diff options
Diffstat (limited to 'security/selinux/ss')
-rw-r--r-- | security/selinux/ss/conditional.c | 12 | ||||
-rw-r--r-- | security/selinux/ss/ebitmap.c | 9 | ||||
-rw-r--r-- | security/selinux/ss/hashtab.c | 6 | ||||
-rw-r--r-- | security/selinux/ss/policydb.c | 51 | ||||
-rw-r--r-- | security/selinux/ss/services.c | 11 |
5 files changed, 30 insertions, 59 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c index daf288007460..d2737edba541 100644 --- a/security/selinux/ss/conditional.c +++ b/security/selinux/ss/conditional.c | |||
@@ -220,10 +220,9 @@ int cond_read_bool(struct policydb *p, struct hashtab *h, void *fp) | |||
220 | u32 len; | 220 | u32 len; |
221 | int rc; | 221 | int rc; |
222 | 222 | ||
223 | booldatum = kmalloc(sizeof(struct cond_bool_datum), GFP_KERNEL); | 223 | booldatum = kzalloc(sizeof(struct cond_bool_datum), GFP_KERNEL); |
224 | if (!booldatum) | 224 | if (!booldatum) |
225 | return -1; | 225 | return -1; |
226 | memset(booldatum, 0, sizeof(struct cond_bool_datum)); | ||
227 | 226 | ||
228 | rc = next_entry(buf, fp, sizeof buf); | 227 | rc = next_entry(buf, fp, sizeof buf); |
229 | if (rc < 0) | 228 | if (rc < 0) |
@@ -321,10 +320,9 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum | |||
321 | goto err; | 320 | goto err; |
322 | } | 321 | } |
323 | 322 | ||
324 | list = kmalloc(sizeof(struct cond_av_list), GFP_KERNEL); | 323 | list = kzalloc(sizeof(struct cond_av_list), GFP_KERNEL); |
325 | if (!list) | 324 | if (!list) |
326 | goto err; | 325 | goto err; |
327 | memset(list, 0, sizeof(*list)); | ||
328 | 326 | ||
329 | list->node = node_ptr; | 327 | list->node = node_ptr; |
330 | if (!data->head) | 328 | if (!data->head) |
@@ -414,11 +412,10 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp) | |||
414 | if (rc < 0) | 412 | if (rc < 0) |
415 | goto err; | 413 | goto err; |
416 | 414 | ||
417 | expr = kmalloc(sizeof(struct cond_expr), GFP_KERNEL); | 415 | expr = kzalloc(sizeof(struct cond_expr), GFP_KERNEL); |
418 | if (!expr) { | 416 | if (!expr) { |
419 | goto err; | 417 | goto err; |
420 | } | 418 | } |
421 | memset(expr, 0, sizeof(struct cond_expr)); | ||
422 | 419 | ||
423 | expr->expr_type = le32_to_cpu(buf[0]); | 420 | expr->expr_type = le32_to_cpu(buf[0]); |
424 | expr->bool = le32_to_cpu(buf[1]); | 421 | expr->bool = le32_to_cpu(buf[1]); |
@@ -460,10 +457,9 @@ int cond_read_list(struct policydb *p, void *fp) | |||
460 | len = le32_to_cpu(buf[0]); | 457 | len = le32_to_cpu(buf[0]); |
461 | 458 | ||
462 | for (i = 0; i < len; i++) { | 459 | for (i = 0; i < len; i++) { |
463 | node = kmalloc(sizeof(struct cond_node), GFP_KERNEL); | 460 | node = kzalloc(sizeof(struct cond_node), GFP_KERNEL); |
464 | if (!node) | 461 | if (!node) |
465 | goto err; | 462 | goto err; |
466 | memset(node, 0, sizeof(struct cond_node)); | ||
467 | 463 | ||
468 | if (cond_read_node(p, node, fp) != 0) | 464 | if (cond_read_node(p, node, fp) != 0) |
