aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/capability.c74
-rw-r--r--security/commoncap.c6
-rw-r--r--security/device_cgroup.c2
-rw-r--r--security/integrity/ima/Kconfig5
-rw-r--r--security/integrity/ima/ima.h2
-rw-r--r--security/integrity/ima/ima_audit.c2
-rw-r--r--security/integrity/ima/ima_crypto.c4
-rw-r--r--security/integrity/ima/ima_fs.c38
-rw-r--r--security/integrity/ima/ima_iint.c6
-rw-r--r--security/integrity/ima/ima_init.c2
-rw-r--r--security/integrity/ima/ima_main.c2
-rw-r--r--security/integrity/ima/ima_policy.c107
-rw-r--r--security/integrity/ima/ima_queue.c4
-rw-r--r--security/keys/key.c2
-rw-r--r--security/keys/keyctl.c65
-rw-r--r--security/keys/keyring.c47
-rw-r--r--security/keys/permission.c2
-rw-r--r--security/keys/proc.c2
-rw-r--r--security/keys/request_key.c24
-rw-r--r--security/lsm_audit.c2
-rw-r--r--security/min_addr.c2
-rw-r--r--security/security.c71
-rw-r--r--security/selinux/avc.c3
-rw-r--r--security/selinux/hooks.c66
-rw-r--r--security/selinux/include/initial_sid_to_string.h2
-rw-r--r--security/selinux/include/netlabel.h8
-rw-r--r--security/selinux/netlabel.c14
-rw-r--r--security/selinux/netlink.c1
-rw-r--r--security/selinux/nlmsgtab.c1
-rw-r--r--security/selinux/selinuxfs.c44
-rw-r--r--security/selinux/ss/mls.c2
-rw-r--r--security/selinux/ss/policydb.c6
-rw-r--r--security/selinux/ss/services.c49
-rw-r--r--security/smack/smack_lsm.c11
-rw-r--r--security/tomoyo/common.c33
-rw-r--r--security/tomoyo/common.h1
-rw-r--r--security/tomoyo/domain.c25
-rw-r--r--security/tomoyo/file.c30
-rw-r--r--security/tomoyo/gc.c7
-rw-r--r--security/tomoyo/realpath.c11
40 files changed, 355 insertions, 430 deletions
diff --git a/security/capability.c b/security/capability.c
index 4875142b858d..7f093d573ede 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -12,11 +12,6 @@
12 12
13#include <linux/security.h> 13#include <linux/security.h>
14 14
15static int cap_acct(struct file *file)
16{
17 return 0;
18}
19
20static int cap_sysctl(ctl_table *table, int op) 15static int cap_sysctl(ctl_table *table, int op)
21{ 16{
22 return 0; 17 return 0;
@@ -80,42 +75,16 @@ static int cap_sb_mount(char *dev_name, struct path *path, char *type,
80 return 0; 75 return 0;
81} 76}
82 77
83static int cap_sb_check_sb(struct vfsmount *mnt, struct path *path)
84{
85 return 0;
86}
87
88static int cap_sb_umount(struct vfsmount *mnt, int flags) 78static int cap_sb_umount(struct vfsmount *mnt, int flags)
89{ 79{
90 return 0; 80 return 0;
91} 81}
92 82
93static void cap_sb_umount_close(struct vfsmount *mnt)
94{
95}
96
97static void cap_sb_umount_busy(struct vfsmount *mnt)
98{
99}
100
101static void cap_sb_post_remount(struct vfsmount *mnt, unsigned long flags,
102 void *data)
103{
104}
105
106static void cap_sb_post_addmount(struct vfsmount *mnt, struct path *path)
107{
108}
109
110static int cap_sb_pivotroot(struct path *old_path, struct path *new_path) 83static int cap_sb_pivotroot(struct path *old_path, struct path *new_path)
111{ 84{
112 return 0; 85 return 0;
113} 86}
114 87
115static void cap_sb_post_pivotroot(struct path *old_path, struct path *new_path)
116{
117}
118
119static int cap_sb_set_mnt_opts(struct super_block *sb, 88static int cap_sb_set_mnt_opts(struct super_block *sb,
120 struct security_mnt_opts *opts) 89 struct security_mnt_opts *opts)
121{ 90{
@@ -221,10 +190,6 @@ static int cap_inode_getattr(struct vfsmount *mnt, struct dentry *dentry)
221 return 0; 190 return 0;
222} 191}
223 192
224static void cap_inode_delete(struct inode *ino)
225{
226}
227
228static void cap_inode_post_setxattr(struct dentry *dentry, const char *name, 193static void cap_inode_post_setxattr(struct dentry *dentry, const char *name,
229 const void *value, size_t size, int flags) 194 const void *value, size_t size, int flags)
230{ 195{
@@ -403,10 +368,6 @@ static int cap_cred_prepare(struct cred *new, const struct cred *old, gfp_t gfp)
403 return 0; 368 return 0;
404} 369}
405 370
406static void cap_cred_commit(struct cred *new, const struct cred *old)
407{
408}
409
410static void cap_cred_transfer(struct cred *new, const struct cred *old) 371static void cap_cred_transfer(struct cred *new, const struct cred *old)
411{ 372{
412} 373}
@@ -426,16 +387,6 @@ static int cap_kernel_module_request(char *kmod_name)
426 return 0; 387 return 0;
427} 388}
428 389
429static int cap_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags)
430{
431 return 0;
432}
433
434static int cap_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags)
435{
436 return 0;
437}
438
439static int cap_task_setpgid(struct task_struct *p, pid_t pgid) 390static int cap_task_setpgid(struct task_struct *p, pid_t pgid)
440{ 391{
441 return 0; 392 return 0;
@@ -456,11 +407,6 @@ static void cap_task_getsecid(struct task_struct *p, u32 *secid)
456 *secid = 0; 407 *secid = 0;
457} 408}
458 409
459static int cap_task_setgroups(struct group_info *group_info)
460{
461 return 0;
462}
463
464static int cap_task_getioprio(struct task_struct *p) 410static int cap_task_getioprio(struct task_struct *p)
465{ 411{
466 return 0; 412 return 0;
@@ -875,13 +821,6 @@ static int cap_key_getsecurity(struct key *key, char **_buffer)
875 return 0; 821 return 0;
876} 822}
877 823
878static int cap_key_session_to_parent(const struct cred *cred,
879 const struct cred *parent_cred,
880 struct key *key)
881{
882 return 0;
883}
884
885#endif /* CONFIG_KEYS */ 824#endif /* CONFIG_KEYS */
886 825
887#ifdef CONFIG_AUDIT 826#ifdef CONFIG_AUDIT
@@ -921,7 +860,6 @@ void security_fixup_ops(struct security_operations *ops)
921 set_to_cap_if_null(ops, ptrace_traceme); 860 set_to_cap_if_null(ops, ptrace_traceme);
922 set_to_cap_if_null(ops, capget); 861 set_to_cap_if_null(ops, capget);
923 set_to_cap_if_null(ops, capset); 862 set_to_cap_if_null(ops, capset);
924 set_to_cap_if_null(ops, acct);
925 set_to_cap_if_null(ops, capable); 863 set_to_cap_if_null(ops, capable);
926 set_to_cap_if_null(ops, quotactl); 864 set_to_cap_if_null(ops, quotactl);
927 set_to_cap_if_null(ops, quota_on); 865 set_to_cap_if_null(ops, quota_on);
@@ -941,14 +879,8 @@ void security_fixup_ops(struct security_operations *ops)
941 set_to_cap_if_null(ops, sb_show_options); 879 set_to_cap_if_null(ops, sb_show_options);
942 set_to_cap_if_null(ops, sb_statfs); 880 set_to_cap_if_null(ops, sb_statfs);
943 set_to_cap_if_null(ops, sb_mount); 881 set_to_cap_if_null(ops, sb_mount);
944 set_to_cap_if_null(ops, sb_check_sb);
945 set_to_cap_if_null(ops, sb_umount); 882 set_to_cap_if_null(ops, sb_umount);
946 set_to_cap_if_null(ops, sb_umount_close);
947 set_to_cap_if_null(ops, sb_umount_busy);
948 set_to_cap_if_null(ops, sb_post_remount);
949 set_to_cap_if_null(ops, sb_post_addmount);
950 set_to_cap_if_null(ops, sb_pivotroot); 883 set_to_cap_if_null(ops, sb_pivotroot);
951 set_to_cap_if_null(ops, sb_post_pivotroot);
952 set_to_cap_if_null(ops, sb_set_mnt_opts); 884 set_to_cap_if_null(ops, sb_set_mnt_opts);
953 set_to_cap_if_null(ops, sb_clone_mnt_opts); 885 set_to_cap_if_null(ops, sb_clone_mnt_opts);
954 set_to_cap_if_null(ops, sb_parse_opts_str); 886 set_to_cap_if_null(ops, sb_parse_opts_str);
@@ -968,7 +900,6 @@ void security_fixup_ops(struct security_operations *ops)
968 set_to_cap_if_null(ops, inode_permission); 900 set_to_cap_if_null(ops, inode_permission);
969 set_to_cap_if_null(ops, inode_setattr); 901 set_to_cap_if_null(ops, inode_setattr);
970 set_to_cap_if_null(ops, inode_getattr); 902 set_to_cap_if_null(ops, inode_getattr);
971 set_to_cap_if_null(ops, inode_delete);
972 set_to_cap_if_null(ops, inode_setxattr); 903 set_to_cap_if_null(ops, inode_setxattr);
973 set_to_cap_if_null(ops, inode_post_setxattr); 904 set_to_cap_if_null(ops, inode_post_setxattr);
974 set_to_cap_if_null(ops, inode_getxattr); 905 set_to_cap_if_null(ops, inode_getxattr);
@@ -1009,19 +940,15 @@ void security_fixup_ops(struct security_operations *ops)
1009 set_to_cap_if_null(ops, cred_alloc_blank); 940 set_to_cap_if_null(ops, cred_alloc_blank);
1010 set_to_cap_if_null(ops, cred_free); 941 set_to_cap_if_null(ops, cred_free);
1011 set_to_cap_if_null(ops, cred_prepare); 942 set_to_cap_if_null(ops, cred_prepare);
1012 set_to_cap_if_null(ops, cred_commit);
1013 set_to_cap_if_null(ops, cred_transfer); 943 set_to_cap_if_null(ops, cred_transfer);
1014 set_to_cap_if_null(ops, kernel_act_as); 944 set_to_cap_if_null(ops, kernel_act_as);
1015 set_to_cap_if_null(ops, kernel_create_files_as); 945 set_to_cap_if_null(ops, kernel_create_files_as);
1016 set_to_cap_if_null(ops, kernel_module_request); 946 set_to_cap_if_null(ops, kernel_module_request);
1017 set_to_cap_if_null(ops, task_setuid);
1018 set_to_cap_if_null(ops, task_fix_setuid); 947 set_to_cap_if_null(ops, task_fix_setuid);
1019 set_to_cap_if_null(ops, task_setgid);
1020 set_to_cap_if_null(ops, task_setpgid); 948 set_to_cap_if_null(ops, task_setpgid);
1021 set_to_cap_if_null(ops, task_getpgid); 949 set_to_cap_if_null(ops, task_getpgid);
1022 set_to_cap_if_null(ops, task_getsid); 950 set_to_cap_if_null(ops, task_getsid);
1023 set_to_cap_if_null(ops, task_getsecid); 951 set_to_cap_if_null(ops, task_getsecid);
1024 set_to_cap_if_null(ops, task_setgroups);
1025 set_to_cap_if_null(ops, task_setnice); 952 set_to_cap_if_null(ops, task_setnice);
1026 set_to_cap_if_null(ops, task_setioprio); 953 set_to_cap_if_null(ops, task_setioprio);
1027 set_to_cap_if_null(ops, task_getioprio); 954 set_to_cap_if_null(ops, task_getioprio);
@@ -1113,7 +1040,6 @@ void security_fixup_ops(struct security_operations *ops)
1113 set_to_cap_if_null(ops, key_free); 1040 set_to_cap_if_null(ops, key_free);
1114 set_to_cap_if_null(ops, key_permission); 1041 set_to_cap_if_null(ops, key_permission);
1115 set_to_cap_if_null(ops, key_getsecurity); 1042 set_to_cap_if_null(ops, key_getsecurity);
1116 set_to_cap_if_null(ops, key_session_to_parent);
1117#endif /* CONFIG_KEYS */ 1043#endif /* CONFIG_KEYS */
1118#ifdef CONFIG_AUDIT 1044#ifdef CONFIG_AUDIT
1119 set_to_cap_if_null(ops, audit_rule_init); 1045 set_to_cap_if_null(ops, audit_rule_init);
diff --git a/security/commoncap.c b/security/commoncap.c
index 61669730da98..4e015996dd4d 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -570,7 +570,7 @@ int cap_inode_setxattr(struct dentry *dentry, const char *name,
570 } 570 }
571 571
572 if (!strncmp(name, XATTR_SECURITY_PREFIX, 572 if (!strncmp(name, XATTR_SECURITY_PREFIX,
573 sizeof(XATTR_SECURITY_PREFIX) - 1) && 573 sizeof(XATTR_SECURITY_PREFIX) - 1) &&
574 !capable(CAP_SYS_ADMIN)) 574 !capable(CAP_SYS_ADMIN))
575 return -EPERM; 575 return -EPERM;
576 return 0; 576 return 0;
@@ -596,7 +596,7 @@ int cap_inode_removexattr(struct dentry *dentry, const char *name)
596 } 596 }
597 597
598 if (!strncmp(name, XATTR_SECURITY_PREFIX, 598 if (!strncmp(name, XATTR_SECURITY_PREFIX,
599 sizeof(XATTR_SECURITY_PREFIX) - 1) && 599 sizeof(XATTR_SECURITY_PREFIX) - 1) &&
600 !capable(CAP_SYS_ADMIN)) 600 !capable(CAP_SYS_ADMIN))
601 return -EPERM; 601 return -EPERM;
602 return 0; 602 return 0;
@@ -931,7 +931,7 @@ int cap_vm_enough_memory(struct mm_struct *mm, long pages)
931 * @addr: address attempting to be mapped 931 * @addr: address attempting to be mapped
932 * @addr_only: unused 932 * @addr_only: unused
933 * 933 *
934 * If the process is attempting to map memory below mmap_min_addr they need 934 * If the process is attempting to map memory below dac_mmap_min_addr they need
935 * CAP_SYS_RAWIO. The other parameters to this function are unused by the 935 * CAP_SYS_RAWIO. The other parameters to this function are unused by the
936 * capability security module. Returns 0 if this mapping should be allowed 936 * capability security module. Returns 0 if this mapping should be allowed
937 * -EPERM if not. 937 * -EPERM if not.
