[PATCH] SELinux: convert to kzalloc
This patch converts SELinux code from kmalloc/memset to the new kazalloc unction. On i386, this results in a text saving of over 1K. Before: text data bss dec hex filename 86319 4642 15236 106197 19ed5 security/selinux/built-in.o After: text data bss dec hex filename 85278 4642 15236 105156 19ac4 security/selinux/built-in.o Signed-off-by: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
parent
0d078f6f96
commit
89d155ef62
8 changed files with 49 additions and 97 deletions
|
@ -122,11 +122,10 @@ static int task_alloc_security(struct task_struct *task)
|
||||||
{
|
{
|
||||||
struct task_security_struct *tsec;
|
struct task_security_struct *tsec;
|
||||||
|
|
||||||
tsec = kmalloc(sizeof(struct task_security_struct), GFP_KERNEL);
|
tsec = kzalloc(sizeof(struct task_security_struct), GFP_KERNEL);
|
||||||
if (!tsec)
|
if (!tsec)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
memset(tsec, 0, sizeof(struct task_security_struct));
|
|
||||||
tsec->magic = SELINUX_MAGIC;
|
tsec->magic = SELINUX_MAGIC;
|
||||||
tsec->task = task;
|
tsec->task = task;
|
||||||
tsec->osid = tsec->sid = tsec->ptrace_sid = SECINITSID_UNLABELED;
|
tsec->osid = tsec->sid = tsec->ptrace_sid = SECINITSID_UNLABELED;
|
||||||
|
@ -151,11 +150,10 @@ static int inode_alloc_security(struct inode *inode)
|
||||||
struct task_security_struct *tsec = current->security;
|
struct task_security_struct *tsec = current->security;
|
||||||
struct inode_security_struct *isec;
|
struct inode_security_struct *isec;
|
||||||
|
|
||||||
isec = kmalloc(sizeof(struct inode_security_struct), GFP_KERNEL);
|
isec = kzalloc(sizeof(struct inode_security_struct), GFP_KERNEL);
|
||||||
if (!isec)
|
if (!isec)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
memset(isec, 0, sizeof(struct inode_security_struct));
|
|
||||||
init_MUTEX(&isec->sem);
|
init_MUTEX(&isec->sem);
|
||||||
INIT_LIST_HEAD(&isec->list);
|
INIT_LIST_HEAD(&isec->list);
|
||||||
isec->magic = SELINUX_MAGIC;
|
isec->magic = SELINUX_MAGIC;
|
||||||
|
@ -193,11 +191,10 @@ static int file_alloc_security(struct file *file)
|
||||||
struct task_security_struct *tsec = current->security;
|
struct task_security_struct *tsec = current->security;
|
||||||
struct file_security_struct *fsec;
|
struct file_security_struct *fsec;
|
||||||
|
|
||||||
fsec = kmalloc(sizeof(struct file_security_struct), GFP_ATOMIC);
|
fsec = kzalloc(sizeof(struct file_security_struct), GFP_ATOMIC);
|
||||||
if (!fsec)
|
if (!fsec)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
memset(fsec, 0, sizeof(struct file_security_struct));
|
|
||||||
fsec->magic = SELINUX_MAGIC;
|
fsec->magic = SELINUX_MAGIC;
|
||||||
fsec->file = file;
|
fsec->file = file;
|
||||||
if (tsec && tsec->magic == SELINUX_MAGIC) {
|
if (tsec && tsec->magic == SELINUX_MAGIC) {
|
||||||
|
@ -227,11 +224,10 @@ static int superblock_alloc_security(struct super_block *sb)
|
||||||
{
|
{
|
||||||
struct superblock_security_struct *sbsec;
|
struct superblock_security_struct *sbsec;
|
||||||
|
|
||||||
sbsec = kmalloc(sizeof(struct superblock_security_struct), GFP_KERNEL);
|
sbsec = kzalloc(sizeof(struct superblock_security_struct), GFP_KERNEL);
|
||||||
if (!sbsec)
|
if (!sbsec)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
memset(sbsec, 0, sizeof(struct superblock_security_struct));
|
|
||||||
init_MUTEX(&sbsec->sem);
|
init_MUTEX(&sbsec->sem);
|
||||||
INIT_LIST_HEAD(&sbsec->list);
|
INIT_LIST_HEAD(&sbsec->list);
