diff options
Diffstat (limited to 'security/selinux/ss/policydb.c')
-rw-r--r-- | security/selinux/ss/policydb.c | 51 |
1 files changed, 17 insertions, 34 deletions
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index 8e6262d12aa9..2f5f539875f2 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c | |||
@@ -121,12 +121,11 @@ static int roles_init(struct policydb *p) | |||
121 | int rc; | 121 | int rc; |
122 | struct role_datum *role; | 122 | struct role_datum *role; |
123 | 123 | ||
124 | role = kmalloc(sizeof(*role), GFP_KERNEL); | 124 | role = kzalloc(sizeof(*role), GFP_KERNEL); |
125 | if (!role) { | 125 | if (!role) { |
126 | rc = -ENOMEM; | 126 | rc = -ENOMEM; |
127 | goto out; | 127 | goto out; |
128 | } | 128 | } |
129 | memset(role, 0, sizeof(*role)); | ||
130 | role->value = ++p->p_roles.nprim; | 129 | role->value = ++p->p_roles.nprim; |
131 | if (role->value != OBJECT_R_VAL) { | 130 | if (role->value != OBJECT_R_VAL) { |
132 | rc = -EINVAL; | 131 | rc = -EINVAL; |
@@ -851,12 +850,11 @@ static int perm_read(struct policydb *p, struct hashtab *h, void *fp) | |||
851 | __le32 buf[2]; | 850 | __le32 buf[2]; |
852 | u32 len; | 851 | u32 len; |
853 | 852 | ||
854 | perdatum = kmalloc(sizeof(*perdatum), GFP_KERNEL); | 853 | perdatum = kzalloc(sizeof(*perdatum), GFP_KERNEL); |
855 | if (!perdatum) { | 854 | if (!perdatum) { |
856 | rc = -ENOMEM; | 855 | rc = -ENOMEM; |
857 | goto out; | 856 | goto out; |
858 | } | 857 | } |
859 | memset(perdatum, 0, sizeof(*perdatum)); | ||
860 | 858 | ||
861 | rc = next_entry(buf, fp, sizeof buf); | 859 | rc = next_entry(buf, fp, sizeof buf); |
862 | if (rc < 0) | 860 | if (rc < 0) |
@@ -893,12 +891,11 @@ static int common_read(struct policydb *p, struct hashtab *h, void *fp) | |||
893 | u32 len, nel; | 891 | u32 len, nel; |
894 | int i, rc; | 892 | int i, rc; |
895 | 893 | ||
896 | comdatum = kmalloc(sizeof(*comdatum), GFP_KERNEL); | 894 | comdatum = kzalloc(sizeof(*comdatum), GFP_KERNEL); |
897 | if (!comdatum) { | 895 | if (!comdatum) { |
898 | rc = -ENOMEM; | 896 | rc = -ENOMEM; |
899 | goto out; | 897 | goto out; |
900 | } | 898 | } |
901 | memset(comdatum, 0, sizeof(*comdatum)); | ||
902 | 899 | ||
903 | rc = next_entry(buf, fp, sizeof buf); | 900 | rc = next_entry(buf, fp, sizeof buf); |
904 | if (rc < 0) | 901 | if (rc < 0) |
@@ -950,10 +947,9 @@ static int read_cons_helper(struct constraint_node **nodep, int ncons, | |||
950 | 947 | ||
951 | lc = NULL; | 948 | lc = NULL; |
952 | for (i = 0; i < ncons; i++) { | 949 | for (i = 0; i < ncons; i++) { |
953 | c = kmalloc(sizeof(*c), GFP_KERNEL); | 950 | c = kzalloc(sizeof(*c), GFP_KERNEL); |
954 | if (!c) | 951 | if (!c) |
955 | return -ENOMEM; | 952 | return -ENOMEM; |
956 | memset(c, 0, sizeof(*c)); | ||
957 | 953 | ||
958 | if (lc) { | 954 | if (lc) { |
959 | lc->next = c; | 955 | lc->next = c; |