469 | goto err; | 465 | goto err; |
diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c index d515154128cc..47024a6e1844 100644 --- a/security/selinux/ss/ebitmap.c +++ b/security/selinux/ss/ebitmap.c | |||
@@ -39,12 +39,11 @@ int ebitmap_cpy(struct ebitmap *dst, struct ebitmap *src) | |||
39 | n = src->node; | 39 | n = src->node; |
40 | prev = NULL; | 40 | prev = NULL; |
41 | while (n) { | 41 | while (n) { |
42 | new = kmalloc(sizeof(*new), GFP_ATOMIC); | 42 | new = kzalloc(sizeof(*new), GFP_ATOMIC); |
43 | if (!new) { | 43 | if (!new) { |
44 | ebitmap_destroy(dst); | 44 | ebitmap_destroy(dst); |
45 | return -ENOMEM; | 45 | return -ENOMEM; |
46 | } | 46 | } |
47 | memset(new, 0, sizeof(*new)); | ||
48 | new->startbit = n->startbit; | 47 | new->startbit = n->startbit; |
49 | new->map = n->map; | 48 | new->map = n->map; |
50 | new->next = NULL; | 49 | new->next = NULL; |
@@ -150,10 +149,9 @@ int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value) | |||
150 | if (!value) | 149 | if (!value) |
151 | return 0; | 150 | return 0; |
152 | 151 | ||
153 | new = kmalloc(sizeof(*new), GFP_ATOMIC); | 152 | new = kzalloc(sizeof(*new), GFP_ATOMIC); |
154 | if (!new) | 153 | if (!new) |
155 | return -ENOMEM; | 154 | return -ENOMEM; |
156 | memset(new, 0, sizeof(*new)); | ||
157 | 155 | ||
158 | new->startbit = bit & ~(MAPSIZE - 1); | 156 | new->startbit = bit & ~(MAPSIZE - 1); |
159 | new->map = (MAPBIT << (bit - new->startbit)); | 157 | new->map = (MAPBIT << (bit - new->startbit)); |
@@ -232,13 +230,12 @@ int ebitmap_read(struct ebitmap *e, void *fp) | |||
232 | printk(KERN_ERR "security: ebitmap: truncated map\n"); | 230 | printk(KERN_ERR "security: ebitmap: truncated map\n"); |
233 | goto bad; | 231 | goto bad; |
234 | } | 232 | } |
235 | n = kmalloc(sizeof(*n), GFP_KERNEL); | 233 | n = kzalloc(sizeof(*n), GFP_KERNEL); |
236 | if (!n) { | 234 | if (!n) { |
237 | printk(KERN_ERR "security: ebitmap: out of memory\n"); | 235 | printk(KERN_ERR "security: ebitmap: out of memory\n"); |
238 | rc = -ENOMEM; | 236 | rc = -ENOMEM; |
239 | goto bad; | 237 | goto bad; |
240 | } | 238 | } |
241 | memset(n, 0, sizeof(*n)); | ||
242 | 239 | ||
243 | n->startbit = le32_to_cpu(buf[0]); | 240 | n->startbit = le32_to_cpu(buf[0]); |
244 | 241 | ||
diff --git a/security/selinux/ss/hashtab.c b/security/selinux/ss/hashtab.c index 26661fcc00ce..24e5ec957630 100644 --- a/security/selinux/ss/hashtab.c +++ b/security/selinux/ss/hashtab.c | |||
@@ -15,11 +15,10 @@ struct hashtab *hashtab_create(u32 (*hash_value)(struct hashtab *h, void *key), | |||
15 | struct hashtab *p; | 15 | struct hashtab *p; |
16 | u32 i; | 16 | u32 i; |
17 | 17 | ||
18 | p = kmalloc(sizeof(*p), GFP_KERNEL); | 18 | p = kzalloc(sizeof(*p), GFP_KERNEL); |
19 | if (p == NULL) | 19 | if (p == NULL) |
20 | return p; | 20 | return p; |
21 | 21 | ||
22 | memset(p, 0, sizeof(*p)); | ||
23 | p->size = size; | 22 | p->size = size; |