|
||||||
INIT_LIST_HEAD(&sbsec->isec_head);
|
INIT_LIST_HEAD(&sbsec->isec_head);
|
||||||
|
@ -269,11 +265,10 @@ static int sk_alloc_security(struct sock *sk, int family, gfp_t priority)
|
||||||
if (family != PF_UNIX)
|
if (family != PF_UNIX)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
ssec = kmalloc(sizeof(*ssec), priority);
|
ssec = kzalloc(sizeof(*ssec), priority);
|
||||||
if (!ssec)
|
if (!ssec)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
memset(ssec, 0, sizeof(*ssec));
|
|
||||||
ssec->magic = SELINUX_MAGIC;
|
ssec->magic = SELINUX_MAGIC;
|
||||||
ssec->sk = sk;
|
ssec->sk = sk;
|
||||||
ssec->peer_sid = SECINITSID_UNLABELED;
|
ssec->peer_sid = SECINITSID_UNLABELED;
|
||||||
|
@ -1483,11 +1478,10 @@ static int selinux_bprm_alloc_security(struct linux_binprm *bprm)
|
||||||
{
|
{
|
||||||
struct bprm_security_struct *bsec;
|
struct bprm_security_struct *bsec;
|
||||||
|
|
||||||
bsec = kmalloc(sizeof(struct bprm_security_struct), GFP_KERNEL);
|
bsec = kzalloc(sizeof(struct bprm_security_struct), GFP_KERNEL);
|
||||||
if (!bsec)
|
if (!bsec)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
memset(bsec, 0, sizeof *bsec);
|
|
||||||
bsec->magic = SELINUX_MAGIC;
|
bsec->magic = SELINUX_MAGIC;
|
||||||
bsec->bprm = bprm;
|
bsec->bprm = bprm;
|
||||||
bsec->sid = SECINITSID_UNLABELED;
|
bsec->sid = SECINITSID_UNLABELED;
|
||||||
|
@ -3599,11 +3593,10 @@ static int ipc_alloc_security(struct task_struct *task,
|
||||||
struct task_security_struct *tsec = task->security;
|
struct task_security_struct *tsec = task->security;
|
||||||
struct ipc_security_struct *isec;
|
struct ipc_security_struct *isec;
|
||||||
|
|
||||||
isec = kmalloc(sizeof(struct ipc_security_struct), GFP_KERNEL);
|
isec = kzalloc(sizeof(struct ipc_security_struct), GFP_KERNEL);
|
||||||
if (!isec)
|
if (!isec)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
memset(isec, 0, sizeof(struct ipc_security_struct));
|
|
||||||
isec->magic = SELINUX_MAGIC;
|
isec->magic = SELINUX_MAGIC;
|
||||||
isec->sclass = sclass;
|
isec->sclass = sclass;
|
||||||
isec->ipc_perm = perm;
|
isec->ipc_perm = perm;
|
||||||
|
@ -3631,11 +3624,10 @@ static int msg_msg_alloc_security(struct msg_msg *msg)
|
||||||
{
|
{
|
||||||
struct msg_security_struct *msec;
|
struct msg_security_struct *msec;
|
||||||
|
|
||||||
msec = kmalloc(sizeof(struct msg_security_struct), GFP_KERNEL);
|
msec = kzalloc(sizeof(struct msg_security_struct), GFP_KERNEL);
|
||||||
if (!msec)
|
if (!msec)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
memset(msec, 0, sizeof(struct msg_security_struct));
|
|
||||||
msec->magic = SELINUX_MAGIC;
|
msec->magic = SELINUX_MAGIC;
|
||||||
msec->msg = msg;
|
msec->msg = msg;
|
||||||
msec->sid = SECINITSID_UNLABELED;
|
msec->sid = SECINITSID_UNLABELED;
|
||||||
|
|
|
@ -114,13 +114,12 @@ static struct sel_netif *sel_netif_lookup(struct net_device *dev)
|
||||||
if (likely(netif != NULL))
|
if (likely(netif != NULL))
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
new = kmalloc(sizeof(*new), GFP_ATOMIC);
|
new = kzalloc(sizeof(*new), GFP_ATOMIC);
|
||||||
if (!new) {
|
if (!new) {
|
||||||
netif = ERR_PTR(-ENOMEM);
|
netif = ERR_PTR(-ENOMEM);
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
memset(new, 0, sizeof(*new));
|
|
||||||
nsec = &new->nsec;
|
nsec = &new->nsec;
|
||||||
|
|
||||||
ret = security_netif_sid(dev->name, &nsec->if_sid, &nsec->msg_sid);
|
ret = security_netif_sid(dev->name, &nsec->if_sid, &nsec->msg_sid);
