Re: [TOMOYO 03/15](repost) Memory and pathname management functions.
Hello. James Morris wrote: > Would you please explain why you need another level of memory allocation? > > What does it do apart from let you check for memory leaks? Difference between tmy_alloc() and kmalloc() are tmy_alloc() allows administrator know "how much memory is used by TOMOYO Linux modules" via /sys/kernel/security/tomoyo/meminfo interface. This feature was requested by TOMOYO Linux users. /proc/slabinfo can show how much memory is used by all modules, but it cannot show how much memory is used by TOMOYO Linux modules. tmy_alloc() can indicate memory-leaking bug and can avoid double-kfree() bug by keeping the pointer returned by kmalloc() in a local "cache_list" list. tmy_alloc() also keeps the size of memory allocated by kmalloc() in "cache_list" list so that administrator can know "how much memory is used by TOMOYO Linux modules". Calling ksize() after kmalloc() in tmy_alloc() and calling ksize() before kfree() in tmy_free() might be better if double-kfree-checks and memory-leaking-checks (i.e. "tmy_cachep") are unneeded. Regards. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [TOMOYO 03/15](repost) Memory and pathname management functions.
On Tue, 2 Oct 2007, Kentaro Takeda wrote: > +/** > + * tmy_alloc - allocate memory for temporary purpose. > + * @size: requested size in bytes. > + * > + * Returns '\0'-initialized memory region on success. > + * Returns NULL on failure. > + * > + * This function allocates memory for keeping ACL entries. > + * The caller has to call tmy_free() the returned pointer > + * when memory is no longer needed. > + */ Would you please explain why you need another level of memory allocation? What does it do apart from let you check for memory leaks? - James -- James Morris <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [TOMOYO 03/15](repost) Memory and pathname management functions.
On Tue, 2 Oct 2007, Kentaro Takeda wrote: +/** + * tmy_alloc - allocate memory for temporary purpose. + * @size: requested size in bytes. + * + * Returns '\0'-initialized memory region on success. + * Returns NULL on failure. + * + * This function allocates memory for keeping ACL entries. + * The caller has to call tmy_free() the returned pointer + * when memory is no longer needed. + */ Would you please explain why you need another level of memory allocation? What does it do apart from let you check for memory leaks? - James -- James Morris [EMAIL PROTECTED] - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [TOMOYO 03/15](repost) Memory and pathname management functions.
Hello. James Morris wrote: Would you please explain why you need another level of memory allocation? What does it do apart from let you check for memory leaks? Difference between tmy_alloc() and kmalloc() are tmy_alloc() allows administrator know how much memory is used by TOMOYO Linux modules via /sys/kernel/security/tomoyo/meminfo interface. This feature was requested by TOMOYO Linux users. /proc/slabinfo can show how much memory is used by all modules, but it cannot show how much memory is used by TOMOYO Linux modules. tmy_alloc() can indicate memory-leaking bug and can avoid double-kfree() bug by keeping the pointer returned by kmalloc() in a local cache_list list. tmy_alloc() also keeps the size of memory allocated by kmalloc() in cache_list list so that administrator can know how much memory is used by TOMOYO Linux modules. Calling ksize() after kmalloc() in tmy_alloc() and calling ksize() before kfree() in tmy_free() might be better if double-kfree-checks and memory-leaking-checks (i.e. tmy_cachep) are unneeded. Regards. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[TOMOYO 03/15](repost) Memory and pathname management functions.
