diff options
Diffstat (limited to 'security/tomoyo')
| -rw-r--r-- | security/tomoyo/common.c | 22 | ||||
| -rw-r--r-- | security/tomoyo/common.h | 2 | ||||
| -rw-r--r-- | security/tomoyo/domain.c | 8 | ||||
| -rw-r--r-- | security/tomoyo/file.c | 15 | ||||
| -rw-r--r-- | security/tomoyo/realpath.c | 45 | ||||
| -rw-r--r-- | security/tomoyo/realpath.h | 8 |
6 files changed, 29 insertions, 71 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index e331e699cf54..ef6622300a81 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
| @@ -750,7 +750,7 @@ bool tomoyo_io_printf(struct tomoyo_io_buffer *head, const char *fmt, ...) | |||
| 750 | * | 750 | * |
| 751 | * Returns the tomoyo_realpath() of current process on success, NULL otherwise. | 751 | * Returns the tomoyo_realpath() of current process on success, NULL otherwise. |
| 752 | * | 752 | * |
| 753 | * This function uses tomoyo_alloc(), so the caller must call tomoyo_free() | 753 | * This function uses kzalloc(), so the caller must call kfree() |
| 754 | * if this function didn't return NULL. | 754 | * if this function didn't return NULL. |
| 755 | */ | 755 | */ |
| 756 | static const char *tomoyo_get_exe(void) | 756 | static const char *tomoyo_get_exe(void) |
| @@ -1248,7 +1248,7 @@ static bool tomoyo_is_policy_manager(void) | |||
| 1248 | last_pid = pid; | 1248 | last_pid = pid; |
| 1249 | } | 1249 | } |
| 1250 | } | 1250 | } |
| 1251 | tomoyo_free(exe); | 1251 | kfree(exe); |
| 1252 | return found; | 1252 | return found; |
| 1253 | } | 1253 | } |
| 1254 | 1254 | ||
| @@ -1931,7 +1931,7 @@ static int tomoyo_read_self_domain(struct tomoyo_io_buffer *head) | |||
| 1931 | */ | 1931 | */ |
| 1932 | static int tomoyo_open_control(const u8 type, struct file *file) | 1932 | static int tomoyo_open_control(const u8 type, struct file *file) |
| 1933 | { | 1933 | { |
| 1934 | struct tomoyo_io_buffer *head = tomoyo_alloc(sizeof(*head)); | 1934 | struct tomoyo_io_buffer *head = kzalloc(sizeof(*head), GFP_KERNEL); |
| 1935 | 1935 | ||
| 1936 | if (!head) | 1936 | if (!head) |
| 1937 | return -ENOMEM; | 1937 | return -ENOMEM; |
| @@ -1992,9 +1992,9 @@ static int tomoyo_open_control(const u8 type, struct file *file) | |||
| 1992 | } else { | 1992 | } else { |
| 1993 | if (!head->readbuf_size) | 1993 | if (!head->readbuf_size) |
| 1994 | head->readbuf_size = 4096 * 2; | 1994 | head->readbuf_size = 4096 * 2; |
| 1995 | head->read_buf = tomoyo_alloc(head->readbuf_size); | 1995 | head->read_buf = kzalloc(head->readbuf_size, GFP_KERNEL); |
| 1996 | if (!head->read_buf) { | 1996 | if (!head->read_buf) { |
| 1997 | tomoyo_free(head); | 1997 | kfree(head); |
| 1998 | return -ENOMEM; | 1998 | return -ENOMEM; |
| 1999 | } | 1999 | } |
| 2000 | } | 2000 | } |
| @@ -2006,10 +2006,10 @@ static int tomoyo_open_control(const u8 type, struct file *file) | |||
| 2006 | head->write = NULL; | 2006 | head->write = NULL; |
| 2007 | } else if (head->write) { | 2007 | } else if (head->write) { |
| 2008 | head->writebuf_size = 4096 * 2; | 2008 | head->writebuf_size = 4096 * 2; |
| 2009 | head->write_buf = tomoyo_alloc(head->writebuf_size); | 2009 | head->write_buf = kzalloc(head->writebuf_size, GFP_KERNEL); |