diff --git a/security/device_cgroup.c b/security/device_cgroup.c
index f77c60423992..8d9c48f13774 100644
--- a/security/device_cgroup.c
+++ b/security/device_cgroup.c
@@ -470,7 +470,7 @@ struct cgroup_subsys devices_subsys = {
470 .name = "devices", 470 .name = "devices",
471 .can_attach = devcgroup_can_attach, 471 .can_attach = devcgroup_can_attach,
472 .create = devcgroup_create, 472 .create = devcgroup_create,
473 .destroy = devcgroup_destroy, 473 .destroy = devcgroup_destroy,
474 .populate = devcgroup_populate, 474 .populate = devcgroup_populate,
475 .subsys_id = devices_subsys_id, 475 .subsys_id = devices_subsys_id,
476}; 476};
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index 3d7846de8069..b6ecfd4d8d78 100644
--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig
@@ -2,15 +2,14 @@
2# 2#
3config IMA 3config IMA
4 bool "Integrity Measurement Architecture(IMA)" 4 bool "Integrity Measurement Architecture(IMA)"
5 depends on ACPI
6 depends on SECURITY 5 depends on SECURITY
7 select SECURITYFS 6 select SECURITYFS
8 select CRYPTO 7 select CRYPTO
9 select CRYPTO_HMAC 8 select CRYPTO_HMAC
10 select CRYPTO_MD5 9 select CRYPTO_MD5
11 select CRYPTO_SHA1 10 select CRYPTO_SHA1
12 select TCG_TPM 11 select TCG_TPM if !S390
13 select TCG_TIS 12 select TCG_TIS if TCG_TPM
14 help 13 help
15 The Trusted Computing Group(TCG) runtime Integrity 14 The Trusted Computing Group(TCG) runtime Integrity
16 Measurement Architecture(IMA) maintains a list of hash 15 Measurement Architecture(IMA) maintains a list of hash
diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
index 47fb65d1fcbd..16d100d3fc38 100644
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -135,7 +135,7 @@ enum ima_hooks { FILE_CHECK = 1, FILE_MMAP, BPRM_CHECK };
135int ima_match_policy(struct inode *inode, enum ima_hooks func, int mask); 135int ima_match_policy(struct inode *inode, enum ima_hooks func, int mask);
136void ima_init_policy(void); 136void ima_init_policy(void);
137void ima_update_policy(void); 137void ima_update_policy(void);
138int ima_parse_add_rule(char *); 138ssize_t ima_parse_add_rule(char *);
139void ima_delete_rules(void); 139void ima_delete_rules(void);
140 140
141/* LSM based policy rules require audit */ 141/* LSM based policy rules require audit */
diff --git a/security/integrity/ima/ima_audit.c b/security/integrity/ima/ima_audit.c
index 5af76340470c..c5c5a72c30be 100644
--- a/security/integrity/ima/ima_audit.c
+++ b/security/integrity/ima/ima_audit.c
@@ -41,7 +41,7 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
41 return; 41 return;
42 42
43 ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno); 43 ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno);
44 audit_log_format(ab, "integrity: pid=%d uid=%u auid=%u ses=%u", 44 audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u",
45 current->pid, current_cred()->uid, 45 current->pid, current_cred()->uid,
46 audit_get_loginuid(current), 46 audit_get_loginuid(current),
47 audit_get_sessionid(current)); 47 audit_get_sessionid(current));
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index 952e51373f58..9b3ade7468b2 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c
@@ -27,7 +27,7 @@ static int init_desc(struct hash_desc *desc)
27 27
28 desc->tfm = crypto_alloc_hash(ima_hash, 0, CRYPTO_ALG_ASYNC); 28 desc->tfm = crypto_alloc_hash(ima_hash, 0, CRYPTO_ALG_ASYNC);
29 if (IS_ERR(desc->tfm)) { 29 if (IS_ERR(desc->tfm)) {
30 pr_info("failed to load %s transform: %ld\n", 30 pr_info("IMA: failed to load %s transform: %ld\n",
31 ima_hash, PTR_ERR(desc->tfm)); 31 ima_hash, PTR_ERR(desc->tfm));
32 rc = PTR_ERR(desc->tfm); 32 rc = PTR_ERR(desc->tfm);
33 return rc; 33 return rc;
@@ -112,7 +112,7 @@ static void __init ima_pcrread(int idx, u8 *pcr)
112 return; 112 return;
113 113
114 if (tpm_pcr_read(TPM_ANY_NUM, idx, pcr) != 0) 114 if (tpm_pcr_read(TPM_ANY_NUM, idx, pcr) != 0)
115 pr_err("Error Communicating to TPM chip\n"); 115 pr_err("IMA: Error Communicating to TPM chip\n");
116} 116}
117 117
118/* 118/*
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index 07cb9c338cc4..8fe736aabe71 100644
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -244,32 +244,34 @@ static const struct file_operations ima_ascii_measurements_ops = {
244static ssize_t ima_write_policy(struct file *file, const char __user *buf, 244static ssize_t ima_write_policy(struct file *file, const char __user *buf,
245 size_t datalen, loff_t *ppos) 245 size_t datalen, loff_t *ppos)
246{ 246{
247 char *data; 247 char *data = NULL;
248 int rc; 248 ssize_t result;
249 249
250 if (datalen >= PAGE_SIZE) 250 if (datalen >= PAGE_SIZE)
251 return -ENOMEM; 251 datalen = PAGE_SIZE - 1;
252 if (*ppos != 0) { 252
253 /* No partial writes. */ 253 /* No partial writes. */
254 return -EINVAL; 254 result = -EINVAL;
255 } 255 if (*ppos != 0)
256 goto out;
257
258 result = -ENOMEM;
256 data = kmalloc(datalen + 1, GFP_KERNEL); 259 data = kmalloc(datalen + 1, GFP_KERNEL);
257 if (!data) 260 if (!data)
258 return -ENOMEM; 261 goto out;
259 262
260 if (copy_from_user(data, buf, datalen)) {
261 kfree(data);
262 return -EFAULT;
263 }
264 *(data + datalen) = '\0'; 263 *(data + datalen) = '\0';
265 rc = ima_parse_add_rule(data);
266 if (rc < 0) {
267 datalen = -EINVAL;
268 valid_policy = 0;
269 }
270 264
265 result = -EFAULT;
266 if (copy_from_user(data, buf, datalen))
267 goto out;
268
269 result = ima_parse_add_rule(data);
270out:
271 if (result < 0)
272 valid_policy = 0;
271 kfree(data); 273 kfree(data);
272 return datalen; 274 return result;
273} 275}
274 276
275static struct dentry *ima_dir; 277static struct dentry *ima_dir;
diff --git a/security/integrity/ima/ima_iint.c b/security/integrity/ima/ima_iint.c
index 2c744d488014..2dc2d6594145 100644
--- a/security/integrity/ima/ima_iint.c
+++ b/security/integrity/ima/ima_iint.c
@@ -80,17 +80,17 @@ void iint_free(struct kref *kref)
80 iint->version = 0; 80 iint->version = 0;
81 iint->flags = 0UL; 81 iint->flags = 0UL;
82 if (iint->readcount != 0) { 82 if (iint->readcount != 0) {
83 printk(KERN_INFO "%s: readcount: %ld\n", __FUNCTION__, 83 printk(KERN_INFO "%s: readcount: %ld\n", __func__,
84 iint->readcount); 84 iint->readcount);
85 iint->readcount = 0; 85 iint->readcount = 0;
86 } 86 }
87 if (iint->writecount != 0) { 87 if (iint->writecount != 0) {
88 printk(KERN_INFO "%s: writecount: %ld\n", __FUNCTION__, 88 printk(KERN_INFO "%s: writecount: %ld\n", __func__,
89 iint->writecount); 89 iint->writecount);
90 iint->writecount = 0; 90 iint->writecount = 0;
91 } 91 }
92 if (iint->opencount != 0) { 92 if (iint->opencount != 0) {
93 printk(KERN_INFO "%s: opencount: %ld\n", __FUNCTION__, 93 printk(KERN_INFO "%s: opencount: %ld\n", __func__,
94 iint->opencount); 94 iint->opencount);
95 iint->opencount = 0; 95 iint->opencount = 0;
96 } 96 }
diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c
index b1bcb702a27c..17f1f060306f 100644
--- a/security/integrity/ima/ima_init.c
+++ b/security/integrity/ima/ima_init.c
@@ -83,7 +83,7 @@ int __init ima_init(void)
83 ima_used_chip = 1; 83 ima_used_chip = 1;
84 84
85 if (!ima_used_chip) 85 if (!ima_used_chip)
86 pr_info("No TPM chip found, activating TPM-bypass!\n"); 86 pr_info("IMA: No TPM chip found, activating TPM-bypass!\n");
87 87
88 ima_add_boot_aggregate(); /* boot aggregate must be first entry */ 88 ima_add_boot_aggregate(); /* boot aggregate must be first entry */
89 ima_init_policy(); 89 ima_init_policy();
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index b2c89d9de2a4..f93641382e9f 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -195,7 +195,7 @@ static void ima_dec_counts(struct ima_iint_cache *iint, struct inode *inode,
195 (iint->writecount < 0)) && 195 (iint->writecount < 0)) &&
196 !ima_limit_imbalance(file)) { 196 !ima_limit_imbalance(file)) {
197 printk(KERN_INFO "%s: open/free imbalance (r:%ld w:%ld o:%ld)\n", 197 printk(KERN_INFO "%s: open/free imbalance (r:%ld w:%ld o:%ld)\n",
198 __FUNCTION__, iint->readcount, iint->writecount, 198 __func__, iint->readcount, iint->writecount,
199 iint->opencount); 199 iint->opencount);
200 dump_stack(); 200 dump_stack();
201 } 201 }
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index 8643a93c5963..aef8c0a923ab 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -246,6 +246,9 @@ static int ima_lsm_rule_init(struct ima_measure_rule_entry *entry,
246{ 246{
247 int result; 247 int result;
248 248
249 if (entry->lsm[lsm_rule].rule)
250 return -EINVAL;
251
249 entry->lsm[lsm_rule].type = audit_type; 252 entry->lsm[lsm_rule].type = audit_type;
250 result = security_filter_rule_init(entry->lsm[lsm_rule].type, 253 result = security_filter_rule_init(entry->lsm[lsm_rule].type,
251 Audit_equal, args, 254 Audit_equal, args,
@@ -253,6 +256,13 @@ static int ima_lsm_rule_init(struct ima_measure_rule_entry *entry,
253 return result; 256 return result;
254} 257}
255 258
259static void ima_log_string(struct audit_buffer *ab, char *key, char *value)
260{
261 audit_log_format(ab, "%s=", key);
262 audit_log_untrustedstring(ab, value);
263 audit_log_format(ab, " ");
264}
265
256static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry) 266static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry)
257{ 267{
258 struct audit_buffer *ab; 268 struct audit_buffer *ab;
@@ -261,28 +271,41 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry)
261 271
262 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_INTEGRITY_RULE); 272 ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_INTEGRITY_RULE);
263 273
264 entry->action = -1; 274 entry->uid = -1;
265 while ((p = strsep(&rule, " \n")) != NULL) { 275 entry->action = UNKNOWN;
276 while ((p = strsep(&rule, " \t")) != NULL) {
266 substring_t args[MAX_OPT_ARGS]; 277 substring_t args[MAX_OPT_ARGS];
267 int token; 278 int token;
268 unsigned long lnum; 279 unsigned long lnum;
269 280
270 if (result < 0) 281 if (result < 0)
271 break; 282 break;
272 if (!*p) 283 if ((*p == '\0') || (*p == ' ') || (*p == '\t'))
273 continue; 284 continue;
274 token = match_token(p, policy_tokens, args); 285 token = match_token(p, policy_tokens, args);
275 switch (token) { 286 switch (token) {
276 case Opt_measure: 287 case Opt_measure:
277 audit_log_format(ab, "%s ", "measure"); 288 ima_log_string(ab, "action", "measure");
289
290 if (entry->action != UNKNOWN)
291 result = -EINVAL;
292
278 entry->action = MEASURE; 293 entry->action = MEASURE;
279 break; 294 break;
280 case Opt_dont_measure: 295 case Opt_dont_measure:
281 audit_log_format(ab, "%s ", "dont_measure"); 296 ima_log_string(ab, "action", "dont_measure");
297
298 if (entry->action != UNKNOWN)
299 result = -EINVAL;
300
282 entry->action = DONT_MEASURE; 301 entry->action = DONT_MEASURE;
283 break; 302 break;
284 case Opt_func: 303 case Opt_func:
285 audit_log_format(ab, "func=%s ", args[0].from); 304 ima_log_string(ab, "func", args[0].from);
305
306 if (entry->func)
307 result = -EINVAL;
308
286 if (strcmp(args[0].from, "FILE_CHECK") == 0) 309 if (strcmp(args[0].from, "FILE_CHECK") == 0)
287 entry->func = FILE_CHECK; 310 entry->func = FILE_CHECK;
288 /* PATH_CHECK is for backwards compat */ 311 /* PATH_CHECK is for backwards compat */
@@ -298,7 +321,11 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry)
298 entry->flags |= IMA_FUNC; 321 entry->flags |= IMA_FUNC;
299 break; 322 break;
300 case Opt_mask: 323 case Opt_mask:
301 audit_log_format(ab, "mask=%s ", args[0].from); 324 ima_log_string(ab, "mask", args[0].from);
325
326 if (entry->mask)
327 result = -EINVAL;
328
302 if ((strcmp(args[0].from, "MAY_EXEC")) == 0) 329 if ((strcmp(args[0].from, "MAY_EXEC")) == 0)
303 entry->mask = MAY_EXEC; 330 entry->mask = MAY_EXEC;
304 else if (strcmp(args[0].from, "MAY_WRITE") == 0) 331 else if (strcmp(args[0].from, "MAY_WRITE") == 0)
@@ -313,14 +340,26 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry)
313 entry->flags |= IMA_MASK; 340 entry->flags |= IMA_MASK;
314 break; 341 break;
315 case Opt_fsmagic: 342 case Opt_fsmagic:
316 audit_log_format(ab, "fsmagic=%s ", args[0].from); 343 ima_log_string(ab, "fsmagic", args[0].from);
344
345 if (entry->fsmagic) {
346 result = -EINVAL;
347 break;
348 }
349
317 result = strict_strtoul(args[0].from, 16, 350 result = strict_strtoul(args[0].from, 16,
318 &entry->fsmagic); 351 &entry->fsmagic);
319 if (!result) 352 if (!result)
320 entry->flags |= IMA_FSMAGIC; 353 entry->flags |= IMA_FSMAGIC;
321 break; 354 break;
322 case Opt_uid: 355 case Opt_uid:
323 audit_log_format(ab, "uid=%s ", args[0].from); 356 ima_log_string(ab, "uid", args[0].from);
357
358 if (entry->uid != -1) {
359 result = -EINVAL;
360 break;
361 }
362
324 result = strict_strtoul(args[0].from, 10, &lnum); 363 result = strict_strtoul(args[0].from, 10, &lnum);
325 if (!result) { 364 if (!result) {
326 entry->uid = (uid_t) lnum; 365 entry->uid = (uid_t) lnum;
@@ -331,50 +370,51 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry)
331 } 370 }
332 break; 371 break;
333 case Opt_obj_user: 372 case Opt_obj_user:
334 audit_log_format(ab, "obj_user=%s ", args[0].from); 373 ima_log_string(ab, "obj_user", args[0].from);
335 result = ima_lsm_rule_init(entry, args[0].from, 374 result = ima_lsm_rule_init(entry, args[0].from,
336 LSM_OBJ_USER, 375 LSM_OBJ_USER,
337 AUDIT_OBJ_USER); 376 AUDIT_OBJ_USER);
338 break; 377 break;
339 case Opt_obj_role: 378 case Opt_obj_role:
340 audit_log_format(ab, "obj_role=%s ", args[0].from); 379 ima_log_string(ab, "obj_role", args[0].from);
341 result = ima_lsm_rule_init(entry, args[0].from, 380 result = ima_lsm_rule_init(entry, args[0].from,
342 LSM_OBJ_ROLE, 381 LSM_OBJ_ROLE,
343 AUDIT_OBJ_ROLE); 382 AUDIT_OBJ_ROLE);
344 break; 383 break;
345 case Opt_obj_type: 384 case Opt_obj_type:
346 audit_log_format(ab, "obj_type=%s ", args[0].from); 385 ima_log_string(ab, "obj_type", args[0].from);
347 result = ima_lsm_rule_init(entry, args[0].from, 386 result = ima_lsm_rule_init(entry, args[0].from,
348 LSM_OBJ_TYPE, 387 LSM_OBJ_TYPE,
349 AUDIT_OBJ_TYPE); 388 AUDIT_OBJ_TYPE);
350 break; 389 break;
351 case Opt_subj_user: 390 case Opt_subj_user:
352 audit_log_format(ab, "subj_user=%s ", args[0].from); 391 ima_log_string(ab, "subj_user", args[0].from);
353 result = ima_lsm_rule_init(entry, args[0].from, 392 result = ima_lsm_rule_init(entry, args[0].from,
354 LSM_SUBJ_USER, 393 LSM_SUBJ_USER,
355 AUDIT_SUBJ_USER); 394 AUDIT_SUBJ_USER);
356 break; 395 break;
357 case Opt_subj_role: 396 case Opt_subj_role:
358 audit_log_format(ab, "subj_role=%s ", args[0].from); 397 ima_log_string(ab, "subj_role", args[0].from);
359 result = ima_lsm_rule_init(entry, args[0].from, 398 result = ima_lsm_rule_init(entry, args[0].from,
360 LSM_SUBJ_ROLE, 399 LSM_SUBJ_ROLE,
361 AUDIT_SUBJ_ROLE); 400 AUDIT_SUBJ_ROLE);
362 break; 401 break;
363 case Opt_subj_type: 402 case Opt_subj_type:
364 audit_log_format(ab, "subj_type=%s ", args[0].from); 403 ima_log_string(ab, "subj_type", args[0].from);
365 result = ima_lsm_rule_init(entry, args[0].from, 404 result = ima_lsm_rule_init(entry, args[0].from,
366 LSM_SUBJ_TYPE, 405 LSM_SUBJ_TYPE,
367 AUDIT_SUBJ_TYPE); 406 AUDIT_SUBJ_TYPE);
368 break; 407 break;
369 case Opt_err: 408 case Opt_err:
370 audit_log_format(ab, "UNKNOWN=%s ", p); 409 ima_log_string(ab, "UNKNOWN", p);
410 result = -EINVAL;
371 break; 411 break;
372 } 412 }
373 } 413 }
374 if (entry->action == UNKNOWN) 414 if (!result && (entry->action == UNKNOWN))
375 result = -EINVAL; 415 result = -EINVAL;
376 416
377 audit_log_format(ab, "res=%d", !result ? 0 : 1); 417 audit_log_format(ab, "res=%d", !!result);
378 audit_log_end(ab); 418 audit_log_end(ab);
379 return result; 419 return result;
380} 420}
@@ -384,13 +424,14 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry)
384 * @rule - ima measurement policy rule 424 * @rule - ima measurement policy rule
385 * 425 *
386 * Uses a mutex to protect the policy list from multiple concurrent writers. 426 * Uses a mutex to protect the policy list from multiple concurrent writers.
