[deliverable/linux.git] / security / tomoyo / realpath.c

/*
 * security/tomoyo/realpath.c
 *
 * Get the canonicalized absolute pathnames. The basis for TOMOYO.
 *
 * Copyright (C) 2005-2009  NTT DATA CORPORATION
 *
 * Version: 2.2.0   2009/04/01
 *
 */

#include <linux/types.h>
#include <linux/mount.h>
#include <linux/mnt_namespace.h>
#include <linux/fs_struct.h>
#include <linux/hash.h>
#include <linux/magic.h>
#include <linux/slab.h>
#include "common.h"

/**
 * tomoyo_encode: Convert binary string to ascii string.
 *
 * @buffer:  Buffer for ASCII string.
 * @buflen:  Size of @buffer.
 * @str:     Binary string.
 *
 * Returns 0 on success, -ENOMEM otherwise.
 */
int tomoyo_encode(char *buffer, int buflen, const char *str)
{
	while (1) {
		const unsigned char c = *(unsigned char *) str++;

		if (tomoyo_is_valid(c)) {
			if (--buflen <= 0)
				break;
			*buffer++ = (char) c;
			if (c != '\\')
				continue;
			if (--buflen <= 0)
				break;
			*buffer++ = (char) c;
			continue;
		}
		if (!c) {
			if (--buflen <= 0)
				break;
			*buffer = '\0';
			return 0;
		}
		buflen -= 4;
		if (buflen <= 0)
			break;
		*buffer++ = '\\';
		*buffer++ = (c >> 6) + '0';
		*buffer++ = ((c >> 3) & 7) + '0';
		*buffer++ = (c & 7) + '0';
	}
	return -ENOMEM;
}

/**
 * tomoyo_realpath_from_path2 - Returns realpath(3) of the given dentry but ignores chroot'ed root.
 *
 * @path:        Pointer to "struct path".
 * @newname:     Pointer to buffer to return value in.
 * @newname_len: Size of @newname.
 *
 * Returns 0 on success, negative value otherwise.
 *
 * If dentry is a directory, trailing '/' is appended.
 * Characters out of 0x20 < c < 0x7F range are converted to
 * \ooo style octal string.
 * Character \ is converted to \\ string.
 */
int tomoyo_realpath_from_path2(struct path *path, char *newname,
			       int newname_len)
{
	int error = -ENOMEM;
	struct dentry *dentry = path->dentry;
	char *sp;

	if (!dentry || !path->mnt || !newname || newname_len <= 2048)
		return -EINVAL;
	if (dentry->d_op && dentry->d_op->d_dname) {
		/* For "socket:[\$]" and "pipe:[\$]". */
		static const int offset = 1536;
		sp = dentry->d_op->d_dname(dentry, newname + offset,
					   newname_len - offset);
	} else {
		struct path ns_root = {.mnt = NULL, .dentry = NULL};

		spin_lock(&dcache_lock);
		/* go to whatever namespace root we are under */
		sp = __d_path(path, &ns_root, newname, newname_len);
		spin_unlock(&dcache_lock);
		/* Prepend "/proc" prefix if using internal proc vfs mount. */
		if (!IS_ERR(sp) && (path->mnt->mnt_flags & MNT_INTERNAL) &&
		    (path->mnt->mnt_sb->s_magic == PROC_SUPER_MAGIC)) {
			sp -= 5;
			if (sp >= newname)
				memcpy(sp, "/proc", 5);
			else
				sp = ERR_PTR(-ENOMEM);
		}
	}
	if (IS_ERR(sp))
		error = PTR_ERR(sp);
	else
		error = tomoyo_encode(newname, sp - newname, sp);
	/* Append trailing '/' if dentry is a directory. */
	if (!error && dentry->d_inode && S_ISDIR(dentry->d_inode->i_mode)
	    && *newname) {
		sp = newname + strlen(newname);
		if (*(sp - 1) != '/') {
			if (sp < newname + newname_len - 4) {
				*sp++ = '/';
				*sp = '\0';
			} else {
				error = -ENOMEM;
			}
		}
	}
	if (error)
		printk(KERN_WARNING "tomoyo_realpath: Pathname too long.\n");
	return error;
}