|
||||||
|
|
|
@ -424,15 +424,13 @@ static ssize_t sel_write_access(struct file * file, char *buf, size_t size)
|
||||||
return length;
|
return length;
|
||||||
|
|
||||||
length = -ENOMEM;
|
length = -ENOMEM;
|
||||||
scon = kmalloc(size+1, GFP_KERNEL);
|
scon = kzalloc(size+1, GFP_KERNEL);
|
||||||
if (!scon)
|
if (!scon)
|
||||||
return length;
|
return length;
|
||||||
memset(scon, 0, size+1);
|
|
||||||
|
|
||||||
tcon = kmalloc(size+1, GFP_KERNEL);
|
tcon = kzalloc(size+1, GFP_KERNEL);
|
||||||
if (!tcon)
|
if (!tcon)
|
||||||
goto out;
|
goto out;
|
||||||
memset(tcon, 0, size+1);
|
|
||||||
|
|
||||||
length = -EINVAL;
|
length = -EINVAL;
|
||||||
if (sscanf(buf, "%s %s %hu %x", scon, tcon, &tclass, &req) != 4)
|
if (sscanf(buf, "%s %s %hu %x", scon, tcon, &tclass, &req) != 4)
|
||||||
|
@ -475,15 +473,13 @@ static ssize_t sel_write_create(struct file * file, char *buf, size_t size)
|
||||||
return length;
|
return length;
|
||||||
|
|
||||||
length = -ENOMEM;
|
length = -ENOMEM;
|
||||||
scon = kmalloc(size+1, GFP_KERNEL);
|
scon = kzalloc(size+1, GFP_KERNEL);
|
||||||
if (!scon)
|
if (!scon)
|
||||||
return length;
|
return length;
|
||||||
memset(scon, 0, size+1);
|
|
||||||
|
|
||||||
tcon = kmalloc(size+1, GFP_KERNEL);
|
tcon = kzalloc(size+1, GFP_KERNEL);
|
||||||
if (!tcon)
|
if (!tcon)
|
||||||
goto out;
|
goto out;
|
||||||
memset(tcon, 0, size+1);
|
|
||||||
|
|
||||||
length = -EINVAL;
|
length = -EINVAL;
|
||||||
if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
|
if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
|
||||||
|
@ -536,15 +532,13 @@ static ssize_t sel_write_relabel(struct file * file, char *buf, size_t size)
|
||||||
return length;
|
return length;
|
||||||
|
|
||||||
length = -ENOMEM;
|
length = -ENOMEM;
|
||||||
scon = kmalloc(size+1, GFP_KERNEL);
|
scon = kzalloc(size+1, GFP_KERNEL);
|
||||||
if (!scon)
|
if (!scon)
|
||||||
return length;
|
return length;
|
||||||
memset(scon, 0, size+1);
|
|
||||||
|
|
||||||
tcon = kmalloc(size+1, GFP_KERNEL);
|
tcon = kzalloc(size+1, GFP_KERNEL);
|
||||||
if (!tcon)
|
if (!tcon)
|
||||||
goto out;
|
goto out;
|
||||||
memset(tcon, 0, size+1);
|
|
||||||
|
|
||||||
length = -EINVAL;
|
length = -EINVAL;
|
||||||
if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
|
if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
|
||||||
|
@ -595,15 +589,13 @@ static ssize_t sel_write_user(struct file * file, char *buf, size_t size)
|
||||||
return length;
|
return length;
|
||||||
|
|
||||||
length = -ENOMEM;
|
length = -ENOMEM;
|
||||||
con = kmalloc(size+1, GFP_KERNEL);
|
con = kzalloc(size+1, GFP_KERNEL);
|
||||||
if (!con)
|
if (!con)
|
||||||
return length;
|
return length;
|
||||||
memset(con, 0, size+1);
|
|
||||||
|
|
||||||
user = kmalloc(size+1, GFP_KERNEL);
|
user = kzalloc(size+1, GFP_KERNEL);
|
||||||
if (!user)
|
if (!user)
|
||||||
goto out;
|
goto out;
|
||||||
memset(user, 0, size+1);
|
|
||||||
|
|
||||||
length = -EINVAL;
|
length = -EINVAL;
|
||||||
if (sscanf(buf, "%s %s", con, user) != 2)
|
if (sscanf(buf, "%s %s", con, user) != 2)
|
||||||
|
@ -658,15 +650,13 @@ static ssize_t sel_write_member(struct file * file, char *buf, size_t size)
|
||||||
return length;
|
return length;
|
||||||
|
|
||||||
length = -ENOMEM;
|
length = -ENOMEM;
|
||||||
scon = kmalloc(size+1, GFP_KERNEL);
|
scon = kzalloc(size+1, GFP_KERNEL);
|
||||||
if (!scon)
|
if (!scon)
|
||||||
return length;
|
return length;
