diff options
-rw-r--r-- | security/tomoyo/common.c | 8 | ||||
-rw-r--r-- | security/tomoyo/domain.c | 14 | ||||
-rw-r--r-- | security/tomoyo/file.c | 10 | ||||
-rw-r--r-- | security/tomoyo/realpath.c | 4 |
4 files changed, 0 insertions, 36 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index ddfb9cccf468..a42fe02c6144 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
@@ -866,7 +866,6 @@ static struct tomoyo_profile *tomoyo_find_or_assign_new_profile(const unsigned | |||
866 | 866 | ||
867 | if (profile >= TOMOYO_MAX_PROFILES) | 867 | if (profile >= TOMOYO_MAX_PROFILES) |
868 | return NULL; | 868 | return NULL; |
869 | /***** EXCLUSIVE SECTION START *****/ | ||
870 | mutex_lock(&lock); | 869 | mutex_lock(&lock); |
871 | ptr = tomoyo_profile_ptr[profile]; | 870 | ptr = tomoyo_profile_ptr[profile]; |
872 | if (ptr) | 871 | if (ptr) |
@@ -880,7 +879,6 @@ static struct tomoyo_profile *tomoyo_find_or_assign_new_profile(const unsigned | |||
880 | tomoyo_profile_ptr[profile] = ptr; | 879 | tomoyo_profile_ptr[profile] = ptr; |
881 | ok: | 880 | ok: |
882 | mutex_unlock(&lock); | 881 | mutex_unlock(&lock); |
883 | /***** EXCLUSIVE SECTION END *****/ | ||
884 | return ptr; | 882 | return ptr; |
885 | } | 883 | } |
886 | 884 | ||
@@ -1050,7 +1048,6 @@ static int tomoyo_update_manager_entry(const char *manager, | |||
1050 | saved_manager = tomoyo_save_name(manager); | 1048 | saved_manager = tomoyo_save_name(manager); |
1051 | if (!saved_manager) | 1049 | if (!saved_manager) |
1052 | return -ENOMEM; | 1050 | return -ENOMEM; |
1053 | /***** EXCLUSIVE SECTION START *****/ | ||
1054 | down_write(&tomoyo_policy_manager_list_lock); | 1051 | down_write(&tomoyo_policy_manager_list_lock); |
1055 | list_for_each_entry(ptr, &tomoyo_policy_manager_list, list) { | 1052 | list_for_each_entry(ptr, &tomoyo_policy_manager_list, list) { |
1056 | if (ptr->manager != saved_manager) | 1053 | if (ptr->manager != saved_manager) |
@@ -1072,7 +1069,6 @@ static int tomoyo_update_manager_entry(const char *manager, | |||
1072 | error = 0; | 1069 | error = 0; |
1073 | out: | 1070 | out: |
1074 | up_write(&tomoyo_policy_manager_list_lock); | 1071 | up_write(&tomoyo_policy_manager_list_lock); |
1075 | /***** EXCLUSIVE SECTION END *****/ | ||
1076 | return error; | 1072 | return error; |
1077 | } | 1073 | } |
1078 | 1074 | ||
@@ -1197,13 +1193,11 @@ static bool tomoyo_is_select_one(struct tomoyo_io_buffer *head, | |||
1197 | 1193 | ||
1198 | if (sscanf(data, "pid=%u", &pid) == 1) { | 1194 | if (sscanf(data, "pid=%u", &pid) == 1) { |
1199 | struct task_struct *p; | 1195 | struct task_struct *p; |
1200 | /***** CRITICAL SECTION START *****/ | ||
1201 | read_lock(&tasklist_lock); | 1196 | read_lock(&tasklist_lock); |
1202 | p = find_task_by_vpid(pid); | 1197 | p = find_task_by_vpid(pid); |
1203 | if (p) | 1198 | if (p) |
1204 | domain = tomoyo_real_domain(p); | 1199 | domain = tomoyo_real_domain(p); |
1205 | read_unlock(&tasklist_lock); | 1200 | read_unlock(&tasklist_lock); |
1206 | /***** CRITICAL SECTION END *****/ | ||
