| selinuxfs.c (0619f0f5e36f12e100ef294f5980cfe7c93ff23e) | selinuxfs.c (6b6bc6205d98796361962ee282a063f18ba8dc57) |
|---|---|
| 1/* Updated: Karl MacMillan <kmacmillan@tresys.com> 2 * 3 * Added conditional policy language extensions 4 * 5 * Updated: Hewlett-Packard <paul@paul-moore.com> 6 * 7 * Added support for the policy capability bitmap 8 * --- 147 unchanged lines hidden (view full) --- 156 length = -EINVAL; 157 if (sscanf(page, "%d", &new_value) != 1) 158 goto out; 159 160 new_value = !!new_value; 161 162 old_value = enforcing_enabled(state); 163 if (new_value != old_value) { | 1/* Updated: Karl MacMillan <kmacmillan@tresys.com> 2 * 3 * Added conditional policy language extensions 4 * 5 * Updated: Hewlett-Packard <paul@paul-moore.com> 6 * 7 * Added support for the policy capability bitmap 8 * --- 147 unchanged lines hidden (view full) --- 156 length = -EINVAL; 157 if (sscanf(page, "%d", &new_value) != 1) 158 goto out; 159 160 new_value = !!new_value; 161 162 old_value = enforcing_enabled(state); 163 if (new_value != old_value) { |
| 164 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 164 length = avc_has_perm(&selinux_state, 165 current_sid(), SECINITSID_SECURITY, |
| 165 SECCLASS_SECURITY, SECURITY__SETENFORCE, 166 NULL); 167 if (length) 168 goto out; 169 audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, 170 "enforcing=%d old_enforcing=%d auid=%u ses=%u", 171 new_value, old_value, 172 from_kuid(&init_user_ns, audit_get_loginuid(current)), 173 audit_get_sessionid(current)); 174 enforcing_set(state, new_value); 175 if (new_value) | 166 SECCLASS_SECURITY, SECURITY__SETENFORCE, 167 NULL); 168 if (length) 169 goto out; 170 audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, 171 "enforcing=%d old_enforcing=%d auid=%u ses=%u", 172 new_value, old_value, 173 from_kuid(&init_user_ns, audit_get_loginuid(current)), 174 audit_get_sessionid(current)); 175 enforcing_set(state, new_value); 176 if (new_value) |
| 176 avc_ss_reset(0); | 177 avc_ss_reset(state->avc, 0); |
| 177 selnl_notify_setenforce(new_value); 178 selinux_status_update_setenforce(state, new_value); 179 if (!new_value) 180 call_lsm_notifier(LSM_POLICY_CHANGE, NULL); 181 } 182 length = count; 183out: 184 kfree(page); --- 185 unchanged lines hidden (view full) --- 370 struct selinux_state *state = fsi->state; 371 struct policy_load_memory *plm = NULL; 372 int rc; 373 374 BUG_ON(filp->private_data); 375 376 mutex_lock(&fsi->mutex); 377 | 178 selnl_notify_setenforce(new_value); 179 selinux_status_update_setenforce(state, new_value); 180 if (!new_value) 181 call_lsm_notifier(LSM_POLICY_CHANGE, NULL); 182 } 183 length = count; 184out: 185 kfree(page); --- 185 unchanged lines hidden (view full) --- 371 struct selinux_state *state = fsi->state; 372 struct policy_load_memory *plm = NULL; 373 int rc; 374 375 BUG_ON(filp->private_data); 376 377 mutex_lock(&fsi->mutex); 378 |
| 378 rc = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 379 rc = avc_has_perm(&selinux_state, 380 current_sid(), SECINITSID_SECURITY, |
| 379 SECCLASS_SECURITY, SECURITY__READ_POLICY, NULL); 380 if (rc) 381 goto err; 382 383 rc = -EBUSY; 384 if (fsi->policy_opened) 385 goto err; 386 --- 47 unchanged lines hidden (view full) --- 434 size_t count, loff_t *ppos) 435{ 436 struct selinux_fs_info *fsi = file_inode(filp)->i_sb->s_fs_info; 437 struct policy_load_memory *plm = filp->private_data; 438 int ret; 439 440 mutex_lock(&fsi->mutex); 441 | 381 SECCLASS_SECURITY, SECURITY__READ_POLICY, NULL); 382 if (rc) 383 goto err; 384 385 rc = -EBUSY; 386 if (fsi->policy_opened) 387 goto err; 388 --- 47 unchanged lines hidden (view full) --- 436 size_t count, loff_t *ppos) 437{ 438 struct selinux_fs_info *fsi = file_inode(filp)->i_sb->s_fs_info; 439 struct policy_load_memory *plm = filp->private_data; 440 int ret; 441 442 mutex_lock(&fsi->mutex); 443 |
| 442 ret = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 444 ret = avc_has_perm(&selinux_state, 445 current_sid(), SECINITSID_SECURITY, |
| 443 SECCLASS_SECURITY, SECURITY__READ_POLICY, NULL); 444 if (ret) 445 goto out; 446 447 ret = simple_read_from_buffer(buf, count, ppos, plm->data, plm->len); 448out: 449 mutex_unlock(&fsi->mutex); 450 return ret; --- 79 unchanged lines hidden (view full) --- 530 531{ 532 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; 533 ssize_t length; 534 void *data = NULL; 535 536 mutex_lock(&fsi->mutex); 537 | 446 SECCLASS_SECURITY, SECURITY__READ_POLICY, NULL); 447 if (ret) 448 goto out; 449 450 ret = simple_read_from_buffer(buf, count, ppos, plm->data, plm->len); 451out: 452 mutex_unlock(&fsi->mutex); 453 return ret; --- 79 unchanged lines hidden (view full) --- 533 534{ 535 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; 536 ssize_t length; 537 void *data = NULL; 538 539 mutex_lock(&fsi->mutex); 540 |
| 538 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 541 length = avc_has_perm(&selinux_state, 542 current_sid(), SECINITSID_SECURITY, |
| 539 SECCLASS_SECURITY, SECURITY__LOAD_POLICY, NULL); 540 if (length) 541 goto out; 542 543 /* No partial writes. */ 544 length = -EINVAL; 545 if (*ppos != 0) 546 goto out; --- 42 unchanged lines hidden (view full) --- 589static ssize_t sel_write_context(struct file *file, char *buf, size_t size) 590{ 591 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; 592 struct selinux_state *state = fsi->state; 593 char *canon = NULL; 594 u32 sid, len; 595 ssize_t length; 596 | 543 SECCLASS_SECURITY, SECURITY__LOAD_POLICY, NULL); 544 if (length) 545 goto out; 546 547 /* No partial writes. */ 548 length = -EINVAL; 549 if (*ppos != 0) 550 goto out; --- 42 unchanged lines hidden (view full) --- 593static ssize_t sel_write_context(struct file *file, char *buf, size_t size) 594{ 595 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; 596 struct selinux_state *state = fsi->state; 597 char *canon = NULL; 598 u32 sid, len; 599 ssize_t length; 600 |
| 597 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 601 length = avc_has_perm(&selinux_state, 602 current_sid(), SECINITSID_SECURITY, |
