TOMOYO: Fix quota and garbage collector.

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Commit 059d84db "TOMOYO: Add socket operation restriction support" and
commit 731d37aa "TOMOYO: Allow domain transition without execve()." forgot to
update tomoyo_domain_quota_is_ok() and tomoyo_del_acl() which results in
incorrect quota counting and memory leak.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>

authored by

Tetsuo Handa and committed by

James Morris 14 years ago 545a7260 e2b8b25a

+18

2 changed files

expand all

security

tomoyo

gc.c

util.c

security/tomoyo/gc.c

··· 221 221 tomoyo_put_name_union(&entry->name); 222 222 } 223 223 break; 224 + case TOMOYO_TYPE_MANUAL_TASK_ACL: 225 + { 226 + struct tomoyo_task_acl *entry = 227 + container_of(acl, typeof(*entry), head); 228 + tomoyo_put_name(entry->domainname); 229 + } 230 + break; 224 231 } 225 232 } 226 233

+11

security/tomoyo/util.c

··· 1057 1057 perm = container_of(ptr, struct tomoyo_mkdev_acl, 1058 1058 head)->perm; 1059 1059 break; 1060 + case TOMOYO_TYPE_INET_ACL: 1061 + perm = container_of(ptr, struct tomoyo_inet_acl, 1062 + head)->perm; 1063 + break; 1064 + case TOMOYO_TYPE_UNIX_ACL: 1065 + perm = container_of(ptr, struct tomoyo_unix_acl, 1066 + head)->perm; 1067 + break; 1068 + case TOMOYO_TYPE_MANUAL_TASK_ACL: 1069 + perm = 0; 1070 + break; 1060 1071 default: 1061 1072 perm = 1; 1062 1073 }