aboutsummaryrefslogtreecommitdiffstats
path: root/security/tomoyo/realpath.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/tomoyo/realpath.c')
-rw-r--r--security/tomoyo/realpath.c30
1 files changed, 24 insertions, 6 deletions
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index c225c65ce426..d1b96f019621 100644
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -139,7 +139,7 @@ int tomoyo_realpath_from_path2(struct path *path, char *newname,
139 */ 139 */
140char *tomoyo_realpath_from_path(struct path *path) 140char *tomoyo_realpath_from_path(struct path *path)
141{ 141{
142 char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_KERNEL); 142 char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_NOFS);
143 143
144 BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer) 144 BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer)
145 <= TOMOYO_MAX_PATHNAME_LEN - 1); 145 <= TOMOYO_MAX_PATHNAME_LEN - 1);
@@ -223,6 +223,25 @@ bool tomoyo_memory_ok(void *ptr)
223} 223}
224 224
225/** 225/**
226 * tomoyo_commit_ok - Check memory quota.
227 *
228 * @data: Data to copy from.
229 * @size: Size in byte.
230 *
231 * Returns pointer to allocated memory on success, NULL otherwise.
232 */
233void *tomoyo_commit_ok(void *data, const unsigned int size)
234{
235 void *ptr = kzalloc(size, GFP_NOFS);
236 if (tomoyo_memory_ok(ptr)) {
237 memmove(ptr, data, size);
238 memset(data, 0, size);
239 return ptr;
240 }
241 return NULL;
242}
243
244/**
226 * tomoyo_memory_free - Free memory for elements. 245 * tomoyo_memory_free - Free memory for elements.
227 * 246 *
228 * @ptr: Pointer to allocated memory. 247 * @ptr: Pointer to allocated memory.
@@ -240,8 +259,6 @@ void tomoyo_memory_free(void *ptr)
240 * "const struct tomoyo_path_info *". 259 * "const struct tomoyo_path_info *".
241 */ 260 */
242struct list_head tomoyo_name_list[TOMOYO_MAX_HASH]; 261struct list_head tomoyo_name_list[TOMOYO_MAX_HASH];
243/* Lock for protecting tomoyo_name_list . */
244DEFINE_MUTEX(tomoyo_name_list_lock);
245 262
246/** 263/**
247 * tomoyo_get_name - Allocate permanent memory for string data. 264 * tomoyo_get_name - Allocate permanent memory for string data.
@@ -263,14 +280,15 @@ const struct tomoyo_path_info *tomoyo_get_name(const char *name)
263 len = strlen(name) + 1; 280 len = strlen(name) + 1;
264 hash = full_name_hash((const unsigned char *) name, len - 1); 281 hash = full_name_hash((const unsigned char *) name, len - 1);
265 head = &tomoyo_name_list[hash_long(hash, TOMOYO_HASH_BITS)]; 282 head = &tomoyo_name_list[hash_long(hash, TOMOYO_HASH_BITS)];
266 mutex_lock(&tomoyo_name_list_lock); 283 if (mutex_lock_interruptible(&tomoyo_policy_lock))
284 return NULL;
267 list_for_each_entry(ptr, head, list) { 285 list_for_each_entry(ptr, head, list) {
268 if (hash != ptr->entry.hash || strcmp(name, ptr->entry.name)) 286 if (hash != ptr->entry.hash || strcmp(name, ptr->entry.name))
269 continue; 287 continue;
270 atomic_inc(&ptr->users); 288 atomic_inc(&ptr->users);
271 goto out; 289 goto out;
272 } 290 }
273 ptr = kzalloc(sizeof(*ptr) + len, GFP_KERNEL); 291 ptr = kzalloc(sizeof(*ptr) + len, GFP_NOFS);
274 allocated_len = ptr ? ksize(ptr) : 0; 292 allocated_len = ptr ? ksize(ptr) : 0;
275 if (!ptr || (tomoyo_quota_for_policy && 293 if (!ptr || (tomoyo_quota_for_policy &&
276 atomic_read(&tomoyo_policy_memory_size) + allocated_len 294 atomic_read(&tomoyo_policy_memory_size) + allocated_len
@@ -290,7 +308,7 @@ const struct tomoyo_path_info *tomoyo_get_name(const char *name)
290 tomoyo_fill_path_info(&ptr->entry); 308 tomoyo_fill_path_info(&ptr->entry);
291 list_add_tail(&ptr->list, head); 309 list_add_tail(&ptr->list, head);
292 out: 310 out:
293 mutex_unlock(&tomoyo_name_list_lock); 311 mutex_unlock(&tomoyo_policy_lock);
294 return ptr ? &ptr->entry : NULL; 312 return ptr ? &ptr->entry : NULL;
295} 313}
296 314
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-14 13:28:49 -0500