387 * Returns 0 on success, an error code on failure. 427 * Returns the length of the rule parsed, an error code on failure
388 */ 428 */
389int ima_parse_add_rule(char *rule) 429ssize_t ima_parse_add_rule(char *rule)
390{ 430{
391 const char *op = "update_policy"; 431 const char *op = "update_policy";
432 char *p;
392 struct ima_measure_rule_entry *entry; 433 struct ima_measure_rule_entry *entry;
393 int result = 0; 434 ssize_t result, len;
394 int audit_info = 0; 435 int audit_info = 0;
395 436
396 /* Prevent installed policy from changing */ 437 /* Prevent installed policy from changing */
@@ -410,18 +451,28 @@ int ima_parse_add_rule(char *rule)
410 451
411 INIT_LIST_HEAD(&entry->list); 452 INIT_LIST_HEAD(&entry->list);
412 453
413 result = ima_parse_rule(rule, entry); 454 p = strsep(&rule, "\n");
414 if (!result) { 455 len = strlen(p) + 1;
415 mutex_lock(&ima_measure_mutex); 456
416 list_add_tail(&entry->list, &measure_policy_rules); 457 if (*p == '#') {
417 mutex_unlock(&ima_measure_mutex); 458 kfree(entry);
418 } else { 459 return len;
460 }
461
462 result = ima_parse_rule(p, entry);
463 if (result) {
419 kfree(entry); 464 kfree(entry);
420 integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, 465 integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL,
421 NULL, op, "invalid policy", result, 466 NULL, op, "invalid policy", result,
422 audit_info); 467 audit_info);
468 return result;
423 } 469 }
424 return result; 470
471 mutex_lock(&ima_measure_mutex);
472 list_add_tail(&entry->list, &measure_policy_rules);
473 mutex_unlock(&ima_measure_mutex);
474
475 return len;
425} 476}
426 477
427/* ima_delete_rules called to cleanup invalid policy */ 478/* ima_delete_rules called to cleanup invalid policy */
diff --git a/security/integrity/ima/ima_queue.c b/security/integrity/ima/ima_queue.c
index 46ba62b1adf5..8e28f04a5e2e 100644
--- a/security/integrity/ima/ima_queue.c
+++ b/security/integrity/ima/ima_queue.c
@@ -71,7 +71,7 @@ static int ima_add_digest_entry(struct ima_template_entry *entry)
71 71
72 qe = kmalloc(sizeof(*qe), GFP_KERNEL); 72 qe = kmalloc(sizeof(*qe), GFP_KERNEL);
73 if (qe == NULL) { 73 if (qe == NULL) {
74 pr_err("OUT OF MEMORY ERROR creating queue entry.\n"); 74 pr_err("IMA: OUT OF MEMORY ERROR creating queue entry.\n");
75 return -ENOMEM; 75 return -ENOMEM;
76 } 76 }
77 qe->entry = entry; 77 qe->entry = entry;
@@ -94,7 +94,7 @@ static int ima_pcr_extend(const u8 *hash)
94 94
95 result = tpm_pcr_extend(TPM_ANY_NUM, CONFIG_IMA_MEASURE_PCR_IDX, hash); 95 result = tpm_pcr_extend(TPM_ANY_NUM, CONFIG_IMA_MEASURE_PCR_IDX, hash);
96 if (result != 0) 96 if (result != 0)
97 pr_err("Error Communicating to TPM chip\n"); 97 pr_err("IMA: Error Communicating to TPM chip\n");
98 return result; 98 return result;
99} 99}
100 100
diff --git a/security/keys/key.c b/security/keys/key.c
index e50d264c9ad1..c70da6fb82ce 100644
--- a/security/keys/key.c
+++ b/security/keys/key.c
@@ -355,7 +355,7 @@ EXPORT_SYMBOL(key_alloc);
355 */ 355 */
356int key_payload_reserve(struct key *key, size_t datalen) 356int key_payload_reserve(struct key *key, size_t datalen)
357{ 357{
358 int delta = (int) datalen - key->datalen; 358 int delta = (int)datalen - key->datalen;
359 int ret = 0; 359 int ret = 0;
360 360
361 key_check(key); 361 key_check(key);
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index e9c2e7c584d9..8f4dce1987c4 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -212,15 +212,15 @@ SYSCALL_DEFINE4(request_key, const char __user *, _type,
212 ret = key->serial; 212 ret = key->serial;
213 213
214 key_put(key); 214 key_put(key);
215 error5: 215error5:
216 key_type_put(ktype); 216 key_type_put(ktype);
217 error4: 217error4:
218 key_ref_put(dest_ref); 218 key_ref_put(dest_ref);
219 error3: 219error3:
220 kfree(callout_info); 220 kfree(callout_info);
221 error2: 221error2:
222 kfree(description); 222 kfree(description);
223 error: 223error:
224 return ret; 224 return ret;
225 225
226} /* end sys_request_key() */ 226} /* end sys_request_key() */
@@ -246,7 +246,7 @@ long keyctl_get_keyring_ID(key_serial_t id, int create)
246 246
247 ret = key_ref_to_ptr(key_ref)->serial; 247 ret = key_ref_to_ptr(key_ref)->serial;
248 key_ref_put(key_ref); 248 key_ref_put(key_ref);
249 error: 249error:
250 return ret; 250 return ret;
251 251
252} /* end keyctl_get_keyring_ID() */ 252} /* end keyctl_get_keyring_ID() */
@@ -275,7 +275,7 @@ long keyctl_join_session_keyring(const char __user *_name)
275 ret = join_session_keyring(name); 275 ret = join_session_keyring(name);
276 kfree(name); 276 kfree(name);
277 277
278 error: 278error:
279 return ret; 279 return ret;
280 280
281} /* end keyctl_join_session_keyring() */ 281} /* end keyctl_join_session_keyring() */
@@ -322,9 +322,9 @@ long keyctl_update_key(key_serial_t id,
322 ret = key_update(key_ref, payload, plen); 322 ret = key_update(key_ref, payload, plen);
323 323
324 key_ref_put(key_ref); 324 key_ref_put(key_ref);
325 error2: 325error2:
326 kfree(payload); 326 kfree(payload);
327 error: 327error:
328 return ret; 328 return ret;
329 329
330} /* end keyctl_update_key() */ 330} /* end keyctl_update_key() */
@@ -356,7 +356,7 @@ long keyctl_revoke_key(key_serial_t id)
356 ret = 0; 356 ret = 0;
357 357
358 key_ref_put(key_ref); 358 key_ref_put(key_ref);
359 error: 359error:
360 return ret; 360 return ret;
361 361
362} /* end keyctl_revoke_key() */ 362} /* end keyctl_revoke_key() */
@@ -381,7 +381,7 @@ long keyctl_keyring_clear(key_serial_t ringid)
381 ret = keyring_clear(key_ref_to_ptr(keyring_ref)); 381 ret = keyring_clear(key_ref_to_ptr(keyring_ref));
382 382
383 key_ref_put(keyring_ref); 383 key_ref_put(keyring_ref);
384 error: 384error:
385 return ret; 385 return ret;
386 386
387} /* end keyctl_keyring_clear() */ 387} /* end keyctl_keyring_clear() */
@@ -413,9 +413,9 @@ long keyctl_keyring_link(key_serial_t id, key_serial_t ringid)
413 ret = key_link(key_ref_to_ptr(keyring_ref), key_ref_to_ptr(key_ref)); 413 ret = key_link(key_ref_to_ptr(keyring_ref), key_ref_to_ptr(key_ref));
414 414
415 key_ref_put(key_ref); 415 key_ref_put(key_ref);
416 error2: 416error2:
417 key_ref_put(keyring_ref); 417 key_ref_put(keyring_ref);
418 error: 418error:
419 return ret; 419 return ret;
420 420
421} /* end keyctl_keyring_link() */ 421} /* end keyctl_keyring_link() */
@@ -447,9 +447,9 @@ long keyctl_keyring_unlink(key_serial_t id, key_serial_t ringid)
447 ret = key_unlink(key_ref_to_ptr(keyring_ref), key_ref_to_ptr(key_ref)); 447 ret = key_unlink(key_ref_to_ptr(keyring_ref), key_ref_to_ptr(key_ref));
448 448
449 key_ref_put(key_ref); 449 key_ref_put(key_ref);
450 error2: 450error2:
451 key_ref_put(keyring_ref); 451 key_ref_put(keyring_ref);
452 error: 452error:
453 return ret; 453 return ret;
454 454
455} /* end keyctl_keyring_unlink() */ 455} /* end keyctl_keyring_unlink() */
@@ -529,9 +529,9 @@ okay:
529 } 529 }
530 530
531 kfree(tmpbuf); 531 kfree(tmpbuf);
532 error2: 532error2:
533 key_ref_put(key_ref); 533 key_ref_put(key_ref);
534 error: 534error:
535 return ret; 535 return ret;
536 536
537} /* end keyctl_describe_key() */ 537} /* end keyctl_describe_key() */
@@ -616,17 +616,17 @@ long keyctl_keyring_search(key_serial_t ringid,
616 616
617 ret = key_ref_to_ptr(key_ref)->serial; 617 ret = key_ref_to_ptr(key_ref)->serial;
618 618
619 error6: 619error6:
620 key_ref_put(key_ref); 620 key_ref_put(key_ref);
621 error5: 621error5:
622 key_type_put(ktype); 622 key_type_put(ktype);
623 error4: 623error4:
624 key_ref_put(dest_ref); 624 key_ref_put(dest_ref);
625 error3: 625error3:
626 key_ref_put(keyring_ref); 626 key_ref_put(keyring_ref);
627 error2: 627error2:
628 kfree(description); 628 kfree(description);
629 error: 629error:
630 return ret; 630 return ret;
631 631
632} /* end keyctl_keyring_search() */ 632} /* end keyctl_keyring_search() */
@@ -673,7 +673,7 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen)
673 } 673 }
674 674
675 /* the key is probably readable - now try to read it */ 675 /* the key is probably readable - now try to read it */
676 can_read_key: 676can_read_key:
677 ret = key_validate(key); 677 ret = key_validate(key);
678 if (ret == 0) { 678 if (ret == 0) {
679 ret = -EOPNOTSUPP; 679 ret = -EOPNOTSUPP;
@@ -686,9 +686,9 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen)
686 } 686 }
687 } 687 }
688 688
689 error2: 689error2:
690 key_put(key); 690 key_put(key);
691 error: 691error:
692 return ret; 692 return ret;
693 693
694} /* end keyctl_read_key() */ 694} /* end keyctl_read_key() */
@@ -1282,26 +1282,19 @@ long keyctl_session_to_parent(void)
1282 1282
1283 /* the parent must have the same effective ownership and mustn't be 1283 /* the parent must have the same effective ownership and mustn't be
1284 * SUID/SGID */ 1284 * SUID/SGID */
1285 if (pcred-> uid != mycred->euid || 1285 if (pcred->uid != mycred->euid ||
1286 pcred->euid != mycred->euid || 1286 pcred->euid != mycred->euid ||
1287 pcred->suid != mycred->euid || 1287 pcred->suid != mycred->euid ||
1288 pcred-> gid != mycred->egid || 1288 pcred->gid != mycred->egid ||
1289 pcred->egid != mycred->egid || 1289 pcred->egid != mycred->egid ||
1290 pcred->sgid != mycred->egid) 1290 pcred->sgid != mycred->egid)
1291 goto not_permitted; 1291 goto not_permitted;
1292 1292
1293 /* the keyrings must have the same UID */ 1293 /* the keyrings must have the same UID */
1294 if (pcred ->tgcred->session_keyring->uid != mycred->euid || 1294 if (pcred->tgcred->session_keyring->uid != mycred->euid ||
1295 mycred->tgcred->session_keyring->uid != mycred->euid) 1295 mycred->tgcred->session_keyring->uid != mycred->euid)
1296 goto not_permitted; 1296 goto not_permitted;
1297 1297
1298 /* the LSM must permit the replacement of the parent's keyring with the
1299 * keyring from this process */
1300 ret = security_key_session_to_parent(mycred, pcred,
1301 key_ref_to_ptr(keyring_r));
1302 if (ret < 0)
1303 goto not_permitted;
1304
1305 /* if there's an already pending keyring replacement, then we replace 1298 /* if there's an already pending keyring replacement, then we replace
1306 * that */ 1299 * that */
1307 oldcred = parent->replacement_session_keyring; 1300 oldcred = parent->replacement_session_keyring;
diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 1e4b0037935c..3f425a65906f 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -17,7 +17,7 @@
17#include <linux/seq_file.h> 17#include <linux/seq_file.h>
18#include <linux/err.h> 18#include <linux/err.h>
19#include <keys/keyring-type.h> 19#include <keys/keyring-type.h>
20#include <asm/uaccess.h> 20#include <linux/uaccess.h>
21#include "internal.h" 21#include "internal.h"
22 22
23#define rcu_dereference_locked_keyring(keyring) \ 23#define rcu_dereference_locked_keyring(keyring) \
@@ -44,7 +44,7 @@ static inline unsigned keyring_hash(const char *desc)
44 unsigned bucket = 0; 44 unsigned bucket = 0;
45 45
46 for (; *desc; desc++) 46 for (; *desc; desc++)
47 bucket += (unsigned char) *desc; 47 bucket += (unsigned char)*desc;
48 48
49 return bucket & (KEYRING_NAME_HASH_SIZE - 1); 49 return bucket & (KEYRING_NAME_HASH_SIZE - 1);
50} 50}
