mm: collapse security_vm_enough_memory() variants into a single function
Collapse security_vm_enough_memory() variants into a single function. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
		| @@ -1679,9 +1679,7 @@ int security_quotactl(int cmds, int type, int id, struct super_block *sb); | |||||||
| int security_quota_on(struct dentry *dentry); | int security_quota_on(struct dentry *dentry); | ||||||
| int security_syslog(int type); | int security_syslog(int type); | ||||||
| int security_settime(const struct timespec *ts, const struct timezone *tz); | int security_settime(const struct timespec *ts, const struct timezone *tz); | ||||||
| int security_vm_enough_memory(long pages); |  | ||||||
| int security_vm_enough_memory_mm(struct mm_struct *mm, long pages); | int security_vm_enough_memory_mm(struct mm_struct *mm, long pages); | ||||||
| int security_vm_enough_memory_kern(long pages); |  | ||||||
| int security_bprm_set_creds(struct linux_binprm *bprm); | int security_bprm_set_creds(struct linux_binprm *bprm); | ||||||
| int security_bprm_check(struct linux_binprm *bprm); | int security_bprm_check(struct linux_binprm *bprm); | ||||||
| void security_bprm_committing_creds(struct linux_binprm *bprm); | void security_bprm_committing_creds(struct linux_binprm *bprm); | ||||||
| @@ -1902,25 +1900,11 @@ static inline int security_settime(const struct timespec *ts, | |||||||
| 	return cap_settime(ts, tz); | 	return cap_settime(ts, tz); | ||||||
| } | } | ||||||
|  |  | ||||||
| static inline int security_vm_enough_memory(long pages) |  | ||||||
| { |  | ||||||
| 	WARN_ON(current->mm == NULL); |  | ||||||
| 	return cap_vm_enough_memory(current->mm, pages); |  | ||||||
| } |  | ||||||
|  |  | ||||||
| static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) | static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) | ||||||
| { | { | ||||||
| 	WARN_ON(mm == NULL); |  | ||||||
| 	return cap_vm_enough_memory(mm, pages); | 	return cap_vm_enough_memory(mm, pages); | ||||||
| } | } | ||||||
|  |  | ||||||
| static inline int security_vm_enough_memory_kern(long pages) |  | ||||||
| { |  | ||||||
| 	/* If current->mm is a kernel thread then we will pass NULL, |  | ||||||
| 	   for this specific case that is fine */ |  | ||||||
| 	return cap_vm_enough_memory(current->mm, pages); |  | ||||||
| } |  | ||||||
|  |  | ||||||
| static inline int security_bprm_set_creds(struct linux_binprm *bprm) | static inline int security_bprm_set_creds(struct linux_binprm *bprm) | ||||||
| { | { | ||||||
| 	return cap_bprm_set_creds(bprm); | 	return cap_bprm_set_creds(bprm); | ||||||
|   | |||||||
| @@ -355,7 +355,7 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm) | |||||||
| 		charge = 0; | 		charge = 0; | ||||||
| 		if (mpnt->vm_flags & VM_ACCOUNT) { | 		if (mpnt->vm_flags & VM_ACCOUNT) { | ||||||
| 			unsigned int len = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT; | 			unsigned int len = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT; | ||||||
| 			if (security_vm_enough_memory(len)) | 			if (security_vm_enough_memory_mm(oldmm, len)) /* sic */ | ||||||
| 				goto fail_nomem; | 				goto fail_nomem; | ||||||
| 			charge = len; | 			charge = len; | ||||||
| 		} | 		} | ||||||
|   | |||||||
| @@ -1235,7 +1235,7 @@ munmap_back: | |||||||
| 	 */ | 	 */ | ||||||
| 	if (accountable_mapping(file, vm_flags)) { | 	if (accountable_mapping(file, vm_flags)) { | ||||||
| 		charged = len >> PAGE_SHIFT; | 		charged = len >> PAGE_SHIFT; | ||||||
| 		if (security_vm_enough_memory(charged)) | 		if (security_vm_enough_memory_mm(mm, charged)) | ||||||
| 			return -ENOMEM; | 			return -ENOMEM; | ||||||
| 		vm_flags |= VM_ACCOUNT; | 		vm_flags |= VM_ACCOUNT; | ||||||
| 	} | 	} | ||||||
| @@ -2169,7 +2169,7 @@ unsigned long do_brk(unsigned long addr, unsigned long len) | |||||||
| 	if (mm->map_count > sysctl_max_map_count) | 	if (mm->map_count > sysctl_max_map_count) | ||||||
| 		return -ENOMEM; | 		return -ENOMEM; | ||||||
|  |  | ||||||
| 	if (security_vm_enough_memory(len >> PAGE_SHIFT)) | 	if (security_vm_enough_memory_mm(mm, len >> PAGE_SHIFT)) | ||||||
| 		return -ENOMEM; | 		return -ENOMEM; | ||||||
|  |  | ||||||
| 	/* Can we just expand an old private anonymous mapping? */ | 	/* Can we just expand an old private anonymous mapping? */ | ||||||
|   | |||||||
| @@ -168,7 +168,7 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, | |||||||
| 		if (!(oldflags & (VM_ACCOUNT|VM_WRITE|VM_HUGETLB| | 		if (!(oldflags & (VM_ACCOUNT|VM_WRITE|VM_HUGETLB| | ||||||
| 						VM_SHARED|VM_NORESERVE))) { | 						VM_SHARED|VM_NORESERVE))) { | ||||||
