Commit 6a0440e5 authored Dec 10, 2018 by Al Viro

nfs_remount(): don't leak, don't ignore LSM options quietly



* if mount(2) passes something like "context=foo" with MS_REMOUNT
in flags (/sbin/mount.nfs will _not_ do that - you need to issue
the syscall manually), you'll get leaked copies for LSM options.
The reason is that instead of nfs_{alloc,free}_parsed_mount_data()
nfs_remount() uses kzalloc/kfree, which lacks the needed cleanup.

* selinux options are not changed on remount (as for any other
fs), but in case of NFS the failure is quiet - they are not compared
to what we used to have, with complaint in case of attempted changes.
Trivially fixed by converting to use of security_sb_remount().

Reviewed-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

parent a65001e8

fs/nfs/super.c

+4 −2

Original line number	Diff line number	Diff line
		@@ -2254,7 +2254,7 @@ nfs_remount(struct super_block sb, int flags, char *raw_data)
		options->version <= 6))))
		return 0;

		data = kzalloc(sizeof(*data), GFP_KERNEL);
		data = nfs_alloc_parsed_mount_data();
		if (data == NULL)
		return -ENOMEM;

		@@ -2293,8 +2293,10 @@ nfs_remount(struct super_block sb, int flags, char *raw_data)

		/* compare new mount options with old ones */
		error = nfs_compare_remount_data(nfss, data);
		if (!error)
		error = security_sb_remount(sb, &data->lsm_opts);
		out:
		kfree(data);
		nfs_free_parsed_mount_data(data);
		return error;
		}
		EXPORT_SYMBOL_GPL(nfs_remount);

Admin message