Re: [TOMOYO 03/15](repost) Memory and pathname management functions.
Hello. James Morris wrote: > Would you please explain why you need another level of memory allocation? > > What does it do apart from let you check for memory leaks? Difference between tmy_alloc() and kmalloc() are tmy_alloc() allows administrator know "how much memory is used by TOMOYO Linux modules" via /sys/kernel/security/tomoyo/meminfo interface. This feature was requested by TOMOYO Linux users. /proc/slabinfo can show how much memory is used by all modules, but it cannot show how much memory is used by TOMOYO Linux modules. tmy_alloc() can indicate memory-leaking bug and can avoid double-kfree() bug by keeping the pointer returned by kmalloc() in a local "cache_list" list. tmy_alloc() also keeps the size of memory allocated by kmalloc() in "cache_list" list so that administrator can know "how much memory is used by TOMOYO Linux modules". Calling ksize() after kmalloc() in tmy_alloc() and calling ksize() before kfree() in tmy_free() might be better if double-kfree-checks and memory-leaking-checks (i.e. "tmy_cachep") are unneeded. Regards. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [TOMOYO 03/15](repost) Memory and pathname management functions.
On Tue, 2 Oct 2007, Kentaro Takeda wrote: > +/** > + * tmy_alloc - allocate memory for temporary purpose. > + * @size: requested size in bytes. > + * > + * Returns '\0'-initialized memory region on success. > + * Returns NULL on failure. > + * > + * This function allocates memory for keeping ACL entries. > + * The caller has to call tmy_free() the returned pointer > + * when memory is no longer needed. > + */ Would you please explain why you need another level of memory allocation? What does it do apart from let you check for memory leaks? - James -- James Morris <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [TOMOYO 03/15](repost) Memory and pathname management functions.
On Tue, 2 Oct 2007, Kentaro Takeda wrote: +/** + * tmy_alloc - allocate memory for temporary purpose. + * @size: requested size in bytes. + * + * Returns '\0'-initialized memory region on success. + * Returns NULL on failure. + * + * This function allocates memory for keeping ACL entries. + * The caller has to call tmy_free() the returned pointer + * when memory is no longer needed. + */ Would you please explain why you need another level of memory allocation? What does it do apart from let you check for memory leaks? - James -- James Morris [EMAIL PROTECTED] - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [TOMOYO 03/15](repost) Memory and pathname management functions.
Hello. James Morris wrote: Would you please explain why you need another level of memory allocation? What does it do apart from let you check for memory leaks? Difference between tmy_alloc() and kmalloc() are tmy_alloc() allows administrator know how much memory is used by TOMOYO Linux modules via /sys/kernel/security/tomoyo/meminfo interface. This feature was requested by TOMOYO Linux users. /proc/slabinfo can show how much memory is used by all modules, but it cannot show how much memory is used by TOMOYO Linux modules. tmy_alloc() can indicate memory-leaking bug and can avoid double-kfree() bug by keeping the pointer returned by kmalloc() in a local cache_list list. tmy_alloc() also keeps the size of memory allocated by kmalloc() in cache_list list so that administrator can know how much memory is used by TOMOYO Linux modules. Calling ksize() after kmalloc() in tmy_alloc() and calling ksize() before kfree() in tmy_free() might be better if double-kfree-checks and memory-leaking-checks (i.e. tmy_cachep) are unneeded. Regards. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[TOMOYO 03/15](repost) Memory and pathname management functions.
Basic functions to get canonicalized absolute pathnames
for TOMOYO Linux. Even the requested pathname is symlink()ed
or chroot()ed, TOMOYO Linux uses the original pathname.
Signed-off-by: Kentaro Takeda <[EMAIL PROTECTED]>
Signed-off-by: Tetsuo Handa <[EMAIL PROTECTED]>
---
security/tomoyo/realpath.c | 697 +
1 files changed, 697 insertions(+)
--- /dev/null 1970-01-01 00:00:00.0 +
+++ linux-2.6/security/tomoyo/realpath.c2007-10-02 11:26:21.0
+0900
@@ -0,0 +1,697 @@
+/*
+ * security/tomoyo/realpath.c
+ *
+ * Get the canonicalized absolute pathnames.
+ * The basis for TOMOYO Linux.