/**
 * tomoyo_realpath_from_path - Returns realpath(3) of the given pathname but ignores chroot'ed root.
 *
 * @path: Pointer to "struct path".
 *
 * Returns the realpath of the given @path on success, NULL otherwise.
 *
 * These functions use kzalloc(), so the caller must call kfree()
 * if these functions didn't return NULL.
 */
char *tomoyo_realpath_from_path(struct path *path)
{
	char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_NOFS);

	BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer)
		     <= TOMOYO_MAX_PATHNAME_LEN - 1);
	if (!buf)
		return NULL;
	if (tomoyo_realpath_from_path2(path, buf,
				       TOMOYO_MAX_PATHNAME_LEN - 1) == 0)
		return buf;
	kfree(buf);
	return NULL;
}

/**
 * tomoyo_realpath - Get realpath of a pathname.
 *
 * @pathname: The pathname to solve.
 *
 * Returns the realpath of @pathname on success, NULL otherwise.
 */
char *tomoyo_realpath(const char *pathname)
{
	struct path path;

	if (pathname && kern_path(pathname, LOOKUP_FOLLOW, &path) == 0) {
		char *buf = tomoyo_realpath_from_path(&path);
		path_put(&path);
		return buf;
	}
	return NULL;
}

/**
 * tomoyo_realpath_nofollow - Get realpath of a pathname.
 *
 * @pathname: The pathname to solve.
 *
 * Returns the realpath of @pathname on success, NULL otherwise.
 */
char *tomoyo_realpath_nofollow(const char *pathname)
{
	struct path path;

	if (pathname && kern_path(pathname, 0, &path) == 0) {
		char *buf = tomoyo_realpath_from_path(&path);
		path_put(&path);
		return buf;
	}
	return NULL;
}

/* Memory allocated for non-string data. */
static atomic_t tomoyo_policy_memory_size;
/* Quota for holding policy. */
static unsigned int tomoyo_quota_for_policy;

/**
 * tomoyo_memory_ok - Check memory quota.
 *
 * @ptr: Pointer to allocated memory.
 *
 * Returns true on success, false otherwise.
 *
 * Caller holds tomoyo_policy_lock.
 * Memory pointed by @ptr will be zeroed on success.
 */
bool tomoyo_memory_ok(void *ptr)
{
	int allocated_len = ptr ? ksize(ptr) : 0;
	atomic_add(allocated_len, &tomoyo_policy_memory_size);
	if (ptr && (!tomoyo_quota_for_policy ||
		    atomic_read(&tomoyo_policy_memory_size)
		    <= tomoyo_quota_for_policy)) {
		memset(ptr, 0, allocated_len);
		return true;
	}
	printk(KERN_WARNING "ERROR: Out of memory "
	       "for tomoyo_alloc_element().\n");
	if (!tomoyo_policy_loaded)
		panic("MAC Initialization failed.\n");
	return false;
}

/**
 * tomoyo_commit_ok - Check memory quota.
 *
 * @data:   Data to copy from.
 * @size:   Size in byte.
 *
 * Returns pointer to allocated memory on success, NULL otherwise.
 */
void *tomoyo_commit_ok(void *data, const unsigned int size)
{
	void *ptr = kzalloc(size, GFP_NOFS);
	if (tomoyo_memory_ok(ptr)) {
		memmove(ptr, data, size);
		memset(data, 0, size);
		return ptr;
	}
	return NULL;
}

/**
 * tomoyo_memory_free - Free memory for elements.
 *
 * @ptr:  Pointer to allocated memory.
 */
void tomoyo_memory_free(void *ptr)
{
	atomic_sub(ksize(ptr), &tomoyo_policy_memory_size);
	kfree(ptr);
}

