diff options
Diffstat (limited to 'security/tomoyo/realpath.c')
-rw-r--r-- | security/tomoyo/realpath.c | 65 |
1 files changed, 20 insertions, 45 deletions
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c index 9105e5e29da9..54226d5be493 100644 --- a/security/tomoyo/realpath.c +++ b/security/tomoyo/realpath.c | |||
@@ -212,57 +212,32 @@ static unsigned int tomoyo_allocated_memory_for_elements; | |||
212 | static unsigned int tomoyo_quota_for_elements; | 212 | static unsigned int tomoyo_quota_for_elements; |
213 | 213 | ||
214 | /** | 214 | /** |
215 | * tomoyo_alloc_element - Allocate permanent memory for structures. | 215 | * tomoyo_memory_ok - Check memory quota. |
216 | * | 216 | * |
217 | * @size: Size in bytes. | 217 | * @ptr: Pointer to allocated memory. |
218 | * | 218 | * |
219 | * Returns pointer to allocated memory on success, NULL otherwise. | 219 | * Returns true on success, false otherwise. |
220 | * | 220 | * |
221 | * Memory has to be zeroed. | 221 | * Caller holds tomoyo_policy_lock. |
222 | * The RAM is chunked, so NEVER try to kfree() the returned pointer. | 222 | * Memory pointed by @ptr will be zeroed on success. |
223 | */ | 223 | */ |
224 | void *tomoyo_alloc_element(const unsigned int size) | 224 | bool tomoyo_memory_ok(void *ptr) |
225 | { | 225 | { |
226 | static char *buf; | 226 | int allocated_len = ptr ? ksize(ptr) : 0; |
227 | static DEFINE_MUTEX(lock); | 227 | bool result = false; |
228 | static unsigned int buf_used_len = PATH_MAX; | 228 | if (!ptr || (tomoyo_quota_for_elements && |
229 | char *ptr = NULL; | 229 | tomoyo_allocated_memory_for_elements |
230 | /*Assumes sizeof(void *) >= sizeof(long) is true. */ | 230 | + allocated_len > tomoyo_quota_for_elements)) { |
231 | const unsigned int word_aligned_size | 231 | printk(KERN_WARNING "ERROR: Out of memory " |
232 | = roundup(size, max(sizeof(void *), sizeof(long))); | 232 | "for tomoyo_alloc_element().\n"); |
233 | if (word_aligned_size > PATH_MAX) | 233 | if (!tomoyo_policy_loaded) |
234 | return NULL; | 234 | panic("MAC Initialization failed.\n"); |
235 | mutex_lock(&lock); | 235 | } else { |
236 | if (buf_used_len + word_aligned_size > PATH_MAX) { | 236 | result = true; |
237 | if (!tomoyo_quota_for_elements || | 237 | tomoyo_allocated_memory_for_elements += allocated_len; |
238 | tomoyo_allocated_memory_for_elements | 238 | memset(ptr, 0, allocated_len); |
239 | + PATH_MAX <= tomoyo_quota_for_elements) | ||
240 | ptr = kzalloc(PATH_MAX, GFP_KERNEL); | ||
241 | if (!ptr) { | ||
242 | printk(KERN_WARNING "ERROR: Out of memory " | ||
243 | "for tomoyo_alloc_element().\n"); | ||
244 | if (!tomoyo_policy_loaded) | ||
245 | panic("MAC Initialization failed.\n"); | ||
246 | } else { | ||
247 | buf = ptr; | ||
248 | tomoyo_allocated_memory_for_elements += PATH_MAX; | ||
249 | buf_used_len = word_aligned_size; | ||
250 | ptr = buf; | ||
251 | } | ||
252 | } else if (word_aligned_size) { | ||
253 | int i; | ||
254 | ptr = buf + buf_used_len; | ||
255 | buf_used_len += word_aligned_size; | ||
256 | for (i = 0; i < word_aligned_size; i++) { | ||
257 | if (!ptr[i]) | ||
258 | continue; | ||
259 | printk(KERN_ERR "WARNING: Reserved memory was tainted! " | ||
260 | "The system might go wrong.\n"); | ||
261 | ptr[i] = '\0'; | ||
262 | } | ||
263 | } | 239 | } |
264 | mutex_unlock(&lock); | 240 | return result; |
265 | return ptr; | ||
266 | } | 241 | } |
267 | 242 | ||
268 | /* Memory allocated for string data in bytes. */ | 243 | /* Memory allocated for string data in bytes. */ |