mm: collapse security_vm_enough_memory() variants into a single function
Collapse security_vm_enough_memory() variants into a single function. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
parent
bbd3656859
commit
191c542442
@ -1679,9 +1679,7 @@ int security_quotactl(int cmds, int type, int id, struct super_block *sb);
|
|||||||
int security_quota_on(struct dentry *dentry);
|
int security_quota_on(struct dentry *dentry);
|
||||||
int security_syslog(int type);
|
int security_syslog(int type);
|
||||||
int security_settime(const struct timespec *ts, const struct timezone *tz);
|
int security_settime(const struct timespec *ts, const struct timezone *tz);
|
||||||
int security_vm_enough_memory(long pages);
|
|
||||||
int security_vm_enough_memory_mm(struct mm_struct *mm, long pages);
|
int security_vm_enough_memory_mm(struct mm_struct *mm, long pages);
|
||||||
int security_vm_enough_memory_kern(long pages);
|
|
||||||
int security_bprm_set_creds(struct linux_binprm *bprm);
|
int security_bprm_set_creds(struct linux_binprm *bprm);
|
||||||
int security_bprm_check(struct linux_binprm *bprm);
|
int security_bprm_check(struct linux_binprm *bprm);
|
||||||
void security_bprm_committing_creds(struct linux_binprm *bprm);
|
void security_bprm_committing_creds(struct linux_binprm *bprm);
|
||||||
@ -1902,25 +1900,11 @@ static inline int security_settime(const struct timespec *ts,
|
|||||||
return cap_settime(ts, tz);
|
return cap_settime(ts, tz);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline int security_vm_enough_memory(long pages)
|
|
||||||
{
|
|
||||||
WARN_ON(current->mm == NULL);
|
|
||||||
return cap_vm_enough_memory(current->mm, pages);
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
|
static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
|
||||||
{
|
{
|
||||||
WARN_ON(mm == NULL);
|
|
||||||
return cap_vm_enough_memory(mm, pages);
|
return cap_vm_enough_memory(mm, pages);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline int security_vm_enough_memory_kern(long pages)
|
|
||||||
{
|
|
||||||
/* If current->mm is a kernel thread then we will pass NULL,
|
|
||||||
for this specific case that is fine */
|
|
||||||
return cap_vm_enough_memory(current->mm, pages);
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline int security_bprm_set_creds(struct linux_binprm *bprm)
|
static inline int security_bprm_set_creds(struct linux_binprm *bprm)
|
||||||
{
|
{
|
||||||
return cap_bprm_set_creds(bprm);
|
return cap_bprm_set_creds(bprm);
|
||||||
|
@ -355,7 +355,7 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
|
|||||||
charge = 0;
|
charge = 0;
|
||||||
if (mpnt->vm_flags & VM_ACCOUNT) {
|
if (mpnt->vm_flags & VM_ACCOUNT) {
|
||||||
unsigned int len = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT;
|
unsigned int len = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT;
|
||||||
if (security_vm_enough_memory(len))
|
if (security_vm_enough_memory_mm(oldmm, len)) /* sic */
|
||||||
goto fail_nomem;
|
goto fail_nomem;
|
||||||
charge = len;
|
charge = len;
|
||||||
}
|
}
|
||||||
|
@ -1235,7 +1235,7 @@ munmap_back:
|
|||||||
*/
|
*/
|
||||||
if (accountable_mapping(file, vm_flags)) {
|
if (accountable_mapping(file, vm_flags)) {
|
||||||
charged = len >> PAGE_SHIFT;
|
charged = len >> PAGE_SHIFT;
|
||||||
if (security_vm_enough_memory(charged))
|
if (security_vm_enough_memory_mm(mm, charged))
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
vm_flags |= VM_ACCOUNT;
|
vm_flags |= VM_ACCOUNT;
|
||||||
}
|
}
|
||||||
@ -2169,7 +2169,7 @@ unsigned long do_brk(unsigned long addr, unsigned long len)
|
|||||||
if (mm->map_count > sysctl_max_map_count)
|
if (mm->map_count > sysctl_max_map_count)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
if (security_vm_enough_memory(len >> PAGE_SHIFT))
|
if (security_vm_enough_memory_mm(mm, len >> PAGE_SHIFT))
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
/* Can we just expand an old private anonymous mapping? */
|
/* Can we just expand an old private anonymous mapping? */
|
||||||
|
@ -168,7 +168,7 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev,
|
|||||||
if (!(oldflags & (VM_ACCOUNT|VM_WRITE|VM_HUGETLB|
|
if (!(oldflags & (VM_ACCOUNT|VM_WRITE|VM_HUGETLB|
|
||||||
VM_SHARED|VM_NORESERVE))) {
|
VM_SHARED|VM_NORESERVE))) {
|
||||||
charged = nrpages;
|
charged = nrpages;
|
||||||
if (security_vm_enough_memory(charged))
|
if (security_vm_enough_memory_mm(mm, charged))
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
newflags |= VM_ACCOUNT;
|
newflags |= VM_ACCOUNT;
|
||||||
}
|
}
|
||||||
|
@ -329,7 +329,7 @@ static struct vm_area_struct *vma_to_resize(unsigned long addr,
|
|||||||
|
|
||||||
if (vma->vm_flags & VM_ACCOUNT) {
|
if (vma->vm_flags & VM_ACCOUNT) {
|
||||||
unsigned long charged = (new_len - old_len) >> PAGE_SHIFT;
|
unsigned long charged = (new_len - old_len) >> PAGE_SHIFT;
|
||||||
if (security_vm_enough_memory(charged))
|
if (security_vm_enough_memory_mm(mm, charged))
|
||||||
goto Efault;
|
goto Efault;
|
||||||
*p = charged;
|
*p = charged;
|
||||||
}
|
}
|
||||||
|
@ -127,7 +127,7 @@ static inline struct shmem_sb_info *SHMEM_SB(struct super_block *sb)
|
|||||||
static inline int shmem_acct_size(unsigned long flags, loff_t size)
|
static inline int shmem_acct_size(unsigned long flags, loff_t size)
|
||||||
{
|
{
|
||||||
return (flags & VM_NORESERVE) ?