24 | p->nel = 0; | 23 | p->nel = 0; |
25 | p->hash_value = hash_value; | 24 | p->hash_value = hash_value; |
@@ -55,10 +54,9 @@ int hashtab_insert(struct hashtab *h, void *key, void *datum) | |||
55 | if (cur && (h->keycmp(h, key, cur->key) == 0)) | 54 | if (cur && (h->keycmp(h, key, cur->key) == 0)) |
56 | return -EEXIST; | 55 | return -EEXIST; |
57 | 56 | ||
58 | newnode = kmalloc(sizeof(*newnode), GFP_KERNEL); | 57 | newnode = kzalloc(sizeof(*newnode), GFP_KERNEL); |
59 | if (newnode == NULL) | 58 | if (newnode == NULL) |
60 | return -ENOMEM; | 59 | return -ENOMEM; |
61 | memset(newnode, 0, sizeof(*newnode)); | ||
62 | newnode->key = key; | 60 | newnode->key = key; |
63 | newnode->datum = datum; | 61 | newnode->datum = datum; |
64 | if (prev) { | 62 | if (prev) { |
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index 8e6262d12aa9..2f5f539875f2 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c | |||
@@ -121,12 +121,11 @@ static int roles_init(struct policydb *p) | |||
121 | int rc; | 121 | int rc; |
122 | struct role_datum *role; | 122 | struct role_datum *role; |
123 | 123 | ||
124 | role = kmalloc(sizeof(*role), GFP_KERNEL); | 124 | role = kzalloc(sizeof(*role), GFP_KERNEL); |
125 | if (!role) { | 125 | if (!role) { |
126 | rc = -ENOMEM; | 126 | rc = -ENOMEM; |
127 | goto out; | 127 | goto out; |
128 | } | 128 | } |
129 | memset(role, 0, sizeof(*role)); | ||
130 | role->value = ++p->p_roles.nprim; | 129 | role->value = ++p->p_roles.nprim; |
131 | if (role->value != OBJECT_R_VAL) { | 130 | if (role->value != OBJECT_R_VAL) { |
132 | rc = -EINVAL; | 131 | rc = -EINVAL; |
@@ -851,12 +850,11 @@ static int perm_read(struct policydb *p, struct hashtab *h, void *fp) | |||
851 | __le32 buf[2]; | 850 | __le32 buf[2]; |
852 | u32 len; | 851 | u32 len; |
853 | 852 | ||
854 | perdatum = kmalloc(sizeof(*perdatum), GFP_KERNEL); | 853 | perdatum = kzalloc(sizeof(*perdatum), GFP_KERNEL); |
855 | if (!perdatum) { | 854 | if (!perdatum) { |
856 | rc = -ENOMEM; | 855 | rc = -ENOMEM; |
857 | goto out; | 856 | goto out; |
858 | } | 857 | } |
859 | memset(perdatum, 0, sizeof(*perdatum)); | ||
860 | 858 | ||
861 | rc = next_entry(buf, fp, sizeof buf); | 859 | rc = next_entry(buf, fp, sizeof buf); |
862 | if (rc < 0) | 860 | if (rc < 0) |
@@ -893,12 +891,11 @@ static int common_read(struct policydb *p, struct hashtab *h, void *fp) | |||
893 | u32 len, nel; | 891 | u32 len, nel; |
894 | int i, rc; | 892 | int i, rc; |
895 | 893 | ||
896 | comdatum = kmalloc(sizeof(*comdatum), GFP_KERNEL); | 894 | comdatum = kzalloc(sizeof(*comdatum), GFP_KERNEL); |
897 | if (!comdatum) { | 895 | if (!comdatum) { |
898 | rc = -ENOMEM; | 896 | rc = -ENOMEM; |
899 | goto out; | 897 | goto out; |
900 | } | 898 | } |
901 | memset(comdatum, 0, sizeof(*comdatum)); | ||
902 | 899 | ||
903 | rc = next_entry(buf, fp, sizeof buf); | 900 | rc = next_entry(buf, fp, sizeof buf); |
904 | if (rc < 0) | 901 | if (rc < 0) |
