Greg Kroah-Hartman | b244131 | 2017-11-01 15:07:57 +0100 | [diff] [blame] | 1 | // SPDX-License-Identifier: GPL-2.0 |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 2 | /* |
| 3 | * security/tomoyo/gc.c |
| 4 | * |
Tetsuo Handa | 0f2a55d | 2011-07-14 14:46:51 +0900 | [diff] [blame] | 5 | * Copyright (C) 2005-2011 NTT DATA CORPORATION |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 6 | */ |
| 7 | |
| 8 | #include "common.h" |
| 9 | #include <linux/kthread.h> |
Tejun Heo | 5a0e3ad | 2010-03-24 17:04:11 +0900 | [diff] [blame] | 10 | #include <linux/slab.h> |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 11 | |
Tetsuo Handa | a427fd1 | 2011-09-25 17:51:06 +0900 | [diff] [blame] | 12 | /** |
| 13 | * tomoyo_memory_free - Free memory for elements. |
| 14 | * |
| 15 | * @ptr: Pointer to allocated memory. |
| 16 | * |
| 17 | * Returns nothing. |
| 18 | * |
| 19 | * Caller holds tomoyo_policy_lock mutex. |
| 20 | */ |
| 21 | static inline void tomoyo_memory_free(void *ptr) |
| 22 | { |
| 23 | tomoyo_memory_used[TOMOYO_MEMORY_POLICY] -= ksize(ptr); |
| 24 | kfree(ptr); |
| 25 | } |
| 26 | |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 27 | /* The list for "struct tomoyo_io_buffer". */ |
| 28 | static LIST_HEAD(tomoyo_io_buffer_list); |
| 29 | /* Lock for protecting tomoyo_io_buffer_list. */ |
| 30 | static DEFINE_SPINLOCK(tomoyo_io_buffer_list_lock); |
| 31 | |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 32 | /** |
| 33 | * tomoyo_struct_used_by_io_buffer - Check whether the list element is used by /sys/kernel/security/tomoyo/ users or not. |
| 34 | * |
| 35 | * @element: Pointer to "struct list_head". |
| 36 | * |
| 37 | * Returns true if @element is used by /sys/kernel/security/tomoyo/ users, |
| 38 | * false otherwise. |
| 39 | */ |
| 40 | static bool tomoyo_struct_used_by_io_buffer(const struct list_head *element) |
| 41 | { |
| 42 | struct tomoyo_io_buffer *head; |
| 43 | bool in_use = false; |
| 44 | |
| 45 | spin_lock(&tomoyo_io_buffer_list_lock); |
| 46 | list_for_each_entry(head, &tomoyo_io_buffer_list, list) { |
| 47 | head->users++; |
| 48 | spin_unlock(&tomoyo_io_buffer_list_lock); |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 49 | mutex_lock(&head->io_sem); |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 50 | if (head->r.domain == element || head->r.group == element || |
| 51 | head->r.acl == element || &head->w.domain->list == element) |
| 52 | in_use = true; |
| 53 | mutex_unlock(&head->io_sem); |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 54 | spin_lock(&tomoyo_io_buffer_list_lock); |
| 55 | head->users--; |
| 56 | if (in_use) |
| 57 | break; |
| 58 | } |
| 59 | spin_unlock(&tomoyo_io_buffer_list_lock); |
| 60 | return in_use; |
| 61 | } |
| 62 | |
| 63 | /** |
| 64 | * tomoyo_name_used_by_io_buffer - Check whether the string is used by /sys/kernel/security/tomoyo/ users or not. |
| 65 | * |
| 66 | * @string: String to check. |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 67 | * |
| 68 | * Returns true if @string is used by /sys/kernel/security/tomoyo/ users, |
| 69 | * false otherwise. |
| 70 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 71 | static bool tomoyo_name_used_by_io_buffer(const char *string) |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 72 | { |
| 73 | struct tomoyo_io_buffer *head; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 74 | const size_t size = strlen(string) + 1; |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 75 | bool in_use = false; |
| 76 | |
| 77 | spin_lock(&tomoyo_io_buffer_list_lock); |
| 78 | list_for_each_entry(head, &tomoyo_io_buffer_list, list) { |
| 79 | int i; |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 80 | |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 81 | head->users++; |
| 82 | spin_unlock(&tomoyo_io_buffer_list_lock); |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 83 | mutex_lock(&head->io_sem); |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 84 | for (i = 0; i < TOMOYO_MAX_IO_READ_QUEUE; i++) { |
| 85 | const char *w = head->r.w[i]; |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 86 | |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 87 | if (w < string || w > string + size) |
| 88 | continue; |
| 89 | in_use = true; |
| 90 | break; |
| 91 | } |
| 92 | mutex_unlock(&head->io_sem); |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 93 | spin_lock(&tomoyo_io_buffer_list_lock); |
| 94 | head->users--; |
| 95 | if (in_use) |
| 96 | break; |
| 97 | } |
| 98 | spin_unlock(&tomoyo_io_buffer_list_lock); |
| 99 | return in_use; |
| 100 | } |
| 101 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 102 | /** |
| 103 | * tomoyo_del_transition_control - Delete members in "struct tomoyo_transition_control". |
| 104 | * |
| 105 | * @element: Pointer to "struct list_head". |
| 106 | * |
| 107 | * Returns nothing. |
| 108 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 109 | static inline void tomoyo_del_transition_control(struct list_head *element) |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 110 | { |
Tetsuo Handa | 5448ec4 | 2010-06-21 11:14:39 +0900 | [diff] [blame] | 111 | struct tomoyo_transition_control *ptr = |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 112 | container_of(element, typeof(*ptr), head.list); |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 113 | |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 114 | tomoyo_put_name(ptr->domainname); |
| 115 | tomoyo_put_name(ptr->program); |
| 116 | } |
| 117 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 118 | /** |
| 119 | * tomoyo_del_aggregator - Delete members in "struct tomoyo_aggregator". |
| 120 | * |
| 121 | * @element: Pointer to "struct list_head". |
| 122 | * |
| 123 | * Returns nothing. |
| 124 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 125 | static inline void tomoyo_del_aggregator(struct list_head *element) |
Tetsuo Handa | 1084307 | 2010-06-03 20:38:03 +0900 | [diff] [blame] | 126 | { |
Tetsuo Handa | e2bf690 | 2010-06-25 11:16:00 +0900 | [diff] [blame] | 127 | struct tomoyo_aggregator *ptr = |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 128 | container_of(element, typeof(*ptr), head.list); |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 129 | |
Tetsuo Handa | 1084307 | 2010-06-03 20:38:03 +0900 | [diff] [blame] | 130 | tomoyo_put_name(ptr->original_name); |
| 131 | tomoyo_put_name(ptr->aggregated_name); |
| 132 | } |
| 133 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 134 | /** |
| 135 | * tomoyo_del_manager - Delete members in "struct tomoyo_manager". |
| 136 | * |
| 137 | * @element: Pointer to "struct list_head". |
| 138 | * |
| 139 | * Returns nothing. |
| 140 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 141 | static inline void tomoyo_del_manager(struct list_head *element) |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 142 | { |
Tetsuo Handa | e2bf690 | 2010-06-25 11:16:00 +0900 | [diff] [blame] | 143 | struct tomoyo_manager *ptr = |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 144 | container_of(element, typeof(*ptr), head.list); |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 145 | |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 146 | tomoyo_put_name(ptr->manager); |
| 147 | } |
| 148 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 149 | /** |
| 150 | * tomoyo_del_acl - Delete members in "struct tomoyo_acl_info". |
| 151 | * |
| 152 | * @element: Pointer to "struct list_head". |
| 153 | * |
| 154 | * Returns nothing. |
| 155 | */ |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 156 | static void tomoyo_del_acl(struct list_head *element) |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 157 | { |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 158 | struct tomoyo_acl_info *acl = |
| 159 | container_of(element, typeof(*acl), list); |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 160 | |
Tetsuo Handa | 2066a36 | 2011-07-08 13:21:37 +0900 | [diff] [blame] | 161 | tomoyo_put_condition(acl->cond); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 162 | switch (acl->type) { |
Tetsuo Handa | 7ef6123 | 2010-02-16 08:03:30 +0900 | [diff] [blame] | 163 | case TOMOYO_TYPE_PATH_ACL: |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 164 | { |
Tetsuo Handa | 7ef6123 | 2010-02-16 08:03:30 +0900 | [diff] [blame] | 165 | struct tomoyo_path_acl *entry |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 166 | = container_of(acl, typeof(*entry), head); |
Tetsuo Handa | 7762fbf | 2010-05-10 17:30:26 +0900 | [diff] [blame] | 167 | tomoyo_put_name_union(&entry->name); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 168 | } |
| 169 | break; |
Tetsuo Handa | 7ef6123 | 2010-02-16 08:03:30 +0900 | [diff] [blame] | 170 | case TOMOYO_TYPE_PATH2_ACL: |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 171 | { |
Tetsuo Handa | 7ef6123 | 2010-02-16 08:03:30 +0900 | [diff] [blame] | 172 | struct tomoyo_path2_acl *entry |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 173 | = container_of(acl, typeof(*entry), head); |
Tetsuo Handa | 7762fbf | 2010-05-10 17:30:26 +0900 | [diff] [blame] | 174 | tomoyo_put_name_union(&entry->name1); |
| 175 | tomoyo_put_name_union(&entry->name2); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 176 | } |
| 177 | break; |
Tetsuo Handa | a1f9bb6 | 2010-05-17 10:09:15 +0900 | [diff] [blame] | 178 | case TOMOYO_TYPE_PATH_NUMBER_ACL: |
| 179 | { |
| 180 | struct tomoyo_path_number_acl *entry |
| 181 | = container_of(acl, typeof(*entry), head); |
| 182 | tomoyo_put_name_union(&entry->name); |
| 183 | tomoyo_put_number_union(&entry->number); |
| 184 | } |
| 185 | break; |
Tetsuo Handa | 7509315 | 2010-06-16 16:23:55 +0900 | [diff] [blame] | 186 | case TOMOYO_TYPE_MKDEV_ACL: |
Tetsuo Handa | a1f9bb6 | 2010-05-17 10:09:15 +0900 | [diff] [blame] | 187 | { |
Tetsuo Handa | 7509315 | 2010-06-16 16:23:55 +0900 | [diff] [blame] | 188 | struct tomoyo_mkdev_acl *entry |
Tetsuo Handa | a1f9bb6 | 2010-05-17 10:09:15 +0900 | [diff] [blame] | 189 | = container_of(acl, typeof(*entry), head); |
| 190 | tomoyo_put_name_union(&entry->name); |
| 191 | tomoyo_put_number_union(&entry->mode); |
| 192 | tomoyo_put_number_union(&entry->major); |
| 193 | tomoyo_put_number_union(&entry->minor); |
| 194 | } |
| 195 | break; |
Tetsuo Handa | 2106ccd | 2010-05-17 10:10:31 +0900 | [diff] [blame] | 196 | case TOMOYO_TYPE_MOUNT_ACL: |
| 197 | { |
| 198 | struct tomoyo_mount_acl *entry |
| 199 | = container_of(acl, typeof(*entry), head); |
| 200 | tomoyo_put_name_union(&entry->dev_name); |
| 201 | tomoyo_put_name_union(&entry->dir_name); |
| 202 | tomoyo_put_name_union(&entry->fs_type); |
| 203 | tomoyo_put_number_union(&entry->flags); |
| 204 | } |
| 205 | break; |
Tetsuo Handa | d58e0da | 2011-09-10 15:22:48 +0900 | [diff] [blame] | 206 | case TOMOYO_TYPE_ENV_ACL: |
| 207 | { |
| 208 | struct tomoyo_env_acl *entry = |
| 209 | container_of(acl, typeof(*entry), head); |
| 210 | |
| 211 | tomoyo_put_name(entry->env); |
| 212 | } |
| 213 | break; |
Tetsuo Handa | 059d84d | 2011-09-10 15:23:54 +0900 | [diff] [blame] | 214 | case TOMOYO_TYPE_INET_ACL: |
| 215 | { |
| 216 | struct tomoyo_inet_acl *entry = |
| 217 | container_of(acl, typeof(*entry), head); |
| 218 | |
| 219 | tomoyo_put_group(entry->address.group); |
| 220 | tomoyo_put_number_union(&entry->port); |
| 221 | } |
| 222 | break; |
| 223 | case TOMOYO_TYPE_UNIX_ACL: |
| 224 | { |
| 225 | struct tomoyo_unix_acl *entry = |
| 226 | container_of(acl, typeof(*entry), head); |
| 227 | |
| 228 | tomoyo_put_name_union(&entry->name); |
| 229 | } |
| 230 | break; |
Tetsuo Handa | 545a726 | 2011-10-11 14:06:41 +0900 | [diff] [blame] | 231 | case TOMOYO_TYPE_MANUAL_TASK_ACL: |
| 232 | { |
| 233 | struct tomoyo_task_acl *entry = |
| 234 | container_of(acl, typeof(*entry), head); |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 235 | |
Tetsuo Handa | 545a726 | 2011-10-11 14:06:41 +0900 | [diff] [blame] | 236 | tomoyo_put_name(entry->domainname); |
| 237 | } |
| 238 | break; |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 239 | } |
| 240 | } |
| 241 | |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 242 | /** |
| 243 | * tomoyo_del_domain - Delete members in "struct tomoyo_domain_info". |
| 244 | * |
| 245 | * @element: Pointer to "struct list_head". |
| 246 | * |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 247 | * Returns nothing. |
Tetsuo Handa | a427fd1 | 2011-09-25 17:51:06 +0900 | [diff] [blame] | 248 | * |
| 249 | * Caller holds tomoyo_policy_lock mutex. |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 250 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 251 | static inline void tomoyo_del_domain(struct list_head *element) |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 252 | { |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 253 | struct tomoyo_domain_info *domain = |
| 254 | container_of(element, typeof(*domain), list); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 255 | struct tomoyo_acl_info *acl; |
| 256 | struct tomoyo_acl_info *tmp; |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 257 | |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 258 | /* |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 259 | * Since this domain is referenced from neither |
| 260 | * "struct tomoyo_io_buffer" nor "struct cred"->security, we can delete |
| 261 | * elements without checking for is_deleted flag. |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 262 | */ |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 263 | list_for_each_entry_safe(acl, tmp, &domain->acl_info_list, list) { |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 264 | tomoyo_del_acl(&acl->list); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 265 | tomoyo_memory_free(acl); |
| 266 | } |
| 267 | tomoyo_put_name(domain->domainname); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 268 | } |
| 269 | |
Tetsuo Handa | 2066a36 | 2011-07-08 13:21:37 +0900 | [diff] [blame] | 270 | /** |
| 271 | * tomoyo_del_condition - Delete members in "struct tomoyo_condition". |
| 272 | * |
| 273 | * @element: Pointer to "struct list_head". |
| 274 | * |
| 275 | * Returns nothing. |
| 276 | */ |
| 277 | void tomoyo_del_condition(struct list_head *element) |
| 278 | { |
| 279 | struct tomoyo_condition *cond = container_of(element, typeof(*cond), |
| 280 | head.list); |
| 281 | const u16 condc = cond->condc; |
| 282 | const u16 numbers_count = cond->numbers_count; |
Tetsuo Handa | 2ca9bf4 | 2011-07-08 13:23:44 +0900 | [diff] [blame] | 283 | const u16 names_count = cond->names_count; |
Tetsuo Handa | 5b63685 | 2011-07-08 13:24:54 +0900 | [diff] [blame] | 284 | const u16 argc = cond->argc; |
| 285 | const u16 envc = cond->envc; |
Tetsuo Handa | 2066a36 | 2011-07-08 13:21:37 +0900 | [diff] [blame] | 286 | unsigned int i; |
| 287 | const struct tomoyo_condition_element *condp |
| 288 | = (const struct tomoyo_condition_element *) (cond + 1); |
| 289 | struct tomoyo_number_union *numbers_p |
| 290 | = (struct tomoyo_number_union *) (condp + condc); |
Tetsuo Handa | 2ca9bf4 | 2011-07-08 13:23:44 +0900 | [diff] [blame] | 291 | struct tomoyo_name_union *names_p |
| 292 | = (struct tomoyo_name_union *) (numbers_p + numbers_count); |
Tetsuo Handa | 5b63685 | 2011-07-08 13:24:54 +0900 | [diff] [blame] | 293 | const struct tomoyo_argv *argv |
| 294 | = (const struct tomoyo_argv *) (names_p + names_count); |
| 295 | const struct tomoyo_envp *envp |
| 296 | = (const struct tomoyo_envp *) (argv + argc); |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 297 | |
Tetsuo Handa | 2066a36 | 2011-07-08 13:21:37 +0900 | [diff] [blame] | 298 | for (i = 0; i < numbers_count; i++) |
| 299 | tomoyo_put_number_union(numbers_p++); |
Tetsuo Handa | 2ca9bf4 | 2011-07-08 13:23:44 +0900 | [diff] [blame] | 300 | for (i = 0; i < names_count; i++) |
| 301 | tomoyo_put_name_union(names_p++); |
Tetsuo Handa | 5b63685 | 2011-07-08 13:24:54 +0900 | [diff] [blame] | 302 | for (i = 0; i < argc; argv++, i++) |
| 303 | tomoyo_put_name(argv->value); |
| 304 | for (i = 0; i < envc; envp++, i++) { |
| 305 | tomoyo_put_name(envp->name); |
| 306 | tomoyo_put_name(envp->value); |
| 307 | } |
Tetsuo Handa | 2066a36 | 2011-07-08 13:21:37 +0900 | [diff] [blame] | 308 | } |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 309 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 310 | /** |
| 311 | * tomoyo_del_name - Delete members in "struct tomoyo_name". |
| 312 | * |
| 313 | * @element: Pointer to "struct list_head". |
| 314 | * |
| 315 | * Returns nothing. |
| 316 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 317 | static inline void tomoyo_del_name(struct list_head *element) |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 318 | { |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 319 | /* Nothing to do. */ |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 320 | } |
| 321 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 322 | /** |
| 323 | * tomoyo_del_path_group - Delete members in "struct tomoyo_path_group". |
| 324 | * |
| 325 | * @element: Pointer to "struct list_head". |
| 326 | * |
| 327 | * Returns nothing. |
| 328 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 329 | static inline void tomoyo_del_path_group(struct list_head *element) |
Tetsuo Handa | 7762fbf | 2010-05-10 17:30:26 +0900 | [diff] [blame] | 330 | { |
Tetsuo Handa | a98aa4d | 2010-06-17 16:52:29 +0900 | [diff] [blame] | 331 | struct tomoyo_path_group *member = |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 332 | container_of(element, typeof(*member), head.list); |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 333 | |
Tetsuo Handa | 7762fbf | 2010-05-10 17:30:26 +0900 | [diff] [blame] | 334 | tomoyo_put_name(member->member_name); |
| 335 | } |
| 336 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 337 | /** |
| 338 | * tomoyo_del_group - Delete "struct tomoyo_group". |
| 339 | * |
| 340 | * @element: Pointer to "struct list_head". |
| 341 | * |
| 342 | * Returns nothing. |
| 343 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 344 | static inline void tomoyo_del_group(struct list_head *element) |
Tetsuo Handa | 7762fbf | 2010-05-10 17:30:26 +0900 | [diff] [blame] | 345 | { |
Tetsuo Handa | a98aa4d | 2010-06-17 16:52:29 +0900 | [diff] [blame] | 346 | struct tomoyo_group *group = |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 347 | container_of(element, typeof(*group), head.list); |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 348 | |
Tetsuo Handa | 7762fbf | 2010-05-10 17:30:26 +0900 | [diff] [blame] | 349 | tomoyo_put_name(group->group_name); |
| 350 | } |
| 351 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 352 | /** |
Tetsuo Handa | 059d84d | 2011-09-10 15:23:54 +0900 | [diff] [blame] | 353 | * tomoyo_del_address_group - Delete members in "struct tomoyo_address_group". |
| 354 | * |
| 355 | * @element: Pointer to "struct list_head". |
| 356 | * |
| 357 | * Returns nothing. |
| 358 | */ |
| 359 | static inline void tomoyo_del_address_group(struct list_head *element) |
| 360 | { |
| 361 | /* Nothing to do. */ |
| 362 | } |
| 363 | |
| 364 | /** |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 365 | * tomoyo_del_number_group - Delete members in "struct tomoyo_number_group". |
| 366 | * |
| 367 | * @element: Pointer to "struct list_head". |
| 368 | * |
| 369 | * Returns nothing. |
| 370 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 371 | static inline void tomoyo_del_number_group(struct list_head *element) |
Tetsuo Handa | 4c3e9e2 | 2010-05-17 10:06:58 +0900 | [diff] [blame] | 372 | { |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 373 | /* Nothing to do. */ |
| 374 | } |
| 375 | |
| 376 | /** |
| 377 | * tomoyo_try_to_gc - Try to kfree() an entry. |
| 378 | * |
| 379 | * @type: One of values in "enum tomoyo_policy_id". |
| 380 | * @element: Pointer to "struct list_head". |
| 381 | * |
| 382 | * Returns nothing. |
| 383 | * |
| 384 | * Caller holds tomoyo_policy_lock mutex. |
| 385 | */ |
| 386 | static void tomoyo_try_to_gc(const enum tomoyo_policy_id type, |
| 387 | struct list_head *element) |
| 388 | { |
| 389 | /* |
| 390 | * __list_del_entry() guarantees that the list element became no longer |
| 391 | * reachable from the list which the element was originally on (e.g. |
| 392 | * tomoyo_domain_list). Also, synchronize_srcu() guarantees that the |
| 393 | * list element became no longer referenced by syscall users. |
| 394 | */ |
| 395 | __list_del_entry(element); |
| 396 | mutex_unlock(&tomoyo_policy_lock); |
| 397 | synchronize_srcu(&tomoyo_ss); |
| 398 | /* |
| 399 | * However, there are two users which may still be using the list |
| 400 | * element. We need to defer until both users forget this element. |
| 401 | * |
| 402 | * Don't kfree() until "struct tomoyo_io_buffer"->r.{domain,group,acl} |
| 403 | * and "struct tomoyo_io_buffer"->w.domain forget this element. |
| 404 | */ |
| 405 | if (tomoyo_struct_used_by_io_buffer(element)) |
| 406 | goto reinject; |
| 407 | switch (type) { |
| 408 | case TOMOYO_ID_TRANSITION_CONTROL: |
| 409 | tomoyo_del_transition_control(element); |
| 410 | break; |
| 411 | case TOMOYO_ID_MANAGER: |
| 412 | tomoyo_del_manager(element); |
| 413 | break; |
| 414 | case TOMOYO_ID_AGGREGATOR: |
| 415 | tomoyo_del_aggregator(element); |
| 416 | break; |
| 417 | case TOMOYO_ID_GROUP: |
| 418 | tomoyo_del_group(element); |
| 419 | break; |
| 420 | case TOMOYO_ID_PATH_GROUP: |
| 421 | tomoyo_del_path_group(element); |
| 422 | break; |
| 423 | case TOMOYO_ID_ADDRESS_GROUP: |
| 424 | tomoyo_del_address_group(element); |
| 425 | break; |
| 426 | case TOMOYO_ID_NUMBER_GROUP: |
| 427 | tomoyo_del_number_group(element); |
| 428 | break; |
| 429 | case TOMOYO_ID_CONDITION: |
| 430 | tomoyo_del_condition(element); |
| 431 | break; |
| 432 | case TOMOYO_ID_NAME: |
| 433 | /* |
| 434 | * Don't kfree() until all "struct tomoyo_io_buffer"->r.w[] |
| 435 | * forget this element. |
| 436 | */ |
| 437 | if (tomoyo_name_used_by_io_buffer |
| 438 | (container_of(element, typeof(struct tomoyo_name), |
| 439 | head.list)->entry.name)) |
| 440 | goto reinject; |
| 441 | tomoyo_del_name(element); |
| 442 | break; |
| 443 | case TOMOYO_ID_ACL: |
| 444 | tomoyo_del_acl(element); |
| 445 | break; |
| 446 | case TOMOYO_ID_DOMAIN: |
| 447 | /* |
| 448 | * Don't kfree() until all "struct cred"->security forget this |
| 449 | * element. |
| 450 | */ |
| 451 | if (atomic_read(&container_of |
| 452 | (element, typeof(struct tomoyo_domain_info), |
| 453 | list)->users)) |
| 454 | goto reinject; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 455 | break; |
| 456 | case TOMOYO_MAX_POLICY: |
| 457 | break; |
| 458 | } |
| 459 | mutex_lock(&tomoyo_policy_lock); |
Tetsuo Handa | a427fd1 | 2011-09-25 17:51:06 +0900 | [diff] [blame] | 460 | if (type == TOMOYO_ID_DOMAIN) |
| 461 | tomoyo_del_domain(element); |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 462 | tomoyo_memory_free(element); |
| 463 | return; |
| 464 | reinject: |
| 465 | /* |
Tetsuo Handa | 15269fb | 2020-12-06 13:44:57 +0900 | [diff] [blame] | 466 | * We can safely reinject this element here because |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 467 | * (1) Appending list elements and removing list elements are protected |
| 468 | * by tomoyo_policy_lock mutex. |
| 469 | * (2) Only this function removes list elements and this function is |
| 470 | * exclusively executed by tomoyo_gc_mutex mutex. |
| 471 | * are true. |
| 472 | */ |
| 473 | mutex_lock(&tomoyo_policy_lock); |
| 474 | list_add_rcu(element, element->prev); |
Tetsuo Handa | 4c3e9e2 | 2010-05-17 10:06:58 +0900 | [diff] [blame] | 475 | } |
| 476 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 477 | /** |
| 478 | * tomoyo_collect_member - Delete elements with "struct tomoyo_acl_head". |
| 479 | * |
| 480 | * @id: One of values in "enum tomoyo_policy_id". |
| 481 | * @member_list: Pointer to "struct list_head". |
| 482 | * |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 483 | * Returns nothing. |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 484 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 485 | static void tomoyo_collect_member(const enum tomoyo_policy_id id, |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 486 | struct list_head *member_list) |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 487 | { |
| 488 | struct tomoyo_acl_head *member; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 489 | struct tomoyo_acl_head *tmp; |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 490 | |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 491 | list_for_each_entry_safe(member, tmp, member_list, list) { |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 492 | if (!member->is_deleted) |
| 493 | continue; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 494 | member->is_deleted = TOMOYO_GC_IN_PROGRESS; |
| 495 | tomoyo_try_to_gc(id, &member->list); |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 496 | } |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 497 | } |
| 498 | |
Tetsuo Handa | 3299714 | 2011-06-26 23:19:28 +0900 | [diff] [blame] | 499 | /** |
| 500 | * tomoyo_collect_acl - Delete elements in "struct tomoyo_domain_info". |
| 501 | * |
| 502 | * @list: Pointer to "struct list_head". |
| 503 | * |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 504 | * Returns nothing. |
Tetsuo Handa | 3299714 | 2011-06-26 23:19:28 +0900 | [diff] [blame] | 505 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 506 | static void tomoyo_collect_acl(struct list_head *list) |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 507 | { |
| 508 | struct tomoyo_acl_info *acl; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 509 | struct tomoyo_acl_info *tmp; |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 510 | |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 511 | list_for_each_entry_safe(acl, tmp, list, list) { |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 512 | if (!acl->is_deleted) |
| 513 | continue; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 514 | acl->is_deleted = TOMOYO_GC_IN_PROGRESS; |
| 515 | tomoyo_try_to_gc(TOMOYO_ID_ACL, &acl->list); |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 516 | } |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 517 | } |
| 518 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 519 | /** |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 520 | * tomoyo_collect_entry - Try to kfree() deleted elements. |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 521 | * |
| 522 | * Returns nothing. |
| 523 | */ |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 524 | static void tomoyo_collect_entry(void) |
| 525 | { |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 526 | int i; |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 527 | enum tomoyo_policy_id id; |
| 528 | struct tomoyo_policy_namespace *ns; |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 529 | |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 530 | mutex_lock(&tomoyo_policy_lock); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 531 | { |
| 532 | struct tomoyo_domain_info *domain; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 533 | struct tomoyo_domain_info *tmp; |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 534 | |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 535 | list_for_each_entry_safe(domain, tmp, &tomoyo_domain_list, |
| 536 | list) { |
| 537 | tomoyo_collect_acl(&domain->acl_info_list); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 538 | if (!domain->is_deleted || atomic_read(&domain->users)) |
| 539 | continue; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 540 | tomoyo_try_to_gc(TOMOYO_ID_DOMAIN, &domain->list); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 541 | } |
| 542 | } |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 543 | list_for_each_entry(ns, &tomoyo_namespace_list, namespace_list) { |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 544 | for (id = 0; id < TOMOYO_MAX_POLICY; id++) |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 545 | tomoyo_collect_member(id, &ns->policy_list[id]); |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 546 | for (i = 0; i < TOMOYO_MAX_ACL_GROUPS; i++) |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 547 | tomoyo_collect_acl(&ns->acl_group[i]); |
| 548 | } |
| 549 | { |
| 550 | struct tomoyo_shared_acl_head *ptr; |
| 551 | struct tomoyo_shared_acl_head *tmp; |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 552 | |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 553 | list_for_each_entry_safe(ptr, tmp, &tomoyo_condition_list, |
| 554 | list) { |
| 555 | if (atomic_read(&ptr->users) > 0) |
| 556 | continue; |
| 557 | atomic_set(&ptr->users, TOMOYO_GC_IN_PROGRESS); |
| 558 | tomoyo_try_to_gc(TOMOYO_ID_CONDITION, &ptr->list); |
| 559 | } |
| 560 | } |
| 561 | list_for_each_entry(ns, &tomoyo_namespace_list, namespace_list) { |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 562 | for (i = 0; i < TOMOYO_MAX_GROUP; i++) { |
| 563 | struct list_head *list = &ns->group_list[i]; |
| 564 | struct tomoyo_group *group; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 565 | struct tomoyo_group *tmp; |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 566 | |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 567 | switch (i) { |
| 568 | case 0: |
| 569 | id = TOMOYO_ID_PATH_GROUP; |
| 570 | break; |
Tetsuo Handa | 059d84d | 2011-09-10 15:23:54 +0900 | [diff] [blame] | 571 | case 1: |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 572 | id = TOMOYO_ID_NUMBER_GROUP; |
| 573 | break; |
Tetsuo Handa | 059d84d | 2011-09-10 15:23:54 +0900 | [diff] [blame] | 574 | default: |
| 575 | id = TOMOYO_ID_ADDRESS_GROUP; |
| 576 | break; |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 577 | } |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 578 | list_for_each_entry_safe(group, tmp, list, head.list) { |
| 579 | tomoyo_collect_member(id, &group->member_list); |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 580 | if (!list_empty(&group->member_list) || |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 581 | atomic_read(&group->head.users) > 0) |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 582 | continue; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 583 | atomic_set(&group->head.users, |
| 584 | TOMOYO_GC_IN_PROGRESS); |
| 585 | tomoyo_try_to_gc(TOMOYO_ID_GROUP, |
| 586 | &group->head.list); |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 587 | } |
| 588 | } |
| 589 | } |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 590 | for (i = 0; i < TOMOYO_MAX_HASH; i++) { |
| 591 | struct list_head *list = &tomoyo_name_list[i]; |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 592 | struct tomoyo_shared_acl_head *ptr; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 593 | struct tomoyo_shared_acl_head *tmp; |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 594 | |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 595 | list_for_each_entry_safe(ptr, tmp, list, list) { |
| 596 | if (atomic_read(&ptr->users) > 0) |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 597 | continue; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 598 | atomic_set(&ptr->users, TOMOYO_GC_IN_PROGRESS); |
| 599 | tomoyo_try_to_gc(TOMOYO_ID_NAME, &ptr->list); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 600 | } |
| 601 | } |
Tetsuo Handa | 2928238 | 2010-05-06 00:18:15 +0900 | [diff] [blame] | 602 | mutex_unlock(&tomoyo_policy_lock); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 603 | } |
| 604 | |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 605 | /** |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 606 | * tomoyo_gc_thread - Garbage collector thread function. |
| 607 | * |
| 608 | * @unused: Unused. |
| 609 | * |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 610 | * Returns 0. |
| 611 | */ |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 612 | static int tomoyo_gc_thread(void *unused) |
| 613 | { |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 614 | /* Garbage collector thread is exclusive. */ |
| 615 | static DEFINE_MUTEX(tomoyo_gc_mutex); |
Tetsuo Handa | cdcf672 | 2019-01-24 18:37:35 +0900 | [diff] [blame] | 616 | |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 617 | if (!mutex_trylock(&tomoyo_gc_mutex)) |
| 618 | goto out; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 619 | tomoyo_collect_entry(); |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 620 | { |
| 621 | struct tomoyo_io_buffer *head; |
| 622 | struct tomoyo_io_buffer *tmp; |
| 623 | |
| 624 | spin_lock(&tomoyo_io_buffer_list_lock); |
| 625 | list_for_each_entry_safe(head, tmp, &tomoyo_io_buffer_list, |
| 626 | list) { |
| 627 | if (head->users) |
| 628 | continue; |
| 629 | list_del(&head->list); |
| 630 | kfree(head->read_buf); |
| 631 | kfree(head->write_buf); |
| 632 | kfree(head); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 633 | } |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 634 | spin_unlock(&tomoyo_io_buffer_list_lock); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 635 | } |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 636 | mutex_unlock(&tomoyo_gc_mutex); |
| 637 | out: |
| 638 | /* This acts as do_exit(0). */ |
| 639 | return 0; |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 640 | } |
| 641 | |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 642 | /** |
| 643 | * tomoyo_notify_gc - Register/unregister /sys/kernel/security/tomoyo/ users. |
| 644 | * |
| 645 | * @head: Pointer to "struct tomoyo_io_buffer". |
| 646 | * @is_register: True if register, false if unregister. |
| 647 | * |
| 648 | * Returns nothing. |
| 649 | */ |
| 650 | void tomoyo_notify_gc(struct tomoyo_io_buffer *head, const bool is_register) |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 651 | { |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 652 | bool is_write = false; |
| 653 | |
| 654 | spin_lock(&tomoyo_io_buffer_list_lock); |
| 655 | if (is_register) { |
| 656 | head->users = 1; |
| 657 | list_add(&head->list, &tomoyo_io_buffer_list); |
| 658 | } else { |
| 659 | is_write = head->write_buf != NULL; |
| 660 | if (!--head->users) { |
| 661 | list_del(&head->list); |
| 662 | kfree(head->read_buf); |
| 663 | kfree(head->write_buf); |
| 664 | kfree(head); |
| 665 | } |
| 666 | } |
| 667 | spin_unlock(&tomoyo_io_buffer_list_lock); |
Mike Danese | 40d2737 | 2016-05-19 21:37:53 -0700 | [diff] [blame] | 668 | if (is_write) |
| 669 | kthread_run(tomoyo_gc_thread, NULL, "GC for TOMOYO"); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 670 | } |