| 598 SECCLASS_SECURITY, SECURITY__CHECK_CONTEXT, NULL); 599 if (length) 600 goto out; 601 602 length = security_context_to_sid(state, buf, size, &sid, GFP_KERNEL); 603 if (length) 604 goto out; 605 --- 29 unchanged lines hidden (view full) --- 635static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, 636 size_t count, loff_t *ppos) 637{ 638 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; 639 char *page; 640 ssize_t length; 641 unsigned int new_value; 642 | 603 SECCLASS_SECURITY, SECURITY__CHECK_CONTEXT, NULL); 604 if (length) 605 goto out; 606 607 length = security_context_to_sid(state, buf, size, &sid, GFP_KERNEL); 608 if (length) 609 goto out; 610 --- 29 unchanged lines hidden (view full) --- 640static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, 641 size_t count, loff_t *ppos) 642{ 643 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; 644 char *page; 645 ssize_t length; 646 unsigned int new_value; 647 |
| 643 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 648 length = avc_has_perm(&selinux_state, 649 current_sid(), SECINITSID_SECURITY, |
| 644 SECCLASS_SECURITY, SECURITY__SETCHECKREQPROT, 645 NULL); 646 if (length) 647 return length; 648 649 if (count >= PAGE_SIZE) 650 return -ENOMEM; 651 --- 28 unchanged lines hidden (view full) --- 680 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; 681 struct selinux_state *state = fsi->state; 682 char *oldcon = NULL, *newcon = NULL, *taskcon = NULL; 683 char *req = NULL; 684 u32 osid, nsid, tsid; 685 u16 tclass; 686 int rc; 687 | 650 SECCLASS_SECURITY, SECURITY__SETCHECKREQPROT, 651 NULL); 652 if (length) 653 return length; 654 655 if (count >= PAGE_SIZE) 656 return -ENOMEM; 657 --- 28 unchanged lines hidden (view full) --- 686 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; 687 struct selinux_state *state = fsi->state; 688 char *oldcon = NULL, *newcon = NULL, *taskcon = NULL; 689 char *req = NULL; 690 u32 osid, nsid, tsid; 691 u16 tclass; 692 int rc; 693 |
| 688 rc = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 694 rc = avc_has_perm(&selinux_state, 695 current_sid(), SECINITSID_SECURITY, |
| 689 SECCLASS_SECURITY, SECURITY__VALIDATE_TRANS, NULL); 690 if (rc) 691 goto out; 692 693 rc = -ENOMEM; 694 if (count >= PAGE_SIZE) 695 goto out; 696 --- 111 unchanged lines hidden (view full) --- 808 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; 809 struct selinux_state *state = fsi->state; 810 char *scon = NULL, *tcon = NULL; 811 u32 ssid, tsid; 812 u16 tclass; 813 struct av_decision avd; 814 ssize_t length; 815 | 696 SECCLASS_SECURITY, SECURITY__VALIDATE_TRANS, NULL); 697 if (rc) 698 goto out; 699 700 rc = -ENOMEM; 701 if (count >= PAGE_SIZE) 702 goto out; 703 --- 111 unchanged lines hidden (view full) --- 815 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; 816 struct selinux_state *state = fsi->state; 817 char *scon = NULL, *tcon = NULL; 818 u32 ssid, tsid; 819 u16 tclass; 820 struct av_decision avd; 821 ssize_t length; 822 |
| 816 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 823 length = avc_has_perm(&selinux_state, 824 current_sid(), SECINITSID_SECURITY, |
| 817 SECCLASS_SECURITY, SECURITY__COMPUTE_AV, NULL); 818 if (length) 819 goto out; 820 821 length = -ENOMEM; 822 scon = kzalloc(size + 1, GFP_KERNEL); 823 if (!scon) 824 goto out; --- 36 unchanged lines hidden (view full) --- 861 char *namebuf = NULL, *objname = NULL; 862 u32 ssid, tsid, newsid; 863 u16 tclass; 864 ssize_t length; 865 char *newcon = NULL; 866 u32 len; 867 int nargs; 868 | 825 SECCLASS_SECURITY, SECURITY__COMPUTE_AV, NULL); 826 if (length) 827 goto out; 828 829 length = -ENOMEM; 830 scon = kzalloc(size + 1, GFP_KERNEL); 831 if (!scon) 832 goto out; --- 36 unchanged lines hidden (view full) --- 869 char *namebuf = NULL, *objname = NULL; 870 u32 ssid, tsid, newsid; 871 u16 tclass; 872 ssize_t length; 873 char *newcon = NULL; 874 u32 len; 875 int nargs; 876 |