@@ -969,10 +965,9 @@ static int read_cons_helper(struct constraint_node **nodep, int ncons, | |||
969 | le = NULL; | 965 | le = NULL; |
970 | depth = -1; | 966 | depth = -1; |
971 | for (j = 0; j < nexpr; j++) { | 967 | for (j = 0; j < nexpr; j++) { |
972 | e = kmalloc(sizeof(*e), GFP_KERNEL); | 968 | e = kzalloc(sizeof(*e), GFP_KERNEL); |
973 | if (!e) | 969 | if (!e) |
974 | return -ENOMEM; | 970 | return -ENOMEM; |
975 | memset(e, 0, sizeof(*e)); | ||
976 | 971 | ||
977 | if (le) { | 972 | if (le) { |
978 | le->next = e; | 973 | le->next = e; |
@@ -1033,12 +1028,11 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp) | |||
1033 | u32 len, len2, ncons, nel; | 1028 | u32 len, len2, ncons, nel; |
1034 | int i, rc; | 1029 | int i, rc; |
1035 | 1030 | ||
1036 | cladatum = kmalloc(sizeof(*cladatum), GFP_KERNEL); | 1031 | cladatum = kzalloc(sizeof(*cladatum), GFP_KERNEL); |
1037 | if (!cladatum) { | 1032 | if (!cladatum) { |
1038 | rc = -ENOMEM; | 1033 | rc = -ENOMEM; |
1039 | goto out; | 1034 | goto out; |
1040 | } | 1035 | } |
1041 | memset(cladatum, 0, sizeof(*cladatum)); | ||
1042 | 1036 | ||
1043 | rc = next_entry(buf, fp, sizeof(u32)*6); | 1037 | rc = next_entry(buf, fp, sizeof(u32)*6); |
1044 | if (rc < 0) | 1038 | if (rc < 0) |
@@ -1127,12 +1121,11 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp) | |||
1127 | __le32 buf[2]; | 1121 | __le32 buf[2]; |
1128 | u32 len; | 1122 | u32 len; |
1129 | 1123 | ||
1130 | role = kmalloc(sizeof(*role), GFP_KERNEL); | 1124 | role = kzalloc(sizeof(*role), GFP_KERNEL); |
1131 | if (!role) { | 1125 | if (!role) { |
1132 | rc = -ENOMEM; | 1126 | rc = -ENOMEM; |
1133 | goto out; | 1127 | goto out; |
1134 | } | 1128 | } |
1135 | memset(role, 0, sizeof(*role)); | ||
1136 | 1129 | ||
1137 | rc = next_entry(buf, fp, sizeof buf); | 1130 | rc = next_entry(buf, fp, sizeof buf); |
1138 | if (rc < 0) | 1131 | if (rc < 0) |
@@ -1188,12 +1181,11 @@ static int type_read(struct policydb *p, struct hashtab *h, void *fp) | |||
1188 | __le32 buf[3]; | 1181 | __le32 buf[3]; |
1189 | u32 len; | 1182 | u32 len; |
1190 | 1183 | ||
1191 | typdatum = kmalloc(sizeof(*typdatum),GFP_KERNEL); | 1184 | typdatum = kzalloc(sizeof(*typdatum),GFP_KERNEL); |
1192 | if (!typdatum) { | 1185 | if (!typdatum) { |
1193 | rc = -ENOMEM; | 1186 | rc = -ENOMEM; |
1194 | return rc; | 1187 | return rc; |
1195 | } | 1188 | } |
1196 | memset(typdatum, 0, sizeof(*typdatum)); | ||
1197 | 1189 | ||
1198 | rc = next_entry(buf, fp, sizeof buf); | 1190 | rc = next_entry(buf, fp, sizeof buf); |
1199 | if (rc < 0) | 1191 | if (rc < 0) |
@@ -1261,12 +1253,11 @@ static int user_read(struct policydb *p, struct hashtab *h, void *fp) | |||
1261 | __le32 buf[2]; | 1253 | __le32 buf[2]; |
1262 | u32 len; | 1254 | u32 len; |
1263 | 1255 | ||
1264 | usrdatum = kmalloc(sizeof(*usrdatum), GFP_KERNEL); | 1256 | usrdatum = kzalloc(sizeof(*usrdatum), GFP_KERNEL); |
1265 | if (!usrdatum) { | 1257 | if (!usrdatum) { |