| 2010 | if (!head->write_buf) { | 2010 | if (!head->write_buf) { |
| 2011 | tomoyo_free(head->read_buf); | 2011 | kfree(head->read_buf); |
| 2012 | tomoyo_free(head); | 2012 | kfree(head); |
| 2013 | return -ENOMEM; | 2013 | return -ENOMEM; |
| 2014 | } | 2014 | } |
| 2015 | } | 2015 | } |
| @@ -2141,11 +2141,11 @@ static int tomoyo_close_control(struct file *file) | |||
| 2141 | 2141 | ||
| 2142 | tomoyo_read_unlock(head->reader_idx); | 2142 | tomoyo_read_unlock(head->reader_idx); |
| 2143 | /* Release memory used for policy I/O. */ | 2143 | /* Release memory used for policy I/O. */ |
| 2144 | tomoyo_free(head->read_buf); | 2144 | kfree(head->read_buf); |
| 2145 | head->read_buf = NULL; | 2145 | head->read_buf = NULL; |
| 2146 | tomoyo_free(head->write_buf); | 2146 | kfree(head->write_buf); |
| 2147 | head->write_buf = NULL; | 2147 | head->write_buf = NULL; |
| 2148 | tomoyo_free(head); | 2148 | kfree(head); |
| 2149 | head = NULL; | 2149 | head = NULL; |
| 2150 | file->private_data = NULL; | 2150 | file->private_data = NULL; |
| 2151 | return 0; | 2151 | return 0; |
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 610a6a056828..8b59ec8fe11e 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h | |||
| @@ -89,7 +89,7 @@ struct tomoyo_path_info { | |||
| 89 | * "struct tomoyo_path_info_with_data". | 89 | * "struct tomoyo_path_info_with_data". |
| 90 | */ | 90 | */ |
| 91 | struct tomoyo_path_info_with_data { | 91 | struct tomoyo_path_info_with_data { |
| 92 | /* Keep "head" first, for this pointer is passed to tomoyo_free(). */ | 92 | /* Keep "head" first, for this pointer is passed to kfree(). */ |
| 93 | struct tomoyo_path_info head; | 93 | struct tomoyo_path_info head; |
| 94 | char barrier1[16]; /* Safeguard for overrun. */ | 94 | char barrier1[16]; /* Safeguard for overrun. */ |
| 95 | char body[TOMOYO_MAX_PATHNAME_LEN]; | 95 | char body[TOMOYO_MAX_PATHNAME_LEN]; |
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index a55a1cced58e..34843971cc60 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c | |||
| @@ -787,7 +787,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
| 787 | * This function assumes that the size of buffer returned by | 787 | * This function assumes that the size of buffer returned by |
| 788 | * tomoyo_realpath() = TOMOYO_MAX_PATHNAME_LEN. | 788 | * tomoyo_realpath() = TOMOYO_MAX_PATHNAME_LEN. |
| 789 | */ | 789 | */ |
| 790 | struct tomoyo_page_buffer *tmp = tomoyo_alloc(sizeof(*tmp)); | 790 | struct tomoyo_page_buffer *tmp = kzalloc(sizeof(*tmp), GFP_KERNEL); |
| 791 | struct tomoyo_domain_info *old_domain = tomoyo_domain(); | 791 | struct tomoyo_domain_info *old_domain = tomoyo_domain(); |
| 792 | struct tomoyo_domain_info *domain = NULL; | 792 | struct tomoyo_domain_info *domain = NULL; |
| 793 | const char *old_domain_name = old_domain->domainname->name; | 793 | const char *old_domain_name = old_domain->domainname->name; |
| @@ -902,8 +902,8 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
| 902 | if (!domain) | 902 | if (!domain) |
| 903 | domain = old_domain; | 903 | domain = old_domain; |