/*
 * tomoyo_name_list is used for holding string data used by TOMOYO.
 * Since same string data is likely used for multiple times (e.g.
 * "/lib/libc-2.5.so"), TOMOYO shares string data in the form of
 * "const struct tomoyo_path_info *".
 */
struct list_head tomoyo_name_list[TOMOYO_MAX_HASH];

/**
 * tomoyo_get_name - Allocate permanent memory for string data.
 *
 * @name: The string to store into the permernent memory.
 *
 * Returns pointer to "struct tomoyo_path_info" on success, NULL otherwise.
 */
const struct tomoyo_path_info *tomoyo_get_name(const char *name)
{
	struct tomoyo_name_entry *ptr;
	unsigned int hash;
	int len;
	int allocated_len;
	struct list_head *head;

	if (!name)
		return NULL;
	len = strlen(name) + 1;
	hash = full_name_hash((const unsigned char *) name, len - 1);
	head = &tomoyo_name_list[hash_long(hash, TOMOYO_HASH_BITS)];
	if (mutex_lock_interruptible(&tomoyo_policy_lock))
		return NULL;
	list_for_each_entry(ptr, head, list) {
		if (hash != ptr->entry.hash || strcmp(name, ptr->entry.name))
			continue;
		atomic_inc(&ptr->users);
		goto out;
	}
	ptr = kzalloc(sizeof(*ptr) + len, GFP_NOFS);
	allocated_len = ptr ? ksize(ptr) : 0;
	if (!ptr || (tomoyo_quota_for_policy &&
		     atomic_read(&tomoyo_policy_memory_size) + allocated_len
		     > tomoyo_quota_for_policy)) {
		kfree(ptr);
		printk(KERN_WARNING "ERROR: Out of memory "
		       "for tomoyo_get_name().\n");
		if (!tomoyo_policy_loaded)
			panic("MAC Initialization failed.\n");
		ptr = NULL;
		goto out;
	}
	atomic_add(allocated_len, &tomoyo_policy_memory_size);
	ptr->entry.name = ((char *) ptr) + sizeof(*ptr);
	memmove((char *) ptr->entry.name, name, len);
	atomic_set(&ptr->users, 1);
	tomoyo_fill_path_info(&ptr->entry);
	list_add_tail(&ptr->list, head);
 out:
	mutex_unlock(&tomoyo_policy_lock);
	return ptr ? &ptr->entry : NULL;
}

/**
 * tomoyo_realpath_init - Initialize realpath related code.
 */
void __init tomoyo_realpath_init(void)
{
	int i;

	BUILD_BUG_ON(TOMOYO_MAX_PATHNAME_LEN > PATH_MAX);
	for (i = 0; i < TOMOYO_MAX_HASH; i++)
		INIT_LIST_HEAD(&tomoyo_name_list[i]);
	INIT_LIST_HEAD(&tomoyo_kernel_domain.acl_info_list);
	tomoyo_kernel_domain.domainname = tomoyo_get_name(TOMOYO_ROOT_NAME);
	/*
	 * tomoyo_read_lock() is not needed because this function is
	 * called before the first "delete" request.
	 */
	list_add_tail_rcu(&tomoyo_kernel_domain.list, &tomoyo_domain_list);
	if (tomoyo_find_domain(TOMOYO_ROOT_NAME) != &tomoyo_kernel_domain)
		panic("Can't register tomoyo_kernel_domain");
}

unsigned int tomoyo_quota_for_query;
unsigned int tomoyo_query_memory_size;

