Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 89d155ef authored by James Morris's avatar James Morris Committed by Linus Torvalds
Browse files

[PATCH] SELinux: convert to kzalloc 



This patch converts SELinux code from kmalloc/memset to the new kazalloc
unction.  On i386, this results in a text saving of over 1K.

Before:
text    data     bss     dec     hex filename
86319    4642   15236  106197   19ed5 security/selinux/built-in.o

After:
text    data     bss     dec     hex filename
85278    4642   15236  105156   19ac4 security/selinux/built-in.o

Signed-off-by: default avatarJames Morris <jmorris@namei.org>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent 0d078f6f

security/selinux/hooks.c

+8 −16
Original line number Diff line number Diff line
@@ -122,11 +122,10 @@ static int task_alloc_security(struct task_struct *task) 
{

	struct task_security_struct *tsec;



	tsec = kmalloc(sizeof(struct task_security_struct), GFP_KERNEL);

	tsec = kzalloc(sizeof(struct task_security_struct), GFP_KERNEL);

	if (!tsec)

		return -ENOMEM;



	memset(tsec, 0, sizeof(struct task_security_struct));

	tsec->magic = SELINUX_MAGIC;

	tsec->task = task;

	tsec->osid = tsec->sid = tsec->ptrace_sid = SECINITSID_UNLABELED;
@@ -151,11 +150,10 @@ static int inode_alloc_security(struct inode *inode) 
	struct task_security_struct *tsec = current->security;

	struct inode_security_struct *isec;



	isec = kmalloc(sizeof(struct inode_security_struct), GFP_KERNEL);

	isec = kzalloc(sizeof(struct inode_security_struct), GFP_KERNEL);

	if (!isec)

		return -ENOMEM;



	memset(isec, 0, sizeof(struct inode_security_struct));

	init_MUTEX(&isec->sem);

	INIT_LIST_HEAD(&isec->list);

	isec->magic = SELINUX_MAGIC;
@@ -193,11 +191,10 @@ static int file_alloc_security(struct file *file) 
	struct task_security_struct *tsec = current->security;

	struct file_security_struct *fsec;



	fsec = kmalloc(sizeof(struct file_security_struct), GFP_ATOMIC);

	fsec = kzalloc(sizeof(struct file_security_struct), GFP_ATOMIC);

	if (!fsec)

		return -ENOMEM;



	memset(fsec, 0, sizeof(struct file_security_struct));

	fsec->magic = SELINUX_MAGIC;

	fsec->file = file;

	if (tsec && tsec->magic == SELINUX_MAGIC) {
@@ -227,11 +224,10 @@ static int superblock_alloc_security(struct super_block *sb) 
{

	struct superblock_security_struct *sbsec;



	sbsec = kmalloc(sizeof(struct superblock_security_struct), GFP_KERNEL);

	sbsec = kzalloc(sizeof(struct superblock_security_struct), GFP_KERNEL);

	if (!sbsec)

		return -ENOMEM;



	memset(sbsec, 0, sizeof(struct superblock_security_struct));

	init_MUTEX(&sbsec->sem);

	INIT_LIST_HEAD(&sbsec->list);

	INIT_LIST_HEAD(&sbsec->isec_head);
@@ -269,11 +265,10 @@ static int sk_alloc_security(struct sock *sk, int family, gfp_t priority) 
	if (family != PF_UNIX)

		return 0;



	ssec = kmalloc(sizeof(*ssec), priority);

	ssec = kzalloc(sizeof(*ssec), priority);

	if (!ssec)

		return -ENOMEM;



	memset(ssec, 0, sizeof(*ssec));

	ssec->magic = SELINUX_MAGIC;

	ssec->sk = sk;

	ssec->peer_sid = SECINITSID_UNLABELED;
@@ -1483,11 +1478,10 @@ static int selinux_bprm_alloc_security(struct linux_binprm *bprm) 
{

	struct bprm_security_struct *bsec;



	bsec = kmalloc(sizeof(struct bprm_security_struct), GFP_KERNEL);

	bsec = kzalloc(sizeof(struct bprm_security_struct), GFP_KERNEL);

	if (!bsec)

		return -ENOMEM;



	memset(bsec, 0, sizeof *bsec);

	bsec->magic = SELINUX_MAGIC;

	bsec->bprm = bprm;