| 904 | bprm->cred->security = domain; | 904 | bprm->cred->security = domain; |
| 905 | tomoyo_free(real_program_name); | 905 | kfree(real_program_name); |
| 906 | tomoyo_free(symlink_program_name); | 906 | kfree(symlink_program_name); |
| 907 | tomoyo_free(tmp); | 907 | kfree(tmp); |
| 908 | return retval; | 908 | return retval; |
| 909 | } | 909 | } |
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c index cfcb096ee97a..24af081f1af9 100644 --- a/security/tomoyo/file.c +++ b/security/tomoyo/file.c | |||
| @@ -150,7 +150,8 @@ static bool tomoyo_strendswith(const char *name, const char *tail) | |||
| 150 | static struct tomoyo_path_info *tomoyo_get_path(struct path *path) | 150 | static struct tomoyo_path_info *tomoyo_get_path(struct path *path) |
| 151 | { | 151 | { |
| 152 | int error; | 152 | int error; |
| 153 | struct tomoyo_path_info_with_data *buf = tomoyo_alloc(sizeof(*buf)); | 153 | struct tomoyo_path_info_with_data *buf = kzalloc(sizeof(*buf), |
| 154 | GFP_KERNEL); | ||
| 154 | 155 | ||
| 155 | if (!buf) | 156 | if (!buf) |
| 156 | return NULL; | 157 | return NULL; |
| @@ -162,7 +163,7 @@ static struct tomoyo_path_info *tomoyo_get_path(struct path *path) | |||
| 162 | tomoyo_fill_path_info(&buf->head); | 163 | tomoyo_fill_path_info(&buf->head); |
| 163 | return &buf->head; | 164 | return &buf->head; |
| 164 | } | 165 | } |
| 165 | tomoyo_free(buf); | 166 | kfree(buf); |
| 166 | return NULL; | 167 | return NULL; |
| 167 | } | 168 | } |
| 168 | 169 | ||
| @@ -1227,7 +1228,7 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, | |||
| 1227 | TOMOYO_TYPE_TRUNCATE_ACL, | 1228 | TOMOYO_TYPE_TRUNCATE_ACL, |
| 1228 | buf, mode); | 1229 | buf, mode); |
| 1229 | out: | 1230 | out: |
| 1230 | tomoyo_free(buf); | 1231 | kfree(buf); |
| 1231 | tomoyo_read_unlock(idx); | 1232 | tomoyo_read_unlock(idx); |
| 1232 | if (!is_enforce) | 1233 | if (!is_enforce) |
| 1233 | error = 0; | 1234 | error = 0; |
| @@ -1273,7 +1274,7 @@ int tomoyo_check_1path_perm(struct tomoyo_domain_info *domain, | |||
| 1273 | error = tomoyo_check_single_path_permission2(domain, operation, buf, | 1274 | error = tomoyo_check_single_path_permission2(domain, operation, buf, |
| 1274 | mode); | 1275 | mode); |
| 1275 | out: | 1276 | out: |
| 1276 | tomoyo_free(buf); | 1277 | kfree(buf); |
| 1277 | tomoyo_read_unlock(idx); | 1278 | tomoyo_read_unlock(idx); |
| 1278 | if (!is_enforce) | 1279 | if (!is_enforce) |
| 1279 | error = 0; | 1280 | error = 0; |
| @@ -1312,7 +1313,7 @@ int tomoyo_check_rewrite_permission(struct tomoyo_domain_info *domain, | |||
| 1312 | TOMOYO_TYPE_REWRITE_ACL, | 1313 | TOMOYO_TYPE_REWRITE_ACL, |
| 1313 | buf, mode); | 1314 | buf, mode); |
| 1314 | out: | 1315 | out: |
| 1315 | tomoyo_free(buf); | 1316 | kfree(buf); |
| 1316 | tomoyo_read_unlock(idx); | 1317 | tomoyo_read_unlock(idx); |
| 1317 | if (!is_enforce) | 1318 | if (!is_enforce) |
| 1318 | error = 0; | 1319 | error = 0; |
| @@ -1379,8 +1380,8 @@ int tomoyo_check_2path_perm(struct tomoyo_domain_info * const domain, | |||
| 1379 | false); | 1380 | false); |
| 1380 | } | 1381 | } |
| 1381 | out: | 1382 | out: |
| 1382 | tomoyo_free(buf1); | 1383 | kfree(buf1); |
