Commit c5c928c6 authored by Linus Torvalds's avatar Linus Torvalds

Merge tag 'tomoyo-fixes-for-5.5' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1

Pull tomoyo fixes from Tetsuo Handa:
 "Two bug fixes:

   - Suppress RCU warning at list_for_each_entry_rcu()

   - Don't use fancy names on sockets"

* tag 'tomoyo-fixes-for-5.5' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1:
  tomoyo: Suppress RCU warning at list_for_each_entry_rcu().
  tomoyo: Don't use nifty names on sockets.
parents fd698849 6bd5ce60
...@@ -951,7 +951,8 @@ static bool tomoyo_manager(void) ...@@ -951,7 +951,8 @@ static bool tomoyo_manager(void)
exe = tomoyo_get_exe(); exe = tomoyo_get_exe();
if (!exe) if (!exe)
return false; return false;
list_for_each_entry_rcu(ptr, &tomoyo_kernel_namespace.policy_list[TOMOYO_ID_MANAGER], head.list) { list_for_each_entry_rcu(ptr, &tomoyo_kernel_namespace.policy_list[TOMOYO_ID_MANAGER], head.list,
srcu_read_lock_held(&tomoyo_ss)) {
if (!ptr->head.is_deleted && if (!ptr->head.is_deleted &&
(!tomoyo_pathcmp(domainname, ptr->manager) || (!tomoyo_pathcmp(domainname, ptr->manager) ||
!strcmp(exe, ptr->manager->name))) { !strcmp(exe, ptr->manager->name))) {
...@@ -1095,7 +1096,8 @@ static int tomoyo_delete_domain(char *domainname) ...@@ -1095,7 +1096,8 @@ static int tomoyo_delete_domain(char *domainname)
if (mutex_lock_interruptible(&tomoyo_policy_lock)) if (mutex_lock_interruptible(&tomoyo_policy_lock))
return -EINTR; return -EINTR;
/* Is there an active domain? */ /* Is there an active domain? */
list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { list_for_each_entry_rcu(domain, &tomoyo_domain_list, list,
srcu_read_lock_held(&tomoyo_ss)) {
/* Never delete tomoyo_kernel_domain */ /* Never delete tomoyo_kernel_domain */
if (domain == &tomoyo_kernel_domain) if (domain == &tomoyo_kernel_domain)
continue; continue;
...@@ -2778,7 +2780,8 @@ void tomoyo_check_profile(void) ...@@ -2778,7 +2780,8 @@ void tomoyo_check_profile(void)
tomoyo_policy_loaded = true; tomoyo_policy_loaded = true;
pr_info("TOMOYO: 2.6.0\n"); pr_info("TOMOYO: 2.6.0\n");
list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { list_for_each_entry_rcu(domain, &tomoyo_domain_list, list,
srcu_read_lock_held(&tomoyo_ss)) {
const u8 profile = domain->profile; const u8 profile = domain->profile;
struct tomoyo_policy_namespace *ns = domain->ns; struct tomoyo_policy_namespace *ns = domain->ns;
......
...@@ -41,7 +41,8 @@ int tomoyo_update_policy(struct tomoyo_acl_head *new_entry, const int size, ...@@ -41,7 +41,8 @@ int tomoyo_update_policy(struct tomoyo_acl_head *new_entry, const int size,
if (mutex_lock_interruptible(&tomoyo_policy_lock)) if (mutex_lock_interruptible(&tomoyo_policy_lock))
return -ENOMEM; return -ENOMEM;
list_for_each_entry_rcu(entry, list, list) { list_for_each_entry_rcu(entry, list, list,
srcu_read_lock_held(&tomoyo_ss)) {
if (entry->is_deleted == TOMOYO_GC_IN_PROGRESS) if (entry->is_deleted == TOMOYO_GC_IN_PROGRESS)
continue; continue;
if (!check_duplicate(entry, new_entry)) if (!check_duplicate(entry, new_entry))
...@@ -119,7 +120,8 @@ int tomoyo_update_domain(struct tomoyo_acl_info *new_entry, const int size, ...@@ -119,7 +120,8 @@ int tomoyo_update_domain(struct tomoyo_acl_info *new_entry, const int size,
} }
if (mutex_lock_interruptible(&tomoyo_policy_lock)) if (mutex_lock_interruptible(&tomoyo_policy_lock))
