[1/2] selinux: switch unnecessary GFP_ATOMIC allocs to GFP_KERNEL

Commit Message

Ondrej Mosnacek Aug. 24, 2020, 3:52 p.m. UTC

There seems to be no reason to use GFP_ATOMIC in these cases.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
---
 security/selinux/hooks.c       |  6 +++---
 security/selinux/ss/policydb.c | 10 +++++-----
 2 files changed, 8 insertions(+), 8 deletions(-)

Comments

Ondrej Mosnacek Aug. 24, 2020, 8:12 p.m. UTC | #1

On Mon, Aug 24, 2020 at 5:52 PM Ondrej Mosnacek <omosnace@redhat.com> wrote:
> There seems to be no reason to use GFP_ATOMIC in these cases.
>
> Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
> ---
>  security/selinux/hooks.c       |  6 +++---
>  security/selinux/ss/policydb.c | 10 +++++-----
>  2 files changed, 8 insertions(+), 8 deletions(-)

I found at least one more unjustified GFP_ATOMIC in services.c, so
I'll probably respin this patch so it is all in one commit. I didn't
bother looking at services.c at first, since most of the allocations
there are bound to GFP_ATOMIC due to the policy read lock being held.

Patch

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 89d3753b7bd5d..4de962daffbde 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3171,7 +3171,7 @@  static int selinux_inode_setxattr(struct dentry *dentry, const char *name,
 				audit_size = 0;
 			}
 			ab = audit_log_start(audit_context(),
-					     GFP_ATOMIC, AUDIT_SELINUX_ERR);
+					     GFP_KERNEL, AUDIT_SELINUX_ERR);
 			audit_log_format(ab, "op=setxattr invalid_context=");
 			audit_log_n_untrustedstring(ab, value, audit_size);
 			audit_log_end(ab);
@@ -6388,7 +6388,7 @@  static int selinux_setprocattr(const char *name, void *value, size_t size)
 				else
 					audit_size = size;
 				ab = audit_log_start(audit_context(),
-						     GFP_ATOMIC,
+						     GFP_KERNEL,
 						     AUDIT_SELINUX_ERR);
 				audit_log_format(ab, "op=fscreate invalid_context=");
 				audit_log_n_untrustedstring(ab, value, audit_size);
@@ -6854,7 +6854,7 @@  static int selinux_lockdown(enum lockdown_reason what)
 
 	if (WARN(invalid_reason, "Invalid lockdown reason")) {
 		audit_log(audit_context(),
-			  GFP_ATOMIC, AUDIT_SELINUX_ERR,
+			  GFP_KERNEL, AUDIT_SELINUX_ERR,
 			  "lockdown_reason=invalid");
 		return -EINVAL;
 	}
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 9fccf417006b0..c1437de04e1d9 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -1577,7 +1577,7 @@  static int sens_read(struct policydb *p, struct symtab *s, void *fp)
 	__le32 buf[2];
 	u32 len;
 
-	levdatum = kzalloc(sizeof(*levdatum), GFP_ATOMIC);
+	levdatum = kzalloc(sizeof(*levdatum), GFP_KERNEL);
 	if (!levdatum)
 		return -ENOMEM;
 
@@ -1588,12 +1588,12 @@  static int sens_read(struct policydb *p, struct symtab *s, void *fp)
 	len = le32_to_cpu(buf[0]);
 	levdatum->isalias = le32_to_cpu(buf[1]);
 
-	rc = str_read(&key, GFP_ATOMIC, fp, len);
+	rc = str_read(&key, GFP_KERNEL, fp, len);
 	if (rc)
 		goto bad;
 
 	rc = -ENOMEM;
-	levdatum->level = kmalloc(sizeof(*levdatum->level), GFP_ATOMIC);
+	levdatum->level = kmalloc(sizeof(*levdatum->level), GFP_KERNEL);
 	if (!levdatum->level)
 		goto bad;
 
@@ -1618,7 +1618,7 @@  static int cat_read(struct policydb *p, struct symtab *s, void *fp)
 	__le32 buf[3];
 	u32 len;
 
-	catdatum = kzalloc(sizeof(*catdatum), GFP_ATOMIC);
+	catdatum = kzalloc(sizeof(*catdatum), GFP_KERNEL);
 	if (!catdatum)
 		return -ENOMEM;
 
@@ -1630,7 +1630,7 @@  static int cat_read(struct policydb *p, struct symtab *s, void *fp)
 	catdatum->value = le32_to_cpu(buf[1]);
 	catdatum->isalias = le32_to_cpu(buf[2]);
 
-	rc = str_read(&key, GFP_ATOMIC, fp, len);
+	rc = str_read(&key, GFP_KERNEL, fp, len);
 	if (rc)
 		goto bad;