| 1383 | tomoyo_free(buf2); | 1384 | kfree(buf2); |
| 1384 | tomoyo_read_unlock(idx); | 1385 | tomoyo_read_unlock(idx); |
| 1385 | if (!is_enforce) | 1386 | if (!is_enforce) |
| 1386 | error = 0; | 1387 | error = 0; |
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c index 54226d5be493..92460c7ded67 100644 --- a/security/tomoyo/realpath.c +++ b/security/tomoyo/realpath.c | |||
| @@ -150,12 +150,12 @@ int tomoyo_realpath_from_path2(struct path *path, char *newname, | |||
| 150 | * | 150 | * |
| 151 | * Returns the realpath of the given @path on success, NULL otherwise. | 151 | * Returns the realpath of the given @path on success, NULL otherwise. |
| 152 | * | 152 | * |
| 153 | * These functions use tomoyo_alloc(), so the caller must call tomoyo_free() | 153 | * These functions use kzalloc(), so the caller must call kfree() |
| 154 | * if these functions didn't return NULL. | 154 | * if these functions didn't return NULL. |
| 155 | */ | 155 | */ |
| 156 | char *tomoyo_realpath_from_path(struct path *path) | 156 | char *tomoyo_realpath_from_path(struct path *path) |
| 157 | { | 157 | { |
| 158 | char *buf = tomoyo_alloc(sizeof(struct tomoyo_page_buffer)); | 158 | char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_KERNEL); |
| 159 | 159 | ||
| 160 | BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer) | 160 | BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer) |
| 161 | <= TOMOYO_MAX_PATHNAME_LEN - 1); | 161 | <= TOMOYO_MAX_PATHNAME_LEN - 1); |
| @@ -164,7 +164,7 @@ char *tomoyo_realpath_from_path(struct path *path) | |||
| 164 | if (tomoyo_realpath_from_path2(path, buf, | 164 | if (tomoyo_realpath_from_path2(path, buf, |
| 165 | TOMOYO_MAX_PATHNAME_LEN - 1) == 0) | 165 | TOMOYO_MAX_PATHNAME_LEN - 1) == 0) |
| 166 | return buf; | 166 | return buf; |
| 167 | tomoyo_free(buf); | 167 | kfree(buf); |
| 168 | return NULL; | 168 | return NULL; |
| 169 | } | 169 | } |
| 170 | 170 | ||
| @@ -346,39 +346,6 @@ void __init tomoyo_realpath_init(void) | |||
| 346 | panic("Can't register tomoyo_kernel_domain"); | 346 | panic("Can't register tomoyo_kernel_domain"); |
| 347 | } | 347 | } |
| 348 | 348 | ||
| 349 | /* Memory allocated for temporary purpose. */ | ||
| 350 | static atomic_t tomoyo_dynamic_memory_size; | ||
| 351 | |||
| 352 | /** | ||
| 353 | * tomoyo_alloc - Allocate memory for temporary purpose. | ||
| 354 | * | ||
| 355 | * @size: Size in bytes. | ||
| 356 | * | ||
| 357 | * Returns pointer to allocated memory on success, NULL otherwise. | ||
| 358 | */ | ||
| 359 | void *tomoyo_alloc(const size_t size) | ||
| 360 | { | ||
| 361 | void *p = kzalloc(size, GFP_KERNEL); | ||
| 362 | if (p) | ||
| 363 | atomic_add(ksize(p), &tomoyo_dynamic_memory_size); | ||
| 364 | return p; | ||
| 365 | } | ||
| 366 | |||
| 367 | /** | ||
| 368 | * tomoyo_free - Release memory allocated by tomoyo_alloc(). | ||
| 369 | * | ||
| 370 | * @p: Pointer returned by tomoyo_alloc(). May be NULL. | ||
| 371 | * | ||
| 372 | * Returns nothing. | ||
| 373 | */ | ||
| 374 | void tomoyo_free(const void *p) | ||
| 375 | { | ||
| 376 | if (p) { | ||
| 377 | atomic_sub(ksize(p), &tomoyo_dynamic_memory_size); | ||