|
return (flags & VM_NORESERVE) ?
|
||||||
0 : security_vm_enough_memory_kern(VM_ACCT(size));
|
0 : security_vm_enough_memory_mm(current->mm, VM_ACCT(size));
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline void shmem_unacct_size(unsigned long flags, loff_t size)
|
static inline void shmem_unacct_size(unsigned long flags, loff_t size)
|
||||||
@ -145,7 +145,7 @@ static inline void shmem_unacct_size(unsigned long flags, loff_t size)
|
|||||||
static inline int shmem_acct_block(unsigned long flags)
|
static inline int shmem_acct_block(unsigned long flags)
|
||||||
{
|
{
|
||||||
return (flags & VM_NORESERVE) ?
|
return (flags & VM_NORESERVE) ?
|
||||||
security_vm_enough_memory_kern(VM_ACCT(PAGE_CACHE_SIZE)) : 0;
|
security_vm_enough_memory_mm(current->mm, VM_ACCT(PAGE_CACHE_SIZE)) : 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline void shmem_unacct_blocks(unsigned long flags, long pages)
|
static inline void shmem_unacct_blocks(unsigned long flags, long pages)
|
||||||
|
@ -1563,6 +1563,8 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile)
|
|||||||
if (!capable(CAP_SYS_ADMIN))
|
if (!capable(CAP_SYS_ADMIN))
|
||||||
return -EPERM;
|
return -EPERM;
|
||||||
|
|
||||||
|
BUG_ON(!current->mm);
|
||||||
|
|
||||||
pathname = getname(specialfile);
|
pathname = getname(specialfile);
|
||||||
err = PTR_ERR(pathname);
|
err = PTR_ERR(pathname);
|
||||||
if (IS_ERR(pathname))
|
if (IS_ERR(pathname))
|
||||||
@ -1590,7 +1592,7 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile)
|
|||||||
spin_unlock(&swap_lock);
|
spin_unlock(&swap_lock);
|
||||||
goto out_dput;
|
goto out_dput;
|
||||||
}
|
}
|
||||||
if (!security_vm_enough_memory(p->pages))
|
if (!security_vm_enough_memory_mm(current->mm, p->pages))
|
||||||
vm_unacct_memory(p->pages);
|
vm_unacct_memory(p->pages);
|
||||||
else {
|
else {
|
||||||
err = -ENOMEM;
|
err = -ENOMEM;
|
||||||
|
@ -187,25 +187,11 @@ int security_settime(const struct timespec *ts, const struct timezone *tz)
|
|||||||
return security_ops->settime(ts, tz);
|
return security_ops->settime(ts, tz);
|
||||||
}
|
}
|
||||||
|
|
||||||
int security_vm_enough_memory(long pages)
|
|
||||||
{
|
|
||||||
WARN_ON(current->mm == NULL);
|
|
||||||
return security_ops->vm_enough_memory(current->mm, pages);
|
|
||||||
}
|
|
||||||
|
|
||||||
int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
|
int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
|
||||||
{
|
{
|
||||||
WARN_ON(mm == NULL);
|
|
||||||
return security_ops->vm_enough_memory(mm, pages);
|
return security_ops->vm_enough_memory(mm, pages);
|
||||||
}
|
}
|
||||||
|
|
||||||
int security_vm_enough_memory_kern(long pages)
|
|
||||||
{
|
|
||||||
/* If current->mm is a kernel thread then we will pass NULL,
|
|
||||||
for this specific case that is fine */
|
|
||||||
return security_ops->vm_enough_memory(current->mm, pages);
|
|
||||||
}
|
|
||||||
|
|
||||||
int security_bprm_set_creds(struct linux_binprm *bprm)
|
int security_bprm_set_creds(struct linux_binprm *bprm)
|
||||||
{
|
{
|
||||||
return security_ops->bprm_set_creds(bprm);
|
return security_ops->bprm_set_creds(bprm);
|
||||||
|
Loading…
Reference in New Issue
Block a user