/**
 * tomoyo_read_memory_counter - Check for memory usage in bytes.
 *
 * @head: Pointer to "struct tomoyo_io_buffer".
 *
 * Returns memory usage.
 */
int tomoyo_read_memory_counter(struct tomoyo_io_buffer *head)
{
	if (!head->read_eof) {
		const unsigned int policy
			= atomic_read(&tomoyo_policy_memory_size);
		const unsigned int query = tomoyo_query_memory_size;
		char buffer[64];

		memset(buffer, 0, sizeof(buffer));
		if (tomoyo_quota_for_policy)
			snprintf(buffer, sizeof(buffer) - 1,
				 "   (Quota: %10u)",
				 tomoyo_quota_for_policy);
		else
			buffer[0] = '\0';
		tomoyo_io_printf(head, "Policy:       %10u%s\n", policy,
				 buffer);
		if (tomoyo_quota_for_query)
			snprintf(buffer, sizeof(buffer) - 1,
				 "   (Quota: %10u)",
				 tomoyo_quota_for_query);
		else
			buffer[0] = '\0';
		tomoyo_io_printf(head, "Query lists:  %10u%s\n", query,
				 buffer);
		tomoyo_io_printf(head, "Total:        %10u\n", policy + query);
		head->read_eof = true;
	}
	return 0;
}

/**
 * tomoyo_write_memory_quota - Set memory quota.
 *
 * @head: Pointer to "struct tomoyo_io_buffer".
 *
 * Returns 0.
 */
int tomoyo_write_memory_quota(struct tomoyo_io_buffer *head)
{
	char *data = head->write_buf;
	unsigned int size;

