[PATCH 10/13] AppArmor: Add kvzalloc to handle zeroing for kvmalloc

[John Johansen]

Signed-off-by: John Johansen <john.johansen at canonical.com>
---
 security/apparmor/apparmorfs.c       |    2 +-
 security/apparmor/include/apparmor.h |   12 +++++++++++-
 security/apparmor/lib.c              |    7 ++++---
 security/apparmor/match.c            |    2 +-
 4 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 28c52ac..b3d01d7 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -56,7 +56,7 @@ static char *aa_simple_write_to_buffer(int op, const char __user *userbuf,
 		return ERR_PTR(-EACCES);
 
 	/* freed by caller to simple_write_to_buffer */
-	data = kvmalloc(alloc_size);
+	data = kvmalloc(alloc_size, 0);
 	if (data == NULL)
 		return ERR_PTR(-ENOMEM);
 
diff --git a/security/apparmor/include/apparmor.h b/security/apparmor/include/apparmor.h
index 38ccaea..35bcb67 100644
--- a/security/apparmor/include/apparmor.h
+++ b/security/apparmor/include/apparmor.h
@@ -15,6 +15,7 @@
 #ifndef __APPARMOR_H
 #define __APPARMOR_H
 
+#include <linux/slab.h>
 #include <linux/fs.h>
 
 #include "match.h"
@@ -51,9 +52,18 @@ extern int apparmor_initialized __initdata;
 /* fn's in lib */
 char *aa_split_fqname(char *args, char **ns_name);
 void aa_info_message(const char *str);
-void *kvmalloc(size_t size);
+void *kvmalloc(size_t size, gfp_t flags);
 void kvfree(void *buffer);
 
+/**
+ * kvzalloc - allocate memory. The memory is set to zero.
+ * @size: how many bytes of memory are required.
+ * @flags: the type of memory to allocate (see kmalloc).
+ */
+static inline void *kvzalloc(size_t size, gfp_t flags)
+{
+	return kvmalloc(size, flags | __GFP_ZERO);
+}
 
 /**
  * aa_strneq - compare null terminated @str to a non null terminated substring
diff --git a/security/apparmor/lib.c b/security/apparmor/lib.c
index 506d2ba..5b9a428 100644
--- a/security/apparmor/lib.c
+++ b/security/apparmor/lib.c
@@ -72,14 +72,15 @@ void aa_info_message(const char *str)
 
 /**
  * kvmalloc - do allocation preferring kmalloc but falling back to vmalloc
- * @size: size of allocation
+ * @size: how many bytes of memory are required
+ * @flags: the type of memory to allocate (see kmalloc).
  *
  * Return: allocated buffer or NULL if failed
  *
  * It is possible that policy being loaded from the user is larger than
  * what can be allocated by kmalloc, in those cases fall back to vmalloc.
  */
-void *kvmalloc(size_t size)
+void *kvmalloc(size_t size, gfp_t flags)
 {
 	void *buffer = NULL;
 
@@ -88,7 +89,7 @@ void *kvmalloc(size_t size)
 
 	/* do not attempt kmalloc if we need more than 16 pages at once */
 	if (size <= (16*PAGE_SIZE))
-		buffer = kmalloc(size, GFP_NOIO | __GFP_NOWARN);
+		buffer = kmalloc(size, flags | GFP_NOIO | __GFP_NOWARN);
 	if (!buffer) {
 		/* see kvfree for why size must be at least work_struct size
 		 * when allocated via vmalloc
diff --git a/security/apparmor/match.c b/security/apparmor/match.c
index 081491e..58831c8 100644
--- a/security/apparmor/match.c
+++ b/security/apparmor/match.c
@@ -64,7 +64,7 @@ static struct table_header *unpack_table(char *blob, size_t bsize)
 	if (th.td_id == YYTD_ID_NXT || th.td_id == YYTD_ID_CHK)
 		tsize += 256 * th.td_flags;
 
-	table = kvmalloc(tsize);
+	table = kvmalloc(tsize, 0);
 	if (table) {
 		/* ensure the pad is clear, else there will be errors */
 		memset(table, 0, tsize);
-- 
1.7.5.4