From patchwork Thu Aug 11 05:02:44 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: [10/13] AppArmor: Add kvzalloc to handle zeroing for kvmalloc From: John Johansen X-Patchwork-Id: 109528 Message-Id: <1313038967-19941-11-git-send-email-john.johansen@canonical.com> To: kernel-team@lists.ubuntu.com Date: Wed, 10 Aug 2011 22:02:44 -0700 Signed-off-by: John Johansen --- security/apparmor/apparmorfs.c | 2 +- security/apparmor/include/apparmor.h | 12 +++++++++++- security/apparmor/lib.c | 7 ++++--- security/apparmor/match.c | 2 +- 4 files changed, 17 insertions(+), 6 deletions(-) diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index 28c52ac..b3d01d7 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -56,7 +56,7 @@ static char *aa_simple_write_to_buffer(int op, const char __user *userbuf, return ERR_PTR(-EACCES); /* freed by caller to simple_write_to_buffer */ - data = kvmalloc(alloc_size); + data = kvmalloc(alloc_size, 0); if (data == NULL) return ERR_PTR(-ENOMEM); diff --git a/security/apparmor/include/apparmor.h b/security/apparmor/include/apparmor.h index 38ccaea..35bcb67 100644 --- a/security/apparmor/include/apparmor.h +++ b/security/apparmor/include/apparmor.h @@ -15,6 +15,7 @@ #ifndef __APPARMOR_H #define __APPARMOR_H +#include #include #include "match.h" @@ -51,9 +52,18 @@ extern int apparmor_initialized __initdata; /* fn's in lib */ char *aa_split_fqname(char *args, char **ns_name); void aa_info_message(const char *str); -void *kvmalloc(size_t size); +void *kvmalloc(size_t size, gfp_t flags); void kvfree(void *buffer); +/** + * kvzalloc - allocate memory. The memory is set to zero. + * @size: how many bytes of memory are required. + * @flags: the type of memory to allocate (see kmalloc). + */ +static inline void *kvzalloc(size_t size, gfp_t flags) +{ + return kvmalloc(size, flags | __GFP_ZERO); +} /** * aa_strneq - compare null terminated @str to a non null terminated substring diff --git a/security/apparmor/lib.c b/security/apparmor/lib.c index 506d2ba..5b9a428 100644 --- a/security/apparmor/lib.c +++ b/security/apparmor/lib.c @@ -72,14 +72,15 @@ void aa_info_message(const char *str) /** * kvmalloc - do allocation preferring kmalloc but falling back to vmalloc - * @size: size of allocation + * @size: how many bytes of memory are required + * @flags: the type of memory to allocate (see kmalloc). * * Return: allocated buffer or NULL if failed * * It is possible that policy being loaded from the user is larger than * what can be allocated by kmalloc, in those cases fall back to vmalloc. */ -void *kvmalloc(size_t size) +void *kvmalloc(size_t size, gfp_t flags) { void *buffer = NULL; @@ -88,7 +89,7 @@ void *kvmalloc(size_t size) /* do not attempt kmalloc if we need more than 16 pages at once */ if (size <= (16*PAGE_SIZE)) - buffer = kmalloc(size, GFP_NOIO | __GFP_NOWARN); + buffer = kmalloc(size, flags | GFP_NOIO | __GFP_NOWARN); if (!buffer) { /* see kvfree for why size must be at least work_struct size * when allocated via vmalloc diff --git a/security/apparmor/match.c b/security/apparmor/match.c index 081491e..58831c8 100644 --- a/security/apparmor/match.c +++ b/security/apparmor/match.c @@ -64,7 +64,7 @@ static struct table_header *unpack_table(char *blob, size_t bsize) if (th.td_id == YYTD_ID_NXT || th.td_id == YYTD_ID_CHK) tsize += 256 * th.td_flags; - table = kvmalloc(tsize); + table = kvmalloc(tsize, 0); if (table) { /* ensure the pad is clear, else there will be errors */ memset(table, 0, tsize);