diff options
| author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-01-04 16:39:37 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2010-01-10 17:27:40 -0500 |
| commit | cd7bec6ad80188394a8ea857ff1aa3512fc2282a (patch) | |
| tree | 598e7d59c29966e0d8fa8abf24eb51bbb2f567a6 /security/tomoyo/domain.c | |
| parent | e41035a996356c257183e53a70abfb46fa84908b (diff) | |
TOMOYO: Remove memory pool for list elements.
Currently, TOMOYO allocates memory for list elements from memory pool allocated
by kmalloc(PAGE_SIZE). But that makes it difficult to kfree() when garbage
collector is added. Thus, remove memory pool and use kmalloc(sizeof()).
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/domain.c')
| -rw-r--r-- | security/tomoyo/domain.c | 58 |
1 files changed, 19 insertions, 39 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index 7d0b0bc48201..a55a1cced58e 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c | |||
| @@ -245,6 +245,7 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, | |||
| 245 | saved_program = tomoyo_save_name(program); | 245 | saved_program = tomoyo_save_name(program); |
| 246 | if (!saved_program) | 246 | if (!saved_program) |
| 247 | return -ENOMEM; | 247 | return -ENOMEM; |
| 248 | new_entry = kmalloc(sizeof(*new_entry), GFP_KERNEL); | ||
| 248 | mutex_lock(&tomoyo_policy_lock); | 249 | mutex_lock(&tomoyo_policy_lock); |
| 249 | list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) { | 250 | list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) { |
| 250 | if (ptr->is_not != is_not || | 251 | if (ptr->is_not != is_not || |
| @@ -259,17 +260,18 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, | |||
| 259 | error = -ENOENT; | 260 | error = -ENOENT; |
| 260 | goto out; | 261 | goto out; |
| 261 | } | 262 | } |
| 262 | new_entry = tomoyo_alloc_element(sizeof(*new_entry)); | 263 | if (!tomoyo_memory_ok(new_entry)) |
| 263 | if (!new_entry) | ||
| 264 | goto out; | 264 | goto out; |
| 265 | new_entry->domainname = saved_domainname; | 265 | new_entry->domainname = saved_domainname; |
| 266 | new_entry->program = saved_program; | 266 | new_entry->program = saved_program; |
| 267 | new_entry->is_not = is_not; | 267 | new_entry->is_not = is_not; |
| 268 | new_entry->is_last_name = is_last_name; | 268 | new_entry->is_last_name = is_last_name; |
| 269 | list_add_tail_rcu(&new_entry->list, &tomoyo_domain_initializer_list); | 269 | list_add_tail_rcu(&new_entry->list, &tomoyo_domain_initializer_list); |
| 270 | new_entry = NULL; | ||
| 270 | error = 0; | 271 | error = 0; |
| 271 | out: | 272 | out: |
| 272 | mutex_unlock(&tomoyo_policy_lock); | 273 | mutex_unlock(&tomoyo_policy_lock); |
| 274 | kfree(new_entry); | ||
| 273 | return error; | 275 | return error; |
| 274 | } | 276 | } |
| 275 | 277 | ||
| @@ -461,6 +463,7 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, | |||
| 461 | saved_domainname = tomoyo_save_name(domainname); | 463 | saved_domainname = tomoyo_save_name(domainname); |
| 462 | if (!saved_domainname) | 464 | if (!saved_domainname) |
| 463 | return -ENOMEM; | 465 | return -ENOMEM; |
| 466 | new_entry = kmalloc(sizeof(*new_entry), GFP_KERNEL); | ||
| 464 | mutex_lock(&tomoyo_policy_lock); | 467 | mutex_lock(&tomoyo_policy_lock); |
| 465 | list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { | 468 | list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { |
| 466 | if (ptr->is_not != is_not || | 469 | if (ptr->is_not != is_not || |
| @@ -475,17 +478,18 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, | |||
| 475 | error = -ENOENT; | 478 | error = -ENOENT; |
| 476 | goto out; | 479 | goto out; |
| 477 | } | 480 | } |
| 478 | new_entry = tomoyo_alloc_element(sizeof(*new_entry)); | 481 | if (!tomoyo_memory_ok(new_entry)) |
| 479 | if (!new_entry) | ||
| 480 | goto out; | 482 | goto out; |
| 481 | new_entry->domainname = saved_domainname; | 483 | new_entry->domainname = saved_domainname; |
| 482 | new_entry->program = saved_program; | 484 | new_entry->program = saved_program; |
| 483 | new_entry->is_not = is_not; | 485 | new_entry->is_not = is_not; |
| 484 | new_entry->is_last_name = is_last_name; | 486 | new_entry->is_last_name = is_last_name; |
| 485 | list_add_tail_rcu(&new_entry->list, &tomoyo_domain_keeper_list); | 487 | list_add_tail_rcu(&new_entry->list, &tomoyo_domain_keeper_list); |
| 488 | new_entry = NULL; | ||
| 486 | error = 0; | 489 | error = 0; |
| 487 | out: | 490 | out: |
| 488 | mutex_unlock(&tomoyo_policy_lock); | 491 | mutex_unlock(&tomoyo_policy_lock); |
| 492 | kfree(new_entry); | ||
| 489 | return error; | 493 | return error; |
| 490 | } | 494 | } |
| 491 | 495 | ||
| @@ -650,6 +654,7 @@ static int tomoyo_update_alias_entry(const char *original_name, | |||
| 650 | saved_aliased_name = tomoyo_save_name(aliased_name); | 654 | saved_aliased_name = tomoyo_save_name(aliased_name); |
| 651 | if (!saved_original_name || !saved_aliased_name) | 655 | if (!saved_original_name || !saved_aliased_name) |
| 652 | return -ENOMEM; | 656 | return -ENOMEM; |
| 657 | new_entry = kmalloc(sizeof(*new_entry), GFP_KERNEL); | ||
| 653 | mutex_lock(&tomoyo_policy_lock); | 658 | mutex_lock(&tomoyo_policy_lock); |
| 654 | list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { | 659 | list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { |
| 655 | if (ptr->original_name != saved_original_name || | 660 | if (ptr->original_name != saved_original_name || |
| @@ -663,15 +668,16 @@ static int tomoyo_update_alias_entry(const char *original_name, | |||
| 663 | error = -ENOENT; | 668 | error = -ENOENT; |
| 664 | goto out; | 669 | goto out; |
| 665 | } | 670 | } |
| 666 | new_entry = tomoyo_alloc_element(sizeof(*new_entry)); | 671 | if (!tomoyo_memory_ok(new_entry)) |
| 667 | if (!new_entry) | ||
| 668 | goto out; | 672 | goto out; |
| 669 | new_entry->original_name = saved_original_name; | 673 | new_entry->original_name = saved_original_name; |
| 670 | new_entry->aliased_name = saved_aliased_name; | 674 | new_entry->aliased_name = saved_aliased_name; |
| 671 | list_add_tail_rcu(&new_entry->list, &tomoyo_alias_list); | 675 | list_add_tail_rcu(&new_entry->list, &tomoyo_alias_list); |
| 676 | new_entry = NULL; | ||
| 672 | error = 0; | 677 | error = 0; |
| 673 | out: | 678 | out: |
| 674 | mutex_unlock(&tomoyo_policy_lock); | 679 | mutex_unlock(&tomoyo_policy_lock); |
| 680 | kfree(new_entry); | ||
| 675 | return error; | 681 | return error; |
| 676 | } | 682 | } |
| 677 | 683 | ||
| @@ -738,7 +744,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
| 738 | domainname, | 744 | domainname, |
| 739 | const u8 profile) | 745 | const u8 profile) |
| 740 | { | 746 | { |
| 741 | struct tomoyo_domain_info *domain = NULL; | 747 | struct tomoyo_domain_info *domain; |
| 742 | const struct tomoyo_path_info *saved_domainname; | 748 | const struct tomoyo_path_info *saved_domainname; |
| 743 | 749 | ||
| 744 | mutex_lock(&tomoyo_policy_lock); | 750 | mutex_lock(&tomoyo_policy_lock); |
| @@ -750,43 +756,17 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
| 750 | saved_domainname = tomoyo_save_name(domainname); | 756 | saved_domainname = tomoyo_save_name(domainname); |
| 751 | if (!saved_domainname) | 757 | if (!saved_domainname) |
| 752 | goto out; | 758 | goto out; |
| 753 | /* Can I reuse memory of deleted domain? */ | 759 | domain = kmalloc(sizeof(*domain), GFP_KERNEL); |
| 754 | list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { | 760 | if (tomoyo_memory_ok(domain)) { |
| 755 | struct task_struct *p; | ||
| 756 | struct tomoyo_acl_info *ptr; | ||
| 757 | bool flag; | ||
| 758 | if (!domain->is_deleted || | ||
| 759 | domain->domainname != saved_domainname) | ||
| 760 | continue; | ||
| 761 | flag = false; | ||
| 762 | read_lock(&tasklist_lock); | ||
| 763 | for_each_process(p) { | ||
| 764 | if (tomoyo_real_domain(p) != domain) | ||
| 765 | continue; | ||
| 766 | flag = true; | ||
| 767 | break; | ||
| 768 | } | ||
| 769 | read_unlock(&tasklist_lock); | ||
| 770 | if (flag) | ||
| 771 | continue; | ||
| 772 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { | ||
| 773 | ptr->type |= TOMOYO_ACL_DELETED; | ||
| 774 | } | ||
| 775 | tomoyo_set_domain_flag(domain, true, domain->flags); | ||
| 776 | domain->profile = profile; | ||
| 777 | domain->quota_warned = false; | ||
| 778 | mb(); /* Avoid out-of-order execution. */ | ||
| 779 | domain->is_deleted = false; | ||
| 780 | goto out; | ||
| 781 | } | ||
| 782 | /* No memory reusable. Create using new memory. */ | ||
| 783 | domain = tomoyo_alloc_element(sizeof(*domain)); | ||
| 784 | if (domain) { | ||
| 785 | INIT_LIST_HEAD(&domain->acl_info_list); | 761 | INIT_LIST_HEAD(&domain->acl_info_list); |
| 786 | domain->domainname = saved_domainname; | 762 | domain->domainname = saved_domainname; |
| 787 | domain->profile = profile; | 763 | domain->profile = profile; |
| 788 | list_add_tail_rcu(&domain->list, &tomoyo_domain_list); | 764 | list_add_tail_rcu(&domain->list, &tomoyo_domain_list); |
| 765 | } else { | ||
| 766 | kfree(domain); | ||
| 767 | domain = NULL; | ||
| 789 | } | 768 | } |
| 769 | |||
| 790 | out: | 770 | out: |
| 791 | mutex_unlock(&tomoyo_policy_lock); | 771 | mutex_unlock(&tomoyo_policy_lock); |
| 792 | return domain; | 772 | return domain; |