@@ -175,12 +175,10 @@ static void keyring_describe(const struct key *keyring, struct seq_file *m)
175{ 175{
176 struct keyring_list *klist; 176 struct keyring_list *klist;
177 177
178 if (keyring->description) { 178 if (keyring->description)
179 seq_puts(m, keyring->description); 179 seq_puts(m, keyring->description);
180 } 180 else
181 else {
182 seq_puts(m, "[anon]"); 181 seq_puts(m, "[anon]");
183 }
184 182
185 rcu_read_lock(); 183 rcu_read_lock();
186 klist = rcu_dereference(keyring->payload.subscriptions); 184 klist = rcu_dereference(keyring->payload.subscriptions);
@@ -241,7 +239,7 @@ static long keyring_read(const struct key *keyring,
241 ret = qty; 239 ret = qty;
242 } 240 }
243 241
244 error: 242error:
245 return ret; 243 return ret;
246 244
247} /* end keyring_read() */ 245} /* end keyring_read() */
@@ -310,7 +308,7 @@ key_ref_t keyring_search_aux(key_ref_t keyring_ref,
310 key_check(keyring); 308 key_check(keyring);
311 309
312 /* top keyring must have search permission to begin the search */ 310 /* top keyring must have search permission to begin the search */
313 err = key_task_permission(keyring_ref, cred, KEY_SEARCH); 311 err = key_task_permission(keyring_ref, cred, KEY_SEARCH);
314 if (err < 0) { 312 if (err < 0) {
315 key_ref = ERR_PTR(err); 313 key_ref = ERR_PTR(err);
316 goto error; 314 goto error;
@@ -512,7 +510,7 @@ key_ref_t __keyring_search_one(key_ref_t keyring_ref,
512 rcu_read_unlock(); 510 rcu_read_unlock();
513 return ERR_PTR(-ENOKEY); 511 return ERR_PTR(-ENOKEY);
514 512
515 found: 513found:
516 atomic_inc(&key->usage); 514 atomic_inc(&key->usage);
517 rcu_read_unlock(); 515 rcu_read_unlock();
518 return make_key_ref(key, possessed); 516 return make_key_ref(key, possessed);
@@ -602,7 +600,7 @@ static int keyring_detect_cycle(struct key *A, struct key *B)
602 sp = 0; 600 sp = 0;
603 601
604 /* start processing a new keyring */ 602 /* start processing a new keyring */
605 descend: 603descend:
606 if (test_bit(KEY_FLAG_REVOKED, &subtree->flags)) 604 if (test_bit(KEY_FLAG_REVOKED, &subtree->flags))
607 goto not_this_keyring; 605 goto not_this_keyring;
608 606
@@ -611,7 +609,7 @@ static int keyring_detect_cycle(struct key *A, struct key *B)
611 goto not_this_keyring; 609 goto not_this_keyring;
612 kix = 0; 610 kix = 0;
613 611
614 ascend: 612ascend:
615 /* iterate through the remaining keys in this keyring */ 613 /* iterate through the remaining keys in this keyring */
616 for (; kix < keylist->nkeys; kix++) { 614 for (; kix < keylist->nkeys; kix++) {
617 key = keylist->keys[kix]; 615 key = keylist->keys[kix];
@@ -637,7 +635,7 @@ static int keyring_detect_cycle(struct key *A, struct key *B)
637 635
638 /* the keyring we're looking at was disqualified or didn't contain a 636 /* the keyring we're looking at was disqualified or didn't contain a
639 * matching key */ 637 * matching key */
640 not_this_keyring: 638not_this_keyring:
641 if (sp > 0) { 639 if (sp > 0) {
642 /* resume the checking of a keyring higher up in the tree */ 640 /* resume the checking of a keyring higher up in the tree */
643 sp--; 641 sp--;
@@ -648,15 +646,15 @@ static int keyring_detect_cycle(struct key *A, struct key *B)
648 646
649 ret = 0; /* no cycles detected */ 647 ret = 0; /* no cycles detected */
650 648
651 error: 649error:
652 rcu_read_unlock(); 650 rcu_read_unlock();
653 return ret; 651 return ret;
654 652
655 too_deep: 653too_deep:
656 ret = -ELOOP; 654 ret = -ELOOP;
657 goto error; 655 goto error;
658 656
659 cycle_detected: 657cycle_detected:
660 ret = -EDEADLK; 658 ret = -EDEADLK;
661 goto error; 659 goto error;
662 660
@@ -711,13 +709,14 @@ int __key_link(struct key *keyring, struct key *key)
711 if (keyring->type != &key_type_keyring) 709 if (keyring->type != &key_type_keyring)
712 goto error; 710 goto error;
713 711
714 /* serialise link/link calls to prevent parallel calls causing a 712 /* do some special keyring->keyring link checks */
715 * cycle when applied to two keyring in opposite orders */
716 down_write(&keyring_serialise_link_sem);
717
718 /* check that we aren't going to create a cycle adding one keyring to
719 * another */
720 if (key->type == &key_type_keyring) { 713 if (key->type == &key_type_keyring) {
714 /* serialise link/link calls to prevent parallel calls causing
715 * a cycle when applied to two keyring in opposite orders */
716 down_write(&keyring_serialise_link_sem);
717
718 /* check that we aren't going to create a cycle adding one
719 * keyring to another */
721 ret = keyring_detect_cycle(keyring, key); 720 ret = keyring_detect_cycle(keyring, key);
722 if (ret < 0) 721 if (ret < 0)
723 goto error2; 722 goto error2;
@@ -776,8 +775,7 @@ int __key_link(struct key *keyring, struct key *key)
776 smp_wmb(); 775 smp_wmb();
777 klist->nkeys++; 776 klist->nkeys++;
778 smp_wmb(); 777 smp_wmb();
779 } 778 } else {
780 else {
781 /* grow the key list */ 779 /* grow the key list */
782 max = 4; 780 max = 4;
783 if (klist) 781 if (klist)
@@ -818,7 +816,8 @@ int __key_link(struct key *keyring, struct key *key)
818done: 816done:
819 ret = 0; 817 ret = 0;
820error2: 818error2:
821 up_write(&keyring_serialise_link_sem); 819 if (key->type == &key_type_keyring)
820 up_write(&keyring_serialise_link_sem);
822error: 821error:
823 return ret; 822 return ret;
824 823
diff --git a/security/keys/permission.c b/security/keys/permission.c
index 0ed802c9e698..28645502cd0d 100644
--- a/security/keys/permission.c
+++ b/security/keys/permission.c
@@ -109,7 +109,7 @@ int key_validate(struct key *key)
109 } 109 }
110 } 110 }
111 111
112 error: 112error:
113 return ret; 113 return ret;
114 114
115} /* end key_validate() */ 115} /* end key_validate() */
diff --git a/security/keys/proc.c b/security/keys/proc.c
index 706d63f4f185..068b66ea2f1b 100644
--- a/security/keys/proc.c
+++ b/security/keys/proc.c
@@ -306,7 +306,7 @@ static void *proc_key_users_start(struct seq_file *p, loff_t *_pos)
306static void *proc_key_users_next(struct seq_file *p, void *v, loff_t *_pos) 306static void *proc_key_users_next(struct seq_file *p, void *v, loff_t *_pos)
307{ 307{
308 (*_pos)++; 308 (*_pos)++;
309 return key_user_next((struct rb_node *) v); 309 return key_user_next((struct rb_node *)v);
310} 310}
311 311
312static void proc_key_users_stop(struct seq_file *p, void *v) 312static void proc_key_users_stop(struct seq_file *p, void *v)
diff --git a/security/keys/request_key.c b/security/keys/request_key.c
index d8c1a6a0fb08..ac49c8aacbf0 100644
--- a/security/keys/request_key.c
+++ b/security/keys/request_key.c
@@ -302,6 +302,7 @@ static int construct_alloc_key(struct key_type *type,
302 const struct cred *cred = current_cred(); 302 const struct cred *cred = current_cred();
303 struct key *key; 303 struct key *key;
304 key_ref_t key_ref; 304 key_ref_t key_ref;
305 int ret;
305 306
306 kenter("%s,%s,,,", type->name, description); 307 kenter("%s,%s,,,", type->name, description);
307 308
@@ -337,14 +338,23 @@ static int construct_alloc_key(struct key_type *type,
337 kleave(" = 0 [%d]", key_serial(key)); 338 kleave(" = 0 [%d]", key_serial(key));
338 return 0; 339 return 0;
339 340
341 /* the key is now present - we tell the caller that we found it by
342 * returning -EINPROGRESS */
340key_already_present: 343key_already_present:
341 mutex_unlock(&key_construction_mutex); 344 mutex_unlock(&key_construction_mutex);
345 ret = 0;
342 if (dest_keyring) { 346 if (dest_keyring) {
343 __key_link(dest_keyring, key_ref_to_ptr(key_ref)); 347 ret = __key_link(dest_keyring, key_ref_to_ptr(key_ref));
344 up_write(&dest_keyring->sem); 348 up_write(&dest_keyring->sem);
345 } 349 }
346 mutex_unlock(&user->cons_lock); 350 mutex_unlock(&user->cons_lock);
347 key_put(key); 351 key_put(key);
352 if (ret < 0) {
353 key_ref_put(key_ref);
354 *_key = NULL;
355 kleave(" = %d [link]", ret);
356 return ret;
357 }
348 *_key = key = key_ref_to_ptr(key_ref); 358 *_key = key = key_ref_to_ptr(key_ref);
349 kleave(" = -EINPROGRESS [%d]", key_serial(key)); 359 kleave(" = -EINPROGRESS [%d]", key_serial(key));
350 return -EINPROGRESS; 360 return -EINPROGRESS;
@@ -390,6 +400,10 @@ static struct key *construct_key_and_link(struct key_type *type,
390 kdebug("cons failed"); 400 kdebug("cons failed");
391 goto construction_failed; 401 goto construction_failed;
392 } 402 }
403 } else if (ret == -EINPROGRESS) {
404 ret = 0;
405 } else {
406 key = ERR_PTR(ret);
393 } 407 }
394 408
395 key_put(dest_keyring); 409 key_put(dest_keyring);
@@ -422,6 +436,7 @@ struct key *request_key_and_link(struct key_type *type,
422 const struct cred *cred = current_cred(); 436 const struct cred *cred = current_cred();
423 struct key *key; 437 struct key *key;
424 key_ref_t key_ref; 438 key_ref_t key_ref;
439 int ret;
425 440
426 kenter("%s,%s,%p,%zu,%p,%p,%lx", 441 kenter("%s,%s,%p,%zu,%p,%p,%lx",
427 type->name, description, callout_info, callout_len, aux, 442 type->name, description, callout_info, callout_len, aux,
@@ -435,8 +450,13 @@ struct key *request_key_and_link(struct key_type *type,
435 key = key_ref_to_ptr(key_ref); 450 key = key_ref_to_ptr(key_ref);
436 if (dest_keyring) { 451 if (dest_keyring) {
437 construct_get_dest_keyring(&dest_keyring); 452 construct_get_dest_keyring(&dest_keyring);
438 key_link(dest_keyring, key); 453 ret = key_link(dest_keyring, key);
439 key_put(dest_keyring); 454 key_put(dest_keyring);
455 if (ret < 0) {
456 key_put(key);
457 key = ERR_PTR(ret);
458 goto error;
459 }
440 } 460 }
441 } else if (PTR_ERR(key_ref) != -EAGAIN) { 461 } else if (PTR_ERR(key_ref) != -EAGAIN) {
442 key = ERR_CAST(key_ref); 462 key = ERR_CAST(key_ref);
diff --git a/security/lsm_audit.c b/security/lsm_audit.c
index 893365b79a29..908aa712816a 100644
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c
@@ -221,7 +221,7 @@ static void dump_common_audit_data(struct audit_buffer *ab,
221 } 221 }
222 222
223 switch (a->type) { 223 switch (a->type) {
224 case LSM_AUDIT_NO_AUDIT: 224 case LSM_AUDIT_DATA_NONE:
225 return; 225 return;
226 case LSM_AUDIT_DATA_IPC: 226 case LSM_AUDIT_DATA_IPC:
227 audit_log_format(ab, " key=%d ", a->u.ipc_id); 227 audit_log_format(ab, " key=%d ", a->u.ipc_id);
diff --git a/security/min_addr.c b/security/min_addr.c
index e86f297522bf..f728728f193b 100644
--- a/security/min_addr.c
+++ b/security/min_addr.c
@@ -33,7 +33,7 @@ int mmap_min_addr_handler(struct ctl_table *table, int write,
33{ 33{
34 int ret; 34 int ret;
35 35
36 if (!capable(CAP_SYS_RAWIO)) 36 if (write && !capable(CAP_SYS_RAWIO))
37 return -EPERM; 37 return -EPERM;
38 38
39 ret = proc_doulongvec_minmax(table, write, buffer, lenp, ppos); 39 ret = proc_doulongvec_minmax(table, write, buffer, lenp, ppos);
diff --git a/security/security.c b/security/security.c
index 687c6fd14bb6..8585019a1a59 100644
--- a/security/security.c
+++ b/security/security.c
@@ -117,7 +117,7 @@ int __init security_module_enable(struct security_operations *ops)
117 * If there is already a security module registered with the kernel, 117 * If there is already a security module registered with the kernel,
118 * an error will be returned. Otherwise %0 is returned on success. 118 * an error will be returned. Otherwise %0 is returned on success.
