger buffer. Query for the right size. */ rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX, NULL, 0); @@ -1292,7 +1294,6 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent dput(dentry); goto out_unlock; } - kfree(context); len = rc; context = kmalloc(len+1, GFP_NOFS); if (!context) { |