.37 patches

diff --git a/queue-2.6.37/series b/queue-2.6.37/series
index 251e3ffbe5c68dd62661b19ac96eb023787ecee1..8564d28196b8b7ffae10faa454a66f4fab8bf6f5 100644 (file)
--- a/queue-2.6.37/series
+++ b/queue-2.6.37/series
@@ -32,3 +32,4 @@ ib-cm-bump-reference-count-on-cm_id-before-invoking-callback.patch
 x86-quirk-fix-sb600-revision-check.patch
 microblaze-fix-dev-zero-corruption-from-__clear_user.patch
 x86-stop_machine_text_poke-should-issue-sync_core.patch
+tomoyo-fix-memory-leak-upon-file-open.patch

diff --git a/queue-2.6.37/tomoyo-fix-memory-leak-upon-file-open.patch b/queue-2.6.37/tomoyo-fix-memory-leak-upon-file-open.patch
new file mode 100644 (file)
index 0000000..0dbb85c
--- /dev/null
+++ b/queue-2.6.37/tomoyo-fix-memory-leak-upon-file-open.patch
@@ -0,0 +1,45 @@
+From eae61f3c829439f8f9121b5cd48a14be04df451f Mon Sep 17 00:00:00 2001
+From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Date: Wed, 2 Mar 2011 16:54:24 +0900
+Subject: TOMOYO: Fix memory leak upon file open.
+
+From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+
+commit eae61f3c829439f8f9121b5cd48a14be04df451f upstream.
+
+In tomoyo_check_open_permission() since 2.6.36, TOMOYO was by error
+recalculating already calculated pathname when checking allow_rewrite
+permission. As a result, memory will leak whenever a file is opened for writing
+without O_APPEND flag. Also, performance will degrade because TOMOYO is
+calculating pathname regardless of profile configuration.
+This patch fixes the leak and performance degrade.
+
+Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Signed-off-by: James Morris <jmorris@namei.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ security/tomoyo/file.c |    5 +----
+ 1 file changed, 1 insertion(+), 4 deletions(-)
+
+--- a/security/tomoyo/file.c
++++ b/security/tomoyo/file.c
+@@ -927,7 +927,7 @@ int tomoyo_check_open_permission(struct
+                                struct path *path, const int flag)
+ {
+       const u8 acc_mode = ACC_MODE(flag);
+-      int error = -ENOMEM;
++      int error = 0;
+       struct tomoyo_path_info buf;
+       struct tomoyo_request_info r;
+       int idx;
+@@ -938,9 +938,6 @@ int tomoyo_check_open_permission(struct
+       buf.name = NULL;
+       r.mode = TOMOYO_CONFIG_DISABLED;
+       idx = tomoyo_read_lock();
+-      if (!tomoyo_get_realpath(&buf, path))
+-              goto out;
+-      error = 0;
+       /*
+        * If the filename is specified by "deny_rewrite" keyword,
+        * we need to check "allow_rewrite" permission when the filename is not