Commit 191c5424 authored by Al Viro's avatar Al Viro Committed by James Morris

mm: collapse security_vm_enough_memory() variants into a single function

Collapse security_vm_enough_memory() variants into a single function.
Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent bbd36568
...@@ -1679,9 +1679,7 @@ int security_quotactl(int cmds, int type, int id, struct super_block *sb); ...@@ -1679,9 +1679,7 @@ int security_quotactl(int cmds, int type, int id, struct super_block *sb);
int security_quota_on(struct dentry *dentry); int security_quota_on(struct dentry *dentry);
int security_syslog(int type); int security_syslog(int type);
int security_settime(const struct timespec *ts, const struct timezone *tz); int security_settime(const struct timespec *ts, const struct timezone *tz);
int security_vm_enough_memory(long pages);
int security_vm_enough_memory_mm(struct mm_struct *mm, long pages); int security_vm_enough_memory_mm(struct mm_struct *mm, long pages);
int security_vm_enough_memory_kern(long pages);
int security_bprm_set_creds(struct linux_binprm *bprm); int security_bprm_set_creds(struct linux_binprm *bprm);
int security_bprm_check(struct linux_binprm *bprm); int security_bprm_check(struct linux_binprm *bprm);
void security_bprm_committing_creds(struct linux_binprm *bprm); void security_bprm_committing_creds(struct linux_binprm *bprm);
...@@ -1902,25 +1900,11 @@ static inline int security_settime(const struct timespec *ts, ...@@ -1902,25 +1900,11 @@ static inline int security_settime(const struct timespec *ts,
return cap_settime(ts, tz); return cap_settime(ts, tz);
} }
static inline int security_vm_enough_memory(long pages)
{
WARN_ON(current->mm == NULL);
return cap_vm_enough_memory(current->mm, pages);
}
static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
{ {
WARN_ON(mm == NULL);
return cap_vm_enough_memory(mm, pages); return cap_vm_enough_memory(mm, pages);
} }
static inline int security_vm_enough_memory_kern(long pages)
{
/* If current->mm is a kernel thread then we will pass NULL,
for this specific case that is fine */
return cap_vm_enough_memory(current->mm, pages);
}
static inline int security_bprm_set_creds(struct linux_binprm *bprm) static inline int security_bprm_set_creds(struct linux_binprm *bprm)
{ {
return cap_bprm_set_creds(bprm); return cap_bprm_set_creds(bprm);
......
...@@ -355,7 +355,7 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) ...@@ -355,7 +355,7 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
charge = 0; charge = 0;
if (mpnt->vm_flags & VM_ACCOUNT) { if (mpnt->vm_flags & VM_ACCOUNT) {
unsigned int len = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT; unsigned int len = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT;
if (security_vm_enough_memory(len)) if (security_vm_enough_memory_mm(oldmm, len)) /* sic */
goto fail_nomem; goto fail_nomem;
charge = len; charge = len;
} }
......
...@@ -1235,7 +1235,7 @@ unsigned long mmap_region(struct file *file, unsigned long addr, ...@@ -1235,7 +1235,7 @@ unsigned long mmap_region(struct file *file, unsigned long addr,
*/ */
if (accountable_mapping(file, vm_flags)) { if (accountable_mapping(file, vm_flags)) {
charged = len >> PAGE_SHIFT; charged = len >> PAGE_SHIFT;
if (security_vm_enough_memory(charged)) if (security_vm_enough_memory_mm(mm, charged))
return -ENOMEM; return -ENOMEM;
vm_flags |= VM_ACCOUNT; vm_flags |= VM_ACCOUNT;
} }
...@@ -2169,7 +2169,7 @@ unsigned long do_brk(unsigned long addr, unsigned long len) ...@@ -2169,7 +2169,7 @@ unsigned long do_brk(unsigned long addr, unsigned long len)
if (mm->map_count > sysctl_max_map_count) if (mm->map_count > sysctl_max_map_count)
return -ENOMEM; return -ENOMEM;
if (security_vm_enough_memory(len >> PAGE_SHIFT)) if (security_vm_enough_memory_mm(mm, len >> PAGE_SHIFT))
return -ENOMEM; return -ENOMEM;
/* Can we just expand an old private anonymous mapping? */ /* Can we just expand an old private anonymous mapping? */
......
...@@ -168,7 +168,7 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, ...@@ -168,7 +168,7 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev,
if (!(oldflags & (VM_ACCOUNT|VM_WRITE|VM_HUGETLB| if (!(oldflags & (VM_ACCOUNT|VM_WRITE|VM_HUGETLB|
VM_SHARED|VM_NORESERVE))) { VM_SHARED|VM_NORESERVE))) {
charged = nrpages; charged = nrpages;
if (security_vm_enough_memory(charged)) if (security_vm_enough_memory_mm(mm, charged))
return -ENOMEM; return -ENOMEM;
newflags |= VM_ACCOUNT; newflags |= VM_ACCOUNT;
} }
......