| 869 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 877 length = avc_has_perm(&selinux_state, 878 current_sid(), SECINITSID_SECURITY, |
| 870 SECCLASS_SECURITY, SECURITY__COMPUTE_CREATE, 871 NULL); 872 if (length) 873 goto out; 874 875 length = -ENOMEM; 876 scon = kzalloc(size + 1, GFP_KERNEL); 877 if (!scon) --- 84 unchanged lines hidden (view full) --- 962 struct selinux_state *state = fsi->state; 963 char *scon = NULL, *tcon = NULL; 964 u32 ssid, tsid, newsid; 965 u16 tclass; 966 ssize_t length; 967 char *newcon = NULL; 968 u32 len; 969 | 879 SECCLASS_SECURITY, SECURITY__COMPUTE_CREATE, 880 NULL); 881 if (length) 882 goto out; 883 884 length = -ENOMEM; 885 scon = kzalloc(size + 1, GFP_KERNEL); 886 if (!scon) --- 84 unchanged lines hidden (view full) --- 971 struct selinux_state *state = fsi->state; 972 char *scon = NULL, *tcon = NULL; 973 u32 ssid, tsid, newsid; 974 u16 tclass; 975 ssize_t length; 976 char *newcon = NULL; 977 u32 len; 978 |
| 970 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 979 length = avc_has_perm(&selinux_state, 980 current_sid(), SECINITSID_SECURITY, |
| 971 SECCLASS_SECURITY, SECURITY__COMPUTE_RELABEL, 972 NULL); 973 if (length) 974 goto out; 975 976 length = -ENOMEM; 977 scon = kzalloc(size + 1, GFP_KERNEL); 978 if (!scon) --- 43 unchanged lines hidden (view full) --- 1022 struct selinux_state *state = fsi->state; 1023 char *con = NULL, *user = NULL, *ptr; 1024 u32 sid, *sids = NULL; 1025 ssize_t length; 1026 char *newcon; 1027 int i, rc; 1028 u32 len, nsids; 1029 | 981 SECCLASS_SECURITY, SECURITY__COMPUTE_RELABEL, 982 NULL); 983 if (length) 984 goto out; 985 986 length = -ENOMEM; 987 scon = kzalloc(size + 1, GFP_KERNEL); 988 if (!scon) --- 43 unchanged lines hidden (view full) --- 1032 struct selinux_state *state = fsi->state; 1033 char *con = NULL, *user = NULL, *ptr; 1034 u32 sid, *sids = NULL; 1035 ssize_t length; 1036 char *newcon; 1037 int i, rc; 1038 u32 len, nsids; 1039 |
| 1030 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 1040 length = avc_has_perm(&selinux_state, 1041 current_sid(), SECINITSID_SECURITY, |
| 1031 SECCLASS_SECURITY, SECURITY__COMPUTE_USER, 1032 NULL); 1033 if (length) 1034 goto out; 1035 1036 length = -ENOMEM; 1037 con = kzalloc(size + 1, GFP_KERNEL); 1038 if (!con) --- 47 unchanged lines hidden (view full) --- 1086 struct selinux_state *state = fsi->state; 1087 char *scon = NULL, *tcon = NULL; 1088 u32 ssid, tsid, newsid; 1089 u16 tclass; 1090 ssize_t length; 1091 char *newcon = NULL; 1092 u32 len; 1093 | 1042 SECCLASS_SECURITY, SECURITY__COMPUTE_USER, 1043 NULL); 1044 if (length) 1045 goto out; 1046 1047 length = -ENOMEM; 1048 con = kzalloc(size + 1, GFP_KERNEL); 1049 if (!con) --- 47 unchanged lines hidden (view full) --- 1097 struct selinux_state *state = fsi->state; 1098 char *scon = NULL, *tcon = NULL; 1099 u32 ssid, tsid, newsid; 1100 u16 tclass; 1101 ssize_t length; 1102 char *newcon = NULL; 1103 u32 len; 1104 |
| 1094 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 1105 length = avc_has_perm(&selinux_state, 1106 current_sid(), SECINITSID_SECURITY, |
| 1095 SECCLASS_SECURITY, SECURITY__COMPUTE_MEMBER, 1096 NULL); 1097 if (length) 1098 goto out; 1099 1100 length = -ENOMEM; 1101 scon = kzalloc(size + 1, GFP_KERNEL); 1102 if (!scon) --- 95 unchanged lines hidden (view full) --- 1198 char *page = NULL; 1199 ssize_t length; 1200 int new_value; 1201 unsigned index = file_inode(filep)->i_ino & SEL_INO_MASK; 1202 const char *name = filep->f_path.dentry->d_name.name; 1203 1204 mutex_lock(&fsi->mutex); 1205 | 1107 SECCLASS_SECURITY, SECURITY__COMPUTE_MEMBER, 1108 NULL); 1109 if (length) 1110 goto out; 1111 1112 length = -ENOMEM; 1113 scon = kzalloc(size + 1, GFP_KERNEL); 1114 if (!scon) --- 95 unchanged lines hidden (view full) --- 1210 char *page = NULL; 1211 ssize_t length; 1212 int new_value; 1213 unsigned index = file_inode(filep)->i_ino & SEL_INO_MASK; 1214 const char *name = filep->f_path.dentry->d_name.name; 1215 1216 mutex_lock(&fsi->mutex); 1217 |
| 1206 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 1218 length = avc_has_perm(&selinux_state, 1219 current_sid(), SECINITSID_SECURITY, |
| 1207 SECCLASS_SECURITY, SECURITY__SETBOOL, 1208 NULL); 1209 if (length) 1210 goto out; 1211 1212 length = -EINVAL; 1213 if (index >= fsi->bool_num || strcmp(name, 1214 fsi->bool_pending_names[index])) --- 43 unchanged lines hidden (view full) --- 1258{ 1259 struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info; 1260 char *page = NULL; 1261 ssize_t length; 1262 int new_value; 1263 1264 mutex_lock(&fsi->mutex); 1265 | 1220 SECCLASS_SECURITY, SECURITY__SETBOOL, 1221 NULL); 1222 if (length) 1223 goto out; 1224 1225 length = -EINVAL; 1226 if (index >= fsi->bool_num || strcmp(name, 1227 fsi->bool_pending_names[index])) --- 43 unchanged lines hidden (view full) --- 1271{ 1272 struct selinux_fs_info *fsi = file_inode(filep)->i_sb->s_fs_info; 1273 char *page = NULL; 1274 ssize_t length; 1275 int new_value; 1276 1277 mutex_lock(&fsi->mutex); 1278 |
| 1266 length = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 1279 length = avc_has_perm(&selinux_state, 1280 current_sid(), SECINITSID_SECURITY, |
| 1267 SECCLASS_SECURITY, SECURITY__SETBOOL, 1268 NULL); 1269 if (length) 1270 goto out; 1271 1272 length = -ENOMEM; 1273 if (count >= PAGE_SIZE) 1274 goto out; --- 123 unchanged lines hidden (view full) --- 1398 sel_remove_entries(dir); 1399 1400 return ret; 1401} 1402 1403static ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf, 1404 size_t count, loff_t *ppos) 1405{ | 1281 SECCLASS_SECURITY, SECURITY__SETBOOL, 1282 NULL); 1283 if (length) 1284 goto out; 1285 1286 length = -ENOMEM; 1287 if (count >= PAGE_SIZE) 1288 goto out; --- 123 unchanged lines hidden (view full) --- 1412 sel_remove_entries(dir); 1413 1414 return ret; 1415} 1416 1417static ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf, 1418 size_t count, loff_t *ppos) 1419{ |
| 1420 struct selinux_fs_info *fsi = file_inode(filp)->i_sb->s_fs_info; 1421 struct selinux_state *state = fsi->state; |
|
| 1406 char tmpbuf[TMPBUFLEN]; 1407 ssize_t length; 1408 | 1422 char tmpbuf[TMPBUFLEN]; 1423 ssize_t length; 1424 |
