summaryrefslogtreecommitdiffstats
path: root/security/tomoyo
diff options
context:
space:
mode:
Diffstat (limited to 'security/tomoyo')
-rw-r--r--security/tomoyo/common.c22
-rw-r--r--security/tomoyo/common.h2
-rw-r--r--security/tomoyo/domain.c8
-rw-r--r--security/tomoyo/file.c15
-rw-r--r--security/tomoyo/realpath.c45
-rw-r--r--security/tomoyo/realpath.h8
6 files changed, 29 insertions, 71 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index e331e699cf5..ef6622300a8 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -750,7 +750,7 @@ bool tomoyo_io_printf(struct tomoyo_io_buffer *head, const char *fmt, ...)
*
* Returns the tomoyo_realpath() of current process on success, NULL otherwise.
*
- * This function uses tomoyo_alloc(), so the caller must call tomoyo_free()
+ * This function uses kzalloc(), so the caller must call kfree()
* if this function didn't return NULL.
*/
static const char *tomoyo_get_exe(void)
@@ -1248,7 +1248,7 @@ static bool tomoyo_is_policy_manager(void)
last_pid = pid;
}
}
- tomoyo_free(exe);
+ kfree(exe);
return found;
}
@@ -1931,7 +1931,7 @@ static int tomoyo_read_self_domain(struct tomoyo_io_buffer *head)
*/
static int tomoyo_open_control(const u8 type, struct file *file)
{
- struct tomoyo_io_buffer *head = tomoyo_alloc(sizeof(*head));
+ struct tomoyo_io_buffer *head = kzalloc(sizeof(*head), GFP_KERNEL);
if (!head)
return -ENOMEM;
@@ -1992,9 +1992,9 @@ static int tomoyo_open_control(const u8 type, struct file *file)
} else {
if (!head->readbuf_size)
head->readbuf_size = 4096 * 2;
- head->read_buf = tomoyo_alloc(head->readbuf_size);
+ head->read_buf = kzalloc(head->readbuf_size, GFP_KERNEL);
if (!head->read_buf) {
- tomoyo_free(head);
+ kfree(head);
return -ENOMEM;
}
}
@@ -2006,10 +2006,10 @@ static int tomoyo_open_control(const u8 type, struct file *file)
head->write = NULL;
} else if (head->write) {
head->writebuf_size = 4096 * 2;
- head->write_buf = tomoyo_alloc(head->writebuf_size);
+ head->write_buf = kzalloc(head->writebuf_size, GFP_KERNEL);
if (!head->write_buf) {
- tomoyo_free(head->read_buf);
- tomoyo_free(head);
+ kfree(head->read_buf);
+ kfree(head);
return -ENOMEM;
}
}
@@ -2141,11 +2141,11 @@ static int tomoyo_close_control(struct file *file)
tomoyo_read_unlock(head->reader_idx);
/* Release memory used for policy I/O. */
- tomoyo_free(head->read_buf);
+ kfree(head->read_buf);
head->read_buf = NULL;
- tomoyo_free(head->write_buf);
+ kfree(head->write_buf);
head->write_buf = NULL;
- tomoyo_free(head);
+ kfree(head);
head = NULL;
file->private_data = NULL;
return 0;
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h
index 610a6a05682..8b59ec8fe11 100644
--- a/security/tomoyo/common.h
+++ b/security/tomoyo/common.h
@@ -89,7 +89,7 @@ struct tomoyo_path_info {
* "struct tomoyo_path_info_with_data".
*/
struct tomoyo_path_info_with_data {
- /* Keep "head" first, for this pointer is passed to tomoyo_free(). */
+ /* Keep "head" first, for this pointer is passed to kfree(). */
struct tomoyo_path_info head;
char barrier1[16]; /* Safeguard for overrun. */
char body[TOMOYO_MAX_PATHNAME_LEN];
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index a55a1cced58..34843971cc6 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -787,7 +787,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
* This function assumes that the size of buffer returned by
* tomoyo_realpath() = TOMOYO_MAX_PATHNAME_LEN.
*/
- struct tomoyo_page_buffer *tmp = tomoyo_alloc(sizeof(*tmp));
+ struct tomoyo_page_buffer *tmp = kzalloc(sizeof(*tmp), GFP_KERNEL);
struct tomoyo_domain_info *old_domain = tomoyo_domain();
struct tomoyo_domain_info *domain = NULL;
const char *old_domain_name = old_domain->domainname->name;
@@ -902,8 +902,8 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
if (!domain)
domain = old_domain;
bprm->cred->security = domain;
- tomoyo_free(real_program_name);
- tomoyo_free(symlink_program_name);
- tomoyo_free(tmp);
+ kfree(real_program_name);
+ kfree(symlink_program_name);
+ kfree(tmp);
return retval;
}
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c
index cfcb096ee97..24af081f1af 100644
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -150,7 +150,8 @@ static bool tomoyo_strendswith(const char *name, const char *tail)
static struct tomoyo_path_info *tomoyo_get_path(struct path *path)
{
int error;
- struct tomoyo_path_info_with_data *buf = tomoyo_alloc(sizeof(*buf));
+ struct tomoyo_path_info_with_data *buf = kzalloc(sizeof(*buf),
+ GFP_KERNEL);
if (!buf)
return NULL;
@@ -162,7 +163,7 @@ static struct tomoyo_path_info *tomoyo_get_path(struct path *path)
tomoyo_fill_path_info(&buf->head);
return &buf->head;
}
- tomoyo_free(buf);
+ kfree(buf);
return NULL;
}
@@ -1227,7 +1228,7 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
TOMOYO_TYPE_TRUNCATE_ACL,
buf, mode);
out:
- tomoyo_free(buf);
+ kfree(buf);
tomoyo_read_unlock(idx);
if (!is_enforce)
error = 0;
@@ -1273,7 +1274,7 @@ int tomoyo_check_1path_perm(struct tomoyo_domain_info *domain,
error = tomoyo_check_single_path_permission2(domain, operation, buf,
mode);
out:
- tomoyo_free(buf);
+ kfree(buf);
tomoyo_read_unlock(idx);
if (!is_enforce)
error = 0;
@@ -1312,7 +1313,7 @@ int tomoyo_check_rewrite_permission(struct tomoyo_domain_info *domain,
TOMOYO_TYPE_REWRITE_ACL,
buf, mode);
out:
- tomoyo_free(buf);
+ kfree(buf);
tomoyo_read_unlock(idx);
if (!is_enforce)
error = 0;
@@ -1379,8 +1380,8 @@ int tomoyo_check_2path_perm(struct tomoyo_domain_info * const domain,
false);
}
out:
- tomoyo_free(buf1);
- tomoyo_free(buf2);
+ kfree(buf1);
+ kfree(buf2);
tomoyo_read_unlock(idx);
if (!is_enforce)
error = 0;
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index 54226d5be49..92460c7ded6 100644
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -150,12 +150,12 @@ int tomoyo_realpath_from_path2(struct path *path, char *newname,
*
* Returns the realpath of the given @path on success, NULL otherwise.