1207 | } else if (!strncmp(data, "domain=", 7)) { | 1201 | } else if (!strncmp(data, "domain=", 7)) { |
1208 | if (tomoyo_is_domain_def(data + 7)) { | 1202 | if (tomoyo_is_domain_def(data + 7)) { |
1209 | down_read(&tomoyo_domain_list_lock); | 1203 | down_read(&tomoyo_domain_list_lock); |
@@ -1594,13 +1588,11 @@ static int tomoyo_read_pid(struct tomoyo_io_buffer *head) | |||
1594 | const int pid = head->read_step; | 1588 | const int pid = head->read_step; |
1595 | struct task_struct *p; | 1589 | struct task_struct *p; |
1596 | struct tomoyo_domain_info *domain = NULL; | 1590 | struct tomoyo_domain_info *domain = NULL; |
1597 | /***** CRITICAL SECTION START *****/ | ||
1598 | read_lock(&tasklist_lock); | 1591 | read_lock(&tasklist_lock); |
1599 | p = find_task_by_vpid(pid); | 1592 | p = find_task_by_vpid(pid); |
1600 | if (p) | 1593 | if (p) |
1601 | domain = tomoyo_real_domain(p); | 1594 | domain = tomoyo_real_domain(p); |
1602 | read_unlock(&tasklist_lock); | 1595 | read_unlock(&tasklist_lock); |
1603 | /***** CRITICAL SECTION END *****/ | ||
1604 | if (domain) | 1596 | if (domain) |
1605 | tomoyo_io_printf(head, "%d %u %s", pid, domain->profile, | 1597 | tomoyo_io_printf(head, "%d %u %s", pid, domain->profile, |
1606 | domain->domainname->name); | 1598 | domain->domainname->name); |
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index ee43631f049b..aa119ca5a782 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c | |||
@@ -67,14 +67,12 @@ void tomoyo_set_domain_flag(struct tomoyo_domain_info *domain, | |||
67 | { | 67 | { |
68 | /* We need to serialize because this is bitfield operation. */ | 68 | /* We need to serialize because this is bitfield operation. */ |
69 | static DEFINE_SPINLOCK(lock); | 69 | static DEFINE_SPINLOCK(lock); |
70 | /***** CRITICAL SECTION START *****/ | ||
71 | spin_lock(&lock); | 70 | spin_lock(&lock); |
72 | if (!is_delete) | 71 | if (!is_delete) |
73 | domain->flags |= flags; | 72 | domain->flags |= flags; |
74 | else | 73 | else |
75 | domain->flags &= ~flags; | 74 | domain->flags &= ~flags; |
76 | spin_unlock(&lock); | 75 | spin_unlock(&lock); |
77 | /***** CRITICAL SECTION END *****/ | ||
78 | } | 76 | } |
79 | 77 | ||
80 | /** | 78 | /** |
@@ -135,7 +133,6 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, | |||
135 | saved_program = tomoyo_save_name(program); | 133 | saved_program = tomoyo_save_name(program); |
136 | if (!saved_program) | 134 | if (!saved_program) |
137 | return -ENOMEM; | 135 | return -ENOMEM; |
138 | /***** EXCLUSIVE SECTION START *****/ | ||
139 | down_write(&tomoyo_domain_initializer_list_lock); | 136 | down_write(&tomoyo_domain_initializer_list_lock); |
140 | list_for_each_entry(ptr, &tomoyo_domain_initializer_list, list) { | 137 | list_for_each_entry(ptr, &tomoyo_domain_initializer_list, list) { |
141 | if (ptr->is_not != is_not || | 138 | if (ptr->is_not != is_not || |
@@ -161,7 +158,6 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, | |||
161 | error = 0; | 158 | error = 0; |
162 | out: | 159 | out: |
163 | up_write(&tomoyo_domain_initializer_list_lock); | 160 | up_write(&tomoyo_domain_initializer_list_lock); |