@@ -950,10 +947,9 @@ static int read_cons_helper(struct constraint_node **nodep, int ncons, | |||
950 | 947 | ||
951 | lc = NULL; | 948 | lc = NULL; |
952 | for (i = 0; i < ncons; i++) { | 949 | for (i = 0; i < ncons; i++) { |
953 | c = kmalloc(sizeof(*c), GFP_KERNEL); | 950 | c = kzalloc(sizeof(*c), GFP_KERNEL); |
954 | if (!c) | 951 | if (!c) |
955 | return -ENOMEM; | 952 | return -ENOMEM; |
956 | memset(c, 0, sizeof(*c)); | ||
957 | 953 | ||
958 | if (lc) { | 954 | if (lc) { |
959 | lc->next = c; | 955 | lc->next = c; |
@@ -969,10 +965,9 @@ static int read_cons_helper(struct constraint_node **nodep, int ncons, | |||
969 | le = NULL; | 965 | le = NULL; |
970 | depth = -1; | 966 | depth = -1; |
971 | for (j = 0; j < nexpr; j++) { | 967 | for (j = 0; j < nexpr; j++) { |
972 | e = kmalloc(sizeof(*e), GFP_KERNEL); | 968 | e = kzalloc(sizeof(*e), GFP_KERNEL); |
973 | if (!e) | 969 | if (!e) |
974 | return -ENOMEM; | 970 | return -ENOMEM; |
975 | memset(e, 0, sizeof(*e)); | ||
976 | 971 | ||
977 | if (le) { | 972 | if (le) { |
978 | le->next = e; | 973 | le->next = e; |
@@ -1033,12 +1028,11 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp) | |||
1033 | u32 len, len2, ncons, nel; | 1028 | u32 len, len2, ncons, nel; |
1034 | int i, rc; | 1029 | int i, rc; |
1035 | 1030 | ||
1036 | cladatum = kmalloc(sizeof(*cladatum), GFP_KERNEL); | 1031 | cladatum = kzalloc(sizeof(*cladatum), GFP_KERNEL); |
1037 | if (!cladatum) { | 1032 | if (!cladatum) { |
1038 | rc = -ENOMEM; | 1033 | rc = -ENOMEM; |
1039 | goto out; | 1034 | goto out; |
1040 | } | 1035 | } |
1041 | memset(cladatum, 0, sizeof(*cladatum)); | ||
1042 | 1036 | ||
1043 | rc = next_entry(buf, fp, sizeof(u32)*6); | 1037 | rc = next_entry(buf, fp, sizeof(u32)*6); |
1044 | if (rc < 0) | 1038 | if (rc < 0) |
@@ -1127,12 +1121,11 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp) | |||
1127 | __le32 buf[2]; | 1121 | __le32 buf[2]; |
1128 | u32 len; | 1122 | u32 len; |
1129 | 1123 | ||
1130 | role = kmalloc(sizeof(*role), GFP_KERNEL); | 1124 | role = kzalloc(sizeof(*role), GFP_KERNEL); |
1131 | if (!role) { | 1125 | if (!role) { |
1132 | rc = -ENOMEM; | 1126 | rc = -ENOMEM; |
1133 | goto out; | 1127 | goto out; |
1134 | } | 1128 | } |
1135 | memset(role, 0, sizeof(*role)); | ||
1136 | 1129 | ||
1137 | rc = next_entry(buf, fp, sizeof buf); | 1130 | rc = next_entry(buf, fp, sizeof buf); |
1138 | if (rc < 0) | 1131 | if (rc < 0) |
@@ -1188,12 +1181,11 @@ static int type_read(struct policydb *p, struct hashtab *h, void *fp) | |||
1188 | __le32 buf[3]; | 1181 | __le32 buf[3]; |
1189 | u32 len; | 1182 | u32 len; |
1190 | 1183 | ||
1191 | typdatum = kmalloc(sizeof(*typdatum),GFP_KERNEL); | 1184 | typdatum = kzalloc(sizeof(*typdatum),GFP_KERNEL); |
1192 | if (!typdatum) { | 1185 | if (!typdatum) { |
1193 | rc = -ENOMEM; | 1186 | rc = -ENOMEM; |
1194 | return rc; | 1187 | return rc; |
1195 | } | 1188 | } |
1196 | memset(typdatum, 0, sizeof(*typdatum)); | ||