	if (sscanf(data, "Policy: %u", &size) == 1)
		tomoyo_quota_for_policy = size;
	else if (sscanf(data, "Query lists: %u", &size) == 1)
		tomoyo_quota_for_query = size;
	return 0;
}
Commit	Line	Data
c73bd6d4 KT	1	/*
	2	* security/tomoyo/realpath.c
	3	*
	4	* Get the canonicalized absolute pathnames. The basis for TOMOYO.
	5	*
	6	* Copyright (C) 2005-2009 NTT DATA CORPORATION
	7	*
39826a1e	8	* Version: 2.2.0 2009/04/01
c73bd6d4 KT	9	*
	10	*/
	11
	12	#include <linux/types.h>
	13	#include <linux/mount.h>
	14	#include <linux/mnt_namespace.h>
5ad4e53b	15	#include <linux/fs_struct.h>
024e1a49	16	#include <linux/hash.h>
67fa4880	17	#include <linux/magic.h>
5a0e3ad6	18	#include <linux/slab.h>
c73bd6d4	19	#include "common.h"
c73bd6d4 KT	20
	21	/**
	22	* tomoyo_encode: Convert binary string to ascii string.
	23	*
	24	* @buffer: Buffer for ASCII string.
	25	* @buflen: Size of @buffer.
	26	* @str: Binary string.
	27	*
	28	* Returns 0 on success, -ENOMEM otherwise.
	29	*/
	30	int tomoyo_encode(char buffer, int buflen, const char str)
	31	{
	32	while (1) {
	33	const unsigned char c = (unsigned char ) str++;
	34
	35	if (tomoyo_is_valid(c)) {
	36	if (--buflen <= 0)
	37	break;
	38	*buffer++ = (char) c;
	39	if (c != '\\')
	40	continue;
	41	if (--buflen <= 0)
	42	break;
	43	*buffer++ = (char) c;
	44	continue;
	45	}
	46	if (!c) {
	47	if (--buflen <= 0)
	48	break;
	49	*buffer = '\0';
	50	return 0;
	51	}
	52	buflen -= 4;
	53	if (buflen <= 0)
	54	break;
	55	*buffer++ = '\\';
	56	*buffer++ = (c >> 6) + '0';
	57	*buffer++ = ((c >> 3) & 7) + '0';
	58	*buffer++ = (c & 7) + '0';
	59	}
	60	return -ENOMEM;
	61	}
	62
	63	/**
	64	* tomoyo_realpath_from_path2 - Returns realpath(3) of the given dentry but ignores chroot'ed root.
	65	*
	66	* @path: Pointer to "struct path".
	67	* @newname: Pointer to buffer to return value in.
	68	* @newname_len: Size of @newname.
	69	*
	70	* Returns 0 on success, negative value otherwise.
	71	*
	72	* If dentry is a directory, trailing '/' is appended.
	73	* Characters out of 0x20 < c < 0x7F range are converted to
	74	* \ooo style octal string.
	75	* Character \ is converted to \\ string.
	76	*/
	77	int tomoyo_realpath_from_path2(struct path path, char newname,
	78	int newname_len)
	79	{
	80	int error = -ENOMEM;
	81	struct dentry *dentry = path->dentry;
	82	char *sp;
	83
84	if (!dentry \|\| !path->mnt \|\| !newname \|\| newname_len <= 2048)
85	return -EINVAL;
86	if (dentry->d_op && dentry->d_op->d_dname) {
87	/* For "socket:[\$]" and "pipe:[\$]". */
88	static const int offset = 1536;
89	sp = dentry->d_op->d_dname(dentry, newname + offset,
90	newname_len - offset);
91	} else {
37afdc79	92	struct path ns_root = {.mnt = NULL, .dentry = NULL};
c73bd6d4	93
c73bd6d4	94	spin_lock(&dcache_lock);
37afdc79 AV	95	/* go to whatever namespace root we are under */
37afdc79 AV	96	sp = __d_path(path, &ns_root, newname, newname_len);
c73bd6d4	97	spin_unlock(&dcache_lock);
a4054b6b	98	/* Prepend "/proc" prefix if using internal proc vfs mount. */
440b3c6c	99	if (!IS_ERR(sp) && (path->mnt->mnt_flags & MNT_INTERNAL) &&
67fa4880	100	(path->mnt->mnt_sb->s_magic == PROC_SUPER_MAGIC)) {
a4054b6b EB	101	sp -= 5;
	102	if (sp >= newname)
	103	memcpy(sp, "/proc", 5);
	104	else