1266 | rc = -ENOMEM; | 1258 | rc = -ENOMEM; |
1267 | goto out; | 1259 | goto out; |
1268 | } | 1260 | } |
1269 | memset(usrdatum, 0, sizeof(*usrdatum)); | ||
1270 | 1261 | ||
1271 | rc = next_entry(buf, fp, sizeof buf); | 1262 | rc = next_entry(buf, fp, sizeof buf); |
1272 | if (rc < 0) | 1263 | if (rc < 0) |
@@ -1316,12 +1307,11 @@ static int sens_read(struct policydb *p, struct hashtab *h, void *fp) | |||
1316 | __le32 buf[2]; | 1307 | __le32 buf[2]; |
1317 | u32 len; | 1308 | u32 len; |
1318 | 1309 | ||
1319 | levdatum = kmalloc(sizeof(*levdatum), GFP_ATOMIC); | 1310 | levdatum = kzalloc(sizeof(*levdatum), GFP_ATOMIC); |
1320 | if (!levdatum) { | 1311 | if (!levdatum) { |
1321 | rc = -ENOMEM; | 1312 | rc = -ENOMEM; |
1322 | goto out; | 1313 | goto out; |
1323 | } | 1314 | } |
1324 | memset(levdatum, 0, sizeof(*levdatum)); | ||
1325 | 1315 | ||
1326 | rc = next_entry(buf, fp, sizeof buf); | 1316 | rc = next_entry(buf, fp, sizeof buf); |
1327 | if (rc < 0) | 1317 | if (rc < 0) |
@@ -1368,12 +1358,11 @@ static int cat_read(struct policydb *p, struct hashtab *h, void *fp) | |||
1368 | __le32 buf[3]; | 1358 | __le32 buf[3]; |
1369 | u32 len; | 1359 | u32 len; |
1370 | 1360 | ||
1371 | catdatum = kmalloc(sizeof(*catdatum), GFP_ATOMIC); | 1361 | catdatum = kzalloc(sizeof(*catdatum), GFP_ATOMIC); |
1372 | if (!catdatum) { | 1362 | if (!catdatum) { |
1373 | rc = -ENOMEM; | 1363 | rc = -ENOMEM; |
1374 | goto out; | 1364 | goto out; |
1375 | } | 1365 | } |
1376 | memset(catdatum, 0, sizeof(*catdatum)); | ||
1377 | 1366 | ||
1378 | rc = next_entry(buf, fp, sizeof buf); | 1367 | rc = next_entry(buf, fp, sizeof buf); |
1379 | if (rc < 0) | 1368 | if (rc < 0) |
@@ -1567,12 +1556,11 @@ int policydb_read(struct policydb *p, void *fp) | |||
1567 | nel = le32_to_cpu(buf[0]); | 1556 | nel = le32_to_cpu(buf[0]); |
1568 | ltr = NULL; | 1557 | ltr = NULL; |
1569 | for (i = 0; i < nel; i++) { | 1558 | for (i = 0; i < nel; i++) { |
1570 | tr = kmalloc(sizeof(*tr), GFP_KERNEL); | 1559 | tr = kzalloc(sizeof(*tr), GFP_KERNEL); |
1571 | if (!tr) { | 1560 | if (!tr) { |
1572 | rc = -ENOMEM; | 1561 | rc = -ENOMEM; |
1573 | goto bad; | 1562 | goto bad; |
1574 | } | 1563 | } |
1575 | memset(tr, 0, sizeof(*tr)); | ||
1576 | if (ltr) { | 1564 | if (ltr) { |
1577 | ltr->next = tr; | 1565 | ltr->next = tr; |
1578 | } else { | 1566 | } else { |
@@ -1593,12 +1581,11 @@ int policydb_read(struct policydb *p, void *fp) | |||
1593 | nel = le32_to_cpu(buf[0]); | 1581 | nel = le32_to_cpu(buf[0]); |
1594 | lra = NULL; | 1582 | lra = NULL; |
1595 | for (i = 0; i < nel; i++) { | 1583 | for (i = 0; i < nel; i++) { |
1596 | ra = kmalloc(sizeof(*ra), GFP_KERNEL); | 1584 | ra = kzalloc(sizeof(*ra), GFP_KERNEL); |
1597 | if (!ra) { | 1585 | if (!ra) { |
1598 | rc = -ENOMEM; | 1586 | rc = -ENOMEM; |
1599 | goto bad; | 1587 | goto bad; |
1600 | } | 1588 | } |
1601 | memset(ra, 0, sizeof(*ra)); | ||
