nfs_remount(): don't leak, don't ignore LSM options quietly

* if mount(2) passes something like "context=foo" with MS_REMOUNT
in flags (/sbin/mount.nfs will _not_ do that - you need to issue
the syscall manually), you'll get leaked copies for LSM options.
The reason is that instead of nfs_{alloc,free}_parsed_mount_data()
nfs_remount() uses kzalloc/kfree, which lacks the needed cleanup.

* selinux options are not changed on remount (as for any other
fs), but in case of NFS the failure is quiet - they are not compared
to what we used to have, with complaint in case of attempted changes.
Trivially fixed by converting to use of security_sb_remount().

Reviewed-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index f9c8847..300bdd1 100644 (file)
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -2254,7 +2254,7 @@ nfs_remount(struct super_block *sb, int *flags, char *raw_data)
                                           options->version <= 6))))
                return 0;
 
-       data = kzalloc(sizeof(*data), GFP_KERNEL);
+       data = nfs_alloc_parsed_mount_data();
        if (data == NULL)
                return -ENOMEM;
 
@@ -2293,8 +2293,10 @@ nfs_remount(struct super_block *sb, int *flags, char *raw_data)
 
        /* compare new mount options with old ones */
        error = nfs_compare_remount_data(nfss, data);
+       if (!error)
+               error = security_sb_remount(sb, &data->lsm_opts);
 out:
-       kfree(data);
+       nfs_free_parsed_mount_data(data);
        return error;
 }
 EXPORT_SYMBOL_GPL(nfs_remount);