119 */ 119 */
120int register_security(struct security_operations *ops) 120int __init register_security(struct security_operations *ops)
121{ 121{
122 if (verify(ops)) { 122 if (verify(ops)) {
123 printk(KERN_DEBUG "%s could not verify " 123 printk(KERN_DEBUG "%s could not verify "
@@ -190,11 +190,6 @@ int security_real_capable_noaudit(struct task_struct *tsk, int cap)
190 return ret; 190 return ret;
191} 191}
192 192
193int security_acct(struct file *file)
194{
195 return security_ops->acct(file);
196}
197
198int security_sysctl(struct ctl_table *table, int op) 193int security_sysctl(struct ctl_table *table, int op)
199{ 194{
200 return security_ops->sysctl(table, op); 195 return security_ops->sysctl(table, op);
@@ -306,46 +301,16 @@ int security_sb_mount(char *dev_name, struct path *path,
306 return security_ops->sb_mount(dev_name, path, type, flags, data); 301 return security_ops->sb_mount(dev_name, path, type, flags, data);
307} 302}
308 303
309int security_sb_check_sb(struct vfsmount *mnt, struct path *path)
310{
311 return security_ops->sb_check_sb(mnt, path);
312}
313
314int security_sb_umount(struct vfsmount *mnt, int flags) 304int security_sb_umount(struct vfsmount *mnt, int flags)
315{ 305{
316 return security_ops->sb_umount(mnt, flags); 306 return security_ops->sb_umount(mnt, flags);
317} 307}
318 308
319void security_sb_umount_close(struct vfsmount *mnt)
320{
321 security_ops->sb_umount_close(mnt);
322}
323
324void security_sb_umount_busy(struct vfsmount *mnt)
325{
326 security_ops->sb_umount_busy(mnt);
327}
328
329void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data)
330{
331 security_ops->sb_post_remount(mnt, flags, data);
332}
333
334void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint)
335{
336 security_ops->sb_post_addmount(mnt, mountpoint);
337}
338
339int security_sb_pivotroot(struct path *old_path, struct path *new_path) 309int security_sb_pivotroot(struct path *old_path, struct path *new_path)
340{ 310{
341 return security_ops->sb_pivotroot(old_path, new_path); 311 return security_ops->sb_pivotroot(old_path, new_path);
342} 312}
343 313
344void security_sb_post_pivotroot(struct path *old_path, struct path *new_path)
345{
346 security_ops->sb_post_pivotroot(old_path, new_path);
347}
348
349int security_sb_set_mnt_opts(struct super_block *sb, 314int security_sb_set_mnt_opts(struct super_block *sb,
350 struct security_mnt_opts *opts) 315 struct security_mnt_opts *opts)
351{ 316{
@@ -580,13 +545,6 @@ int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry)
580 return security_ops->inode_getattr(mnt, dentry); 545 return security_ops->inode_getattr(mnt, dentry);
581} 546}
582 547
583void security_inode_delete(struct inode *inode)
584{
585 if (unlikely(IS_PRIVATE(inode)))
586 return;
587 security_ops->inode_delete(inode);
588}
589
590int security_inode_setxattr(struct dentry *dentry, const char *name, 548int security_inode_setxattr(struct dentry *dentry, const char *name,
591 const void *value, size_t size, int flags) 549 const void *value, size_t size, int flags)
592{ 550{
@@ -749,11 +707,6 @@ int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp)
749 return security_ops->cred_prepare(new, old, gfp); 707 return security_ops->cred_prepare(new, old, gfp);
750} 708}
751 709
752void security_commit_creds(struct cred *new, const struct cred *old)
753{
754 security_ops->cred_commit(new, old);
755}
756
757void security_transfer_creds(struct cred *new, const struct cred *old) 710void security_transfer_creds(struct cred *new, const struct cred *old)
758{ 711{
759 security_ops->cred_transfer(new, old); 712 security_ops->cred_transfer(new, old);
@@ -774,22 +727,12 @@ int security_kernel_module_request(char *kmod_name)
774 return security_ops->kernel_module_request(kmod_name); 727 return security_ops->kernel_module_request(kmod_name);
775} 728}
776 729
777int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags)
778{
779 return security_ops->task_setuid(id0, id1, id2, flags);
780}
781
782int security_task_fix_setuid(struct cred *new, const struct cred *old, 730int security_task_fix_setuid(struct cred *new, const struct cred *old,
783 int flags) 731 int flags)
784{ 732{
785 return security_ops->task_fix_setuid(new, old, flags); 733 return security_ops->task_fix_setuid(new, old, flags);
786} 734}
787 735
788int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags)
789{
790 return security_ops->task_setgid(id0, id1, id2, flags);
791}
792
793int security_task_setpgid(struct task_struct *p, pid_t pgid) 736int security_task_setpgid(struct task_struct *p, pid_t pgid)
794{ 737{
795 return security_ops->task_setpgid(p, pgid); 738 return security_ops->task_setpgid(p, pgid);
@@ -811,11 +754,6 @@ void security_task_getsecid(struct task_struct *p, u32 *secid)
811} 754}
812EXPORT_SYMBOL(security_task_getsecid); 755EXPORT_SYMBOL(security_task_getsecid);
813 756
814int security_task_setgroups(struct group_info *group_info)
815{
816 return security_ops->task_setgroups(group_info);
817}
818
819int security_task_setnice(struct task_struct *p, int nice) 757int security_task_setnice(struct task_struct *p, int nice)
820{ 758{
821 return security_ops->task_setnice(p, nice); 759 return security_ops->task_setnice(p, nice);
@@ -1319,13 +1257,6 @@ int security_key_getsecurity(struct key *key, char **_buffer)
1319 return security_ops->key_getsecurity(key, _buffer); 1257 return security_ops->key_getsecurity(key, _buffer);
1320} 1258}
1321 1259
1322int security_key_session_to_parent(const struct cred *cred,
1323 const struct cred *parent_cred,
1324 struct key *key)
1325{
1326 return security_ops->key_session_to_parent(cred, parent_cred, key);
1327}
1328
1329#endif /* CONFIG_KEYS */ 1260#endif /* CONFIG_KEYS */
1330 1261
1331#ifdef CONFIG_AUDIT 1262#ifdef CONFIG_AUDIT
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 989fef82563a..7f1a304712a9 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -499,8 +499,7 @@ void avc_audit(u32 ssid, u32 tsid,
499 return; 499 return;
500 if (!a) { 500 if (!a) {
501 a = &stack_data; 501 a = &stack_data;
502 memset(a, 0, sizeof(*a)); 502 COMMON_AUDIT_DATA_INIT(a, NONE);
503 a->type = LSM_AUDIT_NO_AUDIT;
504 } 503 }
505 a->selinux_audit_data.tclass = tclass; 504 a->selinux_audit_data.tclass = tclass;
506 a->selinux_audit_data.requested = requested; 505 a->selinux_audit_data.requested = requested;
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 5feecb41009d..a03fd74602b4 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -293,28 +293,28 @@ static void superblock_free_security(struct super_block *sb)
293 293
294static int sk_alloc_security(struct sock *sk, int family, gfp_t priority) 294static int sk_alloc_security(struct sock *sk, int family, gfp_t priority)
295{ 295{
296 struct sk_security_struct *ssec; 296 struct sk_security_struct *sksec;
297 297
298 ssec = kzalloc(sizeof(*ssec), priority); 298 sksec = kzalloc(sizeof(*sksec), priority);
299 if (!ssec) 299 if (!sksec)
300 return -ENOMEM; 300 return -ENOMEM;
301 301
302 ssec->peer_sid = SECINITSID_UNLABELED; 302 sksec->peer_sid = SECINITSID_UNLABELED;
303 ssec->sid = SECINITSID_UNLABELED; 303 sksec->sid = SECINITSID_UNLABELED;
304 sk->sk_security = ssec; 304 sk->sk_security = sksec;
305 305
306 selinux_netlbl_sk_security_reset(ssec); 306 selinux_netlbl_sk_security_reset(sksec);
307 307
308 return 0; 308 return 0;
309} 309}
310 310
311static void sk_free_security(struct sock *sk) 311static void sk_free_security(struct sock *sk)
312{ 312{
313 struct sk_security_struct *ssec = sk->sk_security; 313 struct sk_security_struct *sksec = sk->sk_security;
314 314
315 sk->sk_security = NULL; 315 sk->sk_security = NULL;
316 selinux_netlbl_sk_security_free(ssec); 316 selinux_netlbl_sk_security_free(sksec);
317 kfree(ssec); 317 kfree(sksec);
318} 318}
319 319
320/* The security server must be initialized before 320/* The security server must be initialized before
@@ -323,7 +323,7 @@ extern int ss_initialized;
323 323
324/* The file system's label must be initialized prior to use. */ 324/* The file system's label must be initialized prior to use. */
325 325
326static char *labeling_behaviors[6] = { 326static const char *labeling_behaviors[6] = {
327 "uses xattr", 327 "uses xattr",
328 "uses transition SIDs", 328 "uses transition SIDs",
329 "uses task SIDs", 329 "uses task SIDs",
@@ -2999,13 +2999,15 @@ static int selinux_file_ioctl(struct file *file, unsigned int cmd,
2999 return file_has_perm(cred, file, av); 2999 return file_has_perm(cred, file, av);
3000} 3000}
3001 3001
3002static int default_noexec;
3003
3002static int file_map_prot_check(struct file *file, unsigned long prot, int shared) 3004static int file_map_prot_check(struct file *file, unsigned long prot, int shared)
3003{ 3005{
3004 const struct cred *cred = current_cred(); 3006 const struct cred *cred = current_cred();
3005 int rc = 0; 3007 int rc = 0;
3006 3008
3007#ifndef CONFIG_PPC32 3009 if (default_noexec &&
3008 if ((prot & PROT_EXEC) && (!file || (!shared && (prot & PROT_WRITE)))) { 3010 (prot & PROT_EXEC) && (!file || (!shared && (prot & PROT_WRITE)))) {
3009 /* 3011 /*
3010 * We are making executable an anonymous mapping or a 3012 * We are making executable an anonymous mapping or a
3011 * private file mapping that will also be writable. 3013 * private file mapping that will also be writable.
@@ -3015,7 +3017,6 @@ static int file_map_prot_check(struct file *file, unsigned long prot, int shared
3015 if (rc) 3017 if (rc)
3016 goto error; 3018 goto error;
3017 } 3019 }
3018#endif
3019 3020
3020 if (file) { 3021 if (file) {
3021 /* read access is always possible with a mapping */ 3022 /* read access is always possible with a mapping */
@@ -3076,8 +3077,8 @@ static int selinux_file_mprotect(struct vm_area_struct *vma,
3076 if (selinux_checkreqprot) 3077 if (selinux_checkreqprot)
3077 prot = reqprot; 3078 prot = reqprot;
3078 3079
3079#ifndef CONFIG_PPC32 3080 if (default_noexec &&
3080 if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) { 3081 (prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
3081 int rc = 0; 3082 int rc = 0;
3082 if (vma->vm_start >= vma->vm_mm->start_brk && 3083 if (vma->vm_start >= vma->vm_mm->start_brk &&
3083 vma->vm_end <= vma->vm_mm->brk) { 3084 vma->vm_end <= vma->vm_mm->brk) {
@@ -3099,7 +3100,6 @@ static int selinux_file_mprotect(struct vm_area_struct *vma,
3099 if (rc) 3100 if (rc)
3100 return rc; 3101 return rc;
3101 } 3102 }
3102#endif
3103 3103
3104 return file_map_prot_check(vma->vm_file, prot, vma->vm_flags&VM_SHARED); 3104 return file_map_prot_check(vma->vm_file, prot, vma->vm_flags&VM_SHARED);
3105} 3105}
@@ -4002,7 +4002,7 @@ static int selinux_socket_unix_stream_connect(struct socket *sock,
4002 struct socket *other, 4002 struct socket *other,
4003 struct sock *newsk) 4003 struct sock *newsk)
4004{ 4004{
4005 struct sk_security_struct *ssec; 4005 struct sk_security_struct *sksec;
4006 struct inode_security_struct *isec; 4006 struct inode_security_struct *isec;
4007 struct inode_security_struct *other_isec; 4007 struct inode_security_struct *other_isec;
4008 struct common_audit_data ad; 4008 struct common_audit_data ad;
@@ -4021,13 +4021,13 @@ static int selinux_socket_unix_stream_connect(struct socket *sock,
4021 return err; 4021 return err;
4022 4022
4023 /* connecting socket */ 4023 /* connecting socket */
4024 ssec = sock->sk->sk_security; 4024 sksec = sock->sk->sk_security;
4025 ssec->peer_sid = other_isec->sid; 4025 sksec->peer_sid = other_isec->sid;
4026 4026
4027 /* server child socket */ 4027 /* server child socket */
4028 ssec = newsk->sk_security; 4028 sksec = newsk->sk_security;
4029 ssec->peer_sid = isec->sid; 4029 sksec->peer_sid = isec->sid;
4030 err = security_sid_mls_copy(other_isec->sid, ssec->peer_sid, &ssec->sid); 4030 err = security_sid_mls_copy(other_isec->sid, sksec->peer_sid, &sksec->sid);
4031 4031
4032 return err; 4032 return err;
4033} 4033}
@@ -4190,7 +4190,7 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, char __user *op
4190 int err = 0; 4190 int err = 0;
4191 char *scontext; 4191 char *scontext;
4192 u32 scontext_len; 4192 u32 scontext_len;
4193 struct sk_security_struct *ssec; 4193 struct sk_security_struct *sksec;
4194 struct inode_security_struct *isec; 4194 struct inode_security_struct *isec;
4195 u32 peer_sid = SECSID_NULL; 4195 u32 peer_sid = SECSID_NULL;
4196 4196
@@ -4198,8 +4198,8 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, char __user *op
4198 4198
4199 if (isec->sclass == SECCLASS_UNIX_STREAM_SOCKET || 4199 if (isec->sclass == SECCLASS_UNIX_STREAM_SOCKET ||
4200 isec->sclass == SECCLASS_TCP_SOCKET) { 4200 isec->sclass == SECCLASS_TCP_SOCKET) {
4201 ssec = sock->sk->sk_security; 4201 sksec = sock->sk->sk_security;
4202 peer_sid = ssec->peer_sid; 4202 peer_sid = sksec->peer_sid;
4203 } 4203 }
4204 if (peer_sid == SECSID_NULL) { 4204 if (peer_sid == SECSID_NULL) {
4205 err = -ENOPROTOOPT; 4205 err = -ENOPROTOOPT;
@@ -4266,14 +4266,14 @@ static void selinux_sk_free_security(struct sock *sk)
4266 4266
4267static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk) 4267static void selinux_sk_clone_security(const struct sock *sk, struct sock *newsk)
4268{ 4268{
4269 struct sk_security_struct *ssec = sk->sk_security; 4269 struct sk_security_struct *sksec = sk->sk_security;
4270 struct sk_security_struct *newssec = newsk->sk_security; 4270 struct sk_security_struct *newsksec = newsk->sk_security;
4271 4271
4272 newssec->sid = ssec->sid; 4272 newsksec->sid = sksec->sid;
4273 newssec->peer_sid = ssec->peer_sid; 4273 newsksec->peer_sid = sksec->peer_sid;
4274 newssec->sclass = ssec->sclass; 4274 newsksec->sclass = sksec->sclass;
4275 4275
4276 selinux_netlbl_sk_security_reset(newssec); 4276 selinux_netlbl_sk_security_reset(newsksec);
4277} 4277}
4278 4278
4279static void selinux_sk_getsecid(struct sock *sk, u32 *secid) 4279static void selinux_sk_getsecid(struct sock *sk, u32 *secid)
@@ -5662,6 +5662,8 @@ static __init int selinux_init(void)
5662 /* Set the security state for the initial task. */ 5662 /* Set the security state for the initial task. */
5663 cred_init_security(); 5663 cred_init_security();
5664 5664
5665 default_noexec = !(VM_DATA_DEFAULT_FLAGS & VM_EXEC);
5666
5665 sel_inode_cache = kmem_cache_create("selinux_inode_security", 5667 sel_inode_cache = kmem_cache_create("selinux_inode_security",
5666 sizeof(struct inode_security_struct), 5668 sizeof(struct inode_security_struct),
5667 0, SLAB_PANIC, NULL); 5669 0, SLAB_PANIC, NULL);
diff --git a/security/selinux/include/initial_sid_to_string.h b/security/selinux/include/initial_sid_to_string.h
index d4fac82793ae..a59b64e3fd02 100644
--- a/security/selinux/include/initial_sid_to_string.h
+++ b/security/selinux/include/initial_sid_to_string.h
@@ -1,5 +1,5 @@
1/* This file is automatically generated. Do not edit. */ 1/* This file is automatically generated. Do not edit. */
2static char *initial_sid_to_string[] = 2static const char *initial_sid_to_string[] =
3{ 3{
4 "null", 4 "null",
5 "kernel", 5 "kernel",
diff --git a/security/selinux/include/netlabel.h b/security/selinux/include/netlabel.h
index 8d7384280a7a..cf2f628e6e28 100644
--- a/security/selinux/include/netlabel.h
+++ b/security/selinux/include/netlabel.h
@@ -42,8 +42,8 @@ void selinux_netlbl_cache_invalidate(void);
42 42
43void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway); 43void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway);
44 44
45void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec); 45void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec);
46void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec); 46void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec);
47 47
48int selinux_netlbl_skbuff_getsid(struct sk_buff *skb, 48int selinux_netlbl_skbuff_getsid(struct sk_buff *skb,
49 u16 family, 49 u16 family,
@@ -79,13 +79,13 @@ static inline void selinux_netlbl_err(struct sk_buff *skb,
79} 79}
80 80
81static inline void selinux_netlbl_sk_security_free( 81static inline void selinux_netlbl_sk_security_free(
82 struct sk_security_struct *ssec) 82 struct sk_security_struct *sksec)
83{ 83{
84 return; 84 return;
85} 85}
86 86
87static inline void selinux_netlbl_sk_security_reset( 87static inline void selinux_netlbl_sk_security_reset(
88 struct sk_security_struct *ssec) 88 struct sk_security_struct *sksec)
89{ 89{
90 return; 90 return;
91} 91}
diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c
index 628da72ee763..1c2fc46544bf 100644
--- a/security/selinux/netlabel.c
+++ b/security/selinux/netlabel.c
@@ -132,21 +132,21 @@ void selinux_netlbl_err(struct sk_buff *skb, int error, int gateway)
132 132
133/** 133/**
134 * selinux_netlbl_sk_security_free - Free the NetLabel fields 134 * selinux_netlbl_sk_security_free - Free the NetLabel fields
135 * @sssec: the sk_security_struct 135 * @sksec: the sk_security_struct
136 * 136 *
137 * Description: 137 * Description:
138 * Free all of the memory in the NetLabel fields of a sk_security_struct. 138 * Free all of the memory in the NetLabel fields of a sk_security_struct.
