aboutsummaryrefslogtreecommitdiffstats
path: root/security/tomoyo/realpath.c
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2010-02-10 19:41:58 -0500
committerJames Morris <jmorris@namei.org>2010-02-14 17:00:16 -0500
commitbf24fb016c861b7f52be0c36c4cedd3e89afa2e2 (patch)
treef485ca2e70d8305d9aaecf45b5fd929b68b971b2 /security/tomoyo/realpath.c
parentca0b7df3374c5566468c17f26fa2dfd3fe3c6a37 (diff)
TOMOYO: Add refcounter on string data.
Add refcounter to "struct tomoyo_name_entry" and replace tomoyo_save_name() with tomoyo_get_name()/tomoyo_put_name() pair so that we can kfree() when garbage collector is added. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/realpath.c')
-rw-r--r--security/tomoyo/realpath.c30
1 files changed, 9 insertions, 21 deletions
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index 92460c7ded67..2f7f54fc6812 100644
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -254,21 +254,6 @@ static unsigned int tomoyo_quota_for_savename;
254#define TOMOYO_MAX_HASH (1u<<TOMOYO_HASH_BITS) 254#define TOMOYO_MAX_HASH (1u<<TOMOYO_HASH_BITS)
255 255
256/* 256/*
257 * tomoyo_name_entry is a structure which is used for linking
258 * "struct tomoyo_path_info" into tomoyo_name_list .
259 *
260 * Since tomoyo_name_list manages a list of strings which are shared by
261 * multiple processes (whereas "struct tomoyo_path_info" inside
262 * "struct tomoyo_path_info_with_data" is not shared), a reference counter will
263 * be added to "struct tomoyo_name_entry" rather than "struct tomoyo_path_info"
264 * when TOMOYO starts supporting garbage collector.
265 */
266struct tomoyo_name_entry {
267 struct list_head list;
268 struct tomoyo_path_info entry;
269};
270
271/*
272 * tomoyo_name_list is used for holding string data used by TOMOYO. 257 * tomoyo_name_list is used for holding string data used by TOMOYO.
273 * Since same string data is likely used for multiple times (e.g. 258 * Since same string data is likely used for multiple times (e.g.
274 * "/lib/libc-2.5.so"), TOMOYO shares string data in the form of 259 * "/lib/libc-2.5.so"), TOMOYO shares string data in the form of
@@ -277,13 +262,13 @@ struct tomoyo_name_entry {
277static struct list_head tomoyo_name_list[TOMOYO_MAX_HASH]; 262static struct list_head tomoyo_name_list[TOMOYO_MAX_HASH];
278 263
279/** 264/**
280 * tomoyo_save_name - Allocate permanent memory for string data. 265 * tomoyo_get_name - Allocate permanent memory for string data.
281 * 266 *
282 * @name: The string to store into the permernent memory. 267 * @name: The string to store into the permernent memory.
283 * 268 *
284 * Returns pointer to "struct tomoyo_path_info" on success, NULL otherwise. 269 * Returns pointer to "struct tomoyo_path_info" on success, NULL otherwise.
285 */ 270 */
286const struct tomoyo_path_info *tomoyo_save_name(const char *name) 271const struct tomoyo_path_info *tomoyo_get_name(const char *name)
287{ 272{
288 static DEFINE_MUTEX(lock); 273 static DEFINE_MUTEX(lock);
289 struct tomoyo_name_entry *ptr; 274 struct tomoyo_name_entry *ptr;
@@ -299,8 +284,10 @@ const struct tomoyo_path_info *tomoyo_save_name(const char *name)
299 head = &tomoyo_name_list[hash_long(hash, TOMOYO_HASH_BITS)]; 284 head = &tomoyo_name_list[hash_long(hash, TOMOYO_HASH_BITS)];
300 mutex_lock(&lock); 285 mutex_lock(&lock);
301 list_for_each_entry(ptr, head, list) { 286 list_for_each_entry(ptr, head, list) {
302 if (hash == ptr->entry.hash && !strcmp(name, ptr->entry.name)) 287 if (hash != ptr->entry.hash || strcmp(name, ptr->entry.name))
303 goto out; 288 continue;
289 atomic_inc(&ptr->users);
290 goto out;
304 } 291 }
305 ptr = kzalloc(sizeof(*ptr) + len, GFP_KERNEL); 292 ptr = kzalloc(sizeof(*ptr) + len, GFP_KERNEL);
306 allocated_len = ptr ? ksize(ptr) : 0; 293 allocated_len = ptr ? ksize(ptr) : 0;
@@ -309,7 +296,7 @@ const struct tomoyo_path_info *tomoyo_save_name(const char *name)
309 > tomoyo_quota_for_savename)) { 296 > tomoyo_quota_for_savename)) {
310 kfree(ptr); 297 kfree(ptr);
311 printk(KERN_WARNING "ERROR: Out of memory " 298 printk(KERN_WARNING "ERROR: Out of memory "
312 "for tomoyo_save_name().\n"); 299 "for tomoyo_get_name().\n");
313 if (!tomoyo_policy_loaded) 300 if (!tomoyo_policy_loaded)
314 panic("MAC Initialization failed.\n"); 301 panic("MAC Initialization failed.\n");
315 ptr = NULL; 302 ptr = NULL;
@@ -318,6 +305,7 @@ const struct tomoyo_path_info *tomoyo_save_name(const char *name)
318 tomoyo_allocated_memory_for_savename += allocated_len; 305 tomoyo_allocated_memory_for_savename += allocated_len;
319 ptr->entry.name = ((char *) ptr) + sizeof(*ptr); 306 ptr->entry.name = ((char *) ptr) + sizeof(*ptr);
320 memmove((char *) ptr->entry.name, name, len); 307 memmove((char *) ptr->entry.name, name, len);
308 atomic_set(&ptr->users, 1);
321 tomoyo_fill_path_info(&ptr->entry); 309 tomoyo_fill_path_info(&ptr->entry);
322 list_add_tail(&ptr->list, head); 310 list_add_tail(&ptr->list, head);
323 out: 311 out:
@@ -336,7 +324,7 @@ void __init tomoyo_realpath_init(void)
336 for (i = 0; i < TOMOYO_MAX_HASH; i++) 324 for (i = 0; i < TOMOYO_MAX_HASH; i++)
337 INIT_LIST_HEAD(&tomoyo_name_list[i]); 325 INIT_LIST_HEAD(&tomoyo_name_list[i]);
338 INIT_LIST_HEAD(&tomoyo_kernel_domain.acl_info_list); 326 INIT_LIST_HEAD(&tomoyo_kernel_domain.acl_info_list);
339 tomoyo_kernel_domain.domainname = tomoyo_save_name(TOMOYO_ROOT_NAME); 327 tomoyo_kernel_domain.domainname = tomoyo_get_name(TOMOYO_ROOT_NAME);
340 /* 328 /*
341 * tomoyo_read_lock() is not needed because this function is 329 * tomoyo_read_lock() is not needed because this function is
342 * called before the first "delete" request. 330 * called before the first "delete" request.
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-04 00:47:49 -0500