summaryrefslogtreecommitdiffstats
path: root/security/tomoyo
diff options
context:
space:
mode:
Diffstat (limited to 'security/tomoyo')
-rw-r--r--security/tomoyo/common.c20
-rw-r--r--security/tomoyo/domain.c10
-rw-r--r--security/tomoyo/file.c12
-rw-r--r--security/tomoyo/realpath.c4
4 files changed, 21 insertions, 25 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 975c45d88ba..3c86bbc33ae 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -884,7 +884,7 @@ static struct tomoyo_profile *tomoyo_find_or_assign_new_profile(const unsigned
ptr = tomoyo_profile_ptr[profile];
if (ptr)
goto ok;
- ptr = kmalloc(sizeof(*ptr), GFP_KERNEL);
+ ptr = kmalloc(sizeof(*ptr), GFP_NOFS);
if (!tomoyo_memory_ok(ptr)) {
kfree(ptr);
ptr = NULL;
@@ -1089,7 +1089,7 @@ static int tomoyo_update_manager_entry(const char *manager,
if (!saved_manager)
return -ENOMEM;
if (!is_delete)
- entry = kmalloc(sizeof(*entry), GFP_KERNEL);
+ entry = kmalloc(sizeof(*entry), GFP_NOFS);
mutex_lock(&tomoyo_policy_lock);
list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) {
if (ptr->manager != saved_manager)
@@ -1369,7 +1369,6 @@ static bool tomoyo_print_path_acl(struct tomoyo_io_buffer *head,
{
int pos;
u8 bit;
- const char *atmark = "";
const char *filename;
const u32 perm = ptr->perm | (((u32) ptr->perm_high) << 16);
@@ -1384,8 +1383,7 @@ static bool tomoyo_print_path_acl(struct tomoyo_io_buffer *head,
continue;
msg = tomoyo_path2keyword(bit);
pos = head->read_avail;
- if (!tomoyo_io_printf(head, "allow_%s %s%s\n", msg,
- atmark, filename))
+ if (!tomoyo_io_printf(head, "allow_%s %s\n", msg, filename))
goto out;
}
head->read_bit = 0;
@@ -1408,8 +1406,6 @@ static bool tomoyo_print_path2_acl(struct tomoyo_io_buffer *head,
struct tomoyo_path2_acl *ptr)
{
int pos;
- const char *atmark1 = "";
- const char *atmark2 = "";
const char *filename1;
const char *filename2;
const u8 perm = ptr->perm;
@@ -1423,8 +1419,8 @@ static bool tomoyo_print_path2_acl(struct tomoyo_io_buffer *head,
continue;
msg = tomoyo_path22keyword(bit);
pos = head->read_avail;
- if (!tomoyo_io_printf(head, "allow_%s %s%s %s%s\n", msg,
- atmark1, filename1, atmark2, filename2))
+ if (!tomoyo_io_printf(head, "allow_%s %s %s\n", msg,
+ filename1, filename2))
goto out;
}
head->read_bit = 0;
@@ -1886,7 +1882,7 @@ static int tomoyo_read_self_domain(struct tomoyo_io_buffer *head)
*/
static int tomoyo_open_control(const u8 type, struct file *file)
{
- struct tomoyo_io_buffer *head = kzalloc(sizeof(*head), GFP_KERNEL);
+ struct tomoyo_io_buffer *head = kzalloc(sizeof(*head), GFP_NOFS);
if (!head)
return -ENOMEM;
@@ -1947,7 +1943,7 @@ static int tomoyo_open_control(const u8 type, struct file *file)
} else {
if (!head->readbuf_size)
head->readbuf_size = 4096 * 2;
- head->read_buf = kzalloc(head->readbuf_size, GFP_KERNEL);
+ head->read_buf = kzalloc(head->readbuf_size, GFP_NOFS);
if (!head->read_buf) {
kfree(head);
return -ENOMEM;
@@ -1961,7 +1957,7 @@ static int tomoyo_open_control(const u8 type, struct file *file)
head->write = NULL;
} else if (head->write) {
head->writebuf_size = 4096 * 2;
- head->write_buf = kzalloc(head->writebuf_size, GFP_KERNEL);
+ head->write_buf = kzalloc(head->writebuf_size, GFP_NOFS);
if (!head->write_buf) {
kfree(head->read_buf);
kfree(head);
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index acb8c397d5c..e1edec4a9b9 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -153,7 +153,7 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname,
if (!saved_program)
goto out;
if (!is_delete)
- entry = kmalloc(sizeof(*entry), GFP_KERNEL);
+ entry = kmalloc(sizeof(*entry), GFP_NOFS);
mutex_lock(&tomoyo_policy_lock);
list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) {
if (ptr->is_not != is_not ||
@@ -373,7 +373,7 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname,
if (!saved_domainname)
goto out;
if (!is_delete)
- entry = kmalloc(sizeof(*entry), GFP_KERNEL);
+ entry = kmalloc(sizeof(*entry), GFP_NOFS);
mutex_lock(&tomoyo_policy_lock);
list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) {
if (ptr->is_not != is_not ||
@@ -565,7 +565,7 @@ static int tomoyo_update_alias_entry(const char *original_name,
if (!saved_original_name || !saved_aliased_name)
goto out;
if (!is_delete)
- entry = kmalloc(sizeof(*entry), GFP_KERNEL);
+ entry = kmalloc(sizeof(*entry), GFP_NOFS);
mutex_lock(&tomoyo_policy_lock);
list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) {
if (ptr->original_name != saved_original_name ||
@@ -665,7 +665,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
saved_domainname = tomoyo_get_name(domainname);
if (!saved_domainname)
return NULL;
- entry = kzalloc(sizeof(*entry), GFP_KERNEL);
+ entry = kzalloc(sizeof(*entry), GFP_NOFS);
mutex_lock(&tomoyo_policy_lock);
list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) {
if (domain->is_deleted ||
@@ -705,7 +705,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
* This function assumes that the size of buffer returned by
* tomoyo_realpath() = TOMOYO_MAX_PATHNAME_LEN.
*/
- struct tomoyo_page_buffer *tmp = kzalloc(sizeof(*tmp), GFP_KERNEL);
+ struct tomoyo_page_buffer *tmp = kzalloc(sizeof(*tmp), GFP_NOFS);
struct tomoyo_domain_info *old_domain = tomoyo_domain();
struct tomoyo_domain_info *domain = NULL;
const char *old_domain_name = old_domain->domainname->name;
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c
index 6f3fe76a1fd..0687ada28e8 100644
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -100,7 +100,7 @@ static struct tomoyo_path_info *tomoyo_get_path(struct path *path)
{
int error;
struct tomoyo_path_info_with_data *buf = kzalloc(sizeof(*buf),
- GFP_KERNEL);
+ GFP_NOFS);
if (!buf)
return NULL;
@@ -175,7 +175,7 @@ static int tomoyo_update_globally_readable_entry(const char *filename,
if (!saved_filename)
return -ENOMEM;
if (!is_delete)
- entry = kmalloc(sizeof(*entry), GFP_KERNEL);
+ entry = kmalloc(sizeof(*entry), GFP_NOFS);
mutex_lock(&tomoyo_policy_lock);
list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) {
if (ptr->filename != saved_filename)
@@ -322,7 +322,7 @@ static int tomoyo_update_file_pattern_entry(const char *pattern,
if (!saved_pattern->is_patterned)
goto out;
if (!is_delete)
- entry = kmalloc(sizeof(*entry), GFP_KERNEL);
+ entry = kmalloc(sizeof(*entry), GFP_NOFS);
mutex_lock(&tomoyo_policy_lock);
list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) {
if (saved_pattern != ptr->pattern)
@@ -475,7 +475,7 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern,
if (!saved_pattern)
return error;
if (!is_delete)
- entry = kmalloc(sizeof(*entry), GFP_KERNEL);
+ entry = kmalloc(sizeof(*entry), GFP_NOFS);
mutex_lock(&tomoyo_policy_lock);
list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) {
if (ptr->pattern != saved_pattern)
@@ -821,7 +821,7 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename,
if (!saved_filename)
return -ENOMEM;
if (!is_delete)
- entry = kmalloc(sizeof(*entry), GFP_KERNEL);
+ entry = kmalloc(sizeof(*entry), GFP_NOFS);
mutex_lock(&tomoyo_policy_lock);
list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) {
struct tomoyo_path_acl *acl =
@@ -907,7 +907,7 @@ static int tomoyo_update_path2_acl(const u8 type, const char *filename1,
if (!saved_filename1 || !saved_filename2)
goto out;
if (!is_delete)
- entry = kmalloc(sizeof(*entry), GFP_KERNEL);
+ entry = kmalloc(sizeof(*entry), GFP_NOFS);
mutex_lock(&tomoyo_policy_lock);
list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) {
struct tomoyo_path2_acl *acl =
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index c225c65ce42..6a51e0af241 100644
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -139,7 +139,7 @@ int tomoyo_realpath_from_path2(struct path *path, char *newname,
*/
char *tomoyo_realpath_from_path(struct path *path)
{
- char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_KERNEL);
+ char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_NOFS);
BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer)
<= TOMOYO_MAX_PATHNAME_LEN - 1);
@@ -270,7 +270,7 @@ const struct tomoyo_path_info *tomoyo_get_name(const char *name)
atomic_inc(&ptr->users);
goto out;
}
- ptr = kzalloc(sizeof(*ptr) + len, GFP_KERNEL);
+ ptr = kzalloc(sizeof(*ptr) + len, GFP_NOFS);
allocated_len = ptr ? ksize(ptr) : 0;
if (!ptr || (tomoyo_quota_for_policy &&
atomic_read(&tomoyo_policy_memory_size) + allocated_len