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include "realpath.h"
+#include "tomoyo.h"
+
+/* realpath handler */
+
+static int tmy_print_ascii(const char *sp, const char *cp,
+ int *buflen0, char **end0)
+{
+ int buflen = *buflen0;
+ char *end = *end0;
+
+ while (sp <= cp) {
+ unsigned char c;
+
+ c = *(unsigned char *) cp;
+ if (c == '\\') {
+ buflen -= 2;
+ if (buflen < 0)
+ goto out;
+ *--end = '\\';
+ *--end = '\\';
+ } else if (c > ' ' && c < 127) {
+ if (--buflen < 0)
+ goto out;
+ *--end = (char) c;
+ } else {
+ buflen -= 4;
+ if (buflen < 0)
+ goto out;
+ *--end = (c & 7) + '0';
+ *--end = ((c >> 3) & 7) + '0';
+ *--end = (c >> 6) + '0';
+ *--end = '\\';
+ }
+ cp--;
+ }
+
+ *buflen0 = buflen;
+ *end0 = end;
+
+ return 0;
+out: ;
+ return -ENOMEM;
+}
+
+/**
+ * tmy_get_absolute_path - return the realpath of a dentry.
+ * @dentry: pointer to "struct dentry".
+ * @vfsmnt: pointer to "struct vfsmount" to which the @dentry belongs.
+ * @buffer: size of buffer to save the result.
+ * @buflen: size of @buffer .
+ *
+ * Returns zero on success.
+ * Returns nonzero on failure.
+ *
+ * Caller holds the dcache_lock.
+ * Based on __d_path() in fs/dcache.c
+ *
+ * Unlike d_path(), this function traverses upto the root directory of
+ * process's namespace.
+ *
+ * If @dentry is a directory, trailing '/' is appended.
+ * Characters other than ' ' < c < 127 are converted to \ooo style octal
string.
+ * Character \ is converted to \\ string.
+ */
+static int tmy_get_absolute_path(struct dentry *dentry,
+struct vfsmount *vfsmnt,
+char *buffer,
+int buflen)
+{
+ char *start = buffer;
+ char *end = buffer + buflen;
+ u8 is_dir = (dentry->d_inode && S_ISDIR(dentry->d_inode->i_mode));
+ const char *sp;
+ const char *cp;
+
+ if (buflen < 256)
+ goto out;
+
+ *--end = '\0';
+ buflen--;
+
+ while (1) {
+ struct dentry *parent;
+
+ if (dentry == vfsmnt->mnt_root || IS_ROOT(dentry)) {
+ /* Global root? */
+ spin_lock(_lock);
+ if (vfsmnt->mnt_parent == vfsmnt) {
+ spin_unlock(_lock);
+ break;
+ }
+ dentry = vfsmnt->mnt_mountpoint;
+ vfsmnt = vfsmnt->mnt_parent;
+ spin_unlock(_lock);
+ continue;
+ }
+
+ if (is_dir) {
+ is_dir = 0;
+ *--end = '/';
+ buflen--;
+ }
+
+ parent = dentry->d_parent;
+ sp = dentry->d_name.name;
+ cp = sp + dentry->d_name.len - 1;
+
+ /* Exception: Use /proc/self/ rather than */
+ /* /proc/\$/ for current process. */
+ if (IS_ROOT(parent) &&
+ *sp > '0' && *sp <= '9' && parent->d_sb &&
+ parent->d_sb->s_magic == PROC_SUPER_MAGIC) {
+
+ char *ep;
+ const pid_t pid = (pid_t) simple_strtoul(sp, , 10);
+
+ if (!*ep && pid == current->tgid) {
+ sp = "self";
+ cp = sp + 3;
+ }
+
+ }
+
+ if (tmy_print_ascii(sp, cp, , ))
+ goto out;
+
+ if (--buflen < 0)
+ goto out;
+ *--end = '/';
+
+ dentry = parent;
+ }
+ if
[TOMOYO 03/15](repost) Memory and pathname management functions.
Basic functions to get canonicalized absolute pathnames
for TOMOYO Linux. Even the requested pathname is symlink()ed
or chroot()ed, TOMOYO Linux uses the original pathname.
Signed-off-by: Kentaro Takeda [EMAIL PROTECTED]
Signed-off-by: Tetsuo Handa [EMAIL PROTECTED]
---
security/tomoyo/realpath.c | 697 +
1 files changed, 697 insertions(+)
--- /dev/null 1970-01-01 00:00:00.0 +
+++ linux-2.6/security/tomoyo/realpath.c2007-10-02 11:26:21.0
+0900
@@ -0,0 +1,697 @@
+/*
+ * security/tomoyo/realpath.c
+ *
+ * Get the canonicalized absolute pathnames.
+ * The basis for TOMOYO Linux.
+ */
+
+#include linux/string.h
+#include linux/mm.h
+#include linux/utime.h
+#include linux/file.h
+#include linux/smp_lock.h
+#include linux/module.h
+#include linux/slab.h
+#include linux/uaccess.h
+#include asm/atomic.h
+#include linux/namei.h
+#include linux/mount.h
+#include linux/proc_fs.h
+#include linux/sysctl.h
+#include realpath.h
+#include tomoyo.h
+
+/* realpath handler */
+
+static int tmy_print_ascii(const char *sp, const char *cp,
+ int *buflen0, char **end0)
+{
+ int buflen = *buflen0;
+ char *end = *end0;
+
+ while (sp = cp) {
+ unsigned char c;
+
+ c = *(unsigned char *) cp;
+ if (c == '\\') {
+ buflen -= 2;
+ if (buflen 0)
+ goto out;
+ *--end = '\\';
+ *--end = '\\';
+ } else if (c ' ' c 127) {
+ if (--buflen 0)
+ goto out;
+ *--end = (char) c;
+ } else {
+ buflen -= 4;
+ if (buflen 0)
+ goto out;
+ *--end = (c 7) + '0';
+ *--end = ((c 3) 7) + '0';
+ *--end = (c 6) + '0';
+ *--end = '\\';
+ }
+ cp--;
+ }
+
+ *buflen0 = buflen;
+ *end0 = end;
+
+ return 0;
+out: ;
+ return -ENOMEM;
+}
+
+/**
+ * tmy_get_absolute_path - return the realpath of a dentry.
+ * @dentry: pointer to struct dentry.
+ * @vfsmnt: pointer to struct vfsmount to which the @dentry belongs.
+ * @buffer: size of buffer to save the result.
+ * @buflen: size of @buffer .
+ *
+ * Returns zero on success.
+ * Returns nonzero on failure.
+ *
+ * Caller holds the dcache_lock.
+ * Based on __d_path() in fs/dcache.c
+ *
+ * Unlike d_path(), this function traverses upto the root directory of
+ * process's namespace.
+ *
+ * If @dentry is a directory, trailing '/' is appended.
+ * Characters other than ' ' c 127 are converted to \ooo style octal
string.
+ * Character \ is converted to \\ string.
+ */
+static int tmy_get_absolute_path(struct dentry *dentry,
+struct vfsmount *vfsmnt,
+char *buffer,
+int buflen)
+{
+ char *start = buffer;
+ char *end = buffer + buflen;
+ u8 is_dir = (dentry-d_inode S_ISDIR(dentry-d_inode-i_mode));
+ const char *sp;
+ const char *cp;
+
+ if (buflen 256)
+ goto out;
+
+ *--end = '\0';
+ buflen--;
+
+ while (1) {
+ struct dentry *parent;
+
+ if (dentry == vfsmnt-mnt_root || IS_ROOT(dentry)) {
+ /* Global root? */
+ spin_lock(vfsmount_lock);
+ if (vfsmnt-mnt_parent == vfsmnt) {
+ spin_unlock(vfsmount_lock);
+ break;
+ }
+ dentry = vfsmnt-mnt_mountpoint;
+ vfsmnt = vfsmnt-mnt_parent;
+ spin_unlock(vfsmount_lock);
+ continue;
+ }
+
+ if (is_dir) {
+ is_dir = 0;
+ *--end = '/';
+ buflen--;
+ }
+
+ parent = dentry-d_parent;
+ sp = dentry-d_name.name;
+ cp = sp + dentry-d_name.len - 1;
+
+ /* Exception: Use /proc/self/ rather than */
+ /* /proc/\$/ for current process. */
+ if (IS_ROOT(parent)
+ *sp '0' *sp = '9' parent-d_sb
+ parent-d_sb-s_magic == PROC_SUPER_MAGIC) {
+
+ char *ep;
+ const pid_t pid = (pid_t) simple_strtoul(sp, ep, 10);
+
+ if (!*ep pid == current-tgid) {
+ sp = self;
+ cp = sp + 3;
+ }
+
+ }
+
+ if (tmy_print_ascii(sp, cp, buflen, end))
+ goto out;
+
+