164 | /***** EXCLUSIVE SECTION END *****/ | ||
165 | return error; | 161 | return error; |
166 | } | 162 | } |
167 | 163 | ||
@@ -314,7 +310,6 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, | |||
314 | saved_domainname = tomoyo_save_name(domainname); | 310 | saved_domainname = tomoyo_save_name(domainname); |
315 | if (!saved_domainname) | 311 | if (!saved_domainname) |
316 | return -ENOMEM; | 312 | return -ENOMEM; |
317 | /***** EXCLUSIVE SECTION START *****/ | ||
318 | down_write(&tomoyo_domain_keeper_list_lock); | 313 | down_write(&tomoyo_domain_keeper_list_lock); |
319 | list_for_each_entry(ptr, &tomoyo_domain_keeper_list, list) { | 314 | list_for_each_entry(ptr, &tomoyo_domain_keeper_list, list) { |
320 | if (ptr->is_not != is_not || | 315 | if (ptr->is_not != is_not || |
@@ -340,7 +335,6 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, | |||
340 | error = 0; | 335 | error = 0; |
341 | out: | 336 | out: |
342 | up_write(&tomoyo_domain_keeper_list_lock); | 337 | up_write(&tomoyo_domain_keeper_list_lock); |
343 | /***** EXCLUSIVE SECTION END *****/ | ||
344 | return error; | 338 | return error; |
345 | } | 339 | } |
346 | 340 | ||
@@ -475,7 +469,6 @@ static int tomoyo_update_alias_entry(const char *original_name, | |||
475 | saved_aliased_name = tomoyo_save_name(aliased_name); | 469 | saved_aliased_name = tomoyo_save_name(aliased_name); |
476 | if (!saved_original_name || !saved_aliased_name) | 470 | if (!saved_original_name || !saved_aliased_name) |
477 | return -ENOMEM; | 471 | return -ENOMEM; |
478 | /***** EXCLUSIVE SECTION START *****/ | ||
479 | down_write(&tomoyo_alias_list_lock); | 472 | down_write(&tomoyo_alias_list_lock); |
480 | list_for_each_entry(ptr, &tomoyo_alias_list, list) { | 473 | list_for_each_entry(ptr, &tomoyo_alias_list, list) { |
481 | if (ptr->original_name != saved_original_name || | 474 | if (ptr->original_name != saved_original_name || |
@@ -498,7 +491,6 @@ static int tomoyo_update_alias_entry(const char *original_name, | |||
498 | error = 0; | 491 | error = 0; |
499 | out: | 492 | out: |
500 | up_write(&tomoyo_alias_list_lock); | 493 | up_write(&tomoyo_alias_list_lock); |
501 | /***** EXCLUSIVE SECTION END *****/ | ||
502 | return error; | 494 | return error; |
503 | } | 495 | } |
504 | 496 | ||
@@ -566,7 +558,6 @@ int tomoyo_delete_domain(char *domainname) | |||
566 | 558 | ||
567 | name.name = domainname; | 559 | name.name = domainname; |
568 | tomoyo_fill_path_info(&name); | 560 | tomoyo_fill_path_info(&name); |
569 | /***** EXCLUSIVE SECTION START *****/ | ||
570 | down_write(&tomoyo_domain_list_lock); | 561 | down_write(&tomoyo_domain_list_lock); |
571 | /* Is there an active domain? */ | 562 | /* Is there an active domain? */ |
572 | list_for_each_entry(domain, &tomoyo_domain_list, list) { | 563 | list_for_each_entry(domain, &tomoyo_domain_list, list) { |
@@ -580,7 +571,6 @@ int tomoyo_delete_domain(char *domainname) | |||
580 | break; | 571 | break; |
581 | } | 572 | } |
582 | up_write(&tomoyo_domain_list_lock); | 573 | up_write(&tomoyo_domain_list_lock); |
