TOMOYO: Update kernel-doc.

Update comments for scripts/kernel-doc and fix some of errors reported by scripts/checkpatch.pl . Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> 2011-07-14 01:46:51 -0400
committer: James Morris <jmorris@namei.org> 2011-07-14 03:50:03 -0400
commit: 0f2a55d5bb2372058275b0b343d90dd5d640d045 (patch)
tree: 0faaacea8061e5717efd50d24220d6976e6adba6 /security/tomoyo/tomoyo.c
parent: c9206693457a946698e1d67db2b424e1d101493d (diff)
1 files changed, 206 insertions, 4 deletions
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c
index a536cb182c05..f776400a8f31 100644
--- a/security/tomoyo/tomoyo.c
+++ b/security/tomoyo/tomoyo.c
@@ -1,20 +1,35 @@
 /*
 * security/tomoyo/tomoyo.c
 *
- * LSM hooks for TOMOYO Linux.
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
- *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
 */
 #include <linux/security.h>
 #include "common.h"
+/**
+ * tomoyo_cred_alloc_blank - Target for security_cred_alloc_blank().
+ *
+ * @new: Pointer to "struct cred".
+ * @gfp: Memory allocation flags.
+ *
+ * Returns 0.
+ */
 static int tomoyo_cred_alloc_blank(struct cred *new, gfp_t gfp)
 {
        new->security = NULL;
        return 0;
 }
+/**
+ * tomoyo_cred_prepare - Target for security_prepare_creds().
+ *
+ * @new: Pointer to "struct cred".
+ * @old: Pointer to "struct cred".
+ * @gfp: Memory allocation flags.
+ *
+ * Returns 0.
+ */
 static int tomoyo_cred_prepare(struct cred *new, const struct cred *old,
                               gfp_t gfp)
 {
@@ -25,11 +40,22 @@ static int tomoyo_cred_prepare(struct cred *new, const struct cred *old,
        return 0;
 }
+/**
+ * tomoyo_cred_transfer - Target for security_transfer_creds().
+ *
+ * @new: Pointer to "struct cred".
+ * @old: Pointer to "struct cred".
+ */
 static void tomoyo_cred_transfer(struct cred *new, const struct cred *old)
 {
        tomoyo_cred_prepare(new, old, 0);
 }
+/**
+ * tomoyo_cred_free - Target for security_cred_free().
+ *
+ * @cred: Pointer to "struct cred".
+ */
 static void tomoyo_cred_free(struct cred *cred)
 {
        struct tomoyo_domain_info *domain = cred->security;
@@ -37,6 +63,13 @@ static void tomoyo_cred_free(struct cred *cred)
                atomic_dec(&domain->users);
 }
+/**
+ * tomoyo_bprm_set_creds - Target for security_bprm_set_creds().
+ *
+ * @bprm: Pointer to "struct linux_binprm".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_bprm_set_creds(struct linux_binprm *bprm)
 {
        int rc;
@@ -75,6 +108,13 @@ static int tomoyo_bprm_set_creds(struct linux_binprm *bprm)
        return 0;
 }
+/**
+ * tomoyo_bprm_check_security - Target for security_bprm_check().
+ *
+ * @bprm: Pointer to "struct linux_binprm".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_bprm_check_security(struct linux_binprm *bprm)
 {
        struct tomoyo_domain_info *domain = bprm->cred->security;
@@ -92,26 +132,59 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm)
        /*
         * Read permission is checked against interpreters using next domain.
         */
-        return tomoyo_check_open_permission(domain, &bprm->file->f_path, O_RDONLY);
+        return tomoyo_check_open_permission(domain, &bprm->file->f_path,
+                                            O_RDONLY);
 }
+/**
+ * tomoyo_inode_getattr - Target for security_inode_getattr().
+ *
+ * @mnt:    Pointer to "struct vfsmount".
