aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2010-04-28 01:17:42 -0400
committerJames Morris <jmorris@namei.org>2010-05-05 10:50:43 -0400
commit4e5d6f7ec3833c0da9cf34fa5c53c6058c5908b6 (patch)
tree5c0db5bfcdcb1b07594f20054cc6eefe05161c9a /security
parenta674fa46c79ffa37995bd1c8e4daa2b3be5a95ae (diff)
TOMOYO: Use GFP_NOFS rather than GFP_KERNEL.
In Ubuntu, security_path_*() hooks are exported to Unionfs. Thus, prepare for being called from inside VFS functions because I'm not sure whether it is safe to use GFP_KERNEL or not. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r--security/tomoyo/common.c10
-rw-r--r--security/tomoyo/domain.c10
-rw-r--r--security/tomoyo/file.c12
-rw-r--r--security/tomoyo/realpath.c4
4 files changed, 18 insertions, 18 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 588f36a9337..b9f64ca5f15 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -883,7 +883,7 @@ static struct tomoyo_profile *tomoyo_find_or_assign_new_profile(const unsigned
883 ptr = tomoyo_profile_ptr[profile]; 883 ptr = tomoyo_profile_ptr[profile];
884 if (ptr) 884 if (ptr)
885 goto ok; 885 goto ok;
886 ptr = kmalloc(sizeof(*ptr), GFP_KERNEL); 886 ptr = kmalloc(sizeof(*ptr), GFP_NOFS);
887 if (!tomoyo_memory_ok(ptr)) { 887 if (!tomoyo_memory_ok(ptr)) {
888 kfree(ptr); 888 kfree(ptr);
889 ptr = NULL; 889 ptr = NULL;
@@ -1088,7 +1088,7 @@ static int tomoyo_update_manager_entry(const char *manager,
1088 if (!saved_manager) 1088 if (!saved_manager)
1089 return -ENOMEM; 1089 return -ENOMEM;
1090 if (!is_delete) 1090 if (!is_delete)
1091 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 1091 entry = kmalloc(sizeof(*entry), GFP_NOFS);
1092 mutex_lock(&tomoyo_policy_lock); 1092 mutex_lock(&tomoyo_policy_lock);
1093 list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) { 1093 list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) {
1094 if (ptr->manager != saved_manager) 1094 if (ptr->manager != saved_manager)
@@ -1881,7 +1881,7 @@ static int tomoyo_read_self_domain(struct tomoyo_io_buffer *head)
1881 */ 1881 */
1882static int tomoyo_open_control(const u8 type, struct file *file) 1882static int tomoyo_open_control(const u8 type, struct file *file)
1883{ 1883{
1884 struct tomoyo_io_buffer *head = kzalloc(sizeof(*head), GFP_KERNEL); 1884 struct tomoyo_io_buffer *head = kzalloc(sizeof(*head), GFP_NOFS);
1885 1885
1886 if (!head) 1886 if (!head)
1887 return -ENOMEM; 1887 return -ENOMEM;
@@ -1942,7 +1942,7 @@ static int tomoyo_open_control(const u8 type, struct file *file)
1942 } else { 1942 } else {
1943 if (!head->readbuf_size) 1943 if (!head->readbuf_size)
1944 head->readbuf_size = 4096 * 2; 1944 head->readbuf_size = 4096 * 2;
1945 head->read_buf = kzalloc(head->readbuf_size, GFP_KERNEL); 1945 head->read_buf = kzalloc(head->readbuf_size, GFP_NOFS);
1946 if (!head->read_buf) { 1946 if (!head->read_buf) {
1947 kfree(head); 1947 kfree(head);
1948 return -ENOMEM; 1948 return -ENOMEM;
@@ -1956,7 +1956,7 @@ static int tomoyo_open_control(const u8 type, struct file *file)
1956 head->write = NULL; 1956 head->write = NULL;
1957 } else if (head->write) { 1957 } else if (head->write) {
1958 head->writebuf_size = 4096 * 2; 1958 head->writebuf_size = 4096 * 2;
1959 head->write_buf = kzalloc(head->writebuf_size, GFP_KERNEL); 1959 head->write_buf = kzalloc(head->writebuf_size, GFP_NOFS);
1960 if (!head->write_buf) { 1960 if (!head->write_buf) {
1961 kfree(head->read_buf); 1961 kfree(head->read_buf);
1962 kfree(head); 1962 kfree(head);
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index 66caaa1b842..ed514188324 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -152,7 +152,7 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname,
152 if (!saved_program) 152 if (!saved_program)
153 goto out; 153 goto out;
154 if (!is_delete) 154 if (!is_delete)
155 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 155 entry = kmalloc(sizeof(*entry), GFP_NOFS);