1602 | if (lra) { | 1589 | if (lra) { |
1603 | lra->next = ra; | 1590 | lra->next = ra; |
1604 | } else { | 1591 | } else { |
@@ -1627,12 +1614,11 @@ int policydb_read(struct policydb *p, void *fp) | |||
1627 | nel = le32_to_cpu(buf[0]); | 1614 | nel = le32_to_cpu(buf[0]); |
1628 | l = NULL; | 1615 | l = NULL; |
1629 | for (j = 0; j < nel; j++) { | 1616 | for (j = 0; j < nel; j++) { |
1630 | c = kmalloc(sizeof(*c), GFP_KERNEL); | 1617 | c = kzalloc(sizeof(*c), GFP_KERNEL); |
1631 | if (!c) { | 1618 | if (!c) { |
1632 | rc = -ENOMEM; | 1619 | rc = -ENOMEM; |
1633 | goto bad; | 1620 | goto bad; |
1634 | } | 1621 | } |
1635 | memset(c, 0, sizeof(*c)); | ||
1636 | if (l) { | 1622 | if (l) { |
1637 | l->next = c; | 1623 | l->next = c; |
1638 | } else { | 1624 | } else { |
@@ -1743,12 +1729,11 @@ int policydb_read(struct policydb *p, void *fp) | |||
1743 | if (rc < 0) | 1729 | if (rc < 0) |
1744 | goto bad; | 1730 | goto bad; |
1745 | len = le32_to_cpu(buf[0]); | 1731 | len = le32_to_cpu(buf[0]); |
1746 | newgenfs = kmalloc(sizeof(*newgenfs), GFP_KERNEL); | 1732 | newgenfs = kzalloc(sizeof(*newgenfs), GFP_KERNEL); |
1747 | if (!newgenfs) { | 1733 | if (!newgenfs) { |
1748 | rc = -ENOMEM; | 1734 | rc = -ENOMEM; |
1749 | goto bad; | 1735 | goto bad; |
1750 | } | 1736 | } |
1751 | memset(newgenfs, 0, sizeof(*newgenfs)); | ||
1752 | 1737 | ||
1753 | newgenfs->fstype = kmalloc(len + 1,GFP_KERNEL); | 1738 | newgenfs->fstype = kmalloc(len + 1,GFP_KERNEL); |
1754 | if (!newgenfs->fstype) { | 1739 | if (!newgenfs->fstype) { |
@@ -1790,12 +1775,11 @@ int policydb_read(struct policydb *p, void *fp) | |||
1790 | goto bad; | 1775 | goto bad; |
1791 | len = le32_to_cpu(buf[0]); | 1776 | len = le32_to_cpu(buf[0]); |
1792 | 1777 | ||
1793 | newc = kmalloc(sizeof(*newc), GFP_KERNEL); | 1778 | newc = kzalloc(sizeof(*newc), GFP_KERNEL); |
1794 | if (!newc) { | 1779 | if (!newc) { |
1795 | rc = -ENOMEM; | 1780 | rc = -ENOMEM; |
1796 | goto bad; | 1781 | goto bad; |
1797 | } | 1782 | } |
1798 | memset(newc, 0, sizeof(*newc)); | ||
1799 | 1783 | ||
1800 | newc->u.name = kmalloc(len + 1,GFP_KERNEL); | 1784 | newc->u.name = kmalloc(len + 1,GFP_KERNEL); |
1801 | if (!newc->u.name) { | 1785 | if (!newc->u.name) { |
@@ -1843,12 +1827,11 @@ int policydb_read(struct policydb *p, void *fp) | |||
1843 | nel = le32_to_cpu(buf[0]); | 1827 | nel = le32_to_cpu(buf[0]); |
1844 | lrt = NULL; | 1828 | lrt = NULL; |
1845 | for (i = 0; i < nel; i++) { | 1829 | for (i = 0; i < nel; i++) { |
1846 | rt = kmalloc(sizeof(*rt), GFP_KERNEL); | 1830 | rt = kzalloc(sizeof(*rt), GFP_KERNEL); |
1847 | if (!rt) { | 1831 | if (!rt) { |
1848 | rc = -ENOMEM; | 1832 | rc = -ENOMEM; |
1849 | goto bad; | 1833 | goto bad; |
1850 | } | 1834 | } |
1851 | memset(rt, 0, sizeof(*rt)); | ||
1852 | if (lrt) | 1835 | if (lrt) |
1853 | lrt->next = rt; | 1836 | lrt->next = rt; |
1854 | else | 1837 | else |