summaryrefslogtreecommitdiff
path: root/security/tomoyo
diff options
context:
space:
mode:
authorZheng Zengkai <zhengzengkai@huawei.com>2020-11-26 22:38:15 +0800
committerTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2020-11-27 19:36:11 +0900
commit1b6b924efeb9e46f0ca2ebe5b9bb6b276defe52d (patch)
treed529074a7d8eba402d624f5b819c3e4b02f3e3b5 /security/tomoyo
parente991a40b3d0000a2f48729aea4ce03acf679b5ee (diff)
downloadlwn-1b6b924efeb9e46f0ca2ebe5b9bb6b276defe52d.tar.gz
lwn-1b6b924efeb9e46f0ca2ebe5b9bb6b276defe52d.zip
tomoyo: Fix null pointer check
Since tomoyo_memory_ok() will check for null pointer returned by kzalloc() in tomoyo_assign_profile(), tomoyo_assign_namespace(), tomoyo_get_name() and tomoyo_commit_ok(), then emit OOM warnings if needed. And this is the expected behavior as informed by Tetsuo Handa. Let's add __GFP_NOWARN to kzalloc() in those related functions. Besides, to achieve this goal, remove the null check for entry right after kzalloc() in tomoyo_assign_namespace(). Reported-by: Hulk Robot <hulkci@huawei.com> Suggested-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Zheng Zengkai <zhengzengkai@huawei.com> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Diffstat (limited to 'security/tomoyo')
-rw-r--r--security/tomoyo/common.c2
-rw-r--r--security/tomoyo/domain.c4
-rw-r--r--security/tomoyo/memory.c4
3 files changed, 4 insertions, 6 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 4bee32bfe16d..bc54d3c8c70a 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -498,7 +498,7 @@ static struct tomoyo_profile *tomoyo_assign_profile
ptr = ns->profile_ptr[profile];
if (ptr)
return ptr;
- entry = kzalloc(sizeof(*entry), GFP_NOFS);
+ entry = kzalloc(sizeof(*entry), GFP_NOFS | __GFP_NOWARN);
if (mutex_lock_interruptible(&tomoyo_policy_lock))
goto out;
ptr = ns->profile_ptr[profile];
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index dc4ecc0b2038..c6e5cc5cc7cd 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -473,9 +473,7 @@ struct tomoyo_policy_namespace *tomoyo_assign_namespace(const char *domainname)
return ptr;
if (len >= TOMOYO_EXEC_TMPSIZE - 10 || !tomoyo_domain_def(domainname))
return NULL;
- entry = kzalloc(sizeof(*entry) + len + 1, GFP_NOFS);
- if (!entry)
- return NULL;
+ entry = kzalloc(sizeof(*entry) + len + 1, GFP_NOFS | __GFP_NOWARN);
if (mutex_lock_interruptible(&tomoyo_policy_lock))
goto out;
ptr = tomoyo_find_namespace(domainname, len);
diff --git a/security/tomoyo/memory.c b/security/tomoyo/memory.c
index 2e7fcfa923c9..1b570bde7a3b 100644
--- a/security/tomoyo/memory.c
+++ b/security/tomoyo/memory.c
@@ -73,7 +73,7 @@ bool tomoyo_memory_ok(void *ptr)
*/
void *tomoyo_commit_ok(void *data, const unsigned int size)
{
- void *ptr = kzalloc(size, GFP_NOFS);
+ void *ptr = kzalloc(size, GFP_NOFS | __GFP_NOWARN);
if (tomoyo_memory_ok(ptr)) {
memmove(ptr, data, size);
@@ -170,7 +170,7 @@ const struct tomoyo_path_info *tomoyo_get_name(const char *name)
atomic_inc(&ptr->head.users);
goto out;
}
- ptr = kzalloc(sizeof(*ptr) + len, GFP_NOFS);
+ ptr = kzalloc(sizeof(*ptr) + len, GFP_NOFS | __GFP_NOWARN);
if (tomoyo_memory_ok(ptr)) {
ptr->entry.name = ((char *) ptr) + sizeof(*ptr);
memmove((char *) ptr->entry.name, name, len);