summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorDmitry Vyukov <dvyukov@google.com>2021-12-14 10:45:26 +0100
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2022-01-05 12:42:32 +0100
commit3fe6a63b5dbdc0864f01d3171046af03d34ee747 (patch)
treecc1e963cc43d2dce6b8df36edeebe1ca3971ad40 /security
parente97d5549f842dafb7d212e4269574efddc596d1a (diff)
downloadlinux-stable-3fe6a63b5dbdc0864f01d3171046af03d34ee747.tar.gz
linux-stable-3fe6a63b5dbdc0864f01d3171046af03d34ee747.tar.bz2
linux-stable-3fe6a63b5dbdc0864f01d3171046af03d34ee747.zip
tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
[ Upstream commit 04e57a2d952bbd34bc45744e72be3eecdc344294 ] If tomoyo is used in a testing/fuzzing environment in learning mode, for lots of domains the quota will be exceeded and stay exceeded for prolonged periods of time. In such cases it's pointless (and slow) to walk the whole acl list again and again just to rediscover that the quota is exceeded. We already have the TOMOYO_DIF_QUOTA_WARNED flag that notes the overflow condition. Check it early to avoid the slowdown. [penguin-kernel] This patch causes a user visible change that the learning mode will not be automatically resumed after the quota is increased. To resume the learning mode, administrator will need to explicitly clear TOMOYO_DIF_QUOTA_WARNED flag after increasing the quota. But I think that this change is generally preferable, for administrator likely wants to optimize the acl list for that domain before increasing the quota, or that domain likely hits the quota again. Therefore, don't try to care to clear TOMOYO_DIF_QUOTA_WARNED flag automatically when the quota for that domain changed. Signed-off-by: Dmitry Vyukov <dvyukov@google.com> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'security')
-rw-r--r--security/tomoyo/util.c14
1 files changed, 7 insertions, 7 deletions
diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c
index 1da2e3722b12..af8cd2af3466 100644
--- a/security/tomoyo/util.c
+++ b/security/tomoyo/util.c
@@ -1051,6 +1051,8 @@ bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r)
return false;
if (!domain)
return true;
+ if (READ_ONCE(domain->flags[TOMOYO_DIF_QUOTA_WARNED]))
+ return false;
list_for_each_entry_rcu(ptr, &domain->acl_info_list, list,
srcu_read_lock_held(&tomoyo_ss)) {
u16 perm;
@@ -1096,14 +1098,12 @@ bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r)
if (count < tomoyo_profile(domain->ns, domain->profile)->
pref[TOMOYO_PREF_MAX_LEARNING_ENTRY])
return true;
- if (!domain->flags[TOMOYO_DIF_QUOTA_WARNED]) {
- domain->flags[TOMOYO_DIF_QUOTA_WARNED] = true;
- /* r->granted = false; */
- tomoyo_write_log(r, "%s", tomoyo_dif[TOMOYO_DIF_QUOTA_WARNED]);
+ WRITE_ONCE(domain->flags[TOMOYO_DIF_QUOTA_WARNED], true);
+ /* r->granted = false; */
+ tomoyo_write_log(r, "%s", tomoyo_dif[TOMOYO_DIF_QUOTA_WARNED]);
#ifndef CONFIG_SECURITY_TOMOYO_INSECURE_BUILTIN_SETTING
- pr_warn("WARNING: Domain '%s' has too many ACLs to hold. Stopped learning mode.\n",
- domain->domainname->name);
+ pr_warn("WARNING: Domain '%s' has too many ACLs to hold. Stopped learning mode.\n",
+ domain->domainname->name);
#endif
- }
return false;
}