TOMOYO: Remove tomoyo_policy_memory_lock spinlock.

tomoyo_policy_lock mutex already protects it.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>

diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h
index a0212fb..ed311d7 100644 (file)
--- a/security/tomoyo/common.h
+++ b/security/tomoyo/common.h
@@ -1043,7 +1043,6 @@ void tomoyo_fill_path_info(struct tomoyo_path_info *ptr);
 void tomoyo_get_attributes(struct tomoyo_obj_info *obj);
 void tomoyo_init_policy_namespace(struct tomoyo_policy_namespace *ns);
 void tomoyo_load_policy(const char *filename);
-void tomoyo_memory_free(void *ptr);
 void tomoyo_normalize_line(unsigned char *buffer);
 void tomoyo_notify_gc(struct tomoyo_io_buffer *head, const bool is_register);
 void tomoyo_print_ip(char *buf, const unsigned int size,

diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c
index f2295c6..c3214b3 100644 (file)
--- a/security/tomoyo/gc.c
+++ b/security/tomoyo/gc.c
@@ -8,6 +8,21 @@
 #include <linux/kthread.h>
 #include <linux/slab.h>
 
+/**
+ * tomoyo_memory_free - Free memory for elements.
+ *
+ * @ptr:  Pointer to allocated memory.
+ *
+ * Returns nothing.
+ *
+ * Caller holds tomoyo_policy_lock mutex.
+ */
+static inline void tomoyo_memory_free(void *ptr)
+{
+       tomoyo_memory_used[TOMOYO_MEMORY_POLICY] -= ksize(ptr);
+       kfree(ptr);
+}
+
 /* The list for "struct tomoyo_io_buffer". */
 static LIST_HEAD(tomoyo_io_buffer_list);
 /* Lock for protecting tomoyo_io_buffer_list. */
@@ -215,6 +230,8 @@ static void tomoyo_del_acl(struct list_head *element)
  * @element: Pointer to "struct list_head".
  *
  * Returns nothing.
+ *
+ * Caller holds tomoyo_policy_lock mutex.
  */
 static inline void tomoyo_del_domain(struct list_head *element)
 {
@@ -416,12 +433,13 @@ static void tomoyo_try_to_gc(const enum tomoyo_policy_id type,
                                (element, typeof(struct tomoyo_domain_info),
                                 list)->users))
                        goto reinject;
-               tomoyo_del_domain(element);
                break;
        case TOMOYO_MAX_POLICY:
                break;
        }
        mutex_lock(&tomoyo_policy_lock);
+       if (type == TOMOYO_ID_DOMAIN)
+               tomoyo_del_domain(element);
        tomoyo_memory_free(element);
        return;
 reinject:

diff --git a/security/tomoyo/memory.c b/security/tomoyo/memory.c
index 277b9ad..0e99571 100644 (file)
--- a/security/tomoyo/memory.c
+++ b/security/tomoyo/memory.c
@@ -27,8 +27,6 @@ void tomoyo_warn_oom(const char *function)
                panic("MAC Initialization failed.\n");
 }
 
-/* Lock for protecting tomoyo_memory_used. */
-static DEFINE_SPINLOCK(tomoyo_policy_memory_lock);
 /* Memoy currently used by policy/audit log/query. */
 unsigned int tomoyo_memory_used[TOMOYO_MAX_MEMORY_STAT];
 /* Memory quota for "policy"/"audit log"/"query". */
@@ -42,22 +40,19 @@ unsigned int tomoyo_memory_quota[TOMOYO_MAX_MEMORY_STAT];
  * Returns true on success, false otherwise.
  *
  * Returns true if @ptr is not NULL and quota not exceeded, false otherwise.
+ *
+ * Caller holds tomoyo_policy_lock mutex.
  */
 bool tomoyo_memory_ok(void *ptr)
 {
        if (ptr) {
                const size_t s = ksize(ptr);
-               bool result;
-               spin_lock(&tomoyo_policy_memory_lock);
                tomoyo_memory_used[TOMOYO_MEMORY_POLICY] += s;
-               result = !tomoyo_memory_quota[TOMOYO_MEMORY_POLICY] ||
-                       tomoyo_memory_used[TOMOYO_MEMORY_POLICY] <=
-                       tomoyo_memory_quota[TOMOYO_MEMORY_POLICY];
-               if (!result)
-                       tomoyo_memory_used[TOMOYO_MEMORY_POLICY] -= s;
-               spin_unlock(&tomoyo_policy_memory_lock);
-               if (result)
+               if (!tomoyo_memory_quota[TOMOYO_MEMORY_POLICY] ||
+                   tomoyo_memory_used[TOMOYO_MEMORY_POLICY] <=
+                   tomoyo_memory_quota[TOMOYO_MEMORY_POLICY])
                        return true;
+               tomoyo_memory_used[TOMOYO_MEMORY_POLICY] -= s;
        }
        tomoyo_warn_oom(__func__);
        return false;
@@ -71,6 +66,8 @@ bool tomoyo_memory_ok(void *ptr)
  *
  * Returns pointer to allocated memory on success, NULL otherwise.
  * @data is zero-cleared on success.
+ *
+ * Caller holds tomoyo_policy_lock mutex.
  */
 void *tomoyo_commit_ok(void *data, const unsigned int size)
 {
@@ -84,20 +81,6 @@ void *tomoyo_commit_ok(void *data, const unsigned int size)
        return NULL;
 }
 
-/**
- * tomoyo_memory_free - Free memory for elements.
- *
- * @ptr:  Pointer to allocated memory.
- */
-void tomoyo_memory_free(void *ptr)
-{
-       size_t s = ksize(ptr);
-       spin_lock(&tomoyo_policy_memory_lock);
-       tomoyo_memory_used[TOMOYO_MEMORY_POLICY] -= s;
-       spin_unlock(&tomoyo_policy_memory_lock);
-       kfree(ptr);
-}
-
 /**
  * tomoyo_get_group - Allocate memory for "struct tomoyo_path_group"/"struct tomoyo_number_group".
  *