diff options
| author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-05-05 11:18:15 -0400 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2010-05-05 23:19:18 -0400 |
| commit | 292823814261e085cdcef06b6b691e6c2563fbd4 (patch) | |
| tree | 8c1eaebcf8f698ea13ac2a9291b9769abde1905e /security/tomoyo/domain.c | |
| parent | 2b9e4688fad8867b6e918610f396af3ab9246898 (diff) | |
TOMOYO: Use mutex_lock_interruptible.
Some of TOMOYO's functions may sleep after mutex_lock(). If OOM-killer selected
a process which is waiting at mutex_lock(), the to-be-killed process can't be
killed. Thus, replace mutex_lock() with mutex_lock_interruptible() so that the
to-be-killed process can immediately return from TOMOYO's functions.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/domain.c')
| -rw-r--r-- | security/tomoyo/domain.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index e1edec4a9b9d..a1723bbcde0e 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c | |||
| @@ -154,7 +154,8 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, | |||
| 154 | goto out; | 154 | goto out; |
| 155 | if (!is_delete) | 155 | if (!is_delete) |
| 156 | entry = kmalloc(sizeof(*entry), GFP_NOFS); | 156 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 157 | mutex_lock(&tomoyo_policy_lock); | 157 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 158 | goto out; | ||
| 158 | list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) { | 159 | list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) { |
| 159 | if (ptr->is_not != is_not || | 160 | if (ptr->is_not != is_not || |
| 160 | ptr->domainname != saved_domainname || | 161 | ptr->domainname != saved_domainname || |
| @@ -374,7 +375,8 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, | |||
| 374 | goto out; | 375 | goto out; |
| 375 | if (!is_delete) | 376 | if (!is_delete) |
| 376 | entry = kmalloc(sizeof(*entry), GFP_NOFS); | 377 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 377 | mutex_lock(&tomoyo_policy_lock); | 378 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 379 | goto out; | ||
| 378 | list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { | 380 | list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { |
| 379 | if (ptr->is_not != is_not || | 381 | if (ptr->is_not != is_not || |
| 380 | ptr->domainname != saved_domainname || | 382 | ptr->domainname != saved_domainname || |
| @@ -566,7 +568,8 @@ static int tomoyo_update_alias_entry(const char *original_name, | |||
| 566 | goto out; | 568 | goto out; |
| 567 | if (!is_delete) | 569 | if (!is_delete) |
| 568 | entry = kmalloc(sizeof(*entry), GFP_NOFS); | 570 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 569 | mutex_lock(&tomoyo_policy_lock); | 571 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 572 | goto out; | ||
| 570 | list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { | 573 | list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { |
| 571 | if (ptr->original_name != saved_original_name || | 574 | if (ptr->original_name != saved_original_name || |
| 572 | ptr->aliased_name != saved_aliased_name) | 575 | ptr->aliased_name != saved_aliased_name) |
| @@ -656,7 +659,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
| 656 | const u8 profile) | 659 | const u8 profile) |
| 657 | { | 660 | { |
| 658 | struct tomoyo_domain_info *entry; | 661 | struct tomoyo_domain_info *entry; |
| 659 | struct tomoyo_domain_info *domain; | 662 | struct tomoyo_domain_info *domain = NULL; |
| 660 | const struct tomoyo_path_info *saved_domainname; | 663 | const struct tomoyo_path_info *saved_domainname; |
| 661 | bool found = false; | 664 | bool found = false; |
| 662 | 665 | ||
| @@ -666,7 +669,8 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
| 666 | if (!saved_domainname) | 669 | if (!saved_domainname) |
| 667 | return NULL; | 670 | return NULL; |
| 668 | entry = kzalloc(sizeof(*entry), GFP_NOFS); | 671 | entry = kzalloc(sizeof(*entry), GFP_NOFS); |
| 669 | mutex_lock(&tomoyo_policy_lock); | 672 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 673 | goto out; | ||
| 670 | list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { | 674 | list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { |
| 671 | if (domain->is_deleted || | 675 | if (domain->is_deleted || |
| 672 | tomoyo_pathcmp(saved_domainname, domain->domainname)) | 676 | tomoyo_pathcmp(saved_domainname, domain->domainname)) |
| @@ -685,6 +689,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
| 685 | found = true; | 689 | found = true; |
| 686 | } | 690 | } |
| 687 | mutex_unlock(&tomoyo_policy_lock); | 691 | mutex_unlock(&tomoyo_policy_lock); |
| 692 | out: | ||
| 688 | tomoyo_put_name(saved_domainname); | 693 | tomoyo_put_name(saved_domainname); |
| 689 | kfree(entry); | 694 | kfree(entry); |
| 690 | return found ? domain : NULL; | 695 | return found ? domain : NULL; |