| 1409 length = scnprintf(tmpbuf, TMPBUFLEN, "%u", avc_cache_threshold); | 1425 length = scnprintf(tmpbuf, TMPBUFLEN, "%u", 1426 avc_get_cache_threshold(state->avc)); |
| 1410 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 1411} 1412 1413static ssize_t sel_write_avc_cache_threshold(struct file *file, 1414 const char __user *buf, 1415 size_t count, loff_t *ppos) 1416 1417{ | 1427 return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); 1428} 1429 1430static ssize_t sel_write_avc_cache_threshold(struct file *file, 1431 const char __user *buf, 1432 size_t count, loff_t *ppos) 1433 1434{ |
| 1435 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; 1436 struct selinux_state *state = fsi->state; |
|
| 1418 char *page; 1419 ssize_t ret; 1420 unsigned int new_value; 1421 | 1437 char *page; 1438 ssize_t ret; 1439 unsigned int new_value; 1440 |
| 1422 ret = avc_has_perm(current_sid(), SECINITSID_SECURITY, | 1441 ret = avc_has_perm(&selinux_state, 1442 current_sid(), SECINITSID_SECURITY, |
| 1423 SECCLASS_SECURITY, SECURITY__SETSECPARAM, 1424 NULL); 1425 if (ret) 1426 return ret; 1427 1428 if (count >= PAGE_SIZE) 1429 return -ENOMEM; 1430 --- 4 unchanged lines hidden (view full) --- 1435 page = memdup_user_nul(buf, count); 1436 if (IS_ERR(page)) 1437 return PTR_ERR(page); 1438 1439 ret = -EINVAL; 1440 if (sscanf(page, "%u", &new_value) != 1) 1441 goto out; 1442 | 1443 SECCLASS_SECURITY, SECURITY__SETSECPARAM, 1444 NULL); 1445 if (ret) 1446 return ret; 1447 1448 if (count >= PAGE_SIZE) 1449 return -ENOMEM; 1450 --- 4 unchanged lines hidden (view full) --- 1455 page = memdup_user_nul(buf, count); 1456 if (IS_ERR(page)) 1457 return PTR_ERR(page); 1458 1459 ret = -EINVAL; 1460 if (sscanf(page, "%u", &new_value) != 1) 1461 goto out; 1462 |
| 1443 avc_cache_threshold = new_value; | 1463 avc_set_cache_threshold(state->avc, new_value); |
| 1444 1445 ret = count; 1446out: 1447 kfree(page); 1448 return ret; 1449} 1450 1451static ssize_t sel_read_avc_hash_stats(struct file *filp, char __user *buf, 1452 size_t count, loff_t *ppos) 1453{ | 1464 1465 ret = count; 1466out: 1467 kfree(page); 1468 return ret; 1469} 1470 1471static ssize_t sel_read_avc_hash_stats(struct file *filp, char __user *buf, 1472 size_t count, loff_t *ppos) 1473{ |
| 1474 struct selinux_fs_info *fsi = file_inode(filp)->i_sb->s_fs_info; 1475 struct selinux_state *state = fsi->state; |
|
| 1454 char *page; 1455 ssize_t length; 1456 1457 page = (char *)__get_free_page(GFP_KERNEL); 1458 if (!page) 1459 return -ENOMEM; 1460 | 1476 char *page; 1477 ssize_t length; 1478 1479 page = (char *)__get_free_page(GFP_KERNEL); 1480 if (!page) 1481 return -ENOMEM; 1482 |
| 1461 length = avc_get_hash_stats(page); | 1483 length = avc_get_hash_stats(state->avc, page); |
| 1462 if (length >= 0) 1463 length = simple_read_from_buffer(buf, count, ppos, page, length); 1464 free_page((unsigned long)page); 1465 1466 return length; 1467} 1468 1469static const struct file_operations sel_avc_cache_threshold_ops = { --- 576 unchanged lines hidden --- | 1484 if (length >= 0) 1485 length = simple_read_from_buffer(buf, count, ppos, page, length); 1486 free_page((unsigned long)page); 1487 1488 return length; 1489} 1490 1491static const struct file_operations sel_avc_cache_threshold_ops = { --- 576 unchanged lines hidden --- |