+ * @dentry: Pointer to "struct dentry".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_inode_getattr(struct vfsmount *mnt, struct dentry *dentry)
 {
        struct path path = { mnt, dentry };
        return tomoyo_path_perm(TOMOYO_TYPE_GETATTR, &path, NULL);
 }
+/**
+ * tomoyo_path_truncate - Target for security_path_truncate().
+ *
+ * @path: Pointer to "struct path".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_truncate(struct path *path)
 {
        return tomoyo_path_perm(TOMOYO_TYPE_TRUNCATE, path, NULL);
 }
+/**
+ * tomoyo_path_unlink - Target for security_path_unlink().
+ *
+ * @parent: Pointer to "struct path".
+ * @dentry: Pointer to "struct dentry".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry)
 {
        struct path path = { parent->mnt, dentry };
        return tomoyo_path_perm(TOMOYO_TYPE_UNLINK, &path, NULL);
 }
+/**
+ * tomoyo_path_mkdir - Target for security_path_mkdir().
+ *
+ * @parent: Pointer to "struct path".
+ * @dentry: Pointer to "struct dentry".
+ * @mode:   DAC permission mode.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry,
                             int mode)
 {
@@ -120,12 +193,29 @@ static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry,
                                       mode & S_IALLUGO);
 }
+/**
+ * tomoyo_path_rmdir - Target for security_path_rmdir().
+ *
+ * @parent: Pointer to "struct path".
+ * @dentry: Pointer to "struct dentry".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_rmdir(struct path *parent, struct dentry *dentry)
 {
        struct path path = { parent->mnt, dentry };
        return tomoyo_path_perm(TOMOYO_TYPE_RMDIR, &path, NULL);
 }
+/**
+ * tomoyo_path_symlink - Target for security_path_symlink().
+ *
+ * @parent:   Pointer to "struct path".
+ * @dentry:   Pointer to "struct dentry".
+ * @old_name: Symlink's content.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry,
                               const char *old_name)
 {
@@ -133,6 +223,16 @@ static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry,
        return tomoyo_path_perm(TOMOYO_TYPE_SYMLINK, &path, old_name);
 }
+/**
+ * tomoyo_path_mknod - Target for security_path_mknod().
+ *
+ * @parent: Pointer to "struct path".
+ * @dentry: Pointer to "struct dentry".
+ * @mode:   DAC permission mode.
+ * @dev:    Device attributes.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry,
                             int mode, unsigned int dev)
 {
@@ -163,6 +263,15 @@ static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry,
        return tomoyo_path_number_perm(type, &path, perm);
 }
+/**
+ * tomoyo_path_link - Target for security_path_link().
+ *
+ * @old_dentry: Pointer to "struct dentry".
+ * @new_dir:    Pointer to "struct path".
+ * @new_dentry: Pointer to "struct dentry".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_link(struct dentry *old_dentry, struct path *new_dir,
                            struct dentry *new_dentry)
 {
@@ -171,6 +280,16 @@ static int tomoyo_path_link(struct dentry *old_dentry, struct path *new_dir,
        return tomoyo_path2_perm(TOMOYO_TYPE_LINK, &path1, &path2);
 }
+/**
+ * tomoyo_path_rename - Target for security_path_rename().
+ *
+ * @old_parent: Pointer to "struct path".
+ * @old_dentry: Pointer to "struct dentry".
+ * @new_parent: Pointer to "struct path".
+ * @new_dentry: Pointer to "struct dentry".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_rename(struct path *old_parent,
                              struct dentry *old_dentry,
                              struct path *new_parent,
@@ -181,6 +300,15 @@ static int tomoyo_path_rename(struct path *old_parent,
        return tomoyo_path2_perm(TOMOYO_TYPE_RENAME, &path1, &path2);
 }
+/**
+ * tomoyo_file_fcntl - Target for security_file_fcntl().
+ *
+ * @file: Pointer to "struct file".