139 * 139 *
140 */ 140 */
141void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec) 141void selinux_netlbl_sk_security_free(struct sk_security_struct *sksec)
142{ 142{
143 if (ssec->nlbl_secattr != NULL) 143 if (sksec->nlbl_secattr != NULL)
144 netlbl_secattr_free(ssec->nlbl_secattr); 144 netlbl_secattr_free(sksec->nlbl_secattr);
145} 145}
146 146
147/** 147/**
148 * selinux_netlbl_sk_security_reset - Reset the NetLabel fields 148 * selinux_netlbl_sk_security_reset - Reset the NetLabel fields
149 * @ssec: the sk_security_struct 149 * @sksec: the sk_security_struct
150 * @family: the socket family 150 * @family: the socket family
151 * 151 *
152 * Description: 152 * Description:
@@ -154,9 +154,9 @@ void selinux_netlbl_sk_security_free(struct sk_security_struct *ssec)
154 * The caller is responsibile for all the NetLabel sk_security_struct locking. 154 * The caller is responsibile for all the NetLabel sk_security_struct locking.
155 * 155 *
156 */ 156 */
157void selinux_netlbl_sk_security_reset(struct sk_security_struct *ssec) 157void selinux_netlbl_sk_security_reset(struct sk_security_struct *sksec)
158{ 158{
159 ssec->nlbl_state = NLBL_UNSET; 159 sksec->nlbl_state = NLBL_UNSET;
160} 160}
161 161
162/** 162/**
diff --git a/security/selinux/netlink.c b/security/selinux/netlink.c
index 0e147b6914ad..36ac257cec9a 100644
--- a/security/selinux/netlink.c
+++ b/security/selinux/netlink.c
@@ -14,7 +14,6 @@
14#include <linux/slab.h> 14#include <linux/slab.h>
15#include <linux/stddef.h> 15#include <linux/stddef.h>
16#include <linux/kernel.h> 16#include <linux/kernel.h>
17#include <linux/list.h>
18#include <linux/skbuff.h> 17#include <linux/skbuff.h>
19#include <linux/netlink.h> 18#include <linux/netlink.h>
20#include <linux/selinux_netlink.h> 19#include <linux/selinux_netlink.h>
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index dd7cc6de77f9..75ec0c6ebacd 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -11,7 +11,6 @@
11 */ 11 */
12#include <linux/types.h> 12#include <linux/types.h>
13#include <linux/kernel.h> 13#include <linux/kernel.h>
14#include <linux/skbuff.h>
15#include <linux/netlink.h> 14#include <linux/netlink.h>
16#include <linux/rtnetlink.h> 15#include <linux/rtnetlink.h>
17#include <linux/if.h> 16#include <linux/if.h>
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index cd191bbec03c..0293843f7eda 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -503,11 +503,11 @@ static ssize_t sel_write_access(struct file *file, char *buf, size_t size)
503 return length; 503 return length;
504 504
505 length = -ENOMEM; 505 length = -ENOMEM;
506 scon = kzalloc(size+1, GFP_KERNEL); 506 scon = kzalloc(size + 1, GFP_KERNEL);
507 if (!scon) 507 if (!scon)
508 return length; 508 return length;
509 509
510 tcon = kzalloc(size+1, GFP_KERNEL); 510 tcon = kzalloc(size + 1, GFP_KERNEL);
511 if (!tcon) 511 if (!tcon)
512 goto out; 512 goto out;
513 513
@@ -515,10 +515,10 @@ static ssize_t sel_write_access(struct file *file, char *buf, size_t size)
515 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) 515 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
516 goto out2; 516 goto out2;
517 517
518 length = security_context_to_sid(scon, strlen(scon)+1, &ssid); 518 length = security_context_to_sid(scon, strlen(scon) + 1, &ssid);
519 if (length < 0) 519 if (length < 0)
520 goto out2; 520 goto out2;
521 length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); 521 length = security_context_to_sid(tcon, strlen(tcon) + 1, &tsid);
522 if (length < 0) 522 if (length < 0)
523 goto out2; 523 goto out2;
524 524
@@ -550,11 +550,11 @@ static ssize_t sel_write_create(struct file *file, char *buf, size_t size)
550 return length; 550 return length;
551 551
552 length = -ENOMEM; 552 length = -ENOMEM;
553 scon = kzalloc(size+1, GFP_KERNEL); 553 scon = kzalloc(size + 1, GFP_KERNEL);
554 if (!scon) 554 if (!scon)
555 return length; 555 return length;
556 556
557 tcon = kzalloc(size+1, GFP_KERNEL); 557 tcon = kzalloc(size + 1, GFP_KERNEL);
558 if (!tcon) 558 if (!tcon)
559 goto out; 559 goto out;
560 560
@@ -562,10 +562,10 @@ static ssize_t sel_write_create(struct file *file, char *buf, size_t size)
562 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) 562 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
563 goto out2; 563 goto out2;
564 564
565 length = security_context_to_sid(scon, strlen(scon)+1, &ssid); 565 length = security_context_to_sid(scon, strlen(scon) + 1, &ssid);
566 if (length < 0) 566 if (length < 0)
567 goto out2; 567 goto out2;
568 length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); 568 length = security_context_to_sid(tcon, strlen(tcon) + 1, &tsid);
569 if (length < 0) 569 if (length < 0)
570 goto out2; 570 goto out2;
571 571
@@ -609,11 +609,11 @@ static ssize_t sel_write_relabel(struct file *file, char *buf, size_t size)
609 return length; 609 return length;
610 610
611 length = -ENOMEM; 611 length = -ENOMEM;
612 scon = kzalloc(size+1, GFP_KERNEL); 612 scon = kzalloc(size + 1, GFP_KERNEL);
613 if (!scon) 613 if (!scon)
614 return length; 614 return length;
615 615
616 tcon = kzalloc(size+1, GFP_KERNEL); 616 tcon = kzalloc(size + 1, GFP_KERNEL);
617 if (!tcon) 617 if (!tcon)
618 goto out; 618 goto out;
619 619
@@ -621,10 +621,10 @@ static ssize_t sel_write_relabel(struct file *file, char *buf, size_t size)
621 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) 621 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
622 goto out2; 622 goto out2;
623 623
624 length = security_context_to_sid(scon, strlen(scon)+1, &ssid); 624 length = security_context_to_sid(scon, strlen(scon) + 1, &ssid);
625 if (length < 0) 625 if (length < 0)
626 goto out2; 626 goto out2;
627 length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); 627 length = security_context_to_sid(tcon, strlen(tcon) + 1, &tsid);
628 if (length < 0) 628 if (length < 0)
629 goto out2; 629 goto out2;
630 630
@@ -666,11 +666,11 @@ static ssize_t sel_write_user(struct file *file, char *buf, size_t size)
666 return length; 666 return length;
667 667
668 length = -ENOMEM; 668 length = -ENOMEM;
669 con = kzalloc(size+1, GFP_KERNEL); 669 con = kzalloc(size + 1, GFP_KERNEL);
670 if (!con) 670 if (!con)
671 return length; 671 return length;
672 672
673 user = kzalloc(size+1, GFP_KERNEL); 673 user = kzalloc(size + 1, GFP_KERNEL);
674 if (!user) 674 if (!user)
675 goto out; 675 goto out;
676 676
@@ -678,7 +678,7 @@ static ssize_t sel_write_user(struct file *file, char *buf, size_t size)
678 if (sscanf(buf, "%s %s", con, user) != 2) 678 if (sscanf(buf, "%s %s", con, user) != 2)
679 goto out2; 679 goto out2;
680 680
681 length = security_context_to_sid(con, strlen(con)+1, &sid); 681 length = security_context_to_sid(con, strlen(con) + 1, &sid);
682 if (length < 0) 682 if (length < 0)
683 goto out2; 683 goto out2;
684 684
@@ -727,11 +727,11 @@ static ssize_t sel_write_member(struct file *file, char *buf, size_t size)
727 return length; 727 return length;
728 728
729 length = -ENOMEM; 729 length = -ENOMEM;
730 scon = kzalloc(size+1, GFP_KERNEL); 730 scon = kzalloc(size + 1, GFP_KERNEL);
731 if (!scon) 731 if (!scon)
732 return length; 732 return length;
733 733
734 tcon = kzalloc(size+1, GFP_KERNEL); 734 tcon = kzalloc(size + 1, GFP_KERNEL);
735 if (!tcon) 735 if (!tcon)
736 goto out; 736 goto out;
737 737
@@ -739,10 +739,10 @@ static ssize_t sel_write_member(struct file *file, char *buf, size_t size)
739 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) 739 if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
740 goto out2; 740 goto out2;
741 741
742 length = security_context_to_sid(scon, strlen(scon)+1, &ssid); 742 length = security_context_to_sid(scon, strlen(scon) + 1, &ssid);
743 if (length < 0) 743 if (length < 0)
744 goto out2; 744 goto out2;
745 length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); 745 length = security_context_to_sid(tcon, strlen(tcon) + 1, &tsid);
746 if (length < 0) 746 if (length < 0)
747 goto out2; 747 goto out2;
748 748
@@ -1401,7 +1401,7 @@ static int sel_make_perm_files(char *objclass, int classvalue,
1401 } 1401 }
1402 inode->i_fop = &sel_perm_ops; 1402 inode->i_fop = &sel_perm_ops;
1403 /* i+1 since perm values are 1-indexed */ 1403 /* i+1 since perm values are 1-indexed */
1404 inode->i_ino = sel_perm_to_ino(classvalue, i+1); 1404 inode->i_ino = sel_perm_to_ino(classvalue, i + 1);
1405 d_add(dentry, inode); 1405 d_add(dentry, inode);
1406 } 1406 }
1407 1407
@@ -1489,7 +1489,7 @@ static int sel_make_classes(void)
1489 goto out; 1489 goto out;
1490 1490
1491 /* +2 since classes are 1-indexed */ 1491 /* +2 since classes are 1-indexed */
1492 last_class_ino = sel_class_to_ino(nclasses+2); 1492 last_class_ino = sel_class_to_ino(nclasses + 2);
1493 1493
1494 for (i = 0; i < nclasses; i++) { 1494 for (i = 0; i < nclasses; i++) {
1495 struct dentry *class_name_dir; 1495 struct dentry *class_name_dir;
@@ -1506,7 +1506,7 @@ static int sel_make_classes(void)
1506 goto out1; 1506 goto out1;
1507 1507
1508 /* i+1 since class values are 1-indexed */ 1508 /* i+1 since class values are 1-indexed */
1509 rc = sel_make_class_dir_entries(classes[i], i+1, 1509 rc = sel_make_class_dir_entries(classes[i], i + 1,
1510 class_name_dir); 1510 class_name_dir);
1511 if (rc) 1511 if (rc)
1512 goto out1; 1512 goto out1;
diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
index 372b773f8210..b4eff7a60c50 100644
--- a/security/selinux/ss/mls.c
+++ b/security/selinux/ss/mls.c
@@ -255,7 +255,7 @@ int mls_context_to_sid(struct policydb *pol,
255 255
256 if (!pol->mls_enabled) { 256 if (!pol->mls_enabled) {
257 if (def_sid != SECSID_NULL && oldc) 257 if (def_sid != SECSID_NULL && oldc)
258 *scontext += strlen(*scontext)+1; 258 *scontext += strlen(*scontext) + 1;
259 return 0; 259 return 0;
260 } 260 }
261 261
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 23c6e53c102c..4f584fb71ef9 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -40,7 +40,7 @@
40#define _DEBUG_HASHES 40#define _DEBUG_HASHES
41 41
42#ifdef DEBUG_HASHES 42#ifdef DEBUG_HASHES
43static char *symtab_name[SYM_NUM] = { 43static const char *symtab_name[SYM_NUM] = {
44 "common prefixes", 44 "common prefixes",
45 "classes", 45 "classes",
46 "roles", 46 "roles",
@@ -156,7 +156,7 @@ static int roles_init(struct policydb *p)
156 rc = -EINVAL; 156 rc = -EINVAL;
157 goto out_free_role; 157 goto out_free_role;
158 } 158 }
159 key = kmalloc(strlen(OBJECT_R)+1, GFP_KERNEL); 159 key = kmalloc(strlen(OBJECT_R) + 1, GFP_KERNEL);
160 if (!key) { 160 if (!key) {
161 rc = -ENOMEM; 161 rc = -ENOMEM;
162 goto out_free_role; 162 goto out_free_role;
@@ -2195,7 +2195,7 @@ int policydb_read(struct policydb *p, void *fp)
2195 rangetr_hash_eval(p->range_tr); 2195 rangetr_hash_eval(p->range_tr);
2196 } 2196 }
2197 2197
2198 p->type_attr_map = kmalloc(p->p_types.nprim*sizeof(struct ebitmap), GFP_KERNEL); 2198 p->type_attr_map = kmalloc(p->p_types.nprim * sizeof(struct ebitmap), GFP_KERNEL);
2199 if (!p->type_attr_map) 2199 if (!p->type_attr_map)
2200 goto bad; 2200 goto bad;
2201 2201
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index cf27b3ee1a95..1de60ce90d9a 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -274,15 +274,15 @@ static int constraint_expr_eval(struct context *scontext,
274 case CEXPR_AND: 274 case CEXPR_AND:
275 BUG_ON(sp < 1); 275 BUG_ON(sp < 1);
276 sp--; 276 sp--;
277 s[sp] &= s[sp+1]; 277 s[sp] &= s[sp + 1];
278 break; 278 break;
279 case CEXPR_OR: 279 case CEXPR_OR:
280 BUG_ON(sp < 1); 280 BUG_ON(sp < 1);
281 sp--; 281 sp--;
282 s[sp] |= s[sp+1]; 282 s[sp] |= s[sp + 1];
283 break; 283 break;
284 case CEXPR_ATTR: 284 case CEXPR_ATTR:
285 if (sp == (CEXPR_MAXDEPTH-1)) 285 if (sp == (CEXPR_MAXDEPTH - 1))
286 return 0; 286 return 0;
287 switch (e->attr) { 287 switch (e->attr) {
288 case CEXPR_USER: 288 case CEXPR_USER:
@@ -1216,7 +1216,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len,
1216 *sid = SECSID_NULL; 1216 *sid = SECSID_NULL;
1217 1217
1218 /* Copy the string so that we can modify the copy as we parse it. */ 1218 /* Copy the string so that we can modify the copy as we parse it. */
1219 scontext2 = kmalloc(scontext_len+1, gfp_flags); 1219 scontext2 = kmalloc(scontext_len + 1, gfp_flags);
1220 if (!scontext2) 1220 if (!scontext2)
1221 return -ENOMEM; 1221 return -ENOMEM;
1222 memcpy(scontext2, scontext, scontext_len); 1222 memcpy(scontext2, scontext, scontext_len);
@@ -1760,22 +1760,28 @@ int security_load_policy(void *data, size_t len)
1760 1760
1761 if (!ss_initialized) { 1761 if (!ss_initialized) {
1762 avtab_cache_init(); 1762 avtab_cache_init();
1763 if (policydb_read(&policydb, fp)) { 1763 rc = policydb_read(&policydb, fp);
1764 if (rc) {
1764 avtab_cache_destroy(); 1765 avtab_cache_destroy();
1765 return -EINVAL; 1766 return rc;
1766 } 1767 }
1767 if (selinux_set_mapping(&policydb, secclass_map, 1768
1768 &current_mapping, 1769 rc = selinux_set_mapping(&policydb, secclass_map,
1769 &current_mapping_size)) { 1770 &current_mapping,
1771 &current_mapping_size);
1772 if (rc) {
