Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'tomoyo-pr-20211222' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1

Pull tomoyo fixes from Tetsuo Handa:
"Two overhead reduction patches for testing/fuzzing environment"

* tag 'tomoyo-pr-20211222' of git://git.osdn.net/gitroot/tomoyo/tomoyo-test1:
tomoyo: use hweight16() in tomoyo_domain_quota_is_ok()
tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().

+14 -17
+14 -17
security/tomoyo/util.c
··· 1051 1051 return false; 1052 1052 if (!domain) 1053 1053 return true; 1054 + if (READ_ONCE(domain->flags[TOMOYO_DIF_QUOTA_WARNED])) 1055 + return false; 1054 1056 list_for_each_entry_rcu(ptr, &domain->acl_info_list, list, 1055 1057 srcu_read_lock_held(&tomoyo_ss)) { 1056 1058 u16 perm; 1057 - u8 i; 1058 1059 1059 1060 if (ptr->is_deleted) 1060 1061 continue; ··· 1066 1065 */ 1067 1066 switch (ptr->type) { 1068 1067 case TOMOYO_TYPE_PATH_ACL: 1069 - data_race(perm = container_of(ptr, struct tomoyo_path_acl, head)->perm); 1068 + perm = data_race(container_of(ptr, struct tomoyo_path_acl, head)->perm); 1070 1069 break; 1071 1070 case TOMOYO_TYPE_PATH2_ACL: 1072 - data_race(perm = container_of(ptr, struct tomoyo_path2_acl, head)->perm); 1071 + perm = data_race(container_of(ptr, struct tomoyo_path2_acl, head)->perm); 1073 1072 break; 1074 1073 case TOMOYO_TYPE_PATH_NUMBER_ACL: 1075 - data_race(perm = container_of(ptr, struct tomoyo_path_number_acl, head) 1074 + perm = data_race(container_of(ptr, struct tomoyo_path_number_acl, head) 1076 1075 ->perm); 1077 1076 break; 1078 1077 case TOMOYO_TYPE_MKDEV_ACL: 1079 - data_race(perm = container_of(ptr, struct tomoyo_mkdev_acl, head)->perm); 1078 + perm = data_race(container_of(ptr, struct tomoyo_mkdev_acl, head)->perm); 1080 1079 break; 1081 1080 case TOMOYO_TYPE_INET_ACL: 1082 - data_race(perm = container_of(ptr, struct tomoyo_inet_acl, head)->perm); 1081 + perm = data_race(container_of(ptr, struct tomoyo_inet_acl, head)->perm); 1083 1082 break; 1084 1083 case TOMOYO_TYPE_UNIX_ACL: 1085 - data_race(perm = container_of(ptr, struct tomoyo_unix_acl, head)->perm); 1084 + perm = data_race(container_of(ptr, struct tomoyo_unix_acl, head)->perm); 1086 1085 break; 1087 1086 case TOMOYO_TYPE_MANUAL_TASK_ACL: 1088 1087 perm = 0; ··· 1090 1089 default: 1091 1090 perm = 1; 1092 1091 } 1093 - for (i = 0; i < 16; i++) 1094 - if (perm & (1 << i)) 1095 - count++; 1092 + count += hweight16(perm); 1096 1093 } 1097 1094 if (count < tomoyo_profile(domain->ns, domain->profile)-> 1098 1095 pref[TOMOYO_PREF_MAX_LEARNING_ENTRY]) 1099 1096 return true; 1100 - if (!domain->flags[TOMOYO_DIF_QUOTA_WARNED]) { 1101 - domain->flags[TOMOYO_DIF_QUOTA_WARNED] = true; 1102 - /* r->granted = false; */ 1103 - tomoyo_write_log(r, "%s", tomoyo_dif[TOMOYO_DIF_QUOTA_WARNED]); 1097 + WRITE_ONCE(domain->flags[TOMOYO_DIF_QUOTA_WARNED], true); 1098 + /* r->granted = false; */ 1099 + tomoyo_write_log(r, "%s", tomoyo_dif[TOMOYO_DIF_QUOTA_WARNED]); 1104 1100 #ifndef CONFIG_SECURITY_TOMOYO_INSECURE_BUILTIN_SETTING 1105 - pr_warn("WARNING: Domain '%s' has too many ACLs to hold. Stopped learning mode.\n", 1106 - domain->domainname->name); 1101 + pr_warn("WARNING: Domain '%s' has too many ACLs to hold. Stopped learning mode.\n", 1102 + domain->domainname->name); 1107 1103 #endif 1108 - } 1109 1104 return false; 1110 1105 }