diff options
| author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-04-28 01:17:42 -0400 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2010-05-05 10:50:43 -0400 |
| commit | 4e5d6f7ec3833c0da9cf34fa5c53c6058c5908b6 (patch) | |
| tree | 5c0db5bfcdcb1b07594f20054cc6eefe05161c9a /security/tomoyo | |
| parent | a674fa46c79ffa37995bd1c8e4daa2b3be5a95ae (diff) | |
TOMOYO: Use GFP_NOFS rather than GFP_KERNEL.
In Ubuntu, security_path_*() hooks are exported to Unionfs. Thus, prepare for
being called from inside VFS functions because I'm not sure whether it is safe
to use GFP_KERNEL or not.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo')
| -rw-r--r-- | security/tomoyo/common.c | 10 | ||||
| -rw-r--r-- | security/tomoyo/domain.c | 10 | ||||
| -rw-r--r-- | security/tomoyo/file.c | 12 | ||||
| -rw-r--r-- | security/tomoyo/realpath.c | 4 |
4 files changed, 18 insertions, 18 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 588f36a9337e..b9f64ca5f150 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
| @@ -883,7 +883,7 @@ static struct tomoyo_profile *tomoyo_find_or_assign_new_profile(const unsigned | |||
| 883 | ptr = tomoyo_profile_ptr[profile]; | 883 | ptr = tomoyo_profile_ptr[profile]; |
| 884 | if (ptr) | 884 | if (ptr) |
| 885 | goto ok; | 885 | goto ok; |
| 886 | ptr = kmalloc(sizeof(*ptr), GFP_KERNEL); | 886 | ptr = kmalloc(sizeof(*ptr), GFP_NOFS); |
| 887 | if (!tomoyo_memory_ok(ptr)) { | 887 | if (!tomoyo_memory_ok(ptr)) { |
| 888 | kfree(ptr); | 888 | kfree(ptr); |
| 889 | ptr = NULL; | 889 | ptr = NULL; |
| @@ -1088,7 +1088,7 @@ static int tomoyo_update_manager_entry(const char *manager, | |||
| 1088 | if (!saved_manager) | 1088 | if (!saved_manager) |
| 1089 | return -ENOMEM; | 1089 | return -ENOMEM; |
| 1090 | if (!is_delete) | 1090 | if (!is_delete) |
| 1091 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 1091 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 1092 | mutex_lock(&tomoyo_policy_lock); | 1092 | mutex_lock(&tomoyo_policy_lock); |
| 1093 | list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) { | 1093 | list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) { |
| 1094 | if (ptr->manager != saved_manager) | 1094 | if (ptr->manager != saved_manager) |
| @@ -1881,7 +1881,7 @@ static int tomoyo_read_self_domain(struct tomoyo_io_buffer *head) | |||
| 1881 | */ | 1881 | */ |
| 1882 | static int tomoyo_open_control(const u8 type, struct file *file) | 1882 | static int tomoyo_open_control(const u8 type, struct file *file) |
| 1883 | { | 1883 | { |
| 1884 | struct tomoyo_io_buffer *head = kzalloc(sizeof(*head), GFP_KERNEL); | 1884 | struct tomoyo_io_buffer *head = kzalloc(sizeof(*head), GFP_NOFS); |
| 1885 | 1885 | ||
| 1886 | if (!head) | 1886 | if (!head) |
| 1887 | return -ENOMEM; | 1887 | return -ENOMEM; |
| @@ -1942,7 +1942,7 @@ static int tomoyo_open_control(const u8 type, struct file *file) | |||
| 1942 | } else { | 1942 | } else { |
| 1943 | if (!head->readbuf_size) | 1943 | if (!head->readbuf_size) |
| 1944 | head->readbuf_size = 4096 * 2; | 1944 | head->readbuf_size = 4096 * 2; |
| 1945 | head->read_buf = kzalloc(head->readbuf_size, GFP_KERNEL); | 1945 | head->read_buf = kzalloc(head->readbuf_size, GFP_NOFS); |
| 1946 | if (!head->read_buf) { | 1946 | if (!head->read_buf) { |
| 1947 | kfree(head); | 1947 | kfree(head); |
| 1948 | return -ENOMEM; | 1948 | return -ENOMEM; |
| @@ -1956,7 +1956,7 @@ static int tomoyo_open_control(const u8 type, struct file *file) | |||
| 1956 | head->write = NULL; | 1956 | head->write = NULL; |
| 1957 | } else if (head->write) { | 1957 | } else if (head->write) { |
| 1958 | head->writebuf_size = 4096 * 2; | 1958 | head->writebuf_size = 4096 * 2; |
| 1959 | head->write_buf = kzalloc(head->writebuf_size, GFP_KERNEL); | 1959 | head->write_buf = kzalloc(head->writebuf_size, GFP_NOFS); |
| 1960 | if (!head->write_buf) { | 1960 | if (!head->write_buf) { |
| 1961 | kfree(head->read_buf); | 1961 | kfree(head->read_buf); |
| 1962 | kfree(head); | 1962 | kfree(head); |
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index 66caaa1b842a..ed5141883242 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c | |||
| @@ -152,7 +152,7 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, | |||
| 152 | if (!saved_program) | 152 | if (!saved_program) |
| 153 | goto out; | 153 | goto out; |
| 154 | if (!is_delete) | 154 | if (!is_delete) |