583 | /***** EXCLUSIVE SECTION END *****/ | ||
584 | return 0; | 574 | return 0; |
585 | } | 575 | } |
586 | 576 | ||
@@ -599,7 +589,6 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
599 | struct tomoyo_domain_info *domain = NULL; | 589 | struct tomoyo_domain_info *domain = NULL; |
600 | const struct tomoyo_path_info *saved_domainname; | 590 | const struct tomoyo_path_info *saved_domainname; |
601 | 591 | ||
602 | /***** EXCLUSIVE SECTION START *****/ | ||
603 | down_write(&tomoyo_domain_list_lock); | 592 | down_write(&tomoyo_domain_list_lock); |
604 | domain = tomoyo_find_domain(domainname); | 593 | domain = tomoyo_find_domain(domainname); |
605 | if (domain) | 594 | if (domain) |
@@ -618,7 +607,6 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
618 | domain->domainname != saved_domainname) | 607 | domain->domainname != saved_domainname) |
619 | continue; | 608 | continue; |
620 | flag = false; | 609 | flag = false; |
621 | /***** CRITICAL SECTION START *****/ | ||
622 | read_lock(&tasklist_lock); | 610 | read_lock(&tasklist_lock); |
623 | for_each_process(p) { | 611 | for_each_process(p) { |
624 | if (tomoyo_real_domain(p) != domain) | 612 | if (tomoyo_real_domain(p) != domain) |
@@ -627,7 +615,6 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
627 | break; | 615 | break; |
628 | } | 616 | } |
629 | read_unlock(&tasklist_lock); | 617 | read_unlock(&tasklist_lock); |
630 | /***** CRITICAL SECTION END *****/ | ||
631 | if (flag) | 618 | if (flag) |
632 | continue; | 619 | continue; |
633 | list_for_each_entry(ptr, &domain->acl_info_list, list) { | 620 | list_for_each_entry(ptr, &domain->acl_info_list, list) { |
@@ -650,7 +637,6 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
650 | } | 637 | } |
651 | out: | 638 | out: |
652 | up_write(&tomoyo_domain_list_lock); | 639 | up_write(&tomoyo_domain_list_lock); |
653 | /***** EXCLUSIVE SECTION END *****/ | ||
654 | return domain; | 640 | return domain; |
655 | } | 641 | } |
656 | 642 | ||
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c index 2316da8ec5bc..adf786d7421d 100644 --- a/security/tomoyo/file.c +++ b/security/tomoyo/file.c | |||
@@ -166,7 +166,6 @@ static int tomoyo_update_globally_readable_entry(const char *filename, | |||
166 | saved_filename = tomoyo_save_name(filename); | 166 | saved_filename = tomoyo_save_name(filename); |
167 | if (!saved_filename) | 167 | if (!saved_filename) |
168 | return -ENOMEM; | 168 | return -ENOMEM; |
169 | /***** EXCLUSIVE SECTION START *****/ | ||
170 | down_write(&tomoyo_globally_readable_list_lock); | 169 | down_write(&tomoyo_globally_readable_list_lock); |
171 | list_for_each_entry(ptr, &tomoyo_globally_readable_list, list) { | 170 | list_for_each_entry(ptr, &tomoyo_globally_readable_list, list) { |
172 | if (ptr->filename != saved_filename) | 171 | if (ptr->filename != saved_filename) |
@@ -187,7 +186,6 @@ static int tomoyo_update_globally_readable_entry(const char *filename, | |||
187 | error = 0; | 186 | error = 0; |
188 | out: | 187 | out: |
189 | up_write(&tomoyo_globally_readable_list_lock); | 188 | up_write(&tomoyo_globally_readable_list_lock); |
