summaryrefslogtreecommitdiffstats
path: root/security/tomoyo/domain.c
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2010-01-05 06:39:37 +0900
committerJames Morris <jmorris@namei.org>2010-01-11 09:27:40 +1100
commitcd7bec6ad80188394a8ea857ff1aa3512fc2282a (patch)
tree598e7d59c29966e0d8fa8abf24eb51bbb2f567a6 /security/tomoyo/domain.c
parente41035a996356c257183e53a70abfb46fa84908b (diff)
downloadlinux-cd7bec6ad80188394a8ea857ff1aa3512fc2282a.tar.gz
linux-cd7bec6ad80188394a8ea857ff1aa3512fc2282a.tar.bz2
linux-cd7bec6ad80188394a8ea857ff1aa3512fc2282a.zip
TOMOYO: Remove memory pool for list elements.
Currently, TOMOYO allocates memory for list elements from memory pool allocated by kmalloc(PAGE_SIZE). But that makes it difficult to kfree() when garbage collector is added. Thus, remove memory pool and use kmalloc(sizeof()). Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/domain.c')
-rw-r--r--security/tomoyo/domain.c58
1 files changed, 19 insertions, 39 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index 7d0b0bc48201..a55a1cced58e 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -245,6 +245,7 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname,
saved_program = tomoyo_save_name(program);
if (!saved_program)
return -ENOMEM;
+ new_entry = kmalloc(sizeof(*new_entry), GFP_KERNEL);
mutex_lock(&tomoyo_policy_lock);
list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) {
if (ptr->is_not != is_not ||
@@ -259,17 +260,18 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname,
error = -ENOENT;
goto out;
}
- new_entry = tomoyo_alloc_element(sizeof(*new_entry));
- if (!new_entry)
+ if (!tomoyo_memory_ok(new_entry))
goto out;
new_entry->domainname = saved_domainname;
new_entry->program = saved_program;
new_entry->is_not = is_not;
new_entry->is_last_name = is_last_name;
list_add_tail_rcu(&new_entry->list, &tomoyo_domain_initializer_list);
+ new_entry = NULL;
error = 0;
out:
mutex_unlock(&tomoyo_policy_lock);
+ kfree(new_entry);
return error;
}
@@ -461,6 +463,7 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname,
saved_domainname = tomoyo_save_name(domainname);
if (!saved_domainname)
return -ENOMEM;
+ new_entry = kmalloc(sizeof(*new_entry), GFP_KERNEL);
mutex_lock(&tomoyo_policy_lock);
list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) {
if (ptr->is_not != is_not ||
@@ -475,17 +478,18 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname,
error = -ENOENT;
goto out;
}
- new_entry = tomoyo_alloc_element(sizeof(*new_entry));
- if (!new_entry)
+ if (!tomoyo_memory_ok(new_entry))
goto out;
new_entry->domainname = saved_domainname;
new_entry->program = saved_program;
new_entry->is_not = is_not;
new_entry->is_last_name = is_last_name;
list_add_tail_rcu(&new_entry->list, &tomoyo_domain_keeper_list);
+ new_entry = NULL;
error = 0;
out:
mutex_unlock(&tomoyo_policy_lock);
+ kfree(new_entry);
return error;
}
@@ -650,6 +654,7 @@ static int tomoyo_update_alias_entry(const char *original_name,
saved_aliased_name = tomoyo_save_name(aliased_name);
if (!saved_original_name || !saved_aliased_name)
return -ENOMEM;
+ new_entry = kmalloc(sizeof(*new_entry), GFP_KERNEL);
mutex_lock(&tomoyo_policy_lock);
list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) {
if (ptr->original_name != saved_original_name ||
@@ -663,15 +668,16 @@ static int tomoyo_update_alias_entry(const char *original_name,
error = -ENOENT;
goto out;
}
- new_entry = tomoyo_alloc_element(sizeof(*new_entry));
- if (!new_entry)
+ if (!tomoyo_memory_ok(new_entry))
goto out;
new_entry->original_name = saved_original_name;
new_entry->aliased_name = saved_aliased_name;
list_add_tail_rcu(&new_entry->list, &tomoyo_alias_list);
+ new_entry = NULL;
error = 0;
out:
mutex_unlock(&tomoyo_policy_lock);
+ kfree(new_entry);
return error;
}
@@ -738,7 +744,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
domainname,
const u8 profile)
{
- struct tomoyo_domain_info *domain = NULL;
+ struct tomoyo_domain_info *domain;
const struct tomoyo_path_info *saved_domainname;
mutex_lock(&tomoyo_policy_lock);
@@ -750,43 +756,17 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
saved_domainname = tomoyo_save_name(domainname);
if (!saved_domainname)
goto out;
- /* Can I reuse memory of deleted domain? */
- list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) {
- struct task_struct *p;
- struct tomoyo_acl_info *ptr;
- bool flag;
- if (!domain->is_deleted ||
- domain->domainname != saved_domainname)
- continue;
- flag = false;
- read_lock(&tasklist_lock);
- for_each_process(p) {
- if (tomoyo_real_domain(p) != domain)
- continue;
- flag = true;
- break;
- }
- read_unlock(&tasklist_lock);
- if (flag)
- continue;
- list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) {
- ptr->type |= TOMOYO_ACL_DELETED;
- }
- tomoyo_set_domain_flag(domain, true, domain->flags);
- domain->profile = profile;
- domain->quota_warned = false;
- mb(); /* Avoid out-of-order execution. */
- domain->is_deleted = false;
- goto out;
- }
- /* No memory reusable. Create using new memory. */
- domain = tomoyo_alloc_element(sizeof(*domain));
- if (domain) {
+ domain = kmalloc(sizeof(*domain), GFP_KERNEL);
+ if (tomoyo_memory_ok(domain)) {
INIT_LIST_HEAD(&domain->acl_info_list);
domain->domainname = saved_domainname;
domain->profile = profile;
list_add_tail_rcu(&domain->list, &tomoyo_domain_list);
+ } else {
+ kfree(domain);
+ domain = NULL;
}
+
out:
mutex_unlock(&tomoyo_policy_lock);
return domain;