	105	sp = ERR_PTR(-ENOMEM);
	106	}
c73bd6d4 KT	107	}
	108	if (IS_ERR(sp))
	109	error = PTR_ERR(sp);
	110	else
	111	error = tomoyo_encode(newname, sp - newname, sp);
	112	/* Append trailing '/' if dentry is a directory. */
	113	if (!error && dentry->d_inode && S_ISDIR(dentry->d_inode->i_mode)
	114	&& *newname) {
	115	sp = newname + strlen(newname);
	116	if (*(sp - 1) != '/') {
	117	if (sp < newname + newname_len - 4) {
	118	*sp++ = '/';
	119	*sp = '\0';
	120	} else {
	121	error = -ENOMEM;
	122	}
	123	}
	124	}
	125	if (error)
	126	printk(KERN_WARNING "tomoyo_realpath: Pathname too long.\n");
	127	return error;
	128	}
	129
	130	/**
	131	* tomoyo_realpath_from_path - Returns realpath(3) of the given pathname but ignores chroot'ed root.
	132	*
	133	* @path: Pointer to "struct path".
	134	*
	135	* Returns the realpath of the given @path on success, NULL otherwise.
	136	*
8e2d39a1	137	* These functions use kzalloc(), so the caller must call kfree()
c73bd6d4 KT	138	* if these functions didn't return NULL.
	139	*/
	140	char tomoyo_realpath_from_path(struct path path)
	141	{
4e5d6f7e	142	char *buf = kzalloc(sizeof(struct tomoyo_page_buffer), GFP_NOFS);
c73bd6d4 KT	143
	144	BUILD_BUG_ON(sizeof(struct tomoyo_page_buffer)
	145	<= TOMOYO_MAX_PATHNAME_LEN - 1);
	146	if (!buf)
	147	return NULL;
	148	if (tomoyo_realpath_from_path2(path, buf,
	149	TOMOYO_MAX_PATHNAME_LEN - 1) == 0)
	150	return buf;
8e2d39a1	151	kfree(buf);
c73bd6d4 KT	152	return NULL;
	153	}
	154
	155	/**
	156	* tomoyo_realpath - Get realpath of a pathname.
	157	*
	158	* @pathname: The pathname to solve.
	159	*
	160	* Returns the realpath of @pathname on success, NULL otherwise.
	161	*/
	162	char tomoyo_realpath(const char pathname)
	163	{
e24977d4	164	struct path path;
c73bd6d4	165
e24977d4 AV	166	if (pathname && kern_path(pathname, LOOKUP_FOLLOW, &path) == 0) {
	167	char *buf = tomoyo_realpath_from_path(&path);
	168	path_put(&path);
c73bd6d4 KT	169	return buf;
	170	}
	171	return NULL;
	172	}
	173
	174	/**
	175	* tomoyo_realpath_nofollow - Get realpath of a pathname.
	176	*
	177	* @pathname: The pathname to solve.
	178	*
	179	* Returns the realpath of @pathname on success, NULL otherwise.
	180	*/
	181	char tomoyo_realpath_nofollow(const char pathname)
	182	{
e24977d4	183	struct path path;
c73bd6d4	184
e24977d4 AV	185	if (pathname && kern_path(pathname, 0, &path) == 0) {
	186	char *buf = tomoyo_realpath_from_path(&path);
	187	path_put(&path);
c73bd6d4 KT	188	return buf;
	189	}
	190	return NULL;
	191	}
	192
	193	/* Memory allocated for non-string data. */
847b173e TH	194	static atomic_t tomoyo_policy_memory_size;
	195	/* Quota for holding policy. */
	196	static unsigned int tomoyo_quota_for_policy;
c73bd6d4 KT	197
c73bd6d4 KT	198	/**
cd7bec6a	199	* tomoyo_memory_ok - Check memory quota.
c73bd6d4	200	*
cd7bec6a	201	* @ptr: Pointer to allocated memory.
c73bd6d4	202	*
cd7bec6a	203	* Returns true on success, false otherwise.
c73bd6d4	204	*
cd7bec6a TH	205	* Caller holds tomoyo_policy_lock.
cd7bec6a TH	206	* Memory pointed by @ptr will be zeroed on success.
c73bd6d4	207	*/
cd7bec6a	208	bool tomoyo_memory_ok(void *ptr)
c73bd6d4	209	{
cd7bec6a	210	int allocated_len = ptr ? ksize(ptr) : 0;
