diff options
| author |   Zheng Zengkai <zhengzengkai@huawei.com> | 2020-11-26 22:38:15 +0800 |
|---|---|---|
| committer |   Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2020-11-27 19:36:11 +0900 |
| commit | 1b6b924efeb9e46f0ca2ebe5b9bb6b276defe52d (patch) | |
| tree | d529074a7d8eba402d624f5b819c3e4b02f3e3b5 /security | |
| parent | tomoyo: Limit wildcard recursion depth. (diff) | |
| download | linux-dev-1b6b924efeb9e46f0ca2ebe5b9bb6b276defe52d.tar.xz linux-dev-1b6b924efeb9e46f0ca2ebe5b9bb6b276defe52d.zip | |
tomoyo: Fix null pointer check
Since tomoyo_memory_ok() will check for null pointer returned by
kzalloc() in tomoyo_assign_profile(), tomoyo_assign_namespace(),
tomoyo_get_name() and tomoyo_commit_ok(), then emit OOM warnings
if needed. And this is the expected behavior as informed by
Tetsuo Handa.
Let's add __GFP_NOWARN to kzalloc() in those related functions.
Besides, to achieve this goal, remove the null check for entry
right after kzalloc() in tomoyo_assign_namespace().
Reported-by: Hulk Robot <hulkci@huawei.com>
Suggested-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Zheng Zengkai <zhengzengkai@huawei.com>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Diffstat (limited to 'security')
| -rw-r--r-- | security/tomoyo/common.c | 2 | ||||
| -rw-r--r-- | security/tomoyo/domain.c | 4 | ||||
| -rw-r--r-- | security/tomoyo/memory.c | 4 |
3 files changed, 4 insertions, 6 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 4bee32bfe16d..bc54d3c8c70a 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c @@ -498,7 +498,7 @@ static struct tomoyo_profile *tomoyo_assign_profile ptr = ns->profile_ptr[profile]; if (ptr) return ptr; - entry = kzalloc(sizeof(*entry), GFP_NOFS); + entry = kzalloc(sizeof(*entry), GFP_NOFS | __GFP_NOWARN); if (mutex_lock_interruptible(&tomoyo_policy_lock)) goto out; ptr = ns->profile_ptr[profile]; diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index dc4ecc0b2038..c6e5cc5cc7cd 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c @@ -473,9 +473,7 @@ struct tomoyo_policy_namespace *tomoyo_assign_namespace(const char *domainname) return ptr; if (len >= TOMOYO_EXEC_TMPSIZE - 10 || !tomoyo_domain_def(domainname)) return NULL; - entry = kzalloc(sizeof(*entry) + len + 1, GFP_NOFS); - if (!entry) - return NULL; + entry = kzalloc(sizeof(*entry) + len + 1, GFP_NOFS | __GFP_NOWARN); if (mutex_lock_interruptible(&tomoyo_policy_lock)) goto out; ptr = tomoyo_find_namespace(domainname, len); diff --git a/security/tomoyo/memory.c b/security/tomoyo/memory.c index 2e7fcfa923c9..1b570bde7a3b 100644 --- a/security/tomoyo/memory.c +++ b/security/tomoyo/memory.c @@ -73,7 +73,7 @@ bool tomoyo_memory_ok(void *ptr) */ void *tomoyo_commit_ok(void *data, const unsigned int size) { - void *ptr = kzalloc(size, GFP_NOFS); + void *ptr = kzalloc(size, GFP_NOFS | __GFP_NOWARN); if (tomoyo_memory_ok(ptr)) { memmove(ptr, data, size); @@ -170,7 +170,7 @@ const struct tomoyo_path_info *tomoyo_get_name(const char *name) atomic_inc(&ptr->head.users); goto out; } - ptr = kzalloc(sizeof(*ptr) + len, GFP_NOFS); + ptr = kzalloc(sizeof(*ptr) + len, GFP_NOFS | __GFP_NOWARN); if (tomoyo_memory_ok(ptr)) { ptr->entry.name = ((char *) ptr) + sizeof(*ptr); memmove((char *) ptr->entry.name, name, len); |