| 155 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 155 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 156 | mutex_lock(&tomoyo_policy_lock); | 156 | mutex_lock(&tomoyo_policy_lock); |
| 157 | list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) { | 157 | list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) { |
| 158 | if (ptr->is_not != is_not || | 158 | if (ptr->is_not != is_not || |
| @@ -372,7 +372,7 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, | |||
| 372 | if (!saved_domainname) | 372 | if (!saved_domainname) |
| 373 | goto out; | 373 | goto out; |
| 374 | if (!is_delete) | 374 | if (!is_delete) |
| 375 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 375 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 376 | mutex_lock(&tomoyo_policy_lock); | 376 | mutex_lock(&tomoyo_policy_lock); |
| 377 | list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { | 377 | list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { |
| 378 | if (ptr->is_not != is_not || | 378 | if (ptr->is_not != is_not || |
| @@ -564,7 +564,7 @@ static int tomoyo_update_alias_entry(const char *original_name, | |||
| 564 | if (!saved_original_name || !saved_aliased_name) | 564 | if (!saved_original_name || !saved_aliased_name) |
| 565 | goto out; | 565 | goto out; |
| 566 | if (!is_delete) | 566 | if (!is_delete) |
| 567 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 567 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 568 | mutex_lock(&tomoyo_policy_lock); | 568 | mutex_lock(&tomoyo_policy_lock); |
| 569 | list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { | 569 | list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { |
| 570 | if (ptr->original_name != saved_original_name || | 570 | if (ptr->original_name != saved_original_name || |
| @@ -664,7 +664,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
| 664 | saved_domainname = tomoyo_get_name(domainname); | 664 | saved_domainname = tomoyo_get_name(domainname); |
| 665 | if (!saved_domainname) | 665 | if (!saved_domainname) |
| 666 | return NULL; | 666 | return NULL; |
| 667 | entry = kzalloc(sizeof(*entry), GFP_KERNEL); | 667 | entry = kzalloc(sizeof(*entry), GFP_NOFS); |
| 668 | mutex_lock(&tomoyo_policy_lock); | 668 | mutex_lock(&tomoyo_policy_lock); |
| 669 | list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { | 669 | list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { |
| 670 | if (domain->is_deleted || | 670 | if (domain->is_deleted || |
| @@ -704,7 +704,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
| 704 | * This function assumes that the size of buffer returned by | 704 | * This function assumes that the size of buffer returned by |
| 705 | * tomoyo_realpath() = TOMOYO_MAX_PATHNAME_LEN. | 705 | * tomoyo_realpath() = TOMOYO_MAX_PATHNAME_LEN. |
| 706 | */ | 706 | */ |
| 707 | struct tomoyo_page_buffer *tmp = kzalloc(sizeof(*tmp), GFP_KERNEL); | 707 | struct tomoyo_page_buffer *tmp = kzalloc(sizeof(*tmp), GFP_NOFS); |
| 708 | struct tomoyo_domain_info *old_domain = tomoyo_domain(); | 708 | struct tomoyo_domain_info *old_domain = tomoyo_domain(); |
| 709 | struct tomoyo_domain_info *domain = NULL; | 709 | struct tomoyo_domain_info *domain = NULL; |
| 710 | const char *old_domain_name = old_domain->domainname->name; | 710 | const char *old_domain_name = old_domain->domainname->name; |
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c index 1b24304edb7d..cf67e55a0d13 100644 --- a/security/tomoyo/file.c +++ b/security/tomoyo/file.c | |||
| @@ -99,7 +99,7 @@ static struct tomoyo_path_info *tomoyo_get_path(struct path *path) | |||
| 99 | { | 99 | { |
| 100 | int error; | 100 | int error; |
| 101 | struct tomoyo_path_info_with_data *buf = kzalloc(sizeof(*buf), | 101 | struct tomoyo_path_info_with_data *buf = kzalloc(sizeof(*buf), |
| 102 | GFP_KERNEL); | 102 | GFP_NOFS); |
| 103 | 103 | ||
| 104 | if (!buf) | 104 | if (!buf) |
| 105 | return NULL; | 105 | return NULL; |
| @@ -174,7 +174,7 @@ static int tomoyo_update_globally_readable_entry(const char *filename, | |||
| 174 | if (!saved_filename) | 174 | if (!saved_filename) |
| 175 | return -ENOMEM; | 175 | return -ENOMEM; |
| 176 | if (!is_delete) | 176 | if (!is_delete) |
| 177 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 177 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 178 | mutex_lock(&tomoyo_policy_lock); | 178 | mutex_lock(&tomoyo_policy_lock); |
| 179 | list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) { | 179 | list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) { |
| 180 | if (ptr->filename != saved_filename) | 180 | if (ptr->filename != saved_filename) |
| @@ -321,7 +321,7 @@ static int tomoyo_update_file_pattern_entry(const char *pattern, | |||
| 321 | if (!saved_pattern->is_patterned) | 321 | if (!saved_pattern->is_patterned) |
| 322 | goto out; | 322 | goto out; |
| 323 | if (!is_delete) | 323 | if (!is_delete) |
| 324 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 324 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 325 | mutex_lock(&tomoyo_policy_lock); | 325 | mutex_lock(&tomoyo_policy_lock); |
| 326 | list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) { | 326 | list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) { |
| 327 | if (saved_pattern != ptr->pattern) | 327 | if (saved_pattern != ptr->pattern) |
| @@ -474,7 +474,7 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern, | |||
| 474 | if (!saved_pattern) | 474 | if (!saved_pattern) |
| 475 | return error; | 475 | return error; |
| 476 | if (!is_delete) | 476 | if (!is_delete) |
| 477 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 477 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 478 | mutex_lock(&tomoyo_policy_lock); | 478 | mutex_lock(&tomoyo_policy_lock); |
| 479 | list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) { | 479 | list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) { |
| 480 | if (ptr->pattern != saved_pattern) | 480 | if (ptr->pattern != saved_pattern) |
| @@ -820,7 +820,7 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename, | |||
| 820 | if (!saved_filename) | 820 | if (!saved_filename) |
| 821 | return -ENOMEM; | 821 | return -ENOMEM; |
| 822 | if (!is_delete) | 822 | if (!is_delete) |
| 823 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 823 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 824 | mutex_lock(&tomoyo_policy_lock); | 824 | mutex_lock(&tomoyo_policy_lock); |
| 825 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { | 825 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { |
| 826 | struct tomoyo_path_acl *acl = | 826 | struct tomoyo_path_acl *acl = |
| @@ -906,7 +906,7 @@ static int tomoyo_update_path2_acl(const u8 type, const char *filename1, | |||
| 906 | if (!saved_filename1 || !saved_filename2) | 906 | if (!saved_filename1 || !saved_filename2) |
| 907 | goto out; | 907 | goto out; |
| 908 | if (!is_delete) | 908 | if (!is_delete) |
| 909 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 909 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 910 | mutex_lock(&tomoyo_policy_lock); | 910 | mutex_lock(&tomoyo_policy_lock); |
| 911 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { | 911 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { |
| 912 | struct tomoyo_path2_acl *acl = | 912 | struct tomoyo_path2_acl *acl = |
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c index cf7d61f781b9..8fe3ee20a189 100644 --- a/security/tomoyo/realpath.c +++ b/security/tomoyo/realpath.c | |||
| @@ -138,7 +138,7 @@ int tomoyo_realpath_from_path2(struct path *path, char *newname, | |||
| 138 | */ | 138 | */ |
| 139 | char *tomoyo_realpath_from_path(struct path *path) | 139 | char *tomoyo_realpath_from_path(struct path *path) |
| 140 | { | 140 | { |
| 141 | char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_KERNEL); | 141 | char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_NOFS); |
| 142 | 142 | ||
| 143 | BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer) | 143 | BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer) |
| 144 | <= TOMOYO_MAX_PATHNAME_LEN - 1); | 144 | <= TOMOYO_MAX_PATHNAME_LEN - 1); |
| @@ -269,7 +269,7 @@ const struct tomoyo_path_info *tomoyo_get_name(const char *name) | |||
| 269 | atomic_inc(&ptr->users); | 269 | atomic_inc(&ptr->users); |
| 270 | goto out; | 270 | goto out; |
| 271 | } | 271 | } |
| 272 | ptr = kzalloc(sizeof(*ptr) + len, GFP_KERNEL); | 272 | ptr = kzalloc(sizeof(*ptr) + len, GFP_NOFS); |
| 273 | allocated_len = ptr ? ksize(ptr) : 0; | 273 | allocated_len = ptr ? ksize(ptr) : 0; |
| 274 | if (!ptr || (tomoyo_quota_for_policy && | 274 | if (!ptr || (tomoyo_quota_for_policy && |
| 275 | atomic_read(&tomoyo_policy_memory_size) + allocated_len | 275 | atomic_read(&tomoyo_policy_memory_size) + allocated_len |