847b173e TH	211	atomic_add(allocated_len, &tomoyo_policy_memory_size);
	212	if (ptr && (!tomoyo_quota_for_policy \|\|
	213	atomic_read(&tomoyo_policy_memory_size)
	214	<= tomoyo_quota_for_policy)) {
cd7bec6a	215	memset(ptr, 0, allocated_len);
847b173e	216	return true;
c73bd6d4	217	}
847b173e TH	218	printk(KERN_WARNING "ERROR: Out of memory "
	219	"for tomoyo_alloc_element().\n");
	220	if (!tomoyo_policy_loaded)
	221	panic("MAC Initialization failed.\n");
	222	return false;
c73bd6d4 KT	223	}
c73bd6d4 KT	224
9e4b50e9 TH	225	/**
	226	* tomoyo_commit_ok - Check memory quota.
	227	*
	228	* @data: Data to copy from.
	229	* @size: Size in byte.
	230	*
	231	* Returns pointer to allocated memory on success, NULL otherwise.
	232	*/
	233	void tomoyo_commit_ok(void data, const unsigned int size)
	234	{
	235	void *ptr = kzalloc(size, GFP_NOFS);
	236	if (tomoyo_memory_ok(ptr)) {
	237	memmove(ptr, data, size);
	238	memset(data, 0, size);
	239	return ptr;
	240	}
	241	return NULL;
	242	}
	243
847b173e TH	244	/**
	245	* tomoyo_memory_free - Free memory for elements.
	246	*
	247	* @ptr: Pointer to allocated memory.
	248	*/
	249	void tomoyo_memory_free(void *ptr)
	250	{
	251	atomic_sub(ksize(ptr), &tomoyo_policy_memory_size);
	252	kfree(ptr);
	253	}
c73bd6d4	254
c73bd6d4	255	/*
c3fa109a TH	256	* tomoyo_name_list is used for holding string data used by TOMOYO.
	257	* Since same string data is likely used for multiple times (e.g.
	258	* "/lib/libc-2.5.so"), TOMOYO shares string data in the form of
	259	* "const struct tomoyo_path_info *".
c73bd6d4	260	*/
847b173e	261	struct list_head tomoyo_name_list[TOMOYO_MAX_HASH];
c73bd6d4 KT	262
c73bd6d4 KT	263	/**
bf24fb01	264	* tomoyo_get_name - Allocate permanent memory for string data.
c73bd6d4 KT	265	*
	266	* @name: The string to store into the permernent memory.
	267	*
	268	* Returns pointer to "struct tomoyo_path_info" on success, NULL otherwise.
c73bd6d4	269	*/
bf24fb01	270	const struct tomoyo_path_info tomoyo_get_name(const char name)
c73bd6d4	271	{
c73bd6d4 KT	272	struct tomoyo_name_entry *ptr;
c73bd6d4 KT	273	unsigned int hash;
c73bd6d4	274	int len;
e41035a9	275	int allocated_len;
024e1a49	276	struct list_head *head;
c73bd6d4 KT	277
	278	if (!name)
	279	return NULL;
	280	len = strlen(name) + 1;
c73bd6d4	281	hash = full_name_hash((const unsigned char *) name, len - 1);
024e1a49	282	head = &tomoyo_name_list[hash_long(hash, TOMOYO_HASH_BITS)];
29282381 TH	283	if (mutex_lock_interruptible(&tomoyo_policy_lock))
29282381 TH	284	return NULL;
024e1a49	285	list_for_each_entry(ptr, head, list) {
bf24fb01 TH	286	if (hash != ptr->entry.hash \|\| strcmp(name, ptr->entry.name))
	287	continue;
	288	atomic_inc(&ptr->users);
	289	goto out;
c73bd6d4	290	}
4e5d6f7e	291	ptr = kzalloc(sizeof(*ptr) + len, GFP_NOFS);
e41035a9	292	allocated_len = ptr ? ksize(ptr) : 0;
847b173e TH	293	if (!ptr \|\| (tomoyo_quota_for_policy &&
	294	atomic_read(&tomoyo_policy_memory_size) + allocated_len
	295	> tomoyo_quota_for_policy)) {
e41035a9	296	kfree(ptr);
c73bd6d4	297	printk(KERN_WARNING "ERROR: Out of memory "
bf24fb01	298	"for tomoyo_get_name().\n");
c73bd6d4 KT	299	if (!tomoyo_policy_loaded)
	300	panic("MAC Initialization failed.\n");
	301	ptr = NULL;
