diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2019-03-07 11:44:01 -0800 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2019-03-07 11:44:01 -0800 |
| commit | ae5906ceee038ea29ff5162d1bcd18fb50af8b94 (patch) | |
| tree | 841a11c6d3c3afcf7e4d57be370ebcf57aab214a /security/tomoyo/memory.c | |
| parent | 1fc1cd8399ab5541a488a7e47b2f21537dd76c2d (diff) | |
| parent | 468e91cecb3218afd684b8c422490dfebe0691bb (diff) | |
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
- Extend LSM stacking to allow sharing of cred, file, ipc, inode, and
task blobs. This paves the way for more full-featured LSMs to be
merged, and is specifically aimed at LandLock and SARA LSMs. This
work is from Casey and Kees.
- There's a new LSM from Micah Morton: "SafeSetID gates the setid
family of syscalls to restrict UID/GID transitions from a given
UID/GID to only those approved by a system-wide whitelist." This
feature is currently shipping in ChromeOS.
* 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (62 commits)
keys: fix missing __user in KEYCTL_PKEY_QUERY
LSM: Update list of SECURITYFS users in Kconfig
LSM: Ignore "security=" when "lsm=" is specified
LSM: Update function documentation for cap_capable
security: mark expected switch fall-throughs and add a missing break
tomoyo: Bump version.
LSM: fix return value check in safesetid_init_securityfs()
LSM: SafeSetID: add selftest
LSM: SafeSetID: remove unused include
LSM: SafeSetID: 'depend' on CONFIG_SECURITY
LSM: Add 'name' field for SafeSetID in DEFINE_LSM
LSM: add SafeSetID module that gates setid calls
LSM: add SafeSetID module that gates setid calls
tomoyo: Allow multiple use_group lines.
tomoyo: Coding style fix.
tomoyo: Swicth from cred->security to task_struct->security.
security: keys: annotate implicit fall throughs
security: keys: annotate implicit fall throughs
security: keys: annotate implicit fall through
capabilities:: annotate implicit fall through
...
Diffstat (limited to 'security/tomoyo/memory.c')
| -rw-r--r-- | security/tomoyo/memory.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/security/tomoyo/memory.c b/security/tomoyo/memory.c index 12477e0b0a11..2e7fcfa923c9 100644 --- a/security/tomoyo/memory.c +++ b/security/tomoyo/memory.c @@ -19,9 +19,9 @@ void tomoyo_warn_oom(const char *function) /* Reduce error messages. */ static pid_t tomoyo_last_pid; const pid_t pid = current->pid; + if (tomoyo_last_pid != pid) { - printk(KERN_WARNING "ERROR: Out of memory at %s.\n", - function); + pr_warn("ERROR: Out of memory at %s.\n", function); tomoyo_last_pid = pid; } if (!tomoyo_policy_loaded) @@ -48,6 +48,7 @@ bool tomoyo_memory_ok(void *ptr) { if (ptr) { const size_t s = ksize(ptr); + tomoyo_memory_used[TOMOYO_MEMORY_POLICY] += s; if (!tomoyo_memory_quota[TOMOYO_MEMORY_POLICY] || tomoyo_memory_used[TOMOYO_MEMORY_POLICY] <= @@ -73,6 +74,7 @@ bool tomoyo_memory_ok(void *ptr) void *tomoyo_commit_ok(void *data, const unsigned int size) { void *ptr = kzalloc(size, GFP_NOFS); + if (tomoyo_memory_ok(ptr)) { memmove(ptr, data, size); memset(data, 0, size); @@ -98,6 +100,7 @@ struct tomoyo_group *tomoyo_get_group(struct tomoyo_acl_param *param, struct list_head *list; const char *group_name = tomoyo_read_token(param); bool found = false; + if (!tomoyo_correct_word(group_name) || idx >= TOMOYO_MAX_GROUP) return NULL; e.group_name = tomoyo_get_name(group_name); @@ -116,6 +119,7 @@ struct tomoyo_group *tomoyo_get_group(struct tomoyo_acl_param *param, } if (!found) { struct tomoyo_group *entry = tomoyo_commit_ok(&e, sizeof(e)); + if (entry) { INIT_LIST_HEAD(&entry->member_list); atomic_set(&entry->head.users, 1); @@ -191,6 +195,7 @@ struct tomoyo_policy_namespace tomoyo_kernel_namespace; void __init tomoyo_mm_init(void) { int idx; + for (idx = 0; idx < TOMOYO_MAX_HASH; idx++) INIT_LIST_HEAD(&tomoyo_name_list[idx]); tomoyo_kernel_namespace.name = "<kernel>"; |