...@@ -329,7 +329,7 @@ static struct vm_area_struct *vma_to_resize(unsigned long addr, ...@@ -329,7 +329,7 @@ static struct vm_area_struct *vma_to_resize(unsigned long addr,
if (vma->vm_flags & VM_ACCOUNT) { if (vma->vm_flags & VM_ACCOUNT) {
unsigned long charged = (new_len - old_len) >> PAGE_SHIFT; unsigned long charged = (new_len - old_len) >> PAGE_SHIFT;
if (security_vm_enough_memory(charged)) if (security_vm_enough_memory_mm(mm, charged))
goto Efault; goto Efault;
*p = charged; *p = charged;
} }
......
...@@ -127,7 +127,7 @@ static inline struct shmem_sb_info *SHMEM_SB(struct super_block *sb) ...@@ -127,7 +127,7 @@ static inline struct shmem_sb_info *SHMEM_SB(struct super_block *sb)
static inline int shmem_acct_size(unsigned long flags, loff_t size) static inline int shmem_acct_size(unsigned long flags, loff_t size)
{ {
return (flags & VM_NORESERVE) ? return (flags & VM_NORESERVE) ?
0 : security_vm_enough_memory_kern(VM_ACCT(size)); 0 : security_vm_enough_memory_mm(current->mm, VM_ACCT(size));
} }
static inline void shmem_unacct_size(unsigned long flags, loff_t size) static inline void shmem_unacct_size(unsigned long flags, loff_t size)
...@@ -145,7 +145,7 @@ static inline void shmem_unacct_size(unsigned long flags, loff_t size) ...@@ -145,7 +145,7 @@ static inline void shmem_unacct_size(unsigned long flags, loff_t size)
static inline int shmem_acct_block(unsigned long flags) static inline int shmem_acct_block(unsigned long flags)
{ {
return (flags & VM_NORESERVE) ? return (flags & VM_NORESERVE) ?
security_vm_enough_memory_kern(VM_ACCT(PAGE_CACHE_SIZE)) : 0; security_vm_enough_memory_mm(current->mm, VM_ACCT(PAGE_CACHE_SIZE)) : 0;
} }
static inline void shmem_unacct_blocks(unsigned long flags, long pages) static inline void shmem_unacct_blocks(unsigned long flags, long pages)
......
...@@ -1563,6 +1563,8 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile) ...@@ -1563,6 +1563,8 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile)
if (!capable(CAP_SYS_ADMIN)) if (!capable(CAP_SYS_ADMIN))
return -EPERM; return -EPERM;
BUG_ON(!current->mm);
pathname = getname(specialfile); pathname = getname(specialfile);
err = PTR_ERR(pathname); err = PTR_ERR(pathname);
if (IS_ERR(pathname)) if (IS_ERR(pathname))
...@@ -1590,7 +1592,7 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile) ...@@ -1590,7 +1592,7 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile)
spin_unlock(&swap_lock); spin_unlock(&swap_lock);
goto out_dput; goto out_dput;
} }
if (!security_vm_enough_memory(p->pages)) if (!security_vm_enough_memory_mm(current->mm, p->pages))
vm_unacct_memory(p->pages); vm_unacct_memory(p->pages);
else { else {
err = -ENOMEM; err = -ENOMEM;
......
...@@ -187,25 +187,11 @@ int security_settime(const struct timespec *ts, const struct timezone *tz) ...@@ -187,25 +187,11 @@ int security_settime(const struct timespec *ts, const struct timezone *tz)
return security_ops->settime(ts, tz); return security_ops->settime(ts, tz);
} }
int security_vm_enough_memory(long pages)
{
WARN_ON(current->mm == NULL);
return security_ops->vm_enough_memory(current->mm, pages);
}
int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
{ {
WARN_ON(mm == NULL);
return security_ops->vm_enough_memory(mm, pages); return security_ops->vm_enough_memory(mm, pages);
} }
int security_vm_enough_memory_kern(long pages)
{
/* If current->mm is a kernel thread then we will pass NULL,
for this specific case that is fine */
return security_ops->vm_enough_memory(current->mm, pages);
}
int security_bprm_set_creds(struct linux_binprm *bprm) int security_bprm_set_creds(struct linux_binprm *bprm)
{ {
return security_ops->bprm_set_creds(bprm); return security_ops->bprm_set_creds(bprm);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment