summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/Kconfig4
-rw-r--r--security/selinux/hooks.c3
2 files changed, 4 insertions, 3 deletions
diff --git a/security/Kconfig b/security/Kconfig
index 9c60c346a91d..4c865345caa0 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -114,9 +114,9 @@ config SECURITY_ROOTPLUG
If you are unsure how to answer this question, answer N.
config LSM_MMAP_MIN_ADDR
- int "Low address space for LSM to from user allocation"
+ int "Low address space for LSM to protect from user allocation"
depends on SECURITY && SECURITY_SELINUX
- default 65535
+ default 65536
help
This is the portion of low virtual memory which should be protected
from userspace allocation. Keeping a user from writing to low pages
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 254b7983657d..6d0b1ccb5b99 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1285,6 +1285,8 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX,
context, len);
if (rc == -ERANGE) {
+ kfree(context);
+
/* Need a larger buffer. Query for the right size. */
rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX,
NULL, 0);
@@ -1292,7 +1294,6 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
dput(dentry);
goto out_unlock;
}
- kfree(context);
len = rc;
context = kmalloc(len+1, GFP_NOFS);
if (!context) {