| 378 | kfree(p); | ||
| 379 | } | ||
| 380 | } | ||
| 381 | |||
| 382 | /** | 349 | /** |
| 383 | * tomoyo_read_memory_counter - Check for memory usage in bytes. | 350 | * tomoyo_read_memory_counter - Check for memory usage in bytes. |
| 384 | * | 351 | * |
| @@ -393,8 +360,6 @@ int tomoyo_read_memory_counter(struct tomoyo_io_buffer *head) | |||
| 393 | = tomoyo_allocated_memory_for_savename; | 360 | = tomoyo_allocated_memory_for_savename; |
| 394 | const unsigned int private | 361 | const unsigned int private |
| 395 | = tomoyo_allocated_memory_for_elements; | 362 | = tomoyo_allocated_memory_for_elements; |
| 396 | const unsigned int dynamic | ||
| 397 | = atomic_read(&tomoyo_dynamic_memory_size); | ||
| 398 | char buffer[64]; | 363 | char buffer[64]; |
| 399 | 364 | ||
| 400 | memset(buffer, 0, sizeof(buffer)); | 365 | memset(buffer, 0, sizeof(buffer)); |
| @@ -412,9 +377,7 @@ int tomoyo_read_memory_counter(struct tomoyo_io_buffer *head) | |||
| 412 | else | 377 | else |
| 413 | buffer[0] = '\0'; | 378 | buffer[0] = '\0'; |
| 414 | tomoyo_io_printf(head, "Private: %10u%s\n", private, buffer); | 379 | tomoyo_io_printf(head, "Private: %10u%s\n", private, buffer); |
| 415 | tomoyo_io_printf(head, "Dynamic: %10u\n", dynamic); | 380 | tomoyo_io_printf(head, "Total: %10u\n", shared + private); |
| 416 | tomoyo_io_printf(head, "Total: %10u\n", | ||
| 417 | shared + private + dynamic); | ||
| 418 | head->read_eof = true; | 381 | head->read_eof = true; |
| 419 | } | 382 | } |
| 420 | return 0; | 383 | return 0; |
diff --git a/security/tomoyo/realpath.h b/security/tomoyo/realpath.h index 47b4f59dad6f..da4f06ff6f8d 100644 --- a/security/tomoyo/realpath.h +++ b/security/tomoyo/realpath.h | |||
| @@ -25,7 +25,7 @@ int tomoyo_realpath_from_path2(struct path *path, char *newname, | |||
| 25 | 25 | ||
| 26 | /* | 26 | /* |
| 27 | * Returns realpath(3) of the given pathname but ignores chroot'ed root. | 27 | * Returns realpath(3) of the given pathname but ignores chroot'ed root. |
| 28 | * These functions use tomoyo_alloc(), so the caller must call tomoyo_free() | 28 | * These functions use kzalloc(), so the caller must call kfree() |
| 29 | * if these functions didn't return NULL. | 29 | * if these functions didn't return NULL. |
| 30 | */ | 30 | */ |
| 31 | char *tomoyo_realpath(const char *pathname); | 31 | char *tomoyo_realpath(const char *pathname); |
| @@ -45,12 +45,6 @@ bool tomoyo_memory_ok(void *ptr); | |||
| 45 | */ | 45 | */ |
| 46 | const struct tomoyo_path_info *tomoyo_save_name(const char *name); | 46 | const struct tomoyo_path_info *tomoyo_save_name(const char *name); |
| 47 | 47 | ||
| 48 | /* Allocate memory for temporary use (e.g. permission checks). */ | ||
| 49 | void *tomoyo_alloc(const size_t size); | ||
| 50 | |||
| 51 | /* Free memory allocated by tomoyo_alloc(). */ | ||
| 52 | void tomoyo_free(const void *p); | ||
| 53 | |||
| 54 | /* Check for memory usage. */ | 48 | /* Check for memory usage. */ |
| 55 | int tomoyo_read_memory_counter(struct tomoyo_io_buffer *head); | 49 | int tomoyo_read_memory_counter(struct tomoyo_io_buffer *head); |
| 56 | 50 | ||