	bsec->sid = SECINITSID_UNLABELED;
@@ -3599,11 +3593,10 @@ static int ipc_alloc_security(struct task_struct *task, 
	struct task_security_struct *tsec = task->security;

	struct ipc_security_struct *isec;



	isec = kmalloc(sizeof(struct ipc_security_struct), GFP_KERNEL);

	isec = kzalloc(sizeof(struct ipc_security_struct), GFP_KERNEL);

	if (!isec)

		return -ENOMEM;



	memset(isec, 0, sizeof(struct ipc_security_struct));

	isec->magic = SELINUX_MAGIC;

	isec->sclass = sclass;

	isec->ipc_perm = perm;
@@ -3631,11 +3624,10 @@ static int msg_msg_alloc_security(struct msg_msg *msg) 
{

	struct msg_security_struct *msec;



	msec = kmalloc(sizeof(struct msg_security_struct), GFP_KERNEL);

	msec = kzalloc(sizeof(struct msg_security_struct), GFP_KERNEL);

	if (!msec)

		return -ENOMEM;



	memset(msec, 0, sizeof(struct msg_security_struct));

	msec->magic = SELINUX_MAGIC;

	msec->msg = msg;

	msec->sid = SECINITSID_UNLABELED;

security/selinux/netif.c

+1 −2
Original line number Diff line number Diff line
@@ -114,13 +114,12 @@ static struct sel_netif *sel_netif_lookup(struct net_device *dev) 
	if (likely(netif != NULL))

		goto out;

	

	new = kmalloc(sizeof(*new), GFP_ATOMIC);

	new = kzalloc(sizeof(*new), GFP_ATOMIC);

	if (!new) {

		netif = ERR_PTR(-ENOMEM);

		goto out;

	}

	

	memset(new, 0, sizeof(*new));

	nsec = &new->nsec;



	ret = security_netif_sid(dev->name, &nsec->if_sid, &nsec->msg_sid);

security/selinux/selinuxfs.c

+10 −20
Original line number Diff line number Diff line
@@ -424,15 +424,13 @@ static ssize_t sel_write_access(struct file * file, char *buf, size_t size) 
		return length;



	length = -ENOMEM;

	scon = kmalloc(size+1, GFP_KERNEL);

	scon = kzalloc(size+1, GFP_KERNEL);

	if (!scon)

		return length;

	memset(scon, 0, size+1);



	tcon = kmalloc(size+1, GFP_KERNEL);

	tcon = kzalloc(size+1, GFP_KERNEL);

	if (!tcon)

		goto out;

	memset(tcon, 0, size+1);



	length = -EINVAL;

	if (sscanf(buf, "%s %s %hu %x", scon, tcon, &tclass, &req) != 4)
@@ -475,15 +473,13 @@ static ssize_t sel_write_create(struct file * file, char *buf, size_t size) 
		return length;



	length = -ENOMEM;

	scon = kmalloc(size+1, GFP_KERNEL);

	scon = kzalloc(size+1, GFP_KERNEL);

	if (!scon)

		return length;

	memset(scon, 0, size+1);



	tcon = kmalloc(size+1, GFP_KERNEL);

	tcon = kzalloc(size+1, GFP_KERNEL);

	if (!tcon)

		goto out;

	memset(tcon, 0, size+1);



	length = -EINVAL;

	if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
@@ -536,15 +532,13 @@ static ssize_t sel_write_relabel(struct file * file, char *buf, size_t size) 
		return length;



	length = -ENOMEM;

	scon = kmalloc(size+1, GFP_KERNEL);

	scon = kzalloc(size+1, GFP_KERNEL);

	if (!scon)

		return length;

	memset(scon, 0, size+1);



	tcon = kmalloc(size+1, GFP_KERNEL);

	tcon = kzalloc(size+1, GFP_KERNEL);

	if (!tcon)

		goto out;

	memset(tcon, 0, size+1);



	length = -EINVAL;

	if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)
@@ -595,15 +589,13 @@ static ssize_t sel_write_user(struct file * file, char *buf, size_t size) 
		return length;



	length = -ENOMEM;

	con = kmalloc(size+1, GFP_KERNEL);

	con = kzalloc(size+1, GFP_KERNEL);

	if (!con)

		return length;

	memset(con, 0, size+1);



	user = kmalloc(size+1, GFP_KERNEL);

	user = kzalloc(size+1, GFP_KERNEL);

	if (!user)

		goto out;

	memset(user, 0, size+1);