156 mutex_lock(&tomoyo_policy_lock); 156 mutex_lock(&tomoyo_policy_lock);
157 list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) { 157 list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) {
158 if (ptr->is_not != is_not || 158 if (ptr->is_not != is_not ||
@@ -372,7 +372,7 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname,
372 if (!saved_domainname) 372 if (!saved_domainname)
373 goto out; 373 goto out;
374 if (!is_delete) 374 if (!is_delete)
375 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 375 entry = kmalloc(sizeof(*entry), GFP_NOFS);
376 mutex_lock(&tomoyo_policy_lock); 376 mutex_lock(&tomoyo_policy_lock);
377 list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { 377 list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) {
378 if (ptr->is_not != is_not || 378 if (ptr->is_not != is_not ||
@@ -564,7 +564,7 @@ static int tomoyo_update_alias_entry(const char *original_name,
564 if (!saved_original_name || !saved_aliased_name) 564 if (!saved_original_name || !saved_aliased_name)
565 goto out; 565 goto out;
566 if (!is_delete) 566 if (!is_delete)
567 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 567 entry = kmalloc(sizeof(*entry), GFP_NOFS);
568 mutex_lock(&tomoyo_policy_lock); 568 mutex_lock(&tomoyo_policy_lock);
569 list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { 569 list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) {
570 if (ptr->original_name != saved_original_name || 570 if (ptr->original_name != saved_original_name ||
@@ -664,7 +664,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
664 saved_domainname = tomoyo_get_name(domainname); 664 saved_domainname = tomoyo_get_name(domainname);
665 if (!saved_domainname) 665 if (!saved_domainname)
666 return NULL; 666 return NULL;
667 entry = kzalloc(sizeof(*entry), GFP_KERNEL); 667 entry = kzalloc(sizeof(*entry), GFP_NOFS);
668 mutex_lock(&tomoyo_policy_lock); 668 mutex_lock(&tomoyo_policy_lock);
669 list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { 669 list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) {
670 if (domain->is_deleted || 670 if (domain->is_deleted ||
@@ -704,7 +704,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
704 * This function assumes that the size of buffer returned by 704 * This function assumes that the size of buffer returned by
705 * tomoyo_realpath() = TOMOYO_MAX_PATHNAME_LEN. 705 * tomoyo_realpath() = TOMOYO_MAX_PATHNAME_LEN.
706 */ 706 */
707 struct tomoyo_page_buffer *tmp = kzalloc(sizeof(*tmp), GFP_KERNEL); 707 struct tomoyo_page_buffer *tmp = kzalloc(sizeof(*tmp), GFP_NOFS);
708 struct tomoyo_domain_info *old_domain = tomoyo_domain(); 708 struct tomoyo_domain_info *old_domain = tomoyo_domain();
709 struct tomoyo_domain_info *domain = NULL; 709 struct tomoyo_domain_info *domain = NULL;
710 const char *old_domain_name = old_domain->domainname->name; 710 const char *old_domain_name = old_domain->domainname->name;
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c
index 1b24304edb7..cf67e55a0d1 100644
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -99,7 +99,7 @@ static struct tomoyo_path_info *tomoyo_get_path(struct path *path)
99{ 99{
100 int error; 100 int error;
101 struct tomoyo_path_info_with_data *buf = kzalloc(sizeof(*buf), 101 struct tomoyo_path_info_with_data *buf = kzalloc(sizeof(*buf),
102 GFP_KERNEL); 102 GFP_NOFS);
103 103
104 if (!buf) 104 if (!buf)
105 return NULL; 105 return NULL;
@@ -174,7 +174,7 @@ static int tomoyo_update_globally_readable_entry(const char *filename,
174 if (!saved_filename) 174 if (!saved_filename)
175 return -ENOMEM; 175 return -ENOMEM;
176 if (!is_delete) 176 if (!is_delete)
177 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 177 entry = kmalloc(sizeof(*entry), GFP_NOFS);
178 mutex_lock(&tomoyo_policy_lock); 178 mutex_lock(&tomoyo_policy_lock);
179 list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) { 179 list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) {
180 if (ptr->filename != saved_filename) 180 if (ptr->filename != saved_filename)
@@ -321,7 +321,7 @@ static int tomoyo_update_file_pattern_entry(const char *pattern,
321 if (!saved_pattern->is_patterned) 321 if (!saved_pattern->is_patterned)
322 goto out; 322 goto out;
323 if (!is_delete) 323 if (!is_delete)
324 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 324 entry = kmalloc(sizeof(*entry), GFP_NOFS);
325 mutex_lock(&tomoyo_policy_lock); 325 mutex_lock(&tomoyo_policy_lock);
326 list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) { 326 list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) {
327 if (saved_pattern != ptr->pattern) 327 if (saved_pattern != ptr->pattern)
@@ -474,7 +474,7 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern,
474 if (!saved_pattern) 474 if (!saved_pattern)
475 return error; 475 return error;
476 if (!is_delete) 476 if (!is_delete)
477 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 477 entry = kmalloc(sizeof(*entry), GFP_NOFS);
478 mutex_lock(&tomoyo_policy_lock); 478 mutex_lock(&tomoyo_policy_lock);
479 list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) { 479 list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) {
480 if (ptr->pattern != saved_pattern) 480 if (ptr->pattern != saved_pattern)
@@ -820,7 +820,7 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename,
820 if (!saved_filename) 820 if (!saved_filename)
821 return -ENOMEM; 821 return -ENOMEM;
822 if (!is_delete) 822 if (!is_delete)
823 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 823 entry = kmalloc(sizeof(*entry), GFP_NOFS);
824 mutex_lock(&tomoyo_policy_lock); 824 mutex_lock(&tomoyo_policy_lock);
825 list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { 825 list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) {
826 struct tomoyo_path_acl *acl = 826 struct tomoyo_path_acl *acl =
@@ -906,7 +906,7 @@ static int tomoyo_update_path2_acl(const u8 type, const char *filename1,
906 if (!saved_filename1 || !saved_filename2) 906 if (!saved_filename1 || !saved_filename2)
907 goto out; 907 goto out;
908 if (!is_delete) 908 if (!is_delete)
909 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 909 entry = kmalloc(sizeof(*entry), GFP_NOFS);
910 mutex_lock(&tomoyo_policy_lock); 910 mutex_lock(&tomoyo_policy_lock);
911 list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { 911 list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) {
912 struct tomoyo_path2_acl *acl = 912 struct tomoyo_path2_acl *acl =
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index cf7d61f781b..8fe3ee20a18 100644
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -138,7 +138,7 @@ int tomoyo_realpath_from_path2(struct path *path, char *newname,
138 */ 138 */
139char *tomoyo_realpath_from_path(struct path *path) 139char *tomoyo_realpath_from_path(struct path *path)
140{ 140{
141 char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_KERNEL); 141 char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_NOFS);
142 142
143 BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer) 143 BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer)
144 <= TOMOYO_MAX_PATHNAME_LEN - 1); 144 <= TOMOYO_MAX_PATHNAME_LEN - 1);
@@ -269,7 +269,7 @@ const struct tomoyo_path_info *tomoyo_get_name(const char *name)
269 atomic_inc(&ptr->users); 269 atomic_inc(&ptr->users);
270 goto out; 270 goto out;
271 } 271 }
272 ptr = kzalloc(sizeof(*ptr) + len, GFP_KERNEL); 272 ptr = kzalloc(sizeof(*ptr) + len, GFP_NOFS);
273 allocated_len = ptr ? ksize(ptr) : 0; 273 allocated_len = ptr ? ksize(ptr) : 0;
274 if (!ptr || (tomoyo_quota_for_policy && 274 if (!ptr || (tomoyo_quota_for_policy &&
275 atomic_read(&tomoyo_policy_memory_size) + allocated_len 275 atomic_read(&tomoyo_policy_memory_size) + allocated_len