	302	goto out;
	303	}
847b173e	304	atomic_add(allocated_len, &tomoyo_policy_memory_size);
e41035a9 TH	305	ptr->entry.name = ((char ) ptr) + sizeof(ptr);
e41035a9 TH	306	memmove((char *) ptr->entry.name, name, len);
bf24fb01	307	atomic_set(&ptr->users, 1);
c73bd6d4	308	tomoyo_fill_path_info(&ptr->entry);
024e1a49	309	list_add_tail(&ptr->list, head);
c73bd6d4	310	out:
29282381	311	mutex_unlock(&tomoyo_policy_lock);
c73bd6d4 KT	312	return ptr ? &ptr->entry : NULL;
	313	}
	314
	315	/**
	316	* tomoyo_realpath_init - Initialize realpath related code.
c73bd6d4	317	*/
1581e7dd	318	void __init tomoyo_realpath_init(void)
c73bd6d4 KT	319	{
	320	int i;
	321
	322	BUILD_BUG_ON(TOMOYO_MAX_PATHNAME_LEN > PATH_MAX);
	323	for (i = 0; i < TOMOYO_MAX_HASH; i++)
	324	INIT_LIST_HEAD(&tomoyo_name_list[i]);
	325	INIT_LIST_HEAD(&tomoyo_kernel_domain.acl_info_list);
bf24fb01	326	tomoyo_kernel_domain.domainname = tomoyo_get_name(TOMOYO_ROOT_NAME);
fdb8ebb7 TH	327	/*
	328	* tomoyo_read_lock() is not needed because this function is
	329	* called before the first "delete" request.
	330	*/
	331	list_add_tail_rcu(&tomoyo_kernel_domain.list, &tomoyo_domain_list);
c73bd6d4 KT	332	if (tomoyo_find_domain(TOMOYO_ROOT_NAME) != &tomoyo_kernel_domain)
c73bd6d4 KT	333	panic("Can't register tomoyo_kernel_domain");
c73bd6d4 KT	334	}
c73bd6d4 KT	335
17fcfbd9 TH	336	unsigned int tomoyo_quota_for_query;
	337	unsigned int tomoyo_query_memory_size;
	338
c73bd6d4 KT	339	/**
	340	* tomoyo_read_memory_counter - Check for memory usage in bytes.
	341	*
	342	* @head: Pointer to "struct tomoyo_io_buffer".
	343	*
	344	* Returns memory usage.
	345	*/
	346	int tomoyo_read_memory_counter(struct tomoyo_io_buffer *head)
	347	{
	348	if (!head->read_eof) {
847b173e TH	349	const unsigned int policy
847b173e TH	350	= atomic_read(&tomoyo_policy_memory_size);
17fcfbd9	351	const unsigned int query = tomoyo_query_memory_size;
c73bd6d4 KT	352	char buffer[64];
	353
	354	memset(buffer, 0, sizeof(buffer));
847b173e	355	if (tomoyo_quota_for_policy)
c73bd6d4 KT	356	snprintf(buffer, sizeof(buffer) - 1,
c73bd6d4 KT	357	" (Quota: %10u)",
847b173e	358	tomoyo_quota_for_policy);
c73bd6d4 KT	359	else
c73bd6d4 KT	360	buffer[0] = '\0';
17fcfbd9 TH	361	tomoyo_io_printf(head, "Policy: %10u%s\n", policy,
	362	buffer);
	363	if (tomoyo_quota_for_query)
	364	snprintf(buffer, sizeof(buffer) - 1,
	365	" (Quota: %10u)",
	366	tomoyo_quota_for_query);
	367	else
	368	buffer[0] = '\0';
	369	tomoyo_io_printf(head, "Query lists: %10u%s\n", query,
	370	buffer);
	371	tomoyo_io_printf(head, "Total: %10u\n", policy + query);
c73bd6d4 KT	372	head->read_eof = true;
	373	}
	374	return 0;
	375	}
	376
	377	/**
	378	* tomoyo_write_memory_quota - Set memory quota.
	379	*
	380	* @head: Pointer to "struct tomoyo_io_buffer".
	381	*
	382	* Returns 0.
	383	*/
	384	int tomoyo_write_memory_quota(struct tomoyo_io_buffer *head)
	385	{
	386	char *data = head->write_buf;
	387	unsigned int size;
	388
847b173e TH	389	if (sscanf(data, "Policy: %u", &size) == 1)
847b173e TH	390	tomoyo_quota_for_policy = size;
17fcfbd9 TH	391	else if (sscanf(data, "Query lists: %u", &size) == 1)
17fcfbd9 TH	392	tomoyo_quota_for_query = size;
c73bd6d4 KT	393	return 0;
c73bd6d4 KT	394	}