TOMOYO: Remove tomoyo_policy_memory_lock spinlock.

tomoyo_policy_lock mutex already protects it.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>

security/tomoyo/common.h

@@ -1043,7 +1043,6 @@ void tomoyo_fill_path_info(struct tomoyo_path_info *ptr);
 void tomoyo_get_attributes(struct tomoyo_obj_info *obj);
 void tomoyo_init_policy_namespace(struct tomoyo_policy_namespace *ns);
 void tomoyo_load_policy(const char *filename);
-void tomoyo_memory_free(void *ptr);
 void tomoyo_normalize_line(unsigned char *buffer);
 void tomoyo_notify_gc(struct tomoyo_io_buffer *head, const bool is_register);
 void tomoyo_print_ip(char *buf, const unsigned int size,

security/tomoyo/gc.c

@@ -8,6 +8,21 @@
 #include <linux/kthread.h>
 #include <linux/slab.h>
 
+/**
+ * tomoyo_memory_free - Free memory for elements.
+ *
+ * @ptr:  Pointer to allocated memory.
+ *
+ * Returns nothing.
+ *
+ * Caller holds tomoyo_policy_lock mutex.
+ */
+static inline void tomoyo_memory_free(void *ptr)
+{
+	tomoyo_memory_used[TOMOYO_MEMORY_POLICY] -= ksize(ptr);
+	kfree(ptr);
+}
+
 /* The list for "struct tomoyo_io_buffer". */
 static LIST_HEAD(tomoyo_io_buffer_list);
 /* Lock for protecting tomoyo_io_buffer_list. */
@@ -215,6 +230,8 @@ static void tomoyo_del_acl(struct list_head *element)
  * @element: Pointer to "struct list_head".
  *
  * Returns nothing.
+ *
+ * Caller holds tomoyo_policy_lock mutex.
  */
 static inline void tomoyo_del_domain(struct list_head *element)
 {
@@ -416,12 +433,13 @@ static void tomoyo_try_to_gc(const enum tomoyo_policy_id type,
 				(element, typeof(struct tomoyo_domain_info),
 				 list)->users))
 			goto reinject;
-		tomoyo_del_domain(element);
 		break;
 	case TOMOYO_MAX_POLICY:
 		break;
 	}
 	mutex_lock(&tomoyo_policy_lock);
+	if (type == TOMOYO_ID_DOMAIN)
+		tomoyo_del_domain(element);
 	tomoyo_memory_free(element);
 	return;
 reinject:

security/tomoyo/memory.c

@@ -27,8 +27,6 @@ void tomoyo_warn_oom(const char *function)
 		panic("MAC Initialization failed.\n");
 }
 
-/* Lock for protecting tomoyo_memory_used. */
-static DEFINE_SPINLOCK(tomoyo_policy_memory_lock);
 /* Memoy currently used by policy/audit log/query. */
 unsigned int tomoyo_memory_used[TOMOYO_MAX_MEMORY_STAT];
 /* Memory quota for "policy"/"audit log"/"query". */
@@ -42,22 +40,19 @@ unsigned int tomoyo_memory_quota[TOMOYO_MAX_MEMORY_STAT];
  * Returns true on success, false otherwise.
  *
  * Returns true if @ptr is not NULL and quota not exceeded, false otherwise.
+ *
+ * Caller holds tomoyo_policy_lock mutex.
  */
 bool tomoyo_memory_ok(void *ptr)
 {
 	if (ptr) {
 		const size_t s = ksize(ptr);
-		bool result;
-		spin_lock(&tomoyo_policy_memory_lock);
 		tomoyo_memory_used[TOMOYO_MEMORY_POLICY] += s;
-		result = !tomoyo_memory_quota[TOMOYO_MEMORY_POLICY] ||
-			tomoyo_memory_used[TOMOYO_MEMORY_POLICY] <=
-			tomoyo_memory_quota[TOMOYO_MEMORY_POLICY];
-		if (!result)
-			tomoyo_memory_used[TOMOYO_MEMORY_POLICY] -= s;
-		spin_unlock(&tomoyo_policy_memory_lock);
-		if (result)
+		if (!tomoyo_memory_quota[TOMOYO_MEMORY_POLICY] ||
+		    tomoyo_memory_used[TOMOYO_MEMORY_POLICY] <=
+		    tomoyo_memory_quota[TOMOYO_MEMORY_POLICY])
 			return true;
+		tomoyo_memory_used[TOMOYO_MEMORY_POLICY] -= s;
 	}
 	tomoyo_warn_oom(__func__);
 	return false;
@@ -71,6 +66,8 @@ bool tomoyo_memory_ok(void *ptr)
  *
  * Returns pointer to allocated memory on success, NULL otherwise.
  * @data is zero-cleared on success.
+ *
+ * Caller holds tomoyo_policy_lock mutex.
  */
 void *tomoyo_commit_ok(void *data, const unsigned int size)
 {
@@ -84,20 +81,6 @@ void *tomoyo_commit_ok(void *data, const unsigned int size)
 	return NULL;
 }
 
-/**
- * tomoyo_memory_free - Free memory for elements.
- *
- * @ptr:  Pointer to allocated memory.
- */
-void tomoyo_memory_free(void *ptr)
-{
-	size_t s = ksize(ptr);
-	spin_lock(&tomoyo_policy_memory_lock);
-	tomoyo_memory_used[TOMOYO_MEMORY_POLICY] -= s;
-	spin_unlock(&tomoyo_policy_memory_lock);
-	kfree(ptr);
-}
-
 /**
  * tomoyo_get_group - Allocate memory for "struct tomoyo_path_group"/"struct tomoyo_number_group".
  *