summaryrefslogtreecommitdiff
path: root/security/selinux/ss/policydb.c
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2010-11-29 15:47:09 -0500
committerEric Paris <eparis@redhat.com>2010-11-30 17:28:57 -0500
commit23bdecb000c806cf4ec52764499a600f7200d7a9 (patch)
treef13a523f6bec22c5e7ec58ea02a4988aefe7c8ac /security/selinux/ss/policydb.c
parentc41ab6a1b9028de33e74101cb0aae13098a56fdb (diff)
selinux: convert type_val_to_struct to flex_array
In rawhide type_val_to_struct will allocate 26848 bytes, an order 3 allocations. While this hasn't been seen to fail it isn't outside the realm of possibiliy on systems with severe memory fragmentation. Convert to flex_array so no allocation will ever be bigger than PAGE_SIZE. Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security/selinux/ss/policydb.c')
-rw-r--r--security/selinux/ss/policydb.c28
1 files changed, 21 insertions, 7 deletions
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 6ad73e81da5c..af41fdfe1a71 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -307,7 +307,11 @@ static int type_index(void *key, void *datum, void *datap)
|| typdatum->bounds > p->p_types.nprim)
return -EINVAL;
p->p_type_val_to_name[typdatum->value - 1] = key;
- p->type_val_to_struct[typdatum->value - 1] = typdatum;
+ /* this flex array was all preallocated, this cannot fail */
+ if (flex_array_put_ptr(p->type_val_to_struct_array,
+ typdatum->value - 1, typdatum,
+ GFP_KERNEL | __GFP_ZERO))
+ BUG();
}
return 0;
@@ -484,11 +488,17 @@ static int policydb_index_others(struct policydb *p)
if (!p->user_val_to_struct)
goto out;
+ /* Yes, I want the sizeof the pointer, not the structure */
rc = -ENOMEM;
- p->type_val_to_struct =
- kmalloc(p->p_types.nprim * sizeof(*(p->type_val_to_struct)),
- GFP_KERNEL);
- if (!p->type_val_to_struct)
+ p->type_val_to_struct_array = flex_array_alloc(sizeof(struct type_datum *),
+ p->p_types.nprim,
+ GFP_KERNEL | __GFP_ZERO);
+ if (!p->type_val_to_struct_array)
+ goto out;
+
+ rc = flex_array_prealloc(p->type_val_to_struct_array, 0,
+ p->p_types.nprim - 1, GFP_KERNEL | __GFP_ZERO);
+ if (rc)
goto out;
rc = -ENOMEM;
@@ -699,7 +709,8 @@ void policydb_destroy(struct policydb *p)
kfree(p->class_val_to_struct);
kfree(p->role_val_to_struct);
kfree(p->user_val_to_struct);
- kfree(p->type_val_to_struct);
+ if (p->type_val_to_struct_array)
+ flex_array_free(p->type_val_to_struct_array);
avtab_destroy(&p->te_avtab);
@@ -1618,7 +1629,10 @@ static int type_bounds_sanity_check(void *key, void *datum, void *datap)
return -EINVAL;
}
- upper = p->type_val_to_struct[upper->bounds - 1];
+ upper = flex_array_get_ptr(p->type_val_to_struct_array,
+ upper->bounds - 1);
+ BUG_ON(!upper);
+
if (upper->attribute) {
printk(KERN_ERR "SELinux: type %s: "
"bounded by attribute %s",