|
||||||
memset(scon, 0, size+1);
|
|
||||||
|
|
||||||
tcon = kmalloc(size+1, GFP_KERNEL);
|
tcon = kzalloc(size+1, GFP_KERNEL);
|
||||||
if (!tcon)
|
if (!tcon)
|
||||||
goto out;
|
goto out;
|
||||||
memset(tcon, 0, size+1);
|
|
||||||
|
|
||||||
length = -EINVAL;
|
length = -EINVAL;
|
||||||
if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
|
if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
|
||||||
|
|
|
@ -220,10 +220,9 @@ int cond_read_bool(struct policydb *p, struct hashtab *h, void *fp)
|
||||||
u32 len;
|
u32 len;
|
||||||
int rc;
|
int rc;
|
||||||
|
|
||||||
booldatum = kmalloc(sizeof(struct cond_bool_datum), GFP_KERNEL);
|
booldatum = kzalloc(sizeof(struct cond_bool_datum), GFP_KERNEL);
|
||||||
if (!booldatum)
|
if (!booldatum)
|
||||||
return -1;
|
return -1;
|
||||||
memset(booldatum, 0, sizeof(struct cond_bool_datum));
|
|
||||||
|
|
||||||
rc = next_entry(buf, fp, sizeof buf);
|
rc = next_entry(buf, fp, sizeof buf);
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
|
@ -321,10 +320,9 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
list = kmalloc(sizeof(struct cond_av_list), GFP_KERNEL);
|
list = kzalloc(sizeof(struct cond_av_list), GFP_KERNEL);
|
||||||
if (!list)
|
if (!list)
|
||||||
goto err;
|
goto err;
|
||||||
memset(list, 0, sizeof(*list));
|
|
||||||
|
|
||||||
list->node = node_ptr;
|
list->node = node_ptr;
|
||||||
if (!data->head)
|
if (!data->head)
|
||||||
|
@ -414,11 +412,10 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp)
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
expr = kmalloc(sizeof(struct cond_expr), GFP_KERNEL);
|
expr = kzalloc(sizeof(struct cond_expr), GFP_KERNEL);
|
||||||
if (!expr) {
|
if (!expr) {
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
memset(expr, 0, sizeof(struct cond_expr));
|
|
||||||
|
|
||||||
expr->expr_type = le32_to_cpu(buf[0]);
|
expr->expr_type = le32_to_cpu(buf[0]);
|
||||||
expr->bool = le32_to_cpu(buf[1]);
|
expr->bool = le32_to_cpu(buf[1]);
|
||||||
|
@ -460,10 +457,9 @@ int cond_read_list(struct policydb *p, void *fp)
|
||||||
len = le32_to_cpu(buf[0]);
|
len = le32_to_cpu(buf[0]);
|
||||||
|
|
||||||
for (i = 0; i < len; i++) {
|
for (i = 0; i < len; i++) {
|
||||||
node = kmalloc(sizeof(struct cond_node), GFP_KERNEL);
|
node = kzalloc(sizeof(struct cond_node), GFP_KERNEL);
|
||||||
if (!node)
|
if (!node)
|
||||||
goto err;
|
goto err;
|
||||||
memset(node, 0, sizeof(struct cond_node));
|
|
||||||
|
|
||||||
if (cond_read_node(p, node, fp) != 0)
|
if (cond_read_node(p, node, fp) != 0)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
|
@ -39,12 +39,11 @@ int ebitmap_cpy(struct ebitmap *dst, struct ebitmap *src)
|
||||||
n = src->node;
|
n = src->node;
|
||||||
prev = NULL;
|
prev = NULL;
|
||||||
while (n) {
|
while (n) {
|
||||||
new = kmalloc(sizeof(*new), GFP_ATOMIC);
|
new = kzalloc(sizeof(*new), GFP_ATOMIC);
|
||||||
if (!new) {
|
if (!new) {
|
||||||
ebitmap_destroy(dst);
|
ebitmap_destroy(dst);
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
}
|
}
|
||||||
memset(new, 0, sizeof(*new));
|
|
||||||
new->startbit = n->startbit;
|
new->startbit = n->startbit;
|
||||||
new->map = n->map;
|
new->map = n->map;
|
||||||
new->next = NULL;
|
new->next = NULL;
|
||||||
|
@ -150,10 +149,9 @@ int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value)
|
||||||
if (!value)
|
if (!value)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
new = kmalloc(sizeof(*new), GFP_ATOMIC);
|
