Merge tag 'v4.4.288' into toradex_vf_4.4

This is the 4.4.288 stable release Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com>
author: Max Krummenacher <max.krummenacher@toradex.com> 2021-10-16 13:04:24 +0200
committer: Max Krummenacher <max.krummenacher@toradex.com> 2021-10-16 13:04:24 +0200
commit: f8e718054f4421d11638e370b933ccc6c77466ed (patch)
tree: 973ff8cb8aed7d8e4da6a194456ddc01c206b7de /security
parent: d900385139e5aa8d584dee92c87bb85d0226253e (diff)
parent: 1392fe82d7fba00ba4a8e01968935f2b2085d5a4 (diff)
2 files changed, 15 insertions, 15 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index f3c473791b69..a16c72c2a967 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -348,26 +348,27 @@ static struct avc_xperms_decision_node
 	struct avc_xperms_decision_node *xpd_node;
 	struct extended_perms_decision *xpd;
 
-	xpd_node = kmem_cache_zalloc(avc_xperms_decision_cachep, GFP_NOWAIT);
+	xpd_node = kmem_cache_zalloc(avc_xperms_decision_cachep,
+				     GFP_NOWAIT | __GFP_NOWARN);
 	if (!xpd_node)
 		return NULL;
 
 	xpd = &xpd_node->xpd;
 	if (which & XPERMS_ALLOWED) {
 		xpd->allowed = kmem_cache_zalloc(avc_xperms_data_cachep,
-						GFP_NOWAIT);
+						GFP_NOWAIT | __GFP_NOWARN);
 		if (!xpd->allowed)
 			goto error;
 	}
 	if (which & XPERMS_AUDITALLOW) {
 		xpd->auditallow = kmem_cache_zalloc(avc_xperms_data_cachep,
-						GFP_NOWAIT);
+						GFP_NOWAIT | __GFP_NOWARN);
 		if (!xpd->auditallow)
 			goto error;
 	}
 	if (which & XPERMS_DONTAUDIT) {
 		xpd->dontaudit = kmem_cache_zalloc(avc_xperms_data_cachep,
-						GFP_NOWAIT);
+						GFP_NOWAIT | __GFP_NOWARN);
 		if (!xpd->dontaudit)
 			goto error;
 	}
@@ -395,7 +396,7 @@ static struct avc_xperms_node *avc_xperms_alloc(void)
 {
 	struct avc_xperms_node *xp_node;
 
-	xp_node = kmem_cache_zalloc(avc_xperms_cachep, GFP_NOWAIT);
+	xp_node = kmem_cache_zalloc(avc_xperms_cachep, GFP_NOWAIT | __GFP_NOWARN);
 	if (!xp_node)
 		return xp_node;
 	INIT_LIST_HEAD(&xp_node->xpd_head);
@@ -548,7 +549,7 @@ static struct avc_node *avc_alloc_node(void)
 {
 	struct avc_node *node;
 
-	node = kmem_cache_zalloc(avc_node_cachep, GFP_NOWAIT);
+	node = kmem_cache_zalloc(avc_node_cachep, GFP_NOWAIT | __GFP_NOWARN);
 	if (!node)
 		goto out;
 
diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
index 0df316c62005..84f38b694242 100644
--- a/security/smack/smack_access.c
+++ b/security/smack/smack_access.c
@@ -90,23 +90,22 @@ int log_policy = SMACK_AUDIT_DENIED;
 int smk_access_entry(char *subject_label, char *object_label,
 			struct list_head *rule_list)
 {
-	int may = -ENOENT;
 	struct smack_rule *srp;
 
 	list_for_each_entry_rcu(srp, rule_list, list) {
 		if (srp->smk_object->smk_known == object_label &&
 		    srp->smk_subject->smk_known == subject_label) {
-			may = srp->smk_access;
-			break;
+			int may = srp->smk_access;
+			/*
+			 * MAY_WRITE implies MAY_LOCK.
+			 */
+			if ((may & MAY_WRITE) == MAY_WRITE)
+				may |= MAY_LOCK;
+			return may;
 		}
 	}
 
-	/*
-	 * MAY_WRITE implies MAY_LOCK.
-	 */
-	if ((may & MAY_WRITE) == MAY_WRITE)
-		may |= MAY_LOCK;
-	return may;
+	return -ENOENT;
 }
 
 /**
author	Max Krummenacher <max.krummenacher@toradex.com>	2021-10-16 13:04:24 +0200
committer	Max Krummenacher <max.krummenacher@toradex.com>	2021-10-16 13:04:24 +0200
commit	f8e718054f4421d11638e370b933ccc6c77466ed (patch)
tree	973ff8cb8aed7d8e4da6a194456ddc01c206b7de /security
parent	d900385139e5aa8d584dee92c87bb85d0226253e (diff)
parent	1392fe82d7fba00ba4a8e01968935f2b2085d5a4 (diff)