1197 | 1189 | ||
1198 | rc = next_entry(buf, fp, sizeof buf); | 1190 | rc = next_entry(buf, fp, sizeof buf); |
1199 | if (rc < 0) | 1191 | if (rc < 0) |
@@ -1261,12 +1253,11 @@ static int user_read(struct policydb *p, struct hashtab *h, void *fp) | |||
1261 | __le32 buf[2]; | 1253 | __le32 buf[2]; |
1262 | u32 len; | 1254 | u32 len; |
1263 | 1255 | ||
1264 | usrdatum = kmalloc(sizeof(*usrdatum), GFP_KERNEL); | 1256 | usrdatum = kzalloc(sizeof(*usrdatum), GFP_KERNEL); |
1265 | if (!usrdatum) { | 1257 | if (!usrdatum) { |
1266 | rc = -ENOMEM; | 1258 | rc = -ENOMEM; |
1267 | goto out; | 1259 | goto out; |
1268 | } | 1260 | } |
1269 | memset(usrdatum, 0, sizeof(*usrdatum)); | ||
1270 | 1261 | ||
1271 | rc = next_entry(buf, fp, sizeof buf); | 1262 | rc = next_entry(buf, fp, sizeof buf); |
1272 | if (rc < 0) | 1263 | if (rc < 0) |
@@ -1316,12 +1307,11 @@ static int sens_read(struct policydb *p, struct hashtab *h, void *fp) | |||
1316 | __le32 buf[2]; | 1307 | __le32 buf[2]; |
1317 | u32 len; | 1308 | u32 len; |
1318 | 1309 | ||
1319 | levdatum = kmalloc(sizeof(*levdatum), GFP_ATOMIC); | 1310 | levdatum = kzalloc(sizeof(*levdatum), GFP_ATOMIC); |
1320 | if (!levdatum) { | 1311 | if (!levdatum) { |
1321 | rc = -ENOMEM; | 1312 | rc = -ENOMEM; |
1322 | goto out; | 1313 | goto out; |
1323 | } | 1314 | } |
1324 | memset(levdatum, 0, sizeof(*levdatum)); | ||
1325 | 1315 | ||
1326 | rc = next_entry(buf, fp, sizeof buf); | 1316 | rc = next_entry(buf, fp, sizeof buf); |
1327 | if (rc < 0) | 1317 | if (rc < 0) |
@@ -1368,12 +1358,11 @@ static int cat_read(struct policydb *p, struct hashtab *h, void *fp) | |||
1368 | __le32 buf[3]; | 1358 | __le32 buf[3]; |
1369 | u32 len; | 1359 | u32 len; |
1370 | 1360 | ||
1371 | catdatum = kmalloc(sizeof(*catdatum), GFP_ATOMIC); | 1361 | catdatum = kzalloc(sizeof(*catdatum), GFP_ATOMIC); |
1372 | if (!catdatum) { | 1362 | if (!catdatum) { |
1373 | rc = -ENOMEM; | 1363 | rc = -ENOMEM; |
1374 | goto out; | 1364 | goto out; |
1375 | } | 1365 | } |
1376 | memset(catdatum, 0, sizeof(*catdatum)); | ||
1377 | 1366 | ||
1378 | rc = next_entry(buf, fp, sizeof buf); | 1367 | rc = next_entry(buf, fp, sizeof buf); |
1379 | if (rc < 0) | 1368 | if (rc < 0) |
@@ -1567,12 +1556,11 @@ int policydb_read(struct policydb *p, void *fp) | |||
1567 | nel = le32_to_cpu(buf[0]); | 1556 | nel = le32_to_cpu(buf[0]); |
1568 | ltr = NULL; | 1557 | ltr = NULL; |
1569 | for (i = 0; i < nel; i++) { | 1558 | for (i = 0; i < nel; i++) { |
1570 | tr = kmalloc(sizeof(*tr), GFP_KERNEL); | 1559 | tr = kzalloc(sizeof(*tr), GFP_KERNEL); |
1571 | if (!tr) { | 1560 | if (!tr) { |
1572 | rc = -ENOMEM; | 1561 | rc = -ENOMEM; |
1573 | goto bad; | 1562 | goto bad; |
1574 | } | 1563 | } |
1575 | memset(tr, 0, sizeof(*tr)); | ||
1576 | if (ltr) { | 1564 | if (ltr) { |
1577 | ltr->next = tr; | 1565 | ltr->next = tr; |
1578 | } else { | 1566 | } else { |
@@ -1593,12 +1581,11 @@ int policydb_read(struct policydb *p, void *fp) | |||
1593 | nel = le32_to_cpu(buf[0]); | 1581 | nel = le32_to_cpu(buf[0]); |
1594 | lra = NULL; | 1582 | lra = NULL; |
1595 | for (i = 0; i < nel; i++) { | 1583 | for (i = 0; i < nel; i++) { |
1596 | ra = kmalloc(sizeof(*ra), GFP_KERNEL); | 1584 | ra = kzalloc(sizeof(*ra), GFP_KERNEL); |
1597 | if (!ra) { | 1585 | if (!ra) { |
1598 | rc = -ENOMEM; | 1586 | rc = -ENOMEM; |
1599 | goto bad; | 1587 | goto bad; |
1600 | } | 1588 | } |
1601 | memset(ra, 0, sizeof(*ra)); | ||
1602 | if (lra) { | 1589 | if (lra) { |
1603 | lra->next = ra; | 1590 | lra->next = ra; |
1604 | } else { | 1591 | } else { |
@@ -1627,12 +1614,11 @@ int policydb_read(struct policydb *p, void *fp) | |||
1627 | nel = le32_to_cpu(buf[0]); | 1614 | nel = le32_to_cpu(buf[0]); |
1628 | l = NULL; | 1615 | l = NULL; |
1629 | for (j = 0; j < nel; j++) { | 1616 | for (j = 0; j < nel; j++) { |
1630 | c = kmalloc(sizeof(*c), GFP_KERNEL); | 1617 | c = kzalloc(sizeof(*c), GFP_KERNEL); |
1631 | if (!c) { | 1618 | if (!c) { |
1632 | rc = -ENOMEM; | 1619 | rc = -ENOMEM; |
1633 | goto bad; | 1620 | goto bad; |
1634 | } | 1621 | } |
1635 | memset(c, 0, sizeof(*c)); | ||
1636 | if (l) { | 1622 | if (l) { |
1637 | l->next = c; | 1623 | l->next = c; |
1638 | } else { | 1624 | } else { |
@@ -1743,12 +1729,11 @@ int policydb_read(struct policydb *p, void *fp) | |||
1743 | if (rc < 0) | 1729 | if (rc < 0) |
1744 | goto bad; | 1730 | goto bad; |
1745 | len = le32_to_cpu(buf[0]); | 1731 | len = le32_to_cpu(buf[0]); |
1746 | newgenfs = kmalloc(sizeof(*newgenfs), GFP_KERNEL); | 1732 | newgenfs = kzalloc(sizeof(*newgenfs), GFP_KERNEL); |
1747 | if (!newgenfs) { | 1733 | if (!newgenfs) { |
1748 | rc = -ENOMEM; | 1734 | rc = -ENOMEM; |
1749 | goto bad; | 1735 | goto bad; |
1750 | } | 1736 | } |
1751 | memset(newgenfs, 0, sizeof(*newgenfs)); | ||
1752 | 1737 | ||
1753 | newgenfs->fstype = kmalloc(len + 1,GFP_KERNEL); | 1738 | newgenfs->fstype = kmalloc(len + 1,GFP_KERNEL); |
1754 | if (!newgenfs->fstype) { | 1739 | if (!newgenfs->fstype) { |
@@ -1790,12 +1775,11 @@ int policydb_read(struct policydb *p, void *fp) | |||
1790 | goto bad; | 1775 | goto bad; |
1791 | len = le32_to_cpu(buf[0]); | 1776 | len = le32_to_cpu(buf[0]); |
1792 | 1777 | ||
1793 | newc = kmalloc(sizeof(*newc), GFP_KERNEL); | 1778 | newc = kzalloc(sizeof(*newc), GFP_KERNEL); |
1794 | if (!newc) { | 1779 | if (!newc) { |
1795 | rc = -ENOMEM; | 1780 | rc = -ENOMEM; |
1796 | goto bad; | 1781 | goto bad; |
1797 | } | 1782 | } |
1798 | memset(newc, 0, sizeof(*newc)); | ||
1799 | 1783 | ||
1800 | newc->u.name = kmalloc(len + 1,GFP_KERNEL); | 1784 | newc->u.name = kmalloc(len + 1,GFP_KERNEL); |
1801 | if (!newc->u.name) { | 1785 | if (!newc->u.name) { |
@@ -1843,12 +1827,11 @@ int policydb_read(struct policydb *p, void *fp) | |||
1843 | nel = le32_to_cpu(buf[0]); | 1827 | nel = le32_to_cpu(buf[0]); |
1844 | lrt = NULL; | 1828 | lrt = NULL; |
1845 | for (i = 0; i < nel; i++) { | 1829 | for (i = 0; i < nel; i++) { |
1846 | rt = kmalloc(sizeof(*rt), GFP_KERNEL); | 1830 | rt = kzalloc(sizeof(*rt), GFP_KERNEL); |
1847 | if (!rt) { | 1831 | if (!rt) { |
1848 | rc = -ENOMEM; | 1832 | rc = -ENOMEM; |
1849 | goto bad; | 1833 | goto bad; |
1850 | } | 1834 | } |
1851 | memset(rt, 0, sizeof(*rt)); | ||
1852 | if (lrt) | 1835 | if (lrt) |
1853 | lrt->next = rt; | 1836 | lrt->next = rt; |
1854 | else | 1837 | else |
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index aecdded55e74..44eb4d74908d 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
@@ -1531,12 +1531,11 @@ int security_get_user_sids(u32 fromsid, | |||
1531 | } | 1531 | } |
1532 | usercon.user = user->value; | 1532 | usercon.user = user->value; |
1533 | 1533 | ||
1534 | mysids = kmalloc(maxnel*sizeof(*mysids), GFP_ATOMIC); | 1534 | mysids = kcalloc(maxnel, sizeof(*mysids), GFP_ATOMIC); |
1535 | if (!mysids) { | 1535 | if (!mysids) { |
1536 | rc = -ENOMEM; | 1536 | rc = -ENOMEM; |
1537 | goto out_unlock; | 1537 | goto out_unlock; |
1538 | } | 1538 | } |
1539 | memset(mysids, 0, maxnel*sizeof(*mysids)); | ||
1540 | 1539 | ||
1541 | ebitmap_for_each_bit(&user->roles, rnode, i) { | 1540 | ebitmap_for_each_bit(&user->roles, rnode, i) { |
1542 | if (!ebitmap_node_get_bit(rnode, i)) | 1541 | if (!ebitmap_node_get_bit(rnode, i)) |
@@ -1566,13 +1565,12 @@ int security_get_user_sids(u32 fromsid, | |||
1566 | mysids[mynel++] = sid; | 1565 | mysids[mynel++] = sid; |
1567 | } else { | 1566 | } else { |
1568 | maxnel += SIDS_NEL; | 1567 | maxnel += SIDS_NEL; |
1569 | mysids2 = kmalloc(maxnel*sizeof(*mysids2), GFP_ATOMIC); | 1568 | mysids2 = kcalloc(maxnel, sizeof(*mysids2), GFP_ATOMIC); |
1570 | if (!mysids2) { | 1569 | if (!mysids2) { |
1571 | rc = -ENOMEM; | 1570 | rc = -ENOMEM; |
1572 | kfree(mysids); | 1571 | kfree(mysids); |
1573 | goto out_unlock; | 1572 | goto out_unlock; |
1574 | } | 1573 | } |
1575 | memset(mysids2, 0, maxnel*sizeof(*mysids2)); | ||
1576 | memcpy(mysids2, mysids, mynel * sizeof(*mysids2)); | 1574 | memcpy(mysids2, mysids, mynel * sizeof(*mysids2)); |
1577 | kfree(mysids); | 1575 | kfree(mysids); |
1578 | mysids = mysids2; | 1576 | mysids = mysids2; |
@@ -1714,12 +1712,11 @@ int security_get_bools(int *len, char ***names, int **values) | |||
1714 | goto out; | 1712 | goto out; |
1715 | } | 1713 | } |
1716 | 1714 | ||
1717 | *names = (char**)kmalloc(sizeof(char*) * *len, GFP_ATOMIC); | 1715 | *names = (char**)kcalloc(*len, sizeof(char*), GFP_ATOMIC); |
1718 | if (!*names) | 1716 | if (!*names) |
1719 | goto err; | 1717 | goto err; |
1720 | memset(*names, 0, sizeof(char*) * *len); | ||
1721 | 1718 | ||
1722 | *values = (int*)kmalloc(sizeof(int) * *len, GFP_ATOMIC); | 1719 | *values = (int*)kcalloc(*len, sizeof(int), GFP_ATOMIC); |
1723 | if (!*values) | 1720 | if (!*values) |
1724 | goto err; | 1721 | goto err; |
1725 | 1722 | ||