1770 policydb_destroy(&policydb); 1773 policydb_destroy(&policydb);
1771 avtab_cache_destroy(); 1774 avtab_cache_destroy();
1772 return -EINVAL; 1775 return rc;
1773 } 1776 }
1774 if (policydb_load_isids(&policydb, &sidtab)) { 1777
1778 rc = policydb_load_isids(&policydb, &sidtab);
1779 if (rc) {
1775 policydb_destroy(&policydb); 1780 policydb_destroy(&policydb);
1776 avtab_cache_destroy(); 1781 avtab_cache_destroy();
1777 return -EINVAL; 1782 return rc;
1778 } 1783 }
1784
1779 security_load_policycaps(); 1785 security_load_policycaps();
1780 ss_initialized = 1; 1786 ss_initialized = 1;
1781 seqno = ++latest_granting; 1787 seqno = ++latest_granting;
@@ -1791,8 +1797,9 @@ int security_load_policy(void *data, size_t len)
1791 sidtab_hash_eval(&sidtab, "sids"); 1797 sidtab_hash_eval(&sidtab, "sids");
1792#endif 1798#endif
1793 1799
1794 if (policydb_read(&newpolicydb, fp)) 1800 rc = policydb_read(&newpolicydb, fp);
1795 return -EINVAL; 1801 if (rc)
1802 return rc;
1796 1803
1797 /* If switching between different policy types, log MLS status */ 1804 /* If switching between different policy types, log MLS status */
1798 if (policydb.mls_enabled && !newpolicydb.mls_enabled) 1805 if (policydb.mls_enabled && !newpolicydb.mls_enabled)
@@ -1807,8 +1814,8 @@ int security_load_policy(void *data, size_t len)
1807 return rc; 1814 return rc;
1808 } 1815 }
1809 1816
1810 if (selinux_set_mapping(&newpolicydb, secclass_map, 1817 rc = selinux_set_mapping(&newpolicydb, secclass_map, &map, &map_size);
1811 &map, &map_size)) 1818 if (rc)
1812 goto err; 1819 goto err;
1813 1820
1814 rc = security_preserve_bools(&newpolicydb); 1821 rc = security_preserve_bools(&newpolicydb);
@@ -1819,10 +1826,10 @@ int security_load_policy(void *data, size_t len)
1819 1826
1820 /* Clone the SID table. */ 1827 /* Clone the SID table. */
1821 sidtab_shutdown(&sidtab); 1828 sidtab_shutdown(&sidtab);
1822 if (sidtab_map(&sidtab, clone_sid, &newsidtab)) { 1829
1823 rc = -ENOMEM; 1830 rc = sidtab_map(&sidtab, clone_sid, &newsidtab);
1831 if (rc)
1824 goto err; 1832 goto err;
1825 }
1826 1833
1827 /* 1834 /*
1828 * Convert the internal representations of contexts 1835 * Convert the internal representations of contexts
@@ -2101,9 +2108,9 @@ int security_get_user_sids(u32 fromsid,
2101 2108
2102 ebitmap_for_each_positive_bit(&user->roles, rnode, i) { 2109 ebitmap_for_each_positive_bit(&user->roles, rnode, i) {
2103 role = policydb.role_val_to_struct[i]; 2110 role = policydb.role_val_to_struct[i];
2104 usercon.role = i+1; 2111 usercon.role = i + 1;
2105 ebitmap_for_each_positive_bit(&role->types, tnode, j) { 2112 ebitmap_for_each_positive_bit(&role->types, tnode, j) {
2106 usercon.type = j+1; 2113 usercon.type = j + 1;
2107 2114
2108 if (mls_setup_user_range(fromcon, user, &usercon)) 2115 if (mls_setup_user_range(fromcon, user, &usercon))
2109 continue; 2116 continue;
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index fdfeaa2f28ec..0f2fc480fc61 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -19,7 +19,6 @@
19#include <linux/pagemap.h> 19#include <linux/pagemap.h>
20#include <linux/mount.h> 20#include <linux/mount.h>
21#include <linux/stat.h> 21#include <linux/stat.h>
22#include <linux/ext2_fs.h>
23#include <linux/kd.h> 22#include <linux/kd.h>
24#include <asm/ioctls.h> 23#include <asm/ioctls.h>
25#include <linux/ip.h> 24#include <linux/ip.h>
@@ -1119,15 +1118,6 @@ static int smack_cred_prepare(struct cred *new, const struct cred *old,
1119} 1118}
1120 1119
1121/** 1120/**
1122 * smack_cred_commit - commit new credentials
1123 * @new: the new credentials
1124 * @old: the original credentials
1125 */
1126static void smack_cred_commit(struct cred *new, const struct cred *old)
1127{
1128}
1129
1130/**
1131 * smack_cred_transfer - Transfer the old credentials to the new credentials 1121 * smack_cred_transfer - Transfer the old credentials to the new credentials
1132 * @new: the new credentials 1122 * @new: the new credentials
1133 * @old: the original credentials 1123 * @old: the original credentials
@@ -3121,7 +3111,6 @@ struct security_operations smack_ops = {
3121 .cred_alloc_blank = smack_cred_alloc_blank, 3111 .cred_alloc_blank = smack_cred_alloc_blank,
3122 .cred_free = smack_cred_free, 3112 .cred_free = smack_cred_free,
3123 .cred_prepare = smack_cred_prepare, 3113 .cred_prepare = smack_cred_prepare,
3124 .cred_commit = smack_cred_commit,
3125 .cred_transfer = smack_cred_transfer, 3114 .cred_transfer = smack_cred_transfer,
3126 .kernel_act_as = smack_kernel_act_as, 3115 .kernel_act_as = smack_kernel_act_as,
3127 .kernel_create_files_as = smack_kernel_create_files_as, 3116 .kernel_create_files_as = smack_kernel_create_files_as,
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 975c45d88baa..8f34036fd31c 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -874,17 +874,17 @@ bool tomoyo_domain_quota_is_ok(struct tomoyo_domain_info * const domain)
874static struct tomoyo_profile *tomoyo_find_or_assign_new_profile(const unsigned 874static struct tomoyo_profile *tomoyo_find_or_assign_new_profile(const unsigned
875 int profile) 875 int profile)
876{ 876{
877 static DEFINE_MUTEX(lock);
878 struct tomoyo_profile *ptr = NULL; 877 struct tomoyo_profile *ptr = NULL;
879 int i; 878 int i;
880 879
881 if (profile >= TOMOYO_MAX_PROFILES) 880 if (profile >= TOMOYO_MAX_PROFILES)
882 return NULL; 881 return NULL;
883 mutex_lock(&lock); 882 if (mutex_lock_interruptible(&tomoyo_policy_lock))
883 return NULL;
884 ptr = tomoyo_profile_ptr[profile]; 884 ptr = tomoyo_profile_ptr[profile];
885 if (ptr) 885 if (ptr)
886 goto ok; 886 goto ok;
887 ptr = kmalloc(sizeof(*ptr), GFP_KERNEL); 887 ptr = kmalloc(sizeof(*ptr), GFP_NOFS);
888 if (!tomoyo_memory_ok(ptr)) { 888 if (!tomoyo_memory_ok(ptr)) {
889 kfree(ptr); 889 kfree(ptr);
890 ptr = NULL; 890 ptr = NULL;
@@ -895,7 +895,7 @@ static struct tomoyo_profile *tomoyo_find_or_assign_new_profile(const unsigned
895 mb(); /* Avoid out-of-order execution. */ 895 mb(); /* Avoid out-of-order execution. */
896 tomoyo_profile_ptr[profile] = ptr; 896 tomoyo_profile_ptr[profile] = ptr;
897 ok: 897 ok:
898 mutex_unlock(&lock); 898 mutex_unlock(&tomoyo_policy_lock);
899 return ptr; 899 return ptr;
900} 900}
901 901
@@ -1089,8 +1089,9 @@ static int tomoyo_update_manager_entry(const char *manager,
1089 if (!saved_manager) 1089 if (!saved_manager)
1090 return -ENOMEM; 1090 return -ENOMEM;
1091 if (!is_delete) 1091 if (!is_delete)
1092 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 1092 entry = kmalloc(sizeof(*entry), GFP_NOFS);
1093 mutex_lock(&tomoyo_policy_lock); 1093 if (mutex_lock_interruptible(&tomoyo_policy_lock))
1094 goto out;
1094 list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) { 1095 list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) {
1095 if (ptr->manager != saved_manager) 1096 if (ptr->manager != saved_manager)
1096 continue; 1097 continue;
@@ -1107,6 +1108,7 @@ static int tomoyo_update_manager_entry(const char *manager,
1107 error = 0; 1108 error = 0;
1108 } 1109 }
1109 mutex_unlock(&tomoyo_policy_lock); 1110 mutex_unlock(&tomoyo_policy_lock);
1111 out:
1110 tomoyo_put_name(saved_manager); 1112 tomoyo_put_name(saved_manager);
1111 kfree(entry); 1113 kfree(entry);
1112 return error; 1114 return error;
@@ -1287,7 +1289,8 @@ static int tomoyo_delete_domain(char *domainname)
1287 1289
1288 name.name = domainname; 1290 name.name = domainname;
1289 tomoyo_fill_path_info(&name); 1291 tomoyo_fill_path_info(&name);
1290 mutex_lock(&tomoyo_policy_lock); 1292 if (mutex_lock_interruptible(&tomoyo_policy_lock))
1293 return 0;
1291 /* Is there an active domain? */ 1294 /* Is there an active domain? */
1292 list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { 1295 list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) {
1293 /* Never delete tomoyo_kernel_domain */ 1296 /* Never delete tomoyo_kernel_domain */
@@ -1369,7 +1372,6 @@ static bool tomoyo_print_path_acl(struct tomoyo_io_buffer *head,
1369{ 1372{
1370 int pos; 1373 int pos;
1371 u8 bit; 1374 u8 bit;
1372 const char *atmark = "";
1373 const char *filename; 1375 const char *filename;
1374 const u32 perm = ptr->perm | (((u32) ptr->perm_high) << 16); 1376 const u32 perm = ptr->perm | (((u32) ptr->perm_high) << 16);
1375 1377
@@ -1384,8 +1386,7 @@ static bool tomoyo_print_path_acl(struct tomoyo_io_buffer *head,
1384 continue; 1386 continue;
1385 msg = tomoyo_path2keyword(bit); 1387 msg = tomoyo_path2keyword(bit);
1386 pos = head->read_avail; 1388 pos = head->read_avail;
1387 if (!tomoyo_io_printf(head, "allow_%s %s%s\n", msg, 1389 if (!tomoyo_io_printf(head, "allow_%s %s\n", msg, filename))
1388 atmark, filename))
1389 goto out; 1390 goto out;
1390 } 1391 }
1391 head->read_bit = 0; 1392 head->read_bit = 0;
@@ -1408,8 +1409,6 @@ static bool tomoyo_print_path2_acl(struct tomoyo_io_buffer *head,
1408 struct tomoyo_path2_acl *ptr) 1409 struct tomoyo_path2_acl *ptr)
1409{ 1410{
1410 int pos; 1411 int pos;
1411 const char *atmark1 = "";
1412 const char *atmark2 = "";
1413 const char *filename1; 1412 const char *filename1;
1414 const char *filename2; 1413 const char *filename2;
1415 const u8 perm = ptr->perm; 1414 const u8 perm = ptr->perm;
@@ -1423,8 +1422,8 @@ static bool tomoyo_print_path2_acl(struct tomoyo_io_buffer *head,
1423 continue; 1422 continue;
1424 msg = tomoyo_path22keyword(bit); 1423 msg = tomoyo_path22keyword(bit);
1425 pos = head->read_avail; 1424 pos = head->read_avail;
1426 if (!tomoyo_io_printf(head, "allow_%s %s%s %s%s\n", msg, 1425 if (!tomoyo_io_printf(head, "allow_%s %s %s\n", msg,
1427 atmark1, filename1, atmark2, filename2)) 1426 filename1, filename2))
1428 goto out; 1427 goto out;
1429 } 1428 }
1430 head->read_bit = 0; 1429 head->read_bit = 0;
@@ -1886,7 +1885,7 @@ static int tomoyo_read_self_domain(struct tomoyo_io_buffer *head)
1886 */ 1885 */
1887static int tomoyo_open_control(const u8 type, struct file *file) 1886static int tomoyo_open_control(const u8 type, struct file *file)
1888{ 1887{
1889 struct tomoyo_io_buffer *head = kzalloc(sizeof(*head), GFP_KERNEL); 1888 struct tomoyo_io_buffer *head = kzalloc(sizeof(*head), GFP_NOFS);
1890 1889
1891 if (!head) 1890 if (!head)
1892 return -ENOMEM; 1891 return -ENOMEM;
@@ -1947,7 +1946,7 @@ static int tomoyo_open_control(const u8 type, struct file *file)
1947 } else { 1946 } else {
1948 if (!head->readbuf_size) 1947 if (!head->readbuf_size)
1949 head->readbuf_size = 4096 * 2; 1948 head->readbuf_size = 4096 * 2;
1950 head->read_buf = kzalloc(head->readbuf_size, GFP_KERNEL); 1949 head->read_buf = kzalloc(head->readbuf_size, GFP_NOFS);
1951 if (!head->read_buf) { 1950 if (!head->read_buf) {
1952 kfree(head); 1951 kfree(head);
1953 return -ENOMEM; 1952 return -ENOMEM;
@@ -1961,7 +1960,7 @@ static int tomoyo_open_control(const u8 type, struct file *file)
1961 head->write = NULL; 1960 head->write = NULL;
1962 } else if (head->write) { 1961 } else if (head->write) {
1963 head->writebuf_size = 4096 * 2; 1962 head->writebuf_size = 4096 * 2;
1964 head->write_buf = kzalloc(head->writebuf_size, GFP_KERNEL); 1963 head->write_buf = kzalloc(head->writebuf_size, GFP_NOFS);
1965 if (!head->write_buf) { 1964 if (!head->write_buf) {
1966 kfree(head->read_buf); 1965 kfree(head->read_buf);
1967 kfree(head); 1966 kfree(head);
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h
index 67bd22dd3e68..52c9502ed675 100644
--- a/security/tomoyo/common.h
+++ b/security/tomoyo/common.h
@@ -662,7 +662,6 @@ extern struct list_head tomoyo_pattern_list;
662extern struct list_head tomoyo_no_rewrite_list; 662extern struct list_head tomoyo_no_rewrite_list;
663extern struct list_head tomoyo_policy_manager_list; 663extern struct list_head tomoyo_policy_manager_list;
664extern struct list_head tomoyo_name_list[TOMOYO_MAX_HASH]; 664extern struct list_head tomoyo_name_list[TOMOYO_MAX_HASH];
665extern struct mutex tomoyo_name_list_lock;
666 665
667/* Lock for protecting policy. */ 666/* Lock for protecting policy. */
668extern struct mutex tomoyo_policy_lock; 667extern struct mutex tomoyo_policy_lock;
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index acb8c397d5cf..a1723bbcde0e 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -153,8 +153,9 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname,
153 if (!saved_program) 153 if (!saved_program)
154 goto out; 154 goto out;
155 if (!is_delete) 155 if (!is_delete)
156 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 156 entry = kmalloc(sizeof(*entry), GFP_NOFS);
157 mutex_lock(&tomoyo_policy_lock); 157 if (mutex_lock_interruptible(&tomoyo_policy_lock))
158 goto out;
158 list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) { 159 list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) {
159 if (ptr->is_not != is_not || 160 if (ptr->is_not != is_not ||
160 ptr->domainname != saved_domainname || 161 ptr->domainname != saved_domainname ||
@@ -373,8 +374,9 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname,
373 if (!saved_domainname) 374 if (!saved_domainname)
374 goto out; 375 goto out;