190 | /***** EXCLUSIVE SECTION END *****/ | ||
191 | return error; | 189 | return error; |
192 | } | 190 | } |
193 | 191 | ||
@@ -284,7 +282,6 @@ static int tomoyo_update_file_pattern_entry(const char *pattern, | |||
284 | saved_pattern = tomoyo_save_name(pattern); | 282 | saved_pattern = tomoyo_save_name(pattern); |
285 | if (!saved_pattern) | 283 | if (!saved_pattern) |
286 | return -ENOMEM; | 284 | return -ENOMEM; |
287 | /***** EXCLUSIVE SECTION START *****/ | ||
288 | down_write(&tomoyo_pattern_list_lock); | 285 | down_write(&tomoyo_pattern_list_lock); |
289 | list_for_each_entry(ptr, &tomoyo_pattern_list, list) { | 286 | list_for_each_entry(ptr, &tomoyo_pattern_list, list) { |
290 | if (saved_pattern != ptr->pattern) | 287 | if (saved_pattern != ptr->pattern) |
@@ -305,7 +302,6 @@ static int tomoyo_update_file_pattern_entry(const char *pattern, | |||
305 | error = 0; | 302 | error = 0; |
306 | out: | 303 | out: |
307 | up_write(&tomoyo_pattern_list_lock); | 304 | up_write(&tomoyo_pattern_list_lock); |
308 | /***** EXCLUSIVE SECTION END *****/ | ||
309 | return error; | 305 | return error; |
310 | } | 306 | } |
311 | 307 | ||
@@ -407,7 +403,6 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern, | |||
407 | saved_pattern = tomoyo_save_name(pattern); | 403 | saved_pattern = tomoyo_save_name(pattern); |
408 | if (!saved_pattern) | 404 | if (!saved_pattern) |
409 | return -ENOMEM; | 405 | return -ENOMEM; |
410 | /***** EXCLUSIVE SECTION START *****/ | ||
411 | down_write(&tomoyo_no_rewrite_list_lock); | 406 | down_write(&tomoyo_no_rewrite_list_lock); |
412 | list_for_each_entry(ptr, &tomoyo_no_rewrite_list, list) { | 407 | list_for_each_entry(ptr, &tomoyo_no_rewrite_list, list) { |
413 | if (ptr->pattern != saved_pattern) | 408 | if (ptr->pattern != saved_pattern) |
@@ -428,7 +423,6 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern, | |||
428 | error = 0; | 423 | error = 0; |
429 | out: | 424 | out: |
430 | up_write(&tomoyo_no_rewrite_list_lock); | 425 | up_write(&tomoyo_no_rewrite_list_lock); |
431 | /***** EXCLUSIVE SECTION END *****/ | ||
432 | return error; | 426 | return error; |
433 | } | 427 | } |
434 | 428 | ||
@@ -745,7 +739,6 @@ static int tomoyo_update_single_path_acl(const u8 type, const char *filename, | |||
745 | saved_filename = tomoyo_save_name(filename); | 739 | saved_filename = tomoyo_save_name(filename); |
746 | if (!saved_filename) | 740 | if (!saved_filename) |
747 | return -ENOMEM; | 741 | return -ENOMEM; |
748 | /***** EXCLUSIVE SECTION START *****/ | ||
749 | down_write(&tomoyo_domain_acl_info_list_lock); | 742 | down_write(&tomoyo_domain_acl_info_list_lock); |
750 | if (is_delete) | 743 | if (is_delete) |
751 | goto delete; | 744 | goto delete; |
@@ -800,7 +793,6 @@ static int tomoyo_update_single_path_acl(const u8 type, const char *filename, | |||
800 | } | 793 | } |
801 | out: | 794 | out: |
802 | up_write(&tomoyo_domain_acl_info_list_lock); | 795 | up_write(&tomoyo_domain_acl_info_list_lock); |
803 | /***** EXCLUSIVE SECTION END *****/ | ||
804 | return error; | 796 | return error; |
805 | } | 797 | } |
806 | 798 | ||
@@ -836,7 +828,6 @@ static int tomoyo_update_double_path_acl(const u8 type, const char *filename1, | |||
836 | saved_filename2 = tomoyo_save_name(filename2); | 828 | saved_filename2 = tomoyo_save_name(filename2); |
837 | if (!saved_filename1 || !saved_filename2) | 829 | if (!saved_filename1 || !saved_filename2) |
838 | return -ENOMEM; | 830 | return -ENOMEM; |
839 | /***** EXCLUSIVE SECTION START *****/ | ||
840 | down_write(&tomoyo_domain_acl_info_list_lock); | 831 | down_write(&tomoyo_domain_acl_info_list_lock); |
841 | if (is_delete) | 832 | if (is_delete) |
842 | goto delete; | 833 | goto delete; |
@@ -884,7 +875,6 @@ static int tomoyo_update_double_path_acl(const u8 type, const char *filename1, | |||
884 | } | 875 | } |
885 | out: | 876 | out: |
886 | up_write(&tomoyo_domain_acl_info_list_lock); | 877 | up_write(&tomoyo_domain_acl_info_list_lock); |
887 | /***** EXCLUSIVE SECTION END *****/ | ||
888 | return error; | 878 | return error; |
889 | } | 879 | } |
890 | 880 | ||
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c index 40927a84cb6e..3948f6b56ae2 100644 --- a/security/tomoyo/realpath.c +++ b/security/tomoyo/realpath.c | |||
@@ -220,7 +220,6 @@ void *tomoyo_alloc_element(const unsigned int size) | |||
220 | = roundup(size, max(sizeof(void *), sizeof(long))); | 220 | = roundup(size, max(sizeof(void *), sizeof(long))); |
221 | if (word_aligned_size > PATH_MAX) | 221 | if (word_aligned_size > PATH_MAX) |
222 | return NULL; | 222 | return NULL; |
223 | /***** EXCLUSIVE SECTION START *****/ | ||
224 | mutex_lock(&lock); | 223 | mutex_lock(&lock); |
225 | if (buf_used_len + word_aligned_size > PATH_MAX) { | 224 | if (buf_used_len + word_aligned_size > PATH_MAX) { |
226 | if (!tomoyo_quota_for_elements || | 225 | if (!tomoyo_quota_for_elements || |
@@ -251,7 +250,6 @@ void *tomoyo_alloc_element(const unsigned int size) | |||
251 | } | 250 | } |
252 | } | 251 | } |
253 | mutex_unlock(&lock); | 252 | mutex_unlock(&lock); |
254 | /***** EXCLUSIVE SECTION END *****/ | ||
255 | return ptr; | 253 | return ptr; |
256 | } | 254 | } |
257 | 255 | ||
@@ -318,7 +316,6 @@ const struct tomoyo_path_info *tomoyo_save_name(const char *name) | |||
318 | return NULL; | 316 | return NULL; |
319 | } | 317 | } |
320 | hash = full_name_hash((const unsigned char *) name, len - 1); | 318 | hash = full_name_hash((const unsigned char *) name, len - 1); |
321 | /***** EXCLUSIVE SECTION START *****/ | ||
322 | mutex_lock(&lock); | 319 | mutex_lock(&lock); |
323 | list_for_each_entry(ptr, &tomoyo_name_list[hash % TOMOYO_MAX_HASH], | 320 | list_for_each_entry(ptr, &tomoyo_name_list[hash % TOMOYO_MAX_HASH], |
324 | list) { | 321 | list) { |
@@ -366,7 +363,6 @@ const struct tomoyo_path_info *tomoyo_save_name(const char *name) | |||
366 | } | 363 | } |
367 | out: | 364 | out: |
368 | mutex_unlock(&lock); | 365 | mutex_unlock(&lock); |
369 | /***** EXCLUSIVE SECTION END *****/ | ||
370 | return ptr ? &ptr->entry : NULL; | 366 | return ptr ? &ptr->entry : NULL; |
371 | } | 367 | } |
372 | 368 | ||