Basic functions to get canonicalized absolute pathnames for TOMOYO Linux. Even the requested pathname is symlink()ed or chroot()ed, TOMOYO Linux uses the original pathname. Signed-off-by: Kentaro Takeda <[EMAIL PROTECTED]> Signed-off-by: Tetsuo Handa <[EMAIL PROTECTED]> --- security/tomoyo/realpath.c | 697 + 1 files changed, 697 insertions(+) --- /dev/null 1970-01-01 00:00:00.0 + +++ linux-2.6/security/tomoyo/realpath.c2007-10-02 11:26:21.0 +0900 @@ -0,0 +1,697 @@ +/* + * security/tomoyo/realpath.c + * + * Get the canonicalized absolute pathnames. + * The basis for TOMOYO Linux. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "realpath.h" +#include "tomoyo.h" + +/* realpath handler */ + +static int tmy_print_ascii(const char *sp, const char *cp, + int *buflen0, char **end0) +{ + int buflen = *buflen0; + char *end = *end0; + + while (sp <= cp) { + unsigned char c; + + c = *(unsigned char *) cp; + if (c == '\\') { + buflen -= 2; + if (buflen < 0) + goto out; + *--end = '\\'; + *--end = '\\'; + } else if (c > ' ' && c < 127) { + if (--buflen < 0) + goto out; + *--end = (char) c; + } else { + buflen -= 4; + if (buflen < 0) + goto out; + *--end = (c & 7) + '0'; + *--end = ((c >> 3) & 7) + '0'; + *--end = (c >> 6) + '0'; + *--end = '\\'; + } + cp--; + } + + *buflen0 = buflen; + *end0 = end; + + return 0; +out: ; + return -ENOMEM; +} + +/** + * tmy_get_absolute_path - return the realpath of a dentry. + * @dentry: pointer to "struct dentry". + * @vfsmnt: pointer to "struct vfsmount" to which the @dentry belongs. + * @buffer: size of buffer to save the result. + * @buflen: size of @buffer . + * + * Returns zero on success. + * Returns nonzero on failure. + * + * Caller holds the dcache_lock. + * Based on __d_path() in fs/dcache.c + * + * Unlike d_path(), this function traverses upto the root directory of + * process's namespace. + * + * If @dentry is a directory, trailing '/' is appended. + * Characters other than ' ' < c < 127 are converted to \ooo style octal string. + * Character \ is converted to \\ string. + */ +static int tmy_get_absolute_path(struct dentry *dentry, +struct vfsmount *vfsmnt, +char *buffer, +int buflen) +{ + char *start = buffer; + char *end = buffer + buflen; + u8 is_dir = (dentry->d_inode && S_ISDIR(dentry->d_inode->i_mode)); + const char *sp; + const char *cp; + + if (buflen < 256) + goto out; + + *--end = '\0'; + buflen--; + + while (1) { + struct dentry *parent; + + if (dentry == vfsmnt->mnt_root || IS_ROOT(dentry)) { + /* Global root? */ + spin_lock(_lock); + if (vfsmnt->mnt_parent == vfsmnt) { + spin_unlock(_lock); + break; + } + dentry = vfsmnt->mnt_mountpoint; + vfsmnt = vfsmnt->mnt_parent; + spin_unlock(_lock); + continue; + } + + if (is_dir) { + is_dir = 0; + *--end = '/'; + buflen--; + } + + parent = dentry->d_parent; + sp = dentry->d_name.name; + cp = sp + dentry->d_name.len - 1; + + /* Exception: Use /proc/self/ rather than */ + /* /proc/\$/ for current process. */ + if (IS_ROOT(parent) && + *sp > '0' && *sp <= '9' && parent->d_sb && + parent->d_sb->s_magic == PROC_SUPER_MAGIC) { + + char *ep; + const pid_t pid = (pid_t) simple_strtoul(sp, , 10); + + if (!*ep && pid == current->tgid) { + sp = "self"; + cp = sp + 3; + } + + } + + if (tmy_print_ascii(sp, cp, , )) + goto out; + + if (--buflen < 0) + goto out; + *--end = '/'; + + dentry = parent; + } + if
[TOMOYO 03/15](repost) Memory and pathname management functions.
Basic functions to get canonicalized absolute pathnames for TOMOYO Linux. Even the requested pathname is symlink()ed or chroot()ed, TOMOYO Linux uses the original pathname. Signed-off-by: Kentaro Takeda [EMAIL PROTECTED] Signed-off-by: Tetsuo Handa [EMAIL PROTECTED] --- security/tomoyo/realpath.c | 697 + 1 files changed, 697 insertions(+) --- /dev/null 1970-01-01 00:00:00.0 + +++ linux-2.6/security/tomoyo/realpath.c2007-10-02 11:26:21.0 +0900 @@ -0,0 +1,697 @@ +/* + * security/tomoyo/realpath.c + * + * Get the canonicalized absolute pathnames. + * The basis for TOMOYO Linux. + */ + +#include linux/string.h +#include linux/mm.h +#include linux/utime.h +#include linux/file.h +#include linux/smp_lock.h +#include linux/module.h +#include linux/slab.h +#include linux/uaccess.h +#include asm/atomic.h +#include linux/namei.h +#include linux/mount.h +#include linux/proc_fs.h +#include linux/sysctl.h +#include realpath.h +#include tomoyo.h + +/* realpath handler */ + +static int tmy_print_ascii(const char *sp, const char *cp, + int *buflen0, char **end0) +{ + int buflen = *buflen0; + char *end = *end0; + + while (sp = cp) { + unsigned char c; + + c = *(unsigned char *) cp; + if (c == '\\') { + buflen -= 2; + if (buflen 0) + goto out; + *--end = '\\'; + *--end = '\\'; + } else if (c ' ' c 127) { + if (--buflen 0) + goto out; + *--end = (char) c; + } else { + buflen -= 4; + if (buflen 0) + goto out; + *--end = (c 7) + '0'; + *--end = ((c 3) 7) + '0'; + *--end = (c 6) + '0'; + *--end = '\\'; + } + cp--; + } + + *buflen0 = buflen; + *end0 = end; + + return 0; +out: ; + return -ENOMEM; +} + +/** + * tmy_get_absolute_path - return the realpath of a dentry. + * @dentry: pointer to struct dentry. + * @vfsmnt: pointer to struct vfsmount to which the @dentry belongs. + * @buffer: size of buffer to save the result. + * @buflen: size of @buffer . + * + * Returns zero on success. + * Returns nonzero on failure. + * + * Caller holds the dcache_lock. + * Based on __d_path() in fs/dcache.c + * + * Unlike d_path(), this function traverses upto the root directory of + * process's namespace. + * + * If @dentry is a directory, trailing '/' is appended. + * Characters other than ' ' c 127 are converted to \ooo style octal string. + * Character \ is converted to \\ string. + */ +static int tmy_get_absolute_path(struct dentry *dentry, +struct vfsmount *vfsmnt, +char *buffer, +int buflen) +{ + char *start = buffer; + char *end = buffer + buflen; + u8 is_dir = (dentry-d_inode S_ISDIR(dentry-d_inode-i_mode)); + const char *sp; + const char *cp; + + if (buflen 256) + goto out; + + *--end = '\0'; + buflen--; + + while (1) { + struct dentry *parent; + + if (dentry == vfsmnt-mnt_root || IS_ROOT(dentry)) { + /* Global root? */ + spin_lock(vfsmount_lock); + if (vfsmnt-mnt_parent == vfsmnt) { + spin_unlock(vfsmount_lock); + break; + } + dentry = vfsmnt-mnt_mountpoint; + vfsmnt = vfsmnt-mnt_parent; + spin_unlock(vfsmount_lock); + continue; + } + + if (is_dir) { + is_dir = 0; + *--end = '/'; + buflen--; + } + + parent = dentry-d_parent; + sp = dentry-d_name.name; + cp = sp + dentry-d_name.len - 1; + + /* Exception: Use /proc/self/ rather than */ + /* /proc/\$/ for current process. */ + if (IS_ROOT(parent) + *sp '0' *sp = '9' parent-d_sb + parent-d_sb-s_magic == PROC_SUPER_MAGIC) { + + char *ep; + const pid_t pid = (pid_t) simple_strtoul(sp, ep, 10); + + if (!*ep pid == current-tgid) { + sp = self; + cp = sp + 3; + } + + } + + if (tmy_print_ascii(sp, cp, buflen, end)) + goto out; + +