TOMOYO: Use mutex_lock_interruptible.

Some of TOMOYO's functions may sleep after mutex_lock(). If OOM-killer selected
a process which is waiting at mutex_lock(), the to-be-killed process can't be
killed. Thus, replace mutex_lock() with mutex_lock_interruptible() so that the
to-be-killed process can immediately return from TOMOYO's functions.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>

diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 3c86bbc33aeb4d38a76bcada2de8d83b721873e5..8f34036fd31ccf1ac1b3931baf040e315be4bdb8 100644 (file)
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -874,13 +874,13 @@ bool tomoyo_domain_quota_is_ok(struct tomoyo_domain_info * const domain)
 static struct tomoyo_profile *tomoyo_find_or_assign_new_profile(const unsigned
                                                                int profile)
 {
-       static DEFINE_MUTEX(lock);
        struct tomoyo_profile *ptr = NULL;
        int i;
 
        if (profile >= TOMOYO_MAX_PROFILES)
                return NULL;
-       mutex_lock(&lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               return NULL;
        ptr = tomoyo_profile_ptr[profile];
        if (ptr)
                goto ok;
@@ -895,7 +895,7 @@ static struct tomoyo_profile *tomoyo_find_or_assign_new_profile(const unsigned
        mb(); /* Avoid out-of-order execution. */
        tomoyo_profile_ptr[profile] = ptr;
  ok:
-       mutex_unlock(&lock);
+       mutex_unlock(&tomoyo_policy_lock);
        return ptr;
 }
 
@@ -1090,7 +1090,8 @@ static int tomoyo_update_manager_entry(const char *manager,
                return -ENOMEM;
        if (!is_delete)
                entry = kmalloc(sizeof(*entry), GFP_NOFS);
-       mutex_lock(&tomoyo_policy_lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               goto out;
        list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) {
                if (ptr->manager != saved_manager)
                        continue;
@@ -1107,6 +1108,7 @@ static int tomoyo_update_manager_entry(const char *manager,
                error = 0;
        }
        mutex_unlock(&tomoyo_policy_lock);
+ out:
        tomoyo_put_name(saved_manager);
        kfree(entry);
        return error;
@@ -1287,7 +1289,8 @@ static int tomoyo_delete_domain(char *domainname)
 
        name.name = domainname;
        tomoyo_fill_path_info(&name);
-       mutex_lock(&tomoyo_policy_lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               return 0;
        /* Is there an active domain? */
        list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) {
                /* Never delete tomoyo_kernel_domain */

diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h
index 67bd22dd3e6896ffdbb2b8c58036e8d22a039c5c..52c9502ed67573070baeeee9b31eed493b879c1f 100644 (file)
--- a/security/tomoyo/common.h
+++ b/security/tomoyo/common.h
@@ -662,7 +662,6 @@ extern struct list_head tomoyo_pattern_list;
 extern struct list_head tomoyo_no_rewrite_list;
 extern struct list_head tomoyo_policy_manager_list;
 extern struct list_head tomoyo_name_list[TOMOYO_MAX_HASH];
-extern struct mutex tomoyo_name_list_lock;
 
 /* Lock for protecting policy. */
 extern struct mutex tomoyo_policy_lock;

diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index e1edec4a9b9dd109caa4114230b5d2a6a24a95a4..a1723bbcde0e965e3f4cbf508d8b0ca94cbdacfb 100644 (file)
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -154,7 +154,8 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname,
                goto out;
        if (!is_delete)
                entry = kmalloc(sizeof(*entry), GFP_NOFS);
-       mutex_lock(&tomoyo_policy_lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               goto out;
        list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) {
                if (ptr->is_not != is_not ||
                    ptr->domainname != saved_domainname ||
@@ -374,7 +375,8 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname,
                goto out;
        if (!is_delete)
                entry = kmalloc(sizeof(*entry), GFP_NOFS);
-       mutex_lock(&tomoyo_policy_lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               goto out;
        list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) {
                if (ptr->is_not != is_not ||
                    ptr->domainname != saved_domainname ||
@@ -566,7 +568,8 @@ static int tomoyo_update_alias_entry(const char *original_name,
                goto out;
        if (!is_delete)
                entry = kmalloc(sizeof(*entry), GFP_NOFS);
-       mutex_lock(&tomoyo_policy_lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               goto out;
        list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) {
                if (ptr->original_name != saved_original_name ||
                    ptr->aliased_name != saved_aliased_name)
@@ -656,7 +659,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
                                                            const u8 profile)
 {
        struct tomoyo_domain_info *entry;
-       struct tomoyo_domain_info *domain;
+       struct tomoyo_domain_info *domain = NULL;
        const struct tomoyo_path_info *saved_domainname;
        bool found = false;
 
@@ -666,7 +669,8 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
        if (!saved_domainname)
                return NULL;
        entry = kzalloc(sizeof(*entry), GFP_NOFS);
-       mutex_lock(&tomoyo_policy_lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               goto out;
        list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) {
                if (domain->is_deleted ||
                    tomoyo_pathcmp(saved_domainname, domain->domainname))
@@ -685,6 +689,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
                found = true;
        }
        mutex_unlock(&tomoyo_policy_lock);
+ out:
        tomoyo_put_name(saved_domainname);
        kfree(entry);
        return found ? domain : NULL;

diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c
index 0687ada28e8206d7c036f6ea51a23760d1d8f343..060bbf3870ce7b33e0f9e9145d6c33a6cf867eab 100644 (file)
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -176,7 +176,8 @@ static int tomoyo_update_globally_readable_entry(const char *filename,
                return -ENOMEM;
        if (!is_delete)
                entry = kmalloc(sizeof(*entry), GFP_NOFS);
-       mutex_lock(&tomoyo_policy_lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               goto out;
        list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) {
                if (ptr->filename != saved_filename)
                        continue;
@@ -192,6 +193,7 @@ static int tomoyo_update_globally_readable_entry(const char *filename,
                error = 0;
        }
        mutex_unlock(&tomoyo_policy_lock);
+ out:
        tomoyo_put_name(saved_filename);
        kfree(entry);
        return error;
@@ -323,7 +325,8 @@ static int tomoyo_update_file_pattern_entry(const char *pattern,
                goto out;
        if (!is_delete)
                entry = kmalloc(sizeof(*entry), GFP_NOFS);
-       mutex_lock(&tomoyo_policy_lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               goto out;
        list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) {
                if (saved_pattern != ptr->pattern)
                        continue;
@@ -476,7 +479,8 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern,
                return error;
        if (!is_delete)
                entry = kmalloc(sizeof(*entry), GFP_NOFS);
-       mutex_lock(&tomoyo_policy_lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               goto out;
        list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) {
                if (ptr->pattern != saved_pattern)
                        continue;
@@ -492,6 +496,7 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern,
                error = 0;
        }
        mutex_unlock(&tomoyo_policy_lock);
+ out:
        tomoyo_put_name(saved_pattern);
        kfree(entry);
        return error;
@@ -822,7 +827,8 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename,
                return -ENOMEM;
        if (!is_delete)
                entry = kmalloc(sizeof(*entry), GFP_NOFS);
-       mutex_lock(&tomoyo_policy_lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               goto out;
        list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) {
                struct tomoyo_path_acl *acl =
                        container_of(ptr, struct tomoyo_path_acl, head);
@@ -867,6 +873,7 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename,
                error = 0;
        }
        mutex_unlock(&tomoyo_policy_lock);
+ out:
        kfree(entry);
        tomoyo_put_name(saved_filename);
        return error;
@@ -908,7 +915,8 @@ static int tomoyo_update_path2_acl(const u8 type, const char *filename1,
                goto out;
        if (!is_delete)
                entry = kmalloc(sizeof(*entry), GFP_NOFS);
-       mutex_lock(&tomoyo_policy_lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               goto out;
        list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) {
                struct tomoyo_path2_acl *acl =
                        container_of(ptr, struct tomoyo_path2_acl, head);

diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c
index d9ad35bc7fa823b7d2078cfa76ba6d7fa6736fb9..245bf422e3a50b58fa14aec24d0a233d3aeb9084 100644 (file)
--- a/security/tomoyo/gc.c
+++ b/security/tomoyo/gc.c
@@ -151,7 +151,8 @@ static void tomoyo_del_name(const struct tomoyo_name_entry *ptr)
 
 static void tomoyo_collect_entry(void)
 {
-       mutex_lock(&tomoyo_policy_lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               return;
        {
                struct tomoyo_globally_readable_file_entry *ptr;
                list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list,
@@ -275,8 +276,6 @@ static void tomoyo_collect_entry(void)
                                break;
                }
        }
-       mutex_unlock(&tomoyo_policy_lock);
-       mutex_lock(&tomoyo_name_list_lock);
        {
                int i;
                for (i = 0; i < TOMOYO_MAX_HASH; i++) {
@@ -294,7 +293,7 @@ static void tomoyo_collect_entry(void)
                        }
                }
        }
-       mutex_unlock(&tomoyo_name_list_lock);
+       mutex_unlock(&tomoyo_policy_lock);
 }
 
 static void tomoyo_kfree_entry(void)

diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index 6a51e0af241747723462655f958f5208a7d54277..62062a68525a33b47bee480c6cd68bcd1eb530c2 100644 (file)
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -240,8 +240,6 @@ void tomoyo_memory_free(void *ptr)
  * "const struct tomoyo_path_info *".
  */
 struct list_head tomoyo_name_list[TOMOYO_MAX_HASH];
-/* Lock for protecting tomoyo_name_list . */
-DEFINE_MUTEX(tomoyo_name_list_lock);
 
 /**
  * tomoyo_get_name - Allocate permanent memory for string data.
@@ -263,7 +261,8 @@ const struct tomoyo_path_info *tomoyo_get_name(const char *name)
        len = strlen(name) + 1;
        hash = full_name_hash((const unsigned char *) name, len - 1);
        head = &tomoyo_name_list[hash_long(hash, TOMOYO_HASH_BITS)];
-       mutex_lock(&tomoyo_name_list_lock);
+       if (mutex_lock_interruptible(&tomoyo_policy_lock))
+               return NULL;
        list_for_each_entry(ptr, head, list) {
                if (hash != ptr->entry.hash || strcmp(name, ptr->entry.name))
                        continue;
@@ -290,7 +289,7 @@ const struct tomoyo_path_info *tomoyo_get_name(const char *name)
        tomoyo_fill_path_info(&ptr->entry);
        list_add_tail(&ptr->list, head);
  out:
-       mutex_unlock(&tomoyo_name_list_lock);
+       mutex_unlock(&tomoyo_policy_lock);
        return ptr ? &ptr->entry : NULL;
 }