aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2011-03-02 02:54:24 -0500
committerJames Morris <jmorris@namei.org>2011-03-02 18:13:26 -0500
commiteae61f3c829439f8f9121b5cd48a14be04df451f (patch)
tree607f79bb57996e059c1da17a0411d5763c4748ca /security
parent1adace9bb04a5f4a4dea9e642089102661bb0ceb (diff)
TOMOYO: Fix memory leak upon file open.
In tomoyo_check_open_permission() since 2.6.36, TOMOYO was by error recalculating already calculated pathname when checking allow_rewrite permission. As a result, memory will leak whenever a file is opened for writing without O_APPEND flag. Also, performance will degrade because TOMOYO is calculating pathname regardless of profile configuration. This patch fixes the leak and performance degrade. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r--security/tomoyo/file.c5
1 files changed, 1 insertions, 4 deletions
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c
index 9d32f182301e..cb09f1fce910 100644
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -927,7 +927,7 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
927 struct path *path, const int flag) 927 struct path *path, const int flag)
928{ 928{
929 const u8 acc_mode = ACC_MODE(flag); 929 const u8 acc_mode = ACC_MODE(flag);
930 int error = -ENOMEM; 930 int error = 0;
931 struct tomoyo_path_info buf; 931 struct tomoyo_path_info buf;
932 struct tomoyo_request_info r; 932 struct tomoyo_request_info r;
933 int idx; 933 int idx;
@@ -938,9 +938,6 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
938 buf.name = NULL; 938 buf.name = NULL;
939 r.mode = TOMOYO_CONFIG_DISABLED; 939 r.mode = TOMOYO_CONFIG_DISABLED;
940 idx = tomoyo_read_lock(); 940 idx = tomoyo_read_lock();
941 if (!tomoyo_get_realpath(&buf, path))
942 goto out;
943 error = 0;
944 /* 941 /*
945 * If the filename is specified by "deny_rewrite" keyword, 942 * If the filename is specified by "deny_rewrite" keyword,
946 * we need to check "allow_rewrite" permission when the filename is not 943 * we need to check "allow_rewrite" permission when the filename is not