goto out; goto out;
list_for_each_entry_rcu(entry, list, list) { list_for_each_entry_rcu(entry, list, list,
srcu_read_lock_held(&tomoyo_ss)) {
if (entry->is_deleted == TOMOYO_GC_IN_PROGRESS) if (entry->is_deleted == TOMOYO_GC_IN_PROGRESS)
continue; continue;
if (!tomoyo_same_acl_head(entry, new_entry) || if (!tomoyo_same_acl_head(entry, new_entry) ||
...@@ -166,7 +168,8 @@ void tomoyo_check_acl(struct tomoyo_request_info *r, ...@@ -166,7 +168,8 @@ void tomoyo_check_acl(struct tomoyo_request_info *r,
u16 i = 0; u16 i = 0;
retry: retry:
list_for_each_entry_rcu(ptr, list, list) { list_for_each_entry_rcu(ptr, list, list,
srcu_read_lock_held(&tomoyo_ss)) {
if (ptr->is_deleted || ptr->type != r->param_type) if (ptr->is_deleted || ptr->type != r->param_type)
continue; continue;
if (!check_entry(r, ptr)) if (!check_entry(r, ptr))
...@@ -298,7 +301,8 @@ static inline bool tomoyo_scan_transition ...@@ -298,7 +301,8 @@ static inline bool tomoyo_scan_transition
{ {
const struct tomoyo_transition_control *ptr; const struct tomoyo_transition_control *ptr;
list_for_each_entry_rcu(ptr, list, head.list) { list_for_each_entry_rcu(ptr, list, head.list,
srcu_read_lock_held(&tomoyo_ss)) {
if (ptr->head.is_deleted || ptr->type != type) if (ptr->head.is_deleted || ptr->type != type)
continue; continue;
if (ptr->domainname) { if (ptr->domainname) {
...@@ -735,7 +739,8 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) ...@@ -735,7 +739,8 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
/* Check 'aggregator' directive. */ /* Check 'aggregator' directive. */
candidate = &exename; candidate = &exename;
list_for_each_entry_rcu(ptr, list, head.list) { list_for_each_entry_rcu(ptr, list, head.list,
srcu_read_lock_held(&tomoyo_ss)) {
if (ptr->head.is_deleted || if (ptr->head.is_deleted ||
!tomoyo_path_matches_pattern(&exename, !tomoyo_path_matches_pattern(&exename,
ptr->original_name)) ptr->original_name))
......
...@@ -133,7 +133,8 @@ tomoyo_path_matches_group(const struct tomoyo_path_info *pathname, ...@@ -133,7 +133,8 @@ tomoyo_path_matches_group(const struct tomoyo_path_info *pathname,
{ {
struct tomoyo_path_group *member; struct tomoyo_path_group *member;
list_for_each_entry_rcu(member, &group->member_list, head.list) { list_for_each_entry_rcu(member, &group->member_list, head.list,
srcu_read_lock_held(&tomoyo_ss)) {
if (member->head.is_deleted) if (member->head.is_deleted)
continue; continue;
if (!tomoyo_path_matches_pattern(pathname, member->member_name)) if (!tomoyo_path_matches_pattern(pathname, member->member_name))
...@@ -161,7 +162,8 @@ bool tomoyo_number_matches_group(const unsigned long min, ...@@ -161,7 +162,8 @@ bool tomoyo_number_matches_group(const unsigned long min,
struct tomoyo_number_group *member; struct tomoyo_number_group *member;
bool matched = false; bool matched = false;
list_for_each_entry_rcu(member, &group->member_list, head.list) { list_for_each_entry_rcu(member, &group->member_list, head.list,
srcu_read_lock_held(&tomoyo_ss)) {
if (member->head.is_deleted) if (member->head.is_deleted)
continue; continue;
if (min > member->number.values[1] || if (min > member->number.values[1] ||
...@@ -191,7 +193,8 @@ bool tomoyo_address_matches_group(const bool is_ipv6, const __be32 *address, ...@@ -191,7 +193,8 @@ bool tomoyo_address_matches_group(const bool is_ipv6, const __be32 *address,
bool matched = false; bool matched = false;
const u8 size = is_ipv6 ? 16 : 4; const u8 size = is_ipv6 ? 16 : 4;
list_for_each_entry_rcu(member, &group->member_list, head.list) { list_for_each_entry_rcu(member, &group->member_list, head.list,
srcu_read_lock_held(&tomoyo_ss)) {
if (member->head.is_deleted) if (member->head.is_deleted)
continue; continue;
if (member->address.is_ipv6 != is_ipv6) if (member->address.is_ipv6 != is_ipv6)
......
...@@ -217,31 +217,6 @@ static char *tomoyo_get_local_path(struct dentry *dentry, char * const buffer, ...@@ -217,31 +217,6 @@ static char *tomoyo_get_local_path(struct dentry *dentry, char * const buffer,
return ERR_PTR(-ENOMEM); return ERR_PTR(-ENOMEM);
} }
/**
* tomoyo_get_socket_name - Get the name of a socket.
*
* @path: Pointer to "struct path".
* @buffer: Pointer to buffer to return value in.
* @buflen: Sizeof @buffer.
*
* Returns the buffer.
*/
static char *tomoyo_get_socket_name(const struct path *path, char * const buffer,
const int buflen)
{
struct inode *inode = d_backing_inode(path->dentry);
struct socket *sock = inode ? SOCKET_I(inode) : NULL;
struct sock *sk = sock ? sock->sk : NULL;
if (sk) {
snprintf(buffer, buflen, "socket:[family=%u:type=%u:protocol=%u]",
sk->sk_family, sk->sk_type, sk->sk_protocol);
} else {
snprintf(buffer, buflen, "socket:[unknown]");
}
return buffer;
}
/** /**
* tomoyo_realpath_from_path - Returns realpath(3) of the given pathname but ignores chroot'ed root. * tomoyo_realpath_from_path - Returns realpath(3) of the given pathname but ignores chroot'ed root.
* *
...@@ -279,12 +254,7 @@ char *tomoyo_realpath_from_path(const struct path *path) ...@@ -279,12 +254,7 @@ char *tomoyo_realpath_from_path(const struct path *path)
break; break;
/* To make sure that pos is '\0' terminated. */ /* To make sure that pos is '\0' terminated. */
buf[buf_len - 1] = '\0'; buf[buf_len - 1] = '\0';
/* Get better name for socket. */ /* For "pipe:[\$]" and "socket:[\$]". */
if (sb->s_magic == SOCKFS_MAGIC) {
pos = tomoyo_get_socket_name(path, buf, buf_len - 1);
goto encode;
}
/* For "pipe:[\$]". */
if (dentry->d_op && dentry->d_op->d_dname) { if (dentry->d_op && dentry->d_op->d_dname) {
pos = dentry->d_op->d_dname(dentry, buf, buf_len - 1); pos = dentry->d_op->d_dname(dentry, buf, buf_len - 1);
goto encode; goto encode;
......
...@@ -594,7 +594,8 @@ struct tomoyo_domain_info *tomoyo_find_domain(const char *domainname) ...@@ -594,7 +594,8 @@ struct tomoyo_domain_info *tomoyo_find_domain(const char *domainname)
name.name = domainname; name.name = domainname;
tomoyo_fill_path_info(&name); tomoyo_fill_path_info(&name);
list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { list_for_each_entry_rcu(domain, &tomoyo_domain_list, list,
srcu_read_lock_held(&tomoyo_ss)) {
if (!domain->is_deleted && if (!domain->is_deleted &&
!tomoyo_pathcmp(&name, domain->domainname)) !tomoyo_pathcmp(&name, domain->domainname))
return domain; return domain;
...@@ -1028,7 +1029,8 @@ bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r) ...@@ -1028,7 +1029,8 @@ bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r)
return false; return false;
if (!domain) if (!domain)
return true; return true;
list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { list_for_each_entry_rcu(ptr, &domain->acl_info_list, list,
srcu_read_lock_held(&tomoyo_ss)) {
u16 perm; u16 perm;
u8 i; u8 i;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment