diff options
Diffstat (limited to 'security/tomoyo/gc.c')
| -rw-r--r-- | security/tomoyo/gc.c | 73 |
1 files changed, 40 insertions, 33 deletions
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c index 412ee8309c23..782e844dca7f 100644 --- a/security/tomoyo/gc.c +++ b/security/tomoyo/gc.c | |||
| @@ -292,15 +292,12 @@ static bool tomoyo_collect_acl(struct list_head *list) | |||
| 292 | static void tomoyo_collect_entry(void) | 292 | static void tomoyo_collect_entry(void) |
| 293 | { | 293 | { |
| 294 | int i; | 294 | int i; |
| 295 | enum tomoyo_policy_id id; | ||
| 296 | struct tomoyo_policy_namespace *ns; | ||
| 297 | int idx; | ||
| 295 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) | 298 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 296 | return; | 299 | return; |
| 297 | for (i = 0; i < TOMOYO_MAX_POLICY; i++) { | 300 | idx = tomoyo_read_lock(); |
| 298 | if (!tomoyo_collect_member(i, &tomoyo_policy_list[i])) | ||
| 299 | goto unlock; | ||
| 300 | } | ||
| 301 | for (i = 0; i < TOMOYO_MAX_ACL_GROUPS; i++) | ||
| 302 | if (!tomoyo_collect_acl(&tomoyo_acl_group[i])) | ||
| 303 | goto unlock; | ||
| 304 | { | 301 | { |
| 305 | struct tomoyo_domain_info *domain; | 302 | struct tomoyo_domain_info *domain; |
| 306 | list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { | 303 | list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { |
| @@ -317,39 +314,49 @@ static void tomoyo_collect_entry(void) | |||
| 317 | goto unlock; | 314 | goto unlock; |
| 318 | } | 315 | } |
| 319 | } | 316 | } |
| 320 | for (i = 0; i < TOMOYO_MAX_HASH; i++) { | 317 | list_for_each_entry_rcu(ns, &tomoyo_namespace_list, namespace_list) { |
| 321 | struct tomoyo_name *ptr; | 318 | for (id = 0; id < TOMOYO_MAX_POLICY; id++) |
| 322 | list_for_each_entry_rcu(ptr, &tomoyo_name_list[i], head.list) { | 319 | if (!tomoyo_collect_member(id, &ns->policy_list[id])) |
| 323 | if (atomic_read(&ptr->head.users)) | ||
| 324 | continue; | ||
| 325 | if (!tomoyo_add_to_gc(TOMOYO_ID_NAME, &ptr->head.list)) | ||
| 326 | goto unlock; | 320 | goto unlock; |
| 321 | for (i = 0; i < TOMOYO_MAX_ACL_GROUPS; i++) | ||
| 322 | if (!tomoyo_collect_acl(&ns->acl_group[i])) | ||
| 323 | goto unlock; | ||
| 324 | for (i = 0; i < TOMOYO_MAX_GROUP; i++) { | ||
| 325 | struct list_head *list = &ns->group_list[i]; | ||
| 326 | struct tomoyo_group *group; | ||
| 327 | switch (i) { | ||
| 328 | case 0: | ||
| 329 | id = TOMOYO_ID_PATH_GROUP; | ||
| 330 | break; | ||
| 331 | default: | ||
| 332 | id = TOMOYO_ID_NUMBER_GROUP; | ||
| 333 | break; | ||
| 334 | } | ||
| 335 | list_for_each_entry(group, list, head.list) { | ||
| 336 | if (!tomoyo_collect_member | ||
| 337 | (id, &group->member_list)) | ||
| 338 | goto unlock; | ||
| 339 | if (!list_empty(&group->member_list) || | ||
| 340 | atomic_read(&group->head.users)) | ||
| 341 | continue; | ||
| 342 | if (!tomoyo_add_to_gc(TOMOYO_ID_GROUP, | ||
| 343 | &group->head.list)) | ||
| 344 | goto unlock; | ||
| 345 | } | ||
| 327 | } | 346 | } |
| 328 | } | 347 | } |
| 329 | for (i = 0; i < TOMOYO_MAX_GROUP; i++) { | 348 | for (i = 0; i < TOMOYO_MAX_HASH; i++) { |
| 330 | struct list_head *list = &tomoyo_group_list[i]; | 349 | struct list_head *list = &tomoyo_name_list[i]; |
| 331 | int id; | 350 | struct tomoyo_shared_acl_head *ptr; |
| 332 | struct tomoyo_group *group; | 351 | list_for_each_entry(ptr, list, list) { |
| 333 | switch (i) { | 352 | if (atomic_read(&ptr->users)) |
| 334 | case 0: | ||
| 335 | id = TOMOYO_ID_PATH_GROUP; | ||
| 336 | break; | ||
| 337 | default: | ||
| 338 | id = TOMOYO_ID_NUMBER_GROUP; | ||
| 339 | break; | ||
| 340 | } | ||
| 341 | list_for_each_entry(group, list, head.list) { | ||
| 342 | if (!tomoyo_collect_member(id, &group->member_list)) | ||
| 343 | goto unlock; | ||
| 344 | if (!list_empty(&group->member_list) || | ||
| 345 | atomic_read(&group->head.users)) | ||
| 346 | continue; | 353 | continue; |
| 347 | if (!tomoyo_add_to_gc(TOMOYO_ID_GROUP, | 354 | if (!tomoyo_add_to_gc(TOMOYO_ID_NAME, &ptr->list)) |
| 348 | &group->head.list)) | ||
| 349 | goto unlock; | 355 | goto unlock; |
| 350 | } | 356 | } |
| 351 | } | 357 | } |
| 352 | unlock: | 358 | unlock: |
| 359 | tomoyo_read_unlock(idx); | ||
| 353 | mutex_unlock(&tomoyo_policy_lock); | 360 | mutex_unlock(&tomoyo_policy_lock); |
| 354 | } | 361 | } |
| 355 | 362 | ||