| 			charged = nrpages; | 			charged = nrpages; | ||||||
| 			if (security_vm_enough_memory(charged)) | 			if (security_vm_enough_memory_mm(mm, charged)) | ||||||
| 				return -ENOMEM; | 				return -ENOMEM; | ||||||
| 			newflags |= VM_ACCOUNT; | 			newflags |= VM_ACCOUNT; | ||||||
| 		} | 		} | ||||||
|   | |||||||
| @@ -329,7 +329,7 @@ static struct vm_area_struct *vma_to_resize(unsigned long addr, | |||||||
|  |  | ||||||
| 	if (vma->vm_flags & VM_ACCOUNT) { | 	if (vma->vm_flags & VM_ACCOUNT) { | ||||||
| 		unsigned long charged = (new_len - old_len) >> PAGE_SHIFT; | 		unsigned long charged = (new_len - old_len) >> PAGE_SHIFT; | ||||||
| 		if (security_vm_enough_memory(charged)) | 		if (security_vm_enough_memory_mm(mm, charged)) | ||||||
| 			goto Efault; | 			goto Efault; | ||||||
| 		*p = charged; | 		*p = charged; | ||||||
| 	} | 	} | ||||||
|   | |||||||
| @@ -127,7 +127,7 @@ static inline struct shmem_sb_info *SHMEM_SB(struct super_block *sb) | |||||||
| static inline int shmem_acct_size(unsigned long flags, loff_t size) | static inline int shmem_acct_size(unsigned long flags, loff_t size) | ||||||
| { | { | ||||||
| 	return (flags & VM_NORESERVE) ? | 	return (flags & VM_NORESERVE) ? | ||||||
| 		0 : security_vm_enough_memory_kern(VM_ACCT(size)); | 		0 : security_vm_enough_memory_mm(current->mm, VM_ACCT(size)); | ||||||
| } | } | ||||||
|  |  | ||||||
| static inline void shmem_unacct_size(unsigned long flags, loff_t size) | static inline void shmem_unacct_size(unsigned long flags, loff_t size) | ||||||
| @@ -145,7 +145,7 @@ static inline void shmem_unacct_size(unsigned long flags, loff_t size) | |||||||
| static inline int shmem_acct_block(unsigned long flags) | static inline int shmem_acct_block(unsigned long flags) | ||||||
| { | { | ||||||
| 	return (flags & VM_NORESERVE) ? | 	return (flags & VM_NORESERVE) ? | ||||||
| 		security_vm_enough_memory_kern(VM_ACCT(PAGE_CACHE_SIZE)) : 0; | 		security_vm_enough_memory_mm(current->mm, VM_ACCT(PAGE_CACHE_SIZE)) : 0; | ||||||
| } | } | ||||||
|  |  | ||||||
| static inline void shmem_unacct_blocks(unsigned long flags, long pages) | static inline void shmem_unacct_blocks(unsigned long flags, long pages) | ||||||
|   | |||||||
| @@ -1563,6 +1563,8 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile) | |||||||
| 	if (!capable(CAP_SYS_ADMIN)) | 	if (!capable(CAP_SYS_ADMIN)) | ||||||
| 		return -EPERM; | 		return -EPERM; | ||||||
|  |  | ||||||
|  | 	BUG_ON(!current->mm); | ||||||
|  |  | ||||||
| 	pathname = getname(specialfile); | 	pathname = getname(specialfile); | ||||||
| 	err = PTR_ERR(pathname); | 	err = PTR_ERR(pathname); | ||||||
| 	if (IS_ERR(pathname)) | 	if (IS_ERR(pathname)) | ||||||
| @@ -1590,7 +1592,7 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile) | |||||||
| 		spin_unlock(&swap_lock); | 		spin_unlock(&swap_lock); | ||||||
| 		goto out_dput; | 		goto out_dput; | ||||||
| 	} | 	} | ||||||
| 	if (!security_vm_enough_memory(p->pages)) | 	if (!security_vm_enough_memory_mm(current->mm, p->pages)) | ||||||
| 		vm_unacct_memory(p->pages); | 		vm_unacct_memory(p->pages); | ||||||
| 	else { | 	else { | ||||||
| 		err = -ENOMEM; | 		err = -ENOMEM; | ||||||
|   | |||||||
| @@ -187,25 +187,11 @@ int security_settime(const struct timespec *ts, const struct timezone *tz) | |||||||
| 	return security_ops->settime(ts, tz); | 	return security_ops->settime(ts, tz); | ||||||
| } | } | ||||||
|  |  | ||||||
| int security_vm_enough_memory(long pages) |  | ||||||
| { |  | ||||||
| 	WARN_ON(current->mm == NULL); |  | ||||||
| 	return security_ops->vm_enough_memory(current->mm, pages); |  | ||||||
| } |  | ||||||
|  |  | ||||||
| int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) | int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) | ||||||
| { | { | ||||||
| 	WARN_ON(mm == NULL); |  | ||||||
| 	return security_ops->vm_enough_memory(mm, pages); | 	return security_ops->vm_enough_memory(mm, pages); | ||||||
| } | } | ||||||
|  |  | ||||||
| int security_vm_enough_memory_kern(long pages) |  | ||||||
| { |  | ||||||
| 	/* If current->mm is a kernel thread then we will pass NULL, |  | ||||||
| 	   for this specific case that is fine */ |  | ||||||
| 	return security_ops->vm_enough_memory(current->mm, pages); |  | ||||||
| } |  | ||||||
|  |  | ||||||
| int security_bprm_set_creds(struct linux_binprm *bprm) | int security_bprm_set_creds(struct linux_binprm *bprm) | ||||||
| { | { | ||||||
| 	return security_ops->bprm_set_creds(bprm); | 	return security_ops->bprm_set_creds(bprm); | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user
	 Al Viro
					Al Viro