[PATCH] tomoyo: Fix null pointer check

Zheng Zengkai zhengzengkai at huawei.com
Thu Nov 26 14:38:15 UTC 2020


Since tomoyo_memory_ok() will check for null pointer returned by
kzalloc() in tomoyo_assign_profile(), tomoyo_assign_namespace(),
tomoyo_get_name() and tomoyo_commit_ok(), then emit OOM warnings
if needed. And this is the expected behavior as informed by
Tetsuo Handa.

Let's add __GFP_NOWARN to kzalloc() in those related functions.
Besides, to achieve this goal, remove the null check for entry
right after kzalloc() in tomoyo_assign_namespace().

Fixes: 57c2590fb7fd ("TOMOYO: Update profile structure")
Fixes: bd03a3e4c9a9 ("TOMOYO: Add policy namespace support.")
Reported-by: Hulk Robot <hulkci at huawei.com>
Suggested-by: Tetsuo Handa <penguin-kernel at I-love.SAKURA.ne.jp>
Signed-off-by: Zheng Zengkai <zhengzengkai at huawei.com>
---
 security/tomoyo/common.c | 2 +-
 security/tomoyo/domain.c | 4 +---
 security/tomoyo/memory.c | 4 ++--
 3 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 4bee32bfe16d..bc54d3c8c70a 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -498,7 +498,7 @@ static struct tomoyo_profile *tomoyo_assign_profile
 	ptr = ns->profile_ptr[profile];
 	if (ptr)
 		return ptr;
-	entry = kzalloc(sizeof(*entry), GFP_NOFS);
+	entry = kzalloc(sizeof(*entry), GFP_NOFS | __GFP_NOWARN);
 	if (mutex_lock_interruptible(&tomoyo_policy_lock))
 		goto out;
 	ptr = ns->profile_ptr[profile];
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index dc4ecc0b2038..c6e5cc5cc7cd 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -473,9 +473,7 @@ struct tomoyo_policy_namespace *tomoyo_assign_namespace(const char *domainname)
 		return ptr;
 	if (len >= TOMOYO_EXEC_TMPSIZE - 10 || !tomoyo_domain_def(domainname))
 		return NULL;
-	entry = kzalloc(sizeof(*entry) + len + 1, GFP_NOFS);
-	if (!entry)
-		return NULL;
+	entry = kzalloc(sizeof(*entry) + len + 1, GFP_NOFS | __GFP_NOWARN);
 	if (mutex_lock_interruptible(&tomoyo_policy_lock))
 		goto out;
 	ptr = tomoyo_find_namespace(domainname, len);
diff --git a/security/tomoyo/memory.c b/security/tomoyo/memory.c
index 2e7fcfa923c9..1b570bde7a3b 100644
--- a/security/tomoyo/memory.c
+++ b/security/tomoyo/memory.c
@@ -73,7 +73,7 @@ bool tomoyo_memory_ok(void *ptr)
  */
 void *tomoyo_commit_ok(void *data, const unsigned int size)
 {
-	void *ptr = kzalloc(size, GFP_NOFS);
+	void *ptr = kzalloc(size, GFP_NOFS | __GFP_NOWARN);
 
 	if (tomoyo_memory_ok(ptr)) {
 		memmove(ptr, data, size);
@@ -170,7 +170,7 @@ const struct tomoyo_path_info *tomoyo_get_name(const char *name)
 		atomic_inc(&ptr->head.users);
 		goto out;
 	}
-	ptr = kzalloc(sizeof(*ptr) + len, GFP_NOFS);
+	ptr = kzalloc(sizeof(*ptr) + len, GFP_NOFS | __GFP_NOWARN);
 	if (tomoyo_memory_ok(ptr)) {
 		ptr->entry.name = ((char *) ptr) + sizeof(*ptr);
 		memmove((char *) ptr->entry.name, name, len);
-- 
2.20.1



More information about the Linux-security-module-archive mailing list