diff options
| author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-05-05 11:18:15 -0400 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2010-05-05 23:19:18 -0400 |
| commit | 292823814261e085cdcef06b6b691e6c2563fbd4 (patch) | |
| tree | 8c1eaebcf8f698ea13ac2a9291b9769abde1905e /security/tomoyo/file.c | |
| parent | 2b9e4688fad8867b6e918610f396af3ab9246898 (diff) | |
TOMOYO: Use mutex_lock_interruptible.
Some of TOMOYO's functions may sleep after mutex_lock(). If OOM-killer selected
a process which is waiting at mutex_lock(), the to-be-killed process can't be
killed. Thus, replace mutex_lock() with mutex_lock_interruptible() so that the
to-be-killed process can immediately return from TOMOYO's functions.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/file.c')
| -rw-r--r-- | security/tomoyo/file.c | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c index 0687ada28e82..060bbf3870ce 100644 --- a/security/tomoyo/file.c +++ b/security/tomoyo/file.c | |||
| @@ -176,7 +176,8 @@ static int tomoyo_update_globally_readable_entry(const char *filename, | |||
| 176 | return -ENOMEM; | 176 | return -ENOMEM; |
| 177 | if (!is_delete) | 177 | if (!is_delete) |
| 178 | entry = kmalloc(sizeof(*entry), GFP_NOFS); | 178 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 179 | mutex_lock(&tomoyo_policy_lock); | 179 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 180 | goto out; | ||
| 180 | list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) { | 181 | list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) { |
| 181 | if (ptr->filename != saved_filename) | 182 | if (ptr->filename != saved_filename) |
| 182 | continue; | 183 | continue; |
| @@ -192,6 +193,7 @@ static int tomoyo_update_globally_readable_entry(const char *filename, | |||
| 192 | error = 0; | 193 | error = 0; |
| 193 | } | 194 | } |
| 194 | mutex_unlock(&tomoyo_policy_lock); | 195 | mutex_unlock(&tomoyo_policy_lock); |
| 196 | out: | ||
| 195 | tomoyo_put_name(saved_filename); | 197 | tomoyo_put_name(saved_filename); |
| 196 | kfree(entry); | 198 | kfree(entry); |
| 197 | return error; | 199 | return error; |
| @@ -323,7 +325,8 @@ static int tomoyo_update_file_pattern_entry(const char *pattern, | |||
| 323 | goto out; | 325 | goto out; |
| 324 | if (!is_delete) | 326 | if (!is_delete) |
| 325 | entry = kmalloc(sizeof(*entry), GFP_NOFS); | 327 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 326 | mutex_lock(&tomoyo_policy_lock); | 328 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 329 | goto out; | ||
| 327 | list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) { | 330 | list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) { |
| 328 | if (saved_pattern != ptr->pattern) | 331 | if (saved_pattern != ptr->pattern) |
| 329 | continue; | 332 | continue; |
| @@ -476,7 +479,8 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern, | |||
| 476 | return error; | 479 | return error; |
| 477 | if (!is_delete) | 480 | if (!is_delete) |
| 478 | entry = kmalloc(sizeof(*entry), GFP_NOFS); | 481 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 479 | mutex_lock(&tomoyo_policy_lock); | 482 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 483 | goto out; | ||
| 480 | list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) { | 484 | list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) { |
| 481 | if (ptr->pattern != saved_pattern) | 485 | if (ptr->pattern != saved_pattern) |
| 482 | continue; | 486 | continue; |
| @@ -492,6 +496,7 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern, | |||
| 492 | error = 0; | 496 | error = 0; |
| 493 | } | 497 | } |
| 494 | mutex_unlock(&tomoyo_policy_lock); | 498 | mutex_unlock(&tomoyo_policy_lock); |
| 499 | out: | ||
| 495 | tomoyo_put_name(saved_pattern); | 500 | tomoyo_put_name(saved_pattern); |
| 496 | kfree(entry); | 501 | kfree(entry); |
| 497 | return error; | 502 | return error; |
| @@ -822,7 +827,8 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename, | |||
| 822 | return -ENOMEM; | 827 | return -ENOMEM; |
| 823 | if (!is_delete) | 828 | if (!is_delete) |
| 824 | entry = kmalloc(sizeof(*entry), GFP_NOFS); | 829 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 825 | mutex_lock(&tomoyo_policy_lock); | 830 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 831 | goto out; | ||
| 826 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { | 832 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { |
| 827 | struct tomoyo_path_acl *acl = | 833 | struct tomoyo_path_acl *acl = |
| 828 | container_of(ptr, struct tomoyo_path_acl, head); | 834 | container_of(ptr, struct tomoyo_path_acl, head); |
| @@ -867,6 +873,7 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename, | |||
| 867 | error = 0; | 873 | error = 0; |
| 868 | } | 874 | } |
| 869 | mutex_unlock(&tomoyo_policy_lock); | 875 | mutex_unlock(&tomoyo_policy_lock); |
| 876 | out: | ||
| 870 | kfree(entry); | 877 | kfree(entry); |
| 871 | tomoyo_put_name(saved_filename); | 878 | tomoyo_put_name(saved_filename); |
| 872 | return error; | 879 | return error; |
| @@ -908,7 +915,8 @@ static int tomoyo_update_path2_acl(const u8 type, const char *filename1, | |||
| 908 | goto out; | 915 | goto out; |
| 909 | if (!is_delete) | 916 | if (!is_delete) |
| 910 | entry = kmalloc(sizeof(*entry), GFP_NOFS); | 917 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 911 | mutex_lock(&tomoyo_policy_lock); | 918 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 919 | goto out; | ||
| 912 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { | 920 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { |
| 913 | struct tomoyo_path2_acl *acl = | 921 | struct tomoyo_path2_acl *acl = |
| 914 | container_of(ptr, struct tomoyo_path2_acl, head); | 922 | container_of(ptr, struct tomoyo_path2_acl, head); |