diff options
Diffstat (limited to 'security/tomoyo/common.c')
-rw-r--r-- | security/tomoyo/common.c | 32 |
1 files changed, 14 insertions, 18 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 8f34036fd31..62e089c50ae 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
@@ -1071,46 +1071,42 @@ LIST_HEAD(tomoyo_policy_manager_list); | |||
1071 | static int tomoyo_update_manager_entry(const char *manager, | 1071 | static int tomoyo_update_manager_entry(const char *manager, |
1072 | const bool is_delete) | 1072 | const bool is_delete) |
1073 | { | 1073 | { |
1074 | struct tomoyo_policy_manager_entry *entry = NULL; | ||
1075 | struct tomoyo_policy_manager_entry *ptr; | 1074 | struct tomoyo_policy_manager_entry *ptr; |
1076 | const struct tomoyo_path_info *saved_manager; | 1075 | struct tomoyo_policy_manager_entry e = { }; |
1077 | int error = is_delete ? -ENOENT : -ENOMEM; | 1076 | int error = is_delete ? -ENOENT : -ENOMEM; |
1078 | bool is_domain = false; | ||
1079 | 1077 | ||
1080 | if (tomoyo_is_domain_def(manager)) { | 1078 | if (tomoyo_is_domain_def(manager)) { |
1081 | if (!tomoyo_is_correct_domain(manager)) | 1079 | if (!tomoyo_is_correct_domain(manager)) |
1082 | return -EINVAL; | 1080 | return -EINVAL; |
1083 | is_domain = true; | 1081 | e.is_domain = true; |
1084 | } else { | 1082 | } else { |
1085 | if (!tomoyo_is_correct_path(manager, 1, -1, -1)) | 1083 | if (!tomoyo_is_correct_path(manager, 1, -1, -1)) |
1086 | return -EINVAL; | 1084 | return -EINVAL; |
1087 | } | 1085 | } |
1088 | saved_manager = tomoyo_get_name(manager); | 1086 | e.manager = tomoyo_get_name(manager); |
1089 | if (!saved_manager) | 1087 | if (!e.manager) |
1090 | return -ENOMEM; | 1088 | return -ENOMEM; |
1091 | if (!is_delete) | ||
1092 | entry = kmalloc(sizeof(*entry), GFP_NOFS); | ||
1093 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) | 1089 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
1094 | goto out; | 1090 | goto out; |
1095 | list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) { | 1091 | list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) { |
1096 | if (ptr->manager != saved_manager) | 1092 | if (ptr->manager != e.manager) |
1097 | continue; | 1093 | continue; |
1098 | ptr->is_deleted = is_delete; | 1094 | ptr->is_deleted = is_delete; |
1099 | error = 0; | 1095 | error = 0; |
1100 | break; | 1096 | break; |
1101 | } | 1097 | } |
1102 | if (!is_delete && error && tomoyo_memory_ok(entry)) { | 1098 | if (!is_delete && error) { |
1103 | entry->manager = saved_manager; | 1099 | struct tomoyo_policy_manager_entry *entry = |
1104 | saved_manager = NULL; | 1100 | tomoyo_commit_ok(&e, sizeof(e)); |
1105 | entry->is_domain = is_domain; | 1101 | if (entry) { |
1106 | list_add_tail_rcu(&entry->list, &tomoyo_policy_manager_list); | 1102 | list_add_tail_rcu(&entry->list, |
1107 | entry = NULL; | 1103 | &tomoyo_policy_manager_list); |
1108 | error = 0; | 1104 | error = 0; |
1105 | } | ||
1109 | } | 1106 | } |
1110 | mutex_unlock(&tomoyo_policy_lock); | 1107 | mutex_unlock(&tomoyo_policy_lock); |
1111 | out: | 1108 | out: |
1112 | tomoyo_put_name(saved_manager); | 1109 | tomoyo_put_name(e.manager); |
1113 | kfree(entry); | ||
1114 | return error; | 1110 | return error; |
1115 | } | 1111 | } |
1116 | 1112 | ||