	length = -EINVAL;

	if (sscanf(buf, "%s %s", con, user) != 2)
@@ -658,15 +650,13 @@ static ssize_t sel_write_member(struct file * file, char *buf, size_t size) 
		return length;



	length = -ENOMEM;

	scon = kmalloc(size+1, GFP_KERNEL);

	scon = kzalloc(size+1, GFP_KERNEL);

	if (!scon)

		return length;

	memset(scon, 0, size+1);



	tcon = kmalloc(size+1, GFP_KERNEL);

	tcon = kzalloc(size+1, GFP_KERNEL);

	if (!tcon)

		goto out;

	memset(tcon, 0, size+1);



	length = -EINVAL;

	if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3)

security/selinux/ss/conditional.c

+4 −8
Original line number Diff line number Diff line
@@ -220,10 +220,9 @@ int cond_read_bool(struct policydb *p, struct hashtab *h, void *fp) 
	u32 len;

	int rc;



	booldatum = kmalloc(sizeof(struct cond_bool_datum), GFP_KERNEL);

	booldatum = kzalloc(sizeof(struct cond_bool_datum), GFP_KERNEL);

	if (!booldatum)

		return -1;

	memset(booldatum, 0, sizeof(struct cond_bool_datum));



	rc = next_entry(buf, fp, sizeof buf);

	if (rc < 0)
@@ -321,10 +320,9 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum 
		goto err;

	}



	list = kmalloc(sizeof(struct cond_av_list), GFP_KERNEL);

	list = kzalloc(sizeof(struct cond_av_list), GFP_KERNEL);

	if (!list)

		goto err;

	memset(list, 0, sizeof(*list));



	list->node = node_ptr;

	if (!data->head)
@@ -414,11 +412,10 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp) 
		if (rc < 0)

			goto err;



		expr = kmalloc(sizeof(struct cond_expr), GFP_KERNEL);

		expr = kzalloc(sizeof(struct cond_expr), GFP_KERNEL);

		if (!expr) {

			goto err;

		}

		memset(expr, 0, sizeof(struct cond_expr));



		expr->expr_type = le32_to_cpu(buf[0]);

		expr->bool = le32_to_cpu(buf[1]);
@@ -460,10 +457,9 @@ int cond_read_list(struct policydb *p, void *fp) 
	len = le32_to_cpu(buf[0]);



	for (i = 0; i < len; i++) {

		node = kmalloc(sizeof(struct cond_node), GFP_KERNEL);

		node = kzalloc(sizeof(struct cond_node), GFP_KERNEL);

		if (!node)

			goto err;

		memset(node, 0, sizeof(struct cond_node));



		if (cond_read_node(p, node, fp) != 0)

			goto err;

security/selinux/ss/ebitmap.c

+3 −6
Original line number Diff line number Diff line
@@ -39,12 +39,11 @@ int ebitmap_cpy(struct ebitmap *dst, struct ebitmap *src) 
	n = src->node;

	prev = NULL;

	while (n) {

		new = kmalloc(sizeof(*new), GFP_ATOMIC);

		new = kzalloc(sizeof(*new), GFP_ATOMIC);

		if (!new) {

			ebitmap_destroy(dst);

			return -ENOMEM;

		}

		memset(new, 0, sizeof(*new));

		new->startbit = n->startbit;

		new->map = n->map;

		new->next = NULL;
@@ -150,10 +149,9 @@ int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value) 
	if (!value)

		return 0;



	new = kmalloc(sizeof(*new), GFP_ATOMIC);

	new = kzalloc(sizeof(*new), GFP_ATOMIC);

	if (!new)

		return -ENOMEM;

	memset(new, 0, sizeof(*new));



	new->startbit = bit & ~(MAPSIZE - 1);

	new->map = (MAPBIT << (bit - new->startbit));
@@ -232,13 +230,12 @@ int ebitmap_read(struct ebitmap *e, void *fp) 
			printk(KERN_ERR "security: ebitmap: truncated map\n");

			goto bad;

		}

		n = kmalloc(sizeof(*n), GFP_KERNEL);

		n = kzalloc(sizeof(*n), GFP_KERNEL);

		if (!n) {

			printk(KERN_ERR "security: ebitmap: out of memory\n");

			rc = -ENOMEM;

			goto bad;

		}

		memset(n, 0, sizeof(*n));



		n->startbit = le32_to_cpu(buf[0]);