diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-01-05 06:39:37 +0900 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-01-11 09:27:40 +1100 |
commit | cd7bec6ad80188394a8ea857ff1aa3512fc2282a (patch) | |
tree | 598e7d59c29966e0d8fa8abf24eb51bbb2f567a6 /security/tomoyo/domain.c | |
parent | e41035a996356c257183e53a70abfb46fa84908b (diff) | |
download | linux-cd7bec6ad80188394a8ea857ff1aa3512fc2282a.tar.gz linux-cd7bec6ad80188394a8ea857ff1aa3512fc2282a.tar.bz2 linux-cd7bec6ad80188394a8ea857ff1aa3512fc2282a.zip |
TOMOYO: Remove memory pool for list elements.
Currently, TOMOYO allocates memory for list elements from memory pool allocated
by kmalloc(PAGE_SIZE). But that makes it difficult to kfree() when garbage
collector is added. Thus, remove memory pool and use kmalloc(sizeof()).
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/domain.c')
-rw-r--r-- | security/tomoyo/domain.c | 58 |
1 files changed, 19 insertions, 39 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index 7d0b0bc48201..a55a1cced58e 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c @@ -245,6 +245,7 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, saved_program = tomoyo_save_name(program); if (!saved_program) return -ENOMEM; + new_entry = kmalloc(sizeof(*new_entry), GFP_KERNEL); mutex_lock(&tomoyo_policy_lock); list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) { if (ptr->is_not != is_not || @@ -259,17 +260,18 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, error = -ENOENT; goto out; } - new_entry = tomoyo_alloc_element(sizeof(*new_entry)); - if (!new_entry) + if (!tomoyo_memory_ok(new_entry)) goto out; new_entry->domainname = saved_domainname; new_entry->program = saved_program; new_entry->is_not = is_not; new_entry->is_last_name = is_last_name; list_add_tail_rcu(&new_entry->list, &tomoyo_domain_initializer_list); + new_entry = NULL; error = 0; out: mutex_unlock(&tomoyo_policy_lock); + kfree(new_entry); return error; } @@ -461,6 +463,7 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, saved_domainname = tomoyo_save_name(domainname); if (!saved_domainname) return -ENOMEM; + new_entry = kmalloc(sizeof(*new_entry), GFP_KERNEL); mutex_lock(&tomoyo_policy_lock); list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { if (ptr->is_not != is_not || @@ -475,17 +478,18 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, error = -ENOENT; goto out; } - new_entry = tomoyo_alloc_element(sizeof(*new_entry)); - if (!new_entry) + if (!tomoyo_memory_ok(new_entry)) goto out; new_entry->domainname = saved_domainname; new_entry->program = saved_program; new_entry->is_not = is_not; new_entry->is_last_name = is_last_name; list_add_tail_rcu(&new_entry->list, &tomoyo_domain_keeper_list); + new_entry = NULL; error = 0; out: mutex_unlock(&tomoyo_policy_lock); + kfree(new_entry); return error; } @@ -650,6 +654,7 @@ static int tomoyo_update_alias_entry(const char *original_name, saved_aliased_name = tomoyo_save_name(aliased_name); if (!saved_original_name || !saved_aliased_name) return -ENOMEM; + new_entry = kmalloc(sizeof(*new_entry), GFP_KERNEL); mutex_lock(&tomoyo_policy_lock); list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { if (ptr->original_name != saved_original_name || @@ -663,15 +668,16 @@ static int tomoyo_update_alias_entry(const char *original_name, error = -ENOENT; goto out; } - new_entry = tomoyo_alloc_element(sizeof(*new_entry)); - if (!new_entry) + if (!tomoyo_memory_ok(new_entry)) goto out; new_entry->original_name = saved_original_name; new_entry->aliased_name = saved_aliased_name; list_add_tail_rcu(&new_entry->list, &tomoyo_alias_list); + new_entry = NULL; error = 0; out: mutex_unlock(&tomoyo_policy_lock); + kfree(new_entry); return error; } @@ -738,7 +744,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * domainname, const u8 profile) { - struct tomoyo_domain_info *domain = NULL; + struct tomoyo_domain_info *domain; const struct tomoyo_path_info *saved_domainname; mutex_lock(&tomoyo_policy_lock); @@ -750,43 +756,17 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * saved_domainname = tomoyo_save_name(domainname); if (!saved_domainname) goto out; - /* Can I reuse memory of deleted domain? */ - list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { - struct task_struct *p; - struct tomoyo_acl_info *ptr; - bool flag; - if (!domain->is_deleted || - domain->domainname != saved_domainname) - continue; - flag = false; - read_lock(&tasklist_lock); - for_each_process(p) { - if (tomoyo_real_domain(p) != domain) - continue; - flag = true; - break; - } - read_unlock(&tasklist_lock); - if (flag) - continue; - list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { - ptr->type |= TOMOYO_ACL_DELETED; - } - tomoyo_set_domain_flag(domain, true, domain->flags); - domain->profile = profile; - domain->quota_warned = false; - mb(); /* Avoid out-of-order execution. */ - domain->is_deleted = false; - goto out; - } - /* No memory reusable. Create using new memory. */ - domain = tomoyo_alloc_element(sizeof(*domain)); - if (domain) { + domain = kmalloc(sizeof(*domain), GFP_KERNEL); + if (tomoyo_memory_ok(domain)) { INIT_LIST_HEAD(&domain->acl_info_list); domain->domainname = saved_domainname; domain->profile = profile; list_add_tail_rcu(&domain->list, &tomoyo_domain_list); + } else { + kfree(domain); + domain = NULL; } + out: mutex_unlock(&tomoyo_policy_lock); return domain; |