*
- * These functions use tomoyo_alloc(), so the caller must call tomoyo_free()
+ * These functions use kzalloc(), so the caller must call kfree()
* if these functions didn't return NULL.
*/
char *tomoyo_realpath_from_path(struct path *path)
{
- char *buf = tomoyo_alloc(sizeof(struct tomoyo_page_buffer));
+ char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_KERNEL);
BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer)
<= TOMOYO_MAX_PATHNAME_LEN - 1);
@@ -164,7 +164,7 @@ char *tomoyo_realpath_from_path(struct path *path)
if (tomoyo_realpath_from_path2(path, buf,
TOMOYO_MAX_PATHNAME_LEN - 1) == 0)
return buf;
- tomoyo_free(buf);
+ kfree(buf);
return NULL;
}
@@ -346,39 +346,6 @@ void __init tomoyo_realpath_init(void)
panic("Can't register tomoyo_kernel_domain");
}
-/* Memory allocated for temporary purpose. */
-static atomic_t tomoyo_dynamic_memory_size;
-
-/**
- * tomoyo_alloc - Allocate memory for temporary purpose.
- *
- * @size: Size in bytes.
- *
- * Returns pointer to allocated memory on success, NULL otherwise.
- */
-void *tomoyo_alloc(const size_t size)
-{
- void *p = kzalloc(size, GFP_KERNEL);
- if (p)
- atomic_add(ksize(p), &tomoyo_dynamic_memory_size);
- return p;
-}
-
-/**
- * tomoyo_free - Release memory allocated by tomoyo_alloc().
- *
- * @p: Pointer returned by tomoyo_alloc(). May be NULL.
- *
- * Returns nothing.
- */
-void tomoyo_free(const void *p)
-{
- if (p) {
- atomic_sub(ksize(p), &tomoyo_dynamic_memory_size);
- kfree(p);
- }
-}
-
/**
* tomoyo_read_memory_counter - Check for memory usage in bytes.
*
@@ -393,8 +360,6 @@ int tomoyo_read_memory_counter(struct tomoyo_io_buffer *head)
= tomoyo_allocated_memory_for_savename;
const unsigned int private
= tomoyo_allocated_memory_for_elements;
- const unsigned int dynamic
- = atomic_read(&tomoyo_dynamic_memory_size);
char buffer[64];
memset(buffer, 0, sizeof(buffer));
@@ -412,9 +377,7 @@ int tomoyo_read_memory_counter(struct tomoyo_io_buffer *head)
else
buffer[0] = '\0';
tomoyo_io_printf(head, "Private: %10u%s\n", private, buffer);
- tomoyo_io_printf(head, "Dynamic: %10u\n", dynamic);
- tomoyo_io_printf(head, "Total: %10u\n",
- shared + private + dynamic);
+ tomoyo_io_printf(head, "Total: %10u\n", shared + private);
head->read_eof = true;
}
return 0;
diff --git a/security/tomoyo/realpath.h b/security/tomoyo/realpath.h
index 47b4f59dad6..da4f06ff6f8 100644
--- a/security/tomoyo/realpath.h
+++ b/security/tomoyo/realpath.h
@@ -25,7 +25,7 @@ int tomoyo_realpath_from_path2(struct path *path, char *newname,
/*
* Returns realpath(3) of the given pathname but ignores chroot'ed root.
- * These functions use tomoyo_alloc(), so the caller must call tomoyo_free()
+ * These functions use kzalloc(), so the caller must call kfree()
* if these functions didn't return NULL.
*/
char *tomoyo_realpath(const char *pathname);
@@ -45,12 +45,6 @@ bool tomoyo_memory_ok(void *ptr);
*/
const struct tomoyo_path_info *tomoyo_save_name(const char *name);
-/* Allocate memory for temporary use (e.g. permission checks). */
-void *tomoyo_alloc(const size_t size);
-
-/* Free memory allocated by tomoyo_alloc(). */
-void tomoyo_free(const void *p);
-
/* Check for memory usage. */
int tomoyo_read_memory_counter(struct tomoyo_io_buffer *head);