+ * @cmd:  Command for fcntl().
+ * @arg:  Argument for @cmd.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_file_fcntl(struct file *file, unsigned int cmd,
                             unsigned long arg)
 {
@@ -190,6 +318,14 @@ static int tomoyo_file_fcntl(struct file *file, unsigned int cmd,
                                            O_WRONLY | (arg & O_APPEND));
 }
+/**
+ * tomoyo_dentry_open - Target for security_dentry_open().
+ *
+ * @f:    Pointer to "struct file".
+ * @cred: Pointer to "struct cred".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_dentry_open(struct file *f, const struct cred *cred)
 {
        int flags = f->f_flags;
@@ -199,12 +335,30 @@ static int tomoyo_dentry_open(struct file *f, const struct cred *cred)
        return tomoyo_check_open_permission(tomoyo_domain(), &f->f_path, flags);
 }
+/**
+ * tomoyo_file_ioctl - Target for security_file_ioctl().
+ *
+ * @file: Pointer to "struct file".
+ * @cmd:  Command for ioctl().
+ * @arg:  Argument for @cmd.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_file_ioctl(struct file *file, unsigned int cmd,
                             unsigned long arg)
 {
        return tomoyo_path_number_perm(TOMOYO_TYPE_IOCTL, &file->f_path, cmd);
 }
+/**
+ * tomoyo_path_chmod - Target for security_path_chmod().
+ *
+ * @dentry: Pointer to "struct dentry".
+ * @mnt:    Pointer to "struct vfsmount".
+ * @mode:   DAC permission mode.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_chmod(struct dentry *dentry, struct vfsmount *mnt,
                             mode_t mode)
 {
@@ -213,6 +367,15 @@ static int tomoyo_path_chmod(struct dentry *dentry, struct vfsmount *mnt,
                                       mode & S_IALLUGO);
 }
+/**
+ * tomoyo_path_chown - Target for security_path_chown().
+ *
+ * @path: Pointer to "struct path".
+ * @uid:  Owner ID.
+ * @gid:  Group ID.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_chown(struct path *path, uid_t uid, gid_t gid)
 {
        int error = 0;
@@ -223,23 +386,57 @@ static int tomoyo_path_chown(struct path *path, uid_t uid, gid_t gid)
        return error;
 }
+/**
+ * tomoyo_path_chroot - Target for security_path_chroot().
+ *
+ * @path: Pointer to "struct path".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_chroot(struct path *path)
 {
        return tomoyo_path_perm(TOMOYO_TYPE_CHROOT, path, NULL);
 }
+/**
+ * tomoyo_sb_mount - Target for security_sb_mount().
+ *
+ * @dev_name: Name of device file. Maybe NULL.
+ * @path:     Pointer to "struct path".
+ * @type:     Name of filesystem type. Maybe NULL.
+ * @flags:    Mount options.
+ * @data:     Optional data. Maybe NULL.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_sb_mount(char *dev_name, struct path *path,
                           char *type, unsigned long flags, void *data)
 {
        return tomoyo_mount_permission(dev_name, path, type, flags, data);
 }
+/**
+ * tomoyo_sb_umount - Target for security_sb_umount().
+ *
+ * @mnt:   Pointer to "struct vfsmount".
+ * @flags: Unmount options.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_sb_umount(struct vfsmount *mnt, int flags)
 {
        struct path path = { mnt, mnt->mnt_root };
        return tomoyo_path_perm(TOMOYO_TYPE_UMOUNT, &path, NULL);
 }
+/**
+ * tomoyo_sb_pivotroot - Target for security_sb_pivotroot().
+ *
+ * @old_path: Pointer to "struct path".
+ * @new_path: Pointer to "struct path".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_sb_pivotroot(struct path *old_path, struct path *new_path)
 {
        return tomoyo_path2_perm(TOMOYO_TYPE_PIVOT_ROOT, new_path, old_path);
@@ -280,6 +477,11 @@ static struct security_operations tomoyo_security_ops = {
 /* Lock for GC. */
 struct srcu_struct tomoyo_ss;
+/**
+ * tomoyo_init - Register TOMOYO Linux as a LSM module.
+ *
+ * Returns 0.
+ */
 static int __init tomoyo_init(void)
 {
        struct cred *cred = (struct cred *) current_cred();
author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>	2011-07-14 01:46:51 -0400
committer	James Morris <jmorris@namei.org>	2011-07-14 03:50:03 -0400
commit	0f2a55d5bb2372058275b0b343d90dd5d640d045 (patch)
tree	0faaacea8061e5717efd50d24220d6976e6adba6 /security/tomoyo/tomoyo.c
parent	c9206693457a946698e1d67db2b424e1d101493d (diff)

diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index a536cb182c05..f776400a8f31 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c
@@ -1,20 +1,35 @@
1	/*	1	/*
2	* security/tomoyo/tomoyo.c	2	* security/tomoyo/tomoyo.c
3	*	3	*
4	* LSM hooks for TOMOYO Linux.	4	* Copyright (C) 2005-2011 NTT DATA CORPORATION
5	*
6	* Copyright (C) 2005-2010 NTT DATA CORPORATION
7	*/	5	*/
8		6
9	#include <linux/security.h>	7	#include <linux/security.h>
10	#include "common.h"	8	#include "common.h"
11		9
		10	/**
		11	* tomoyo_cred_alloc_blank - Target for security_cred_alloc_blank().
		12	*
		13	* @new: Pointer to "struct cred".
		14	* @gfp: Memory allocation flags.
		15	*
		16	* Returns 0.
		17	*/
12	static int tomoyo_cred_alloc_blank(struct cred *new, gfp_t gfp)	18	static int tomoyo_cred_alloc_blank(struct cred *new, gfp_t gfp)
13	{	19	{
14	new->security = NULL;	20	new->security = NULL;
15	return 0;	21	return 0;
16	}	22	}
17		23
		24	/**
		25	* tomoyo_cred_prepare - Target for security_prepare_creds().
		26	*
		27	* @new: Pointer to "struct cred".
		28	* @old: Pointer to "struct cred".
		29	* @gfp: Memory allocation flags.
		30	*
		31	* Returns 0.
		32	*/
18	static int tomoyo_cred_prepare(struct cred new, const struct cred old,	33	static int tomoyo_cred_prepare(struct cred new, const struct cred old,
19	gfp_t gfp)	34	gfp_t gfp)
20	{	35	{
@@ -25,11 +40,22 @@ static int tomoyo_cred_prepare(struct cred new, const struct cred old,
25	return 0;	40	return 0;
26	}	41	}
27		42
		43	/**
		44	* tomoyo_cred_transfer - Target for security_transfer_creds().
		45	*
		46	* @new: Pointer to "struct cred".
		47	* @old: Pointer to "struct cred".
		48	*/
28	static void tomoyo_cred_transfer(struct cred new, const struct cred old)	49	static void tomoyo_cred_transfer(struct cred new, const struct cred old)
29	{	50	{
30	tomoyo_cred_prepare(new, old, 0);	51	tomoyo_cred_prepare(new, old, 0);
31	}	52	}
32		53
		54	/**
		55	* tomoyo_cred_free - Target for security_cred_free().
		56	*
		57	* @cred: Pointer to "struct cred".
		58	*/
33	static void tomoyo_cred_free(struct cred *cred)	59	static void tomoyo_cred_free(struct cred *cred)
34	{	60	{
35	struct tomoyo_domain_info *domain = cred->security;	61	struct tomoyo_domain_info *domain = cred->security;
@@ -37,6 +63,13 @@ static void tomoyo_cred_free(struct cred *cred)
37	atomic_dec(&domain->users);	63	atomic_dec(&domain->users);
38	}	64	}
39		65
		66	/**
		67	* tomoyo_bprm_set_creds - Target for security_bprm_set_creds().
		68	*
		69	* @bprm: Pointer to "struct linux_binprm".
		70	*
		71	* Returns 0 on success, negative value otherwise.
		72	*/
40	static int tomoyo_bprm_set_creds(struct linux_binprm *bprm)	73	static int tomoyo_bprm_set_creds(struct linux_binprm *bprm)
41	{	74	{
42	int rc;	75	int rc;
@@ -75,6 +108,13 @@ static int tomoyo_bprm_set_creds(struct linux_binprm *bprm)
75	return 0;	108	return 0;
76	}	109	}
77		110
		111	/**
		112	* tomoyo_bprm_check_security - Target for security_bprm_check().
		113	*
		114	* @bprm: Pointer to "struct linux_binprm".
		115	*
		116	* Returns 0 on success, negative value otherwise.
		117	*/
78	static int tomoyo_bprm_check_security(struct linux_binprm *bprm)	118	static int tomoyo_bprm_check_security(struct linux_binprm *bprm)
79	{	119	{
80	struct tomoyo_domain_info *domain = bprm->cred->security;	120	struct tomoyo_domain_info *domain = bprm->cred->security;
@@ -92,26 +132,59 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm)
92	/*	132	/*
93	* Read permission is checked against interpreters using next domain.	133	* Read permission is checked against interpreters using next domain.
94	*/	134	*/
95	return tomoyo_check_open_permission(domain, &bprm->file->f_path, O_RDONLY);	135	return tomoyo_check_open_permission(domain, &bprm->file->f_path,
		136	O_RDONLY);
96	}	137	}
97		138
		139	/**
		140	* tomoyo_inode_getattr - Target for security_inode_getattr().
		141	*
		142	* @mnt: Pointer to "struct vfsmount".
		143	* @dentry: Pointer to "struct dentry".
		144	*
		145	* Returns 0 on success, negative value otherwise.
		146	*/
98	static int tomoyo_inode_getattr(struct vfsmount mnt, struct dentry dentry)	147	static int tomoyo_inode_getattr(struct vfsmount mnt, struct dentry dentry)
99	{	148	{
100	struct path path = { mnt, dentry };	149	struct path path = { mnt, dentry };
101	return tomoyo_path_perm(TOMOYO_TYPE_GETATTR, &path, NULL);	150	return tomoyo_path_perm(TOMOYO_TYPE_GETATTR, &path, NULL);
102	}	151	}
103		152
		153	/**
		154	* tomoyo_path_truncate - Target for security_path_truncate().
		155	*
		156	* @path: Pointer to "struct path".
		157	*
		158	* Returns 0 on success, negative value otherwise.
		159	*/
104	static int tomoyo_path_truncate(struct path *path)	160	static int tomoyo_path_truncate(struct path *path)
105	{	161	{
106	return tomoyo_path_perm(TOMOYO_TYPE_TRUNCATE, path, NULL);	162	return tomoyo_path_perm(TOMOYO_TYPE_TRUNCATE, path, NULL);
107	}	163	}
108		164
		165	/**
		166	* tomoyo_path_unlink - Target for security_path_unlink().
		167	*
		168	* @parent: Pointer to "struct path".
		169	* @dentry: Pointer to "struct dentry".
		170	*
		171	* Returns 0 on success, negative value otherwise.
		172	*/
109	static int tomoyo_path_unlink(struct path parent, struct dentry dentry)	173	static int tomoyo_path_unlink(struct path parent, struct dentry dentry)
110	{	174	{
111	struct path path = { parent->mnt, dentry };	175	struct path path = { parent->mnt, dentry };
112	return tomoyo_path_perm(TOMOYO_TYPE_UNLINK, &path, NULL);	176	return tomoyo_path_perm(TOMOYO_TYPE_UNLINK, &path, NULL);
113	}	177	}
114		178
		179	/**
		180	* tomoyo_path_mkdir - Target for security_path_mkdir().
		181	*
		182	* @parent: Pointer to "struct path".
		183	* @dentry: Pointer to "struct dentry".
		184	* @mode: DAC permission mode.
		185	*
		186	* Returns 0 on success, negative value otherwise.
		187	*/
115	static int tomoyo_path_mkdir(struct path parent, struct dentry dentry,	188	static int tomoyo_path_mkdir(struct path parent, struct dentry dentry,
116	int mode)	189	int mode)
117	{	190	{
@@ -120,12 +193,29 @@ static int tomoyo_path_mkdir(struct path parent, struct dentry dentry,
120	mode & S_IALLUGO);	193	mode & S_IALLUGO);
121	}	194	}
122		195
		196	/**
		197	* tomoyo_path_rmdir - Target for security_path_rmdir().
		198	*
		199	* @parent: Pointer to "struct path".
		200	* @dentry: Pointer to "struct dentry".
		201	*
		202	* Returns 0 on success, negative value otherwise.
		203	*/
123	static int tomoyo_path_rmdir(struct path parent, struct dentry dentry)	204	static int tomoyo_path_rmdir(struct path parent, struct dentry dentry)
124	{	205	{
125	struct path path = { parent->mnt, dentry };	206	struct path path = { parent->mnt, dentry };
126	return tomoyo_path_perm(TOMOYO_TYPE_RMDIR, &path, NULL);	207	return tomoyo_path_perm(TOMOYO_TYPE_RMDIR, &path, NULL);
127	}	208	}
128		209
		210	/**
		211	* tomoyo_path_symlink - Target for security_path_symlink().
		212	*
		213	* @parent: Pointer to "struct path".
		214	* @dentry: Pointer to "struct dentry".
		215	* @old_name: Symlink's content.
		216	*
		217	* Returns 0 on success, negative value otherwise.
		218	*/
129	static int tomoyo_path_symlink(struct path parent, struct dentry dentry,	219	static int tomoyo_path_symlink(struct path parent, struct dentry dentry,
130	const char *old_name)	220	const char *old_name)
131	{	221	{
@@ -133,6 +223,16 @@ static int tomoyo_path_symlink(struct path parent, struct dentry dentry,
133	return tomoyo_path_perm(TOMOYO_TYPE_SYMLINK, &path, old_name);	223	return tomoyo_path_perm(TOMOYO_TYPE_SYMLINK, &path, old_name);
134	}	224	}
135		225
		226	/**
		227	* tomoyo_path_mknod - Target for security_path_mknod().
		228	*
		229	* @parent: Pointer to "struct path".
		230	* @dentry: Pointer to "struct dentry".
		231	* @mode: DAC permission mode.
		232	* @dev: Device attributes.
		233	*
		234	* Returns 0 on success, negative value otherwise.
		235	*/
136	static int tomoyo_path_mknod(struct path parent, struct dentry dentry,	236	static int tomoyo_path_mknod(struct path parent, struct dentry dentry,
137	int mode, unsigned int dev)	237	int mode, unsigned int dev)
138	{	238	{
@@ -163,6 +263,15 @@ static int tomoyo_path_mknod(struct path parent, struct dentry dentry,
163	return tomoyo_path_number_perm(type, &path, perm);	263	return tomoyo_path_number_perm(type, &path, perm);
164	}	264	}
165		265
		266	/**
		267	* tomoyo_path_link - Target for security_path_link().
		268	*
		269	* @old_dentry: Pointer to "struct dentry".
		270	* @new_dir: Pointer to "struct path".
		271	* @new_dentry: Pointer to "struct dentry".
		272	*
		273	* Returns 0 on success, negative value otherwise.
		274	*/
166	static int tomoyo_path_link(struct dentry old_dentry, struct path new_dir,	275	static int tomoyo_path_link(struct dentry old_dentry, struct path new_dir,
167	struct dentry *new_dentry)	276	struct dentry *new_dentry)
168	{	277	{
@@ -171,6 +280,16 @@ static int tomoyo_path_link(struct dentry old_dentry, struct path new_dir,
171	return tomoyo_path2_perm(TOMOYO_TYPE_LINK, &path1, &path2);	280	return tomoyo_path2_perm(TOMOYO_TYPE_LINK, &path1, &path2);
172	}	281	}
173		282
		283	/**
		284	* tomoyo_path_rename - Target for security_path_rename().
		285	*
		286	* @old_parent: Pointer to "struct path".
		287	* @old_dentry: Pointer to "struct dentry".
		288	* @new_parent: Pointer to "struct path".
		289	* @new_dentry: Pointer to "struct dentry".
		290	*
		291	* Returns 0 on success, negative value otherwise.
		292	*/
174	static int tomoyo_path_rename(struct path *old_parent,	293	static int tomoyo_path_rename(struct path *old_parent,
175	struct dentry *old_dentry,	294	struct dentry *old_dentry,
176	struct path *new_parent,	295	struct path *new_parent,
@@ -181,6 +300,15 @@ static int tomoyo_path_rename(struct path *old_parent,
181	return tomoyo_path2_perm(TOMOYO_TYPE_RENAME, &path1, &path2);	300	return tomoyo_path2_perm(TOMOYO_TYPE_RENAME, &path1, &path2);
182	}	301	}
183		302
		303	/**
		304	* tomoyo_file_fcntl - Target for security_file_fcntl().
		305	*
		306	* @file: Pointer to "struct file".
		307	* @cmd: Command for fcntl().
		308	* @arg: Argument for @cmd.
		309	*
		310	* Returns 0 on success, negative value otherwise.
		311	*/
184	static int tomoyo_file_fcntl(struct file *file, unsigned int cmd,	312	static int tomoyo_file_fcntl(struct file *file, unsigned int cmd,
185	unsigned long arg)	313	unsigned long arg)
186	{	314	{
@@ -190,6 +318,14 @@ static int tomoyo_file_fcntl(struct file *file, unsigned int cmd,
190	O_WRONLY \| (arg & O_APPEND));	318	O_WRONLY \| (arg & O_APPEND));
191	}	319	}
192		320
		321	/**
		322	* tomoyo_dentry_open - Target for security_dentry_open().
		323	*
		324	* @f: Pointer to "struct file".
		325	* @cred: Pointer to "struct cred".
		326	*
		327	* Returns 0 on success, negative value otherwise.
		328	*/
193	static int tomoyo_dentry_open(struct file f, const struct cred cred)	329	static int tomoyo_dentry_open(struct file f, const struct cred cred)
194	{	330	{
195	int flags = f->f_flags;	331	int flags = f->f_flags;
@@ -199,12 +335,30 @@ static int tomoyo_dentry_open(struct file f, const struct cred cred)
199	return tomoyo_check_open_permission(tomoyo_domain(), &f->f_path, flags);	335	return tomoyo_check_open_permission(tomoyo_domain(), &f->f_path, flags);
200	}	336	}
201		337
		338	/**
		339	* tomoyo_file_ioctl - Target for security_file_ioctl().
		340	*
		341	* @file: Pointer to "struct file".
		342	* @cmd: Command for ioctl().
		343	* @arg: Argument for @cmd.
		344	*
		345	* Returns 0 on success, negative value otherwise.
		346	*/
202	static int tomoyo_file_ioctl(struct file *file, unsigned int cmd,	347	static int tomoyo_file_ioctl(struct file *file, unsigned int cmd,
203	unsigned long arg)	348	unsigned long arg)
204	{	349	{
205	return tomoyo_path_number_perm(TOMOYO_TYPE_IOCTL, &file->f_path, cmd);	350	return tomoyo_path_number_perm(TOMOYO_TYPE_IOCTL, &file->f_path, cmd);
206	}	351	}
207		352
		353	/**
		354	* tomoyo_path_chmod - Target for security_path_chmod().
		355	*
		356	* @dentry: Pointer to "struct dentry".
		357	* @mnt: Pointer to "struct vfsmount".
		358	* @mode: DAC permission mode.
		359	*
		360	* Returns 0 on success, negative value otherwise.
		361	*/
208	static int tomoyo_path_chmod(struct dentry dentry, struct vfsmount mnt,	362	static int tomoyo_path_chmod(struct dentry dentry, struct vfsmount mnt,
209	mode_t mode)	363	mode_t mode)
210	{	364	{
@@ -213,6 +367,15 @@ static int tomoyo_path_chmod(struct dentry dentry, struct vfsmount mnt,
213	mode & S_IALLUGO);	367	mode & S_IALLUGO);
214	}	368	}
215		369
		370	/**
		371	* tomoyo_path_chown - Target for security_path_chown().
		372	*
		373	* @path: Pointer to "struct path".
		374	* @uid: Owner ID.
		375	* @gid: Group ID.
		376	*
		377	* Returns 0 on success, negative value otherwise.
		378	*/
216	static int tomoyo_path_chown(struct path *path, uid_t uid, gid_t gid)	379	static int tomoyo_path_chown(struct path *path, uid_t uid, gid_t gid)
217	{	380	{
218	int error = 0;	381	int error = 0;
@@ -223,23 +386,57 @@ static int tomoyo_path_chown(struct path *path, uid_t uid, gid_t gid)
223	return error;	386	return error;
224	}	387	}
225		388
		389	/**
		390	* tomoyo_path_chroot - Target for security_path_chroot().
		391	*
		392	* @path: Pointer to "struct path".
		393	*
		394	* Returns 0 on success, negative value otherwise.
		395	*/
226	static int tomoyo_path_chroot(struct path *path)	396	static int tomoyo_path_chroot(struct path *path)
227	{	397	{
228	return tomoyo_path_perm(TOMOYO_TYPE_CHROOT, path, NULL);	398	return tomoyo_path_perm(TOMOYO_TYPE_CHROOT, path, NULL);
229	}	399	}
230		400
		401	/**
		402	* tomoyo_sb_mount - Target for security_sb_mount().
		403	*
		404	* @dev_name: Name of device file. Maybe NULL.
		405	* @path: Pointer to "struct path".
		406	* @type: Name of filesystem type. Maybe NULL.
		407	* @flags: Mount options.
		408	* @data: Optional data. Maybe NULL.
		409	*
		410	* Returns 0 on success, negative value otherwise.
		411	*/
231	static int tomoyo_sb_mount(char dev_name, struct path path,	412	static int tomoyo_sb_mount(char dev_name, struct path path,
232	char type, unsigned long flags, void data)	413	char type, unsigned long flags, void data)
233	{	414	{
234	return tomoyo_mount_permission(dev_name, path, type, flags, data);	415	return tomoyo_mount_permission(dev_name, path, type, flags, data);
235	}	416	}
236		417
		418	/**
		419	* tomoyo_sb_umount - Target for security_sb_umount().
		420	*
		421	* @mnt: Pointer to "struct vfsmount".
		422	* @flags: Unmount options.
		423	*
		424	* Returns 0 on success, negative value otherwise.
		425	*/
237	static int tomoyo_sb_umount(struct vfsmount *mnt, int flags)	426	static int tomoyo_sb_umount(struct vfsmount *mnt, int flags)
238	{	427	{
239	struct path path = { mnt, mnt->mnt_root };	428	struct path path = { mnt, mnt->mnt_root };
240	return tomoyo_path_perm(TOMOYO_TYPE_UMOUNT, &path, NULL);	429	return tomoyo_