375 if (!is_delete) 376 if (!is_delete)
376 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 377 entry = kmalloc(sizeof(*entry), GFP_NOFS);
377 mutex_lock(&tomoyo_policy_lock); 378 if (mutex_lock_interruptible(&tomoyo_policy_lock))
379 goto out;
378 list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { 380 list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) {
379 if (ptr->is_not != is_not || 381 if (ptr->is_not != is_not ||
380 ptr->domainname != saved_domainname || 382 ptr->domainname != saved_domainname ||
@@ -565,8 +567,9 @@ static int tomoyo_update_alias_entry(const char *original_name,
565 if (!saved_original_name || !saved_aliased_name) 567 if (!saved_original_name || !saved_aliased_name)
566 goto out; 568 goto out;
567 if (!is_delete) 569 if (!is_delete)
568 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 570 entry = kmalloc(sizeof(*entry), GFP_NOFS);
569 mutex_lock(&tomoyo_policy_lock); 571 if (mutex_lock_interruptible(&tomoyo_policy_lock))
572 goto out;
570 list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { 573 list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) {
571 if (ptr->original_name != saved_original_name || 574 if (ptr->original_name != saved_original_name ||
572 ptr->aliased_name != saved_aliased_name) 575 ptr->aliased_name != saved_aliased_name)
@@ -656,7 +659,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
656 const u8 profile) 659 const u8 profile)
657{ 660{
658 struct tomoyo_domain_info *entry; 661 struct tomoyo_domain_info *entry;
659 struct tomoyo_domain_info *domain; 662 struct tomoyo_domain_info *domain = NULL;
660 const struct tomoyo_path_info *saved_domainname; 663 const struct tomoyo_path_info *saved_domainname;
661 bool found = false; 664 bool found = false;
662 665
@@ -665,8 +668,9 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
665 saved_domainname = tomoyo_get_name(domainname); 668 saved_domainname = tomoyo_get_name(domainname);
666 if (!saved_domainname) 669 if (!saved_domainname)
667 return NULL; 670 return NULL;
668 entry = kzalloc(sizeof(*entry), GFP_KERNEL); 671 entry = kzalloc(sizeof(*entry), GFP_NOFS);
669 mutex_lock(&tomoyo_policy_lock); 672 if (mutex_lock_interruptible(&tomoyo_policy_lock))
673 goto out;
670 list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { 674 list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) {
671 if (domain->is_deleted || 675 if (domain->is_deleted ||
672 tomoyo_pathcmp(saved_domainname, domain->domainname)) 676 tomoyo_pathcmp(saved_domainname, domain->domainname))
@@ -685,6 +689,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
685 found = true; 689 found = true;
686 } 690 }
687 mutex_unlock(&tomoyo_policy_lock); 691 mutex_unlock(&tomoyo_policy_lock);
692 out:
688 tomoyo_put_name(saved_domainname); 693 tomoyo_put_name(saved_domainname);
689 kfree(entry); 694 kfree(entry);
690 return found ? domain : NULL; 695 return found ? domain : NULL;
@@ -705,7 +710,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
705 * This function assumes that the size of buffer returned by 710 * This function assumes that the size of buffer returned by
706 * tomoyo_realpath() = TOMOYO_MAX_PATHNAME_LEN. 711 * tomoyo_realpath() = TOMOYO_MAX_PATHNAME_LEN.
707 */ 712 */
708 struct tomoyo_page_buffer *tmp = kzalloc(sizeof(*tmp), GFP_KERNEL); 713 struct tomoyo_page_buffer *tmp = kzalloc(sizeof(*tmp), GFP_NOFS);
709 struct tomoyo_domain_info *old_domain = tomoyo_domain(); 714 struct tomoyo_domain_info *old_domain = tomoyo_domain();
710 struct tomoyo_domain_info *domain = NULL; 715 struct tomoyo_domain_info *domain = NULL;
711 const char *old_domain_name = old_domain->domainname->name; 716 const char *old_domain_name = old_domain->domainname->name;
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c
index 6f3fe76a1fde..060bbf3870ce 100644
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -100,7 +100,7 @@ static struct tomoyo_path_info *tomoyo_get_path(struct path *path)
100{ 100{
101 int error; 101 int error;
102 struct tomoyo_path_info_with_data *buf = kzalloc(sizeof(*buf), 102 struct tomoyo_path_info_with_data *buf = kzalloc(sizeof(*buf),
103 GFP_KERNEL); 103 GFP_NOFS);
104 104
105 if (!buf) 105 if (!buf)
106 return NULL; 106 return NULL;
@@ -175,8 +175,9 @@ static int tomoyo_update_globally_readable_entry(const char *filename,
175 if (!saved_filename) 175 if (!saved_filename)
176 return -ENOMEM; 176 return -ENOMEM;
177 if (!is_delete) 177 if (!is_delete)
178 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 178 entry = kmalloc(sizeof(*entry), GFP_NOFS);
179 mutex_lock(&tomoyo_policy_lock); 179 if (mutex_lock_interruptible(&tomoyo_policy_lock))
180 goto out;
180 list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) { 181 list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) {
181 if (ptr->filename != saved_filename) 182 if (ptr->filename != saved_filename)
182 continue; 183 continue;
@@ -192,6 +193,7 @@ static int tomoyo_update_globally_readable_entry(const char *filename,
192 error = 0; 193 error = 0;
193 } 194 }
194 mutex_unlock(&tomoyo_policy_lock); 195 mutex_unlock(&tomoyo_policy_lock);
196 out:
195 tomoyo_put_name(saved_filename); 197 tomoyo_put_name(saved_filename);
196 kfree(entry); 198 kfree(entry);
197 return error; 199 return error;
@@ -322,8 +324,9 @@ static int tomoyo_update_file_pattern_entry(const char *pattern,
322 if (!saved_pattern->is_patterned) 324 if (!saved_pattern->is_patterned)
323 goto out; 325 goto out;
324 if (!is_delete) 326 if (!is_delete)
325 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 327 entry = kmalloc(sizeof(*entry), GFP_NOFS);
326 mutex_lock(&tomoyo_policy_lock); 328 if (mutex_lock_interruptible(&tomoyo_policy_lock))
329 goto out;
327 list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) { 330 list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) {
328 if (saved_pattern != ptr->pattern) 331 if (saved_pattern != ptr->pattern)
329 continue; 332 continue;
@@ -475,8 +478,9 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern,
475 if (!saved_pattern) 478 if (!saved_pattern)
476 return error; 479 return error;
477 if (!is_delete) 480 if (!is_delete)
478 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 481 entry = kmalloc(sizeof(*entry), GFP_NOFS);
479 mutex_lock(&tomoyo_policy_lock); 482 if (mutex_lock_interruptible(&tomoyo_policy_lock))
483 goto out;
480 list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) { 484 list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) {
481 if (ptr->pattern != saved_pattern) 485 if (ptr->pattern != saved_pattern)
482 continue; 486 continue;
@@ -492,6 +496,7 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern,
492 error = 0; 496 error = 0;
493 } 497 }
494 mutex_unlock(&tomoyo_policy_lock); 498 mutex_unlock(&tomoyo_policy_lock);
499 out:
495 tomoyo_put_name(saved_pattern); 500 tomoyo_put_name(saved_pattern);
496 kfree(entry); 501 kfree(entry);
497 return error; 502 return error;
@@ -821,8 +826,9 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename,
821 if (!saved_filename) 826 if (!saved_filename)
822 return -ENOMEM; 827 return -ENOMEM;
823 if (!is_delete) 828 if (!is_delete)
824 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 829 entry = kmalloc(sizeof(*entry), GFP_NOFS);
825 mutex_lock(&tomoyo_policy_lock); 830 if (mutex_lock_interruptible(&tomoyo_policy_lock))
831 goto out;
826 list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { 832 list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) {
827 struct tomoyo_path_acl *acl = 833 struct tomoyo_path_acl *acl =
828 container_of(ptr, struct tomoyo_path_acl, head); 834 container_of(ptr, struct tomoyo_path_acl, head);
@@ -867,6 +873,7 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename,
867 error = 0; 873 error = 0;
868 } 874 }
869 mutex_unlock(&tomoyo_policy_lock); 875 mutex_unlock(&tomoyo_policy_lock);
876 out:
870 kfree(entry); 877 kfree(entry);
871 tomoyo_put_name(saved_filename); 878 tomoyo_put_name(saved_filename);
872 return error; 879 return error;
@@ -907,8 +914,9 @@ static int tomoyo_update_path2_acl(const u8 type, const char *filename1,
907 if (!saved_filename1 || !saved_filename2) 914 if (!saved_filename1 || !saved_filename2)
908 goto out; 915 goto out;
909 if (!is_delete) 916 if (!is_delete)
910 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 917 entry = kmalloc(sizeof(*entry), GFP_NOFS);
911 mutex_lock(&tomoyo_policy_lock); 918 if (mutex_lock_interruptible(&tomoyo_policy_lock))
919 goto out;
912 list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { 920 list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) {
913 struct tomoyo_path2_acl *acl = 921 struct tomoyo_path2_acl *acl =
914 container_of(ptr, struct tomoyo_path2_acl, head); 922 container_of(ptr, struct tomoyo_path2_acl, head);
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c
index d9ad35bc7fa8..245bf422e3a5 100644
--- a/security/tomoyo/gc.c
+++ b/security/tomoyo/gc.c
@@ -151,7 +151,8 @@ static void tomoyo_del_name(const struct tomoyo_name_entry *ptr)
151 151
152static void tomoyo_collect_entry(void) 152static void tomoyo_collect_entry(void)
153{ 153{
154 mutex_lock(&tomoyo_policy_lock); 154 if (mutex_lock_interruptible(&tomoyo_policy_lock))
155 return;
155 { 156 {
156 struct tomoyo_globally_readable_file_entry *ptr; 157 struct tomoyo_globally_readable_file_entry *ptr;
157 list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, 158 list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list,
@@ -275,8 +276,6 @@ static void tomoyo_collect_entry(void)
275 break; 276 break;
276 } 277 }
277 } 278 }
278 mutex_unlock(&tomoyo_policy_lock);
279 mutex_lock(&tomoyo_name_list_lock);
280 { 279 {
281 int i; 280 int i;
282 for (i = 0; i < TOMOYO_MAX_HASH; i++) { 281 for (i = 0; i < TOMOYO_MAX_HASH; i++) {
@@ -294,7 +293,7 @@ static void tomoyo_collect_entry(void)
294 } 293 }
295 } 294 }
296 } 295 }
297 mutex_unlock(&tomoyo_name_list_lock); 296 mutex_unlock(&tomoyo_policy_lock);
298} 297}
299 298
300static void tomoyo_kfree_entry(void) 299static void tomoyo_kfree_entry(void)
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index c225c65ce426..62062a68525a 100644
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -139,7 +139,7 @@ int tomoyo_realpath_from_path2(struct path *path, char *newname,
139 */ 139 */
140char *tomoyo_realpath_from_path(struct path *path) 140char *tomoyo_realpath_from_path(struct path *path)
141{ 141{
142 char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_KERNEL); 142 char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_NOFS);
143 143
144 BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer) 144 BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer)
145 <= TOMOYO_MAX_PATHNAME_LEN - 1); 145 <= TOMOYO_MAX_PATHNAME_LEN - 1);
@@ -240,8 +240,6 @@ void tomoyo_memory_free(void *ptr)
240 * "const struct tomoyo_path_info *". 240 * "const struct tomoyo_path_info *".
241 */ 241 */
242struct list_head tomoyo_name_list[TOMOYO_MAX_HASH]; 242struct list_head tomoyo_name_list[TOMOYO_MAX_HASH];
243/* Lock for protecting tomoyo_name_list . */
244DEFINE_MUTEX(tomoyo_name_list_lock);
245 243
246/** 244/**
247 * tomoyo_get_name - Allocate permanent memory for string data. 245 * tomoyo_get_name - Allocate permanent memory for string data.
@@ -263,14 +261,15 @@ const struct tomoyo_path_info *tomoyo_get_name(const char *name)
263 len = strlen(name) + 1; 261 len = strlen(name) + 1;
264 hash = full_name_hash((const unsigned char *) name, len - 1); 262 hash = full_name_hash((const unsigned char *) name, len - 1);
265 head = &tomoyo_name_list[hash_long(hash, TOMOYO_HASH_BITS)]; 263 head = &tomoyo_name_list[hash_long(hash, TOMOYO_HASH_BITS)];
266 mutex_lock(&tomoyo_name_list_lock); 264 if (mutex_lock_interruptible(&tomoyo_policy_lock))
265 return NULL;
267 list_for_each_entry(ptr, head, list) { 266 list_for_each_entry(ptr, head, list) {
268 if (hash != ptr->entry.hash || strcmp(name, ptr->entry.name)) 267 if (hash != ptr->entry.hash || strcmp(name, ptr->entry.name))
269 continue; 268 continue;
270 atomic_inc(&ptr->users); 269 atomic_inc(&ptr->users);
271 goto out; 270 goto out;
272 } 271 }
273 ptr = kzalloc(sizeof(*ptr) + len, GFP_KERNEL); 272 ptr = kzalloc(sizeof(*ptr) + len, GFP_NOFS);
274 allocated_len = ptr ? ksize(ptr) : 0; 273 allocated_len = ptr ? ksize(ptr) : 0;
275 if (!ptr || (tomoyo_quota_for_policy && 274 if (!ptr || (tomoyo_quota_for_policy &&
276 atomic_read(&tomoyo_policy_memory_size) + allocated_len 275 atomic_read(&tomoyo_policy_memory_size) + allocated_len
@@ -290,7 +289,7 @@ const struct tomoyo_path_info *tomoyo_get_name(const char *name)
290 tomoyo_fill_path_info(&ptr->entry); 289 tomoyo_fill_path_info(&ptr->entry);
291 list_add_tail(&ptr->list, head); 290 list_add_tail(&ptr->list, head);
292 out: 291 out:
293 mutex_unlock(&tomoyo_name_list_lock); 292 mutex_unlock(&tomoyo_policy_lock);
294 return ptr ? &ptr->entry : NULL; 293 return ptr ? &ptr->entry : NULL;
295} 294}
296 295
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-12 21:00:36 -0500