new = kzalloc(sizeof(*new), GFP_ATOMIC);
|
||||||
if (!new)
|
if (!new)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
memset(new, 0, sizeof(*new));
|
|
||||||
|
|
||||||
new->startbit = bit & ~(MAPSIZE - 1);
|
new->startbit = bit & ~(MAPSIZE - 1);
|
||||||
new->map = (MAPBIT << (bit - new->startbit));
|
new->map = (MAPBIT << (bit - new->startbit));
|
||||||
|
@ -232,13 +230,12 @@ int ebitmap_read(struct ebitmap *e, void *fp)
|
||||||
printk(KERN_ERR "security: ebitmap: truncated map\n");
|
printk(KERN_ERR "security: ebitmap: truncated map\n");
|
||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
n = kmalloc(sizeof(*n), GFP_KERNEL);
|
n = kzalloc(sizeof(*n), GFP_KERNEL);
|
||||||
if (!n) {
|
if (!n) {
|
||||||
printk(KERN_ERR "security: ebitmap: out of memory\n");
|
printk(KERN_ERR "security: ebitmap: out of memory\n");
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
memset(n, 0, sizeof(*n));
|
|
||||||
|
|
||||||
n->startbit = le32_to_cpu(buf[0]);
|
n->startbit = le32_to_cpu(buf[0]);
|
||||||
|
|
||||||
|
|
|
@ -15,11 +15,10 @@ struct hashtab *hashtab_create(u32 (*hash_value)(struct hashtab *h, void *key),
|
||||||
struct hashtab *p;
|
struct hashtab *p;
|
||||||
u32 i;
|
u32 i;
|
||||||
|
|
||||||
p = kmalloc(sizeof(*p), GFP_KERNEL);
|
p = kzalloc(sizeof(*p), GFP_KERNEL);
|
||||||
if (p == NULL)
|
if (p == NULL)
|
||||||
return p;
|
return p;
|
||||||
|
|
||||||
memset(p, 0, sizeof(*p));
|
|
||||||
p->size = size;
|
p->size = size;
|
||||||
p->nel = 0;
|
p->nel = 0;
|
||||||
p->hash_value = hash_value;
|
p->hash_value = hash_value;
|
||||||
|
@ -55,10 +54,9 @@ int hashtab_insert(struct hashtab *h, void *key, void *datum)
|
||||||
if (cur && (h->keycmp(h, key, cur->key) == 0))
|
if (cur && (h->keycmp(h, key, cur->key) == 0))
|
||||||
return -EEXIST;
|
return -EEXIST;
|
||||||
|
|
||||||
newnode = kmalloc(sizeof(*newnode), GFP_KERNEL);
|
newnode = kzalloc(sizeof(*newnode), GFP_KERNEL);
|
||||||
if (newnode == NULL)
|
if (newnode == NULL)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
memset(newnode, 0, sizeof(*newnode));
|
|
||||||
newnode->key = key;
|
newnode->key = key;
|
||||||
newnode->datum = datum;
|
newnode->datum = datum;
|
||||||
if (prev) {
|
if (prev) {
|
||||||
|
|
|
@ -121,12 +121,11 @@ static int roles_init(struct policydb *p)
|
||||||
int rc;
|
int rc;
|
||||||
struct role_datum *role;
|
struct role_datum *role;
|
||||||
|
|
||||||
role = kmalloc(sizeof(*role), GFP_KERNEL);
|
role = kzalloc(sizeof(*role), GFP_KERNEL);
|
||||||
if (!role) {
|
if (!role) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
memset(role, 0, sizeof(*role));
|
|
||||||
role->value = ++p->p_roles.nprim;
|
role->value = ++p->p_roles.nprim;
|
||||||
if (role->value != OBJECT_R_VAL) {
|
if (role->value != OBJECT_R_VAL) {
|
||||||
rc = -EINVAL;
|
rc = -EINVAL;
|
||||||
|
@ -851,12 +850,11 @@ static int perm_read(struct policydb *p, struct hashtab *h, void *fp)
|
||||||
__le32 buf[2];
|
__le32 buf[2];
|
||||||
u32 len;
|
u32 len;
|
||||||
|
|
||||||
perdatum = kmalloc(sizeof(*perdatum), GFP_KERNEL);
|
perdatum = kzalloc(sizeof(*perdatum), GFP_KERNEL);
|
||||||
if (!perdatum) {
|
if (!perdatum) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
memset(perdatum, 0, sizeof(*perdatum));
|
|
||||||
|
|
||||||
rc = next_entry(buf, fp, sizeof buf);
|
rc = next_entry(buf, fp, sizeof buf);
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
|
@ -893,12 +891,11 @@ static int common_read(struct policydb *p, struct hashtab *h, void *fp)
|
||||||
u32 len, nel;
|
u32 len, nel;
|
||||||
int i, rc;
|
int i, rc;
|
||||||
|
|
||||||
comdatum = kmalloc(sizeof(*comdatum), GFP_KERNEL);
|
comdatum = kzalloc(sizeof(*comdatum), GFP_KERNEL);
|
||||||
if (!comdatum) {
|
if (!comdatum) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
memset(comdatum, 0, sizeof(*comdatum));
|
|
||||||
|
|
||||||
rc = next_entry(buf, fp, sizeof buf);
|
rc = next_entry(buf, fp, sizeof buf);
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
|
@ -950,10 +947,9 @@ static int read_cons_helper(struct constraint_node **nodep, int ncons,
|
||||||
|
|
||||||
lc = NULL;
|
lc = NULL;
|
||||||
for (i = 0; i < ncons; i++) {
|
for (i = 0; i < ncons; i++) {
|
||||||
c = kmalloc(sizeof(*c), GFP_KERNEL);
|
c = kzalloc(sizeof(*c), GFP_KERNEL);
|
||||||
if (!c)
|
if (!c)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
memset(c, 0, sizeof(*c));
|
|
||||||
|
|
||||||
if (lc) {
|
if (lc) {
|
||||||
lc->next = c;
|
lc->next = c;
|
||||||
|
@ -969,10 +965,9 @@ static int read_cons_helper(struct constraint_node **nodep, int ncons,
|
||||||
le = NULL;
|
le = NULL;
|
||||||
depth = -1;
|
depth = -1;
|
||||||
for (j = 0; j < nexpr; j++) {
|
for (j = 0; j < nexpr; j++) {
|
||||||
e = kmalloc(sizeof(*e), GFP_KERNEL);
|
e = kzalloc(sizeof(*e), GFP_KERNEL);
|
||||||
if (!e)
|
if (!e)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
memset(e, 0, sizeof(*e));
|
|
||||||
|
|
||||||
if (le) {
|
if (le) {
|
||||||
le->next = e;
|
le->next = e;
|
||||||
|
@ -1033,12 +1028,11 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp)
|
||||||
u32 len, len2, ncons, nel;
|
u32 len, len2, ncons, nel;
|
||||||
int i, rc;
|
int i, rc;
|
||||||
|
|
||||||
cladatum = kmalloc(sizeof(*cladatum), GFP_KERNEL);
|
cladatum = kzalloc(sizeof(*cladatum), GFP_KERNEL);
|
||||||
if (!cladatum) {
|
if (!cladatum) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
memset(cladatum, 0, sizeof(*cladatum));
|
|
||||||
|
|
||||||
rc = next_entry(buf, fp, sizeof(u32)*6);
|
rc = next_entry(buf, fp, sizeof(u32)*6);
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
|
@ -1127,12 +1121,11 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp)
|
||||||
__le32 buf[2];
|
__le32 buf[2];
|
||||||
u32 len;
|
u32 len;
|
||||||
|
|
||||||
role = kmalloc(sizeof(*role), GFP_KERNEL);
|
role = kzalloc(sizeof(*role), GFP_KERNEL);
|
||||||
if (!role) {
|
if (!role) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
memset(role, 0, sizeof(*role));
|
|
||||||
|
|
||||||
rc = next_entry(buf, fp, sizeof buf);
|
rc = next_entry(buf, fp, sizeof buf);
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
|
@ -1188,12 +1181,11 @@ static int type_read(struct policydb *p, struct hashtab *h, void *fp)
|
||||||
__le32 buf[3];
|
__le32 buf[3];
|
||||||
u32 len;
|
u32 len;
|
||||||
|
|
||||||
typdatum = kmalloc(sizeof(*typdatum),GFP_KERNEL);
|
typdatum = kzalloc(sizeof(*typdatum),GFP_KERNEL);
|
||||||
if (!typdatum) {
|
if (!typdatum) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
memset(typdatum, 0, sizeof(*typdatum));
|
|
||||||
|
|
||||||
rc = next_entry(buf, fp, sizeof buf);
|
rc = next_entry(buf, fp, sizeof buf);
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
|
@ -1261,12 +1253,11 @@ static int user_read(struct policydb *p, struct hashtab *h, void *fp)
|
||||||
__le32 buf[2];
|
__le32 buf[2];
|
||||||
u32 len;
|
u32 len;
|
||||||
|
|
||||||
usrdatum = kmalloc(sizeof(*usrdatum), GFP_KERNEL);
|
usrdatum = kzalloc(sizeof(*usrdatum), GFP_KERNEL);
|
||||||
if (!usrdatum) {
|
if (!usrdatum) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
memset(usrdatum, 0, sizeof(*usrdatum));
|
|
||||||
|
|
||||||
rc = next_entry(buf, fp, sizeof buf);
|
rc = next_entry(buf, fp, sizeof buf);
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
|
@ -1316,12 +1307,11 @@ static int sens_read(struct policydb *p, struct hashtab *h, void *fp)
|
||||||
__le32 buf[2];
|
__le32 buf[2];
|
||||||
u32 len;
|
u32 len;
|
||||||
|
|
||||||
levdatum = kmalloc(sizeof(*levdatum), GFP_ATOMIC);
|
levdatum = kzalloc(sizeof(*levdatum), GFP_ATOMIC);
|
||||||
if (!levdatum) {
|
if (!levdatum) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
memset(levdatum, 0, sizeof(*levdatum));
|
|
||||||
|
|
||||||
rc = next_entry(buf, fp, sizeof buf);
|
rc = next_entry(buf, fp, sizeof buf);
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
|
@ -1368,12 +1358,11 @@ static int cat_read(struct policydb *p, struct hashtab *h, void *fp)
|
||||||
__le32 buf[3];
|
__le32 buf[3];
|
||||||
u32 len;
|
u32 len;
|
||||||
|
|
||||||
catdatum = kmalloc(sizeof(*catdatum), GFP_ATOMIC);
|
catdatum = kzalloc(sizeof(*catdatum), GFP_ATOMIC);
|
||||||
if (!catdatum) {
|
if (!catdatum) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
memset(catdatum, 0, sizeof(*catdatum));
|
|
||||||
|
|
||||||
rc = next_entry(buf, fp, sizeof buf);
|
rc = next_entry(buf, fp, sizeof buf);
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
|
@ -1567,12 +1556,11 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
nel = le32_to_cpu(buf[0]);
|
nel = le32_to_cpu(buf[0]);
|
||||||
ltr = NULL;
|
ltr = NULL;
|
||||||
for (i = 0; i < nel; i++) {
|
for (i = 0; i < nel; i++) {
|
||||||
tr = kmalloc(sizeof(*tr), GFP_KERNEL);
|
tr = kzalloc(sizeof(*tr), GFP_KERNEL);
|
||||||
if (!tr) {
|
if (!tr) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
memset(tr, 0, sizeof(*tr));
|
|
||||||
if (ltr) {
|
if (ltr) {
|
||||||
ltr->next = tr;
|
ltr->next = tr;
|
||||||
} else {
|
} else {
|
||||||
|
@ -1593,12 +1581,11 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
nel = le32_to_cpu(buf[0]);
|
nel = le32_to_cpu(buf[0]);
|
||||||
lra = NULL;
|
lra = NULL;
|
||||||
for (i = 0; i < nel; i++) {
|
for (i = 0; i < nel; i++) {
|
||||||
ra = kmalloc(sizeof(*ra), GFP_KERNEL);
|
ra = kzalloc(sizeof(*ra), GFP_KERNEL);
|
||||||
if (!ra) {
|
if (!ra) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
memset(ra, 0, sizeof(*ra));
|
|
||||||
if (lra) {
|
if (lra) {
|
||||||
lra->next = ra;
|
lra->next = ra;
|
||||||
} else {
|
} else {
|
||||||
|
@ -1627,12 +1614,11 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
nel = le32_to_cpu(buf[0]);
|
nel = le32_to_cpu(buf[0]);
|
||||||
l = NULL;
|
l = NULL;
|
||||||
for (j = 0; j < nel; j++) {
|
for (j = 0; j < nel; j++) {
|
||||||
c = kmalloc(sizeof(*c), GFP_KERNEL);
|
c = kzalloc(sizeof(*c), GFP_KERNEL);
|
||||||
if (!c) {
|
if (!c) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
memset(c, 0, sizeof(*c));
|
|
||||||
if (l) {
|
if (l) {
|
||||||
l->next = c;
|
l->next = c;
|
||||||
} else {
|
} else {
|
||||||
|
@ -1743,12 +1729,11 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
goto bad;
|
goto bad;
|
||||||
len = le32_to_cpu(buf[0]);
|
len = le32_to_cpu(buf[0]);
|
||||||
newgenfs = kmalloc(sizeof(*newgenfs), GFP_KERNEL);
|
newgenfs = kzalloc(sizeof(*newgenfs), GFP_KERNEL);
|
||||||
if (!newgenfs) {
|
if (!newgenfs) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
memset(newgenfs, 0, sizeof(*newgenfs));
|
|
||||||
|
|
||||||
newgenfs->fstype = kmalloc(len + 1,GFP_KERNEL);
|
newgenfs->fstype = kmalloc(len + 1,GFP_KERNEL);
|
||||||
if (!newgenfs->fstype) {
|
if (!newgenfs->fstype) {
|
||||||
|
@ -1790,12 +1775,11 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
goto bad;
|
goto bad;
|
||||||
len = le32_to_cpu(buf[0]);
|
len = le32_to_cpu(buf[0]);
|
||||||
|
|
||||||
newc = kmalloc(sizeof(*newc), GFP_KERNEL);
|
newc = kzalloc(sizeof(*newc), GFP_KERNEL);
|
||||||
if (!newc) {
|
if (!newc) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
memset(newc, 0, sizeof(*newc));
|
|
||||||
|
|
||||||
newc->u.name = kmalloc(len + 1,GFP_KERNEL);
|
newc->u.name = kmalloc(len + 1,GFP_KERNEL);
|
||||||
if (!newc->u.name) {
|
if (!newc->u.name) {
|
||||||
|
@ -1843,12 +1827,11 @@ int policydb_read(struct policydb *p, void *fp)
|
||||||
nel = le32_to_cpu(buf[0]);
|
nel = le32_to_cpu(buf[0]);
|
||||||
lrt = NULL;
|
lrt = NULL;
|
||||||
for (i = 0; i < nel; i++) {
|
for (i = 0; i < nel; i++) {
|
||||||
rt = kmalloc(sizeof(*rt), GFP_KERNEL);
|
rt = kzalloc(sizeof(*rt), GFP_KERNEL);
|
||||||
if (!rt) {
|
if (!rt) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto bad;
|
goto bad;
|
||||||
}
|
}
|
||||||
memset(rt, 0, sizeof(*rt));
|
|
||||||
if (lrt)
|
if (lrt)
|
||||||
lrt->next = rt;
|
lrt->next = rt;
|
||||||
else
|
else
|
||||||
|
|
|
@ -1531,12 +1531,11 @@ int security_get_user_sids(u32 fromsid,
|
||||||
}
|
}
|
||||||
usercon.user = user->value;
|
usercon.user = user->value;
|
||||||
|
|
||||||
mysids = kmalloc(maxnel*sizeof(*mysids), GFP_ATOMIC);
|
mysids = kcalloc(maxnel, sizeof(*mysids), GFP_ATOMIC);
|
||||||
if (!mysids) {
|
if (!mysids) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
goto out_unlock;
|
goto out_unlock;
|
||||||
}
|
}
|
||||||
memset(mysids, 0, maxnel*sizeof(*mysids));
|
|
||||||
|
|
||||||
ebitmap_for_each_bit(&user->roles, rnode, i) {
|
ebitmap_for_each_bit(&user->roles, rnode, i) {
|
||||||
if (!ebitmap_node_get_bit(rnode, i))
|
if (!ebitmap_node_get_bit(rnode, i))
|
||||||
|
@ -1566,13 +1565,12 @@ int security_get_user_sids(u32 fromsid,
|
||||||
mysids[mynel++] = sid;
|
mysids[mynel++] = sid;
|
||||||
} else {
|
} else {
|
||||||
maxnel += SIDS_NEL;
|
maxnel += SIDS_NEL;
|
||||||
mysids2 = kmalloc(maxnel*sizeof(*mysids2), GFP_ATOMIC);
|
mysids2 = kcalloc(maxnel, sizeof(*mysids2), GFP_ATOMIC);
|
||||||
if (!mysids2) {
|
if (!mysids2) {
|
||||||
rc = -ENOMEM;
|
rc = -ENOMEM;
|
||||||
kfree(mysids);
|
kfree(mysids);
|
||||||
goto out_unlock;
|
goto out_unlock;
|
||||||
}
|
}
|
||||||
memset(mysids2, 0, maxnel*sizeof(*mysids2));
|
|
||||||
memcpy(mysids2, mysids, mynel * sizeof(*mysids2));
|
memcpy(mysids2, mysids, mynel * sizeof(*mysids2));
|
||||||
kfree(mysids);
|
kfree(mysids);
|
||||||
mysids = mysids2;
|
mysids = mysids2;
|
||||||
|
@ -1714,12 +1712,11 @@ int security_get_bools(int *len, char ***names, int **values)
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
*names = (char**)kmalloc(sizeof(char*) * *len, GFP_ATOMIC);
|
*names = (char**)kcalloc(*len, sizeof(char*), GFP_ATOMIC);
|
||||||
if (!*names)
|
if (!*names)
|
||||||
goto err;
|
goto err;
|
||||||
memset(*names, 0, sizeof(char*) * *len);
|
|
||||||
|
|
||||||
*values = (int*)kmalloc(sizeof(int) * *len, GFP_ATOMIC);
|
*values = (int*)kcalloc(*len, sizeof(int), GFP_ATOMIC);
|
||||||
if (!*values)
|
if (!*values)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue