hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-sg2042/security/apparmor
History
Tetsuo Handa a7f6c1b63b AppArmor: Use GFP_KERNEL for __aa_kvmalloc(). 
Calling kmalloc(GFP_NOIO) with order == PAGE_ALLOC_COSTLY_ORDER is not
recommended because it might fall into infinite retry loop without
invoking the OOM killer.

Since aa_dfa_unpack() is the only caller of kvzalloc() and
aa_dfa_unpack() which is calling kvzalloc() via unpack_table() is
doing kzalloc(GFP_KERNEL), it is safe to use GFP_KERNEL from
__aa_kvmalloc().

Since aa_simple_write_to_buffer() is the only caller of kvmalloc()
and aa_simple_write_to_buffer() is calling copy_from_user() which
is GFP_KERNEL context (see memdup_user_nul()), it is safe to use
GFP_KERNEL from __aa_kvmalloc().

Therefore, replace GFP_NOIO with GFP_KERNEL. Also, since we have
vmalloc() fallback, add __GFP_NORETRY so that we don't invoke the OOM
killer by kmalloc(GFP_KERNEL) with order == PAGE_ALLOC_COSTLY_ORDER.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: John Johansen <john.johansen@canonical.com>
 		2017-01-15 13:41:09 -08:00
..
include apparmor: fix module parameters can be changed after policy is locked 2016-07-12 08:43:10 -07:00
.gitignore AppArmor: remove af_names.h from .gitignore 2012-09-01 08:35:34 -07:00
Kconfig apparmor: add parameter to control whether policy hashing is used 2016-07-12 08:43:10 -07:00
Makefile apparmor: add the ability to report a sha1 hash of loaded policy 2013-08-14 11:42:08 -07:00
apparmorfs.c fs: Replace CURRENT_TIME with current_time() for inode timestamps 2016-09-27 21:06:21 -04:00
audit.c apparmor: fix uninitialized lsm_audit member 2016-07-12 08:43:10 -07:00
capability.c apparmor: fix capability to not use the current task, during reporting 2013-10-29 21:33:37 -07:00
context.c apparmor: change how profile replacement update is done 2013-08-14 11:42:06 -07:00
crypto.c apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling 2016-07-27 17:39:26 +10:00
domain.c apparmor: fix change_hat not finding hat after policy replacement 2016-11-21 18:01:28 +11:00
file.c apparmor: fix uninitialized lsm_audit member 2016-07-12 08:43:10 -07:00
ipc.c apparmor: fix capability to not use the current task, during reporting 2013-10-29 21:33:37 -07:00
lib.c AppArmor: Use GFP_KERNEL for __aa_kvmalloc(). 2017-01-15 13:41:09 -08:00
lsm.c apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling 2016-07-27 17:39:26 +10:00
match.c apparmor: do not expose kernel stack 2016-07-12 08:43:10 -07:00
path.c apparmor: internal paths should be treated as disconnected 2016-07-12 08:43:10 -07:00
policy.c apparmor: fix module parameters can be changed after policy is locked 2016-07-12 08:43:10 -07:00
policy_unpack.c apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling 2016-07-27 17:39:26 +10:00
procattr.c apparmor: add interface files for profiles and namespaces 2013-08-14 11:42:07 -07:00
resource.c apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task 2016-07-12 08:43:10 -07:00
sid.c AppArmor: core policy routines 2010-08-02 15:38:37 +10:00