diff options
Diffstat (limited to 'security/tomoyo/file.c')
| -rw-r--r-- | security/tomoyo/file.c | 30 |
1 files changed, 19 insertions, 11 deletions
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c index 6f3fe76a1fde..060bbf3870ce 100644 --- a/security/tomoyo/file.c +++ b/security/tomoyo/file.c | |||
| @@ -100,7 +100,7 @@ static struct tomoyo_path_info *tomoyo_get_path(struct path *path) | |||
| 100 | { | 100 | { |
| 101 | int error; | 101 | int error; |
| 102 | struct tomoyo_path_info_with_data *buf = kzalloc(sizeof(*buf), | 102 | struct tomoyo_path_info_with_data *buf = kzalloc(sizeof(*buf), |
| 103 | GFP_KERNEL); | 103 | GFP_NOFS); |
| 104 | 104 | ||
| 105 | if (!buf) | 105 | if (!buf) |
| 106 | return NULL; | 106 | return NULL; |
| @@ -175,8 +175,9 @@ static int tomoyo_update_globally_readable_entry(const char *filename, | |||
| 175 | if (!saved_filename) | 175 | if (!saved_filename) |
| 176 | return -ENOMEM; | 176 | return -ENOMEM; |
| 177 | if (!is_delete) | 177 | if (!is_delete) |
| 178 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 178 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 179 | mutex_lock(&tomoyo_policy_lock); | 179 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 180 | goto out; | ||
| 180 | list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) { | 181 | list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) { |
| 181 | if (ptr->filename != saved_filename) | 182 | if (ptr->filename != saved_filename) |
| 182 | continue; | 183 | continue; |
| @@ -192,6 +193,7 @@ static int tomoyo_update_globally_readable_entry(const char *filename, | |||
| 192 | error = 0; | 193 | error = 0; |
| 193 | } | 194 | } |
| 194 | mutex_unlock(&tomoyo_policy_lock); | 195 | mutex_unlock(&tomoyo_policy_lock); |
| 196 | out: | ||
| 195 | tomoyo_put_name(saved_filename); | 197 | tomoyo_put_name(saved_filename); |
| 196 | kfree(entry); | 198 | kfree(entry); |
| 197 | return error; | 199 | return error; |
| @@ -322,8 +324,9 @@ static int tomoyo_update_file_pattern_entry(const char *pattern, | |||
| 322 | if (!saved_pattern->is_patterned) | 324 | if (!saved_pattern->is_patterned) |
| 323 | goto out; | 325 | goto out; |
| 324 | if (!is_delete) | 326 | if (!is_delete) |
| 325 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 327 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 326 | mutex_lock(&tomoyo_policy_lock); | 328 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 329 | goto out; | ||
| 327 | list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) { | 330 | list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) { |
| 328 | if (saved_pattern != ptr->pattern) | 331 | if (saved_pattern != ptr->pattern) |
| 329 | continue; | 332 | continue; |
| @@ -475,8 +478,9 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern, | |||
| 475 | if (!saved_pattern) | 478 | if (!saved_pattern) |
| 476 | return error; | 479 | return error; |
| 477 | if (!is_delete) | 480 | if (!is_delete) |
| 478 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 481 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 479 | mutex_lock(&tomoyo_policy_lock); | 482 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 483 | goto out; | ||
| 480 | list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) { | 484 | list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) { |
| 481 | if (ptr->pattern != saved_pattern) | 485 | if (ptr->pattern != saved_pattern) |
| 482 | continue; | 486 | continue; |
| @@ -492,6 +496,7 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern, | |||
| 492 | error = 0; | 496 | error = 0; |
| 493 | } | 497 | } |
| 494 | mutex_unlock(&tomoyo_policy_lock); | 498 | mutex_unlock(&tomoyo_policy_lock); |
| 499 | out: | ||
| 495 | tomoyo_put_name(saved_pattern); | 500 | tomoyo_put_name(saved_pattern); |
| 496 | kfree(entry); | 501 | kfree(entry); |
| 497 | return error; | 502 | return error; |
| @@ -821,8 +826,9 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename, | |||
| 821 | if (!saved_filename) | 826 | if (!saved_filename) |
| 822 | return -ENOMEM; | 827 | return -ENOMEM; |
| 823 | if (!is_delete) | 828 | if (!is_delete) |
| 824 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 829 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 825 | mutex_lock(&tomoyo_policy_lock); | 830 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 831 | goto out; | ||
| 826 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { | 832 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { |
| 827 | struct tomoyo_path_acl *acl = | 833 | struct tomoyo_path_acl *acl = |
| 828 | container_of(ptr, struct tomoyo_path_acl, head); | 834 | container_of(ptr, struct tomoyo_path_acl, head); |
| @@ -867,6 +873,7 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename, | |||
| 867 | error = 0; | 873 | error = 0; |
| 868 | } | 874 | } |
| 869 | mutex_unlock(&tomoyo_policy_lock); | 875 | mutex_unlock(&tomoyo_policy_lock); |
| 876 | out: | ||
| 870 | kfree(entry); | 877 | kfree(entry); |
| 871 | tomoyo_put_name(saved_filename); | 878 | tomoyo_put_name(saved_filename); |
| 872 | return error; | 879 | return error; |
| @@ -907,8 +914,9 @@ static int tomoyo_update_path2_acl(const u8 type, const char *filename1, | |||
| 907 | if (!saved_filename1 || !saved_filename2) | 914 | if (!saved_filename1 || !saved_filename2) |
| 908 | goto out; | 915 | goto out; |
| 909 | if (!is_delete) | 916 | if (!is_delete) |
| 910 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 917 | entry = kmalloc(sizeof(*entry), GFP_NOFS); |
| 911 | mutex_lock(&tomoyo_policy_lock); | 918 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 919 | goto out; | ||
| 912 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { | 920 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { |
| 913 | struct tomoyo_path2_acl *acl = | 921 | struct tomoyo_path2_acl *acl = |
| 914 | container_of(ptr, struct tomoyo_path2_acl, head); | 922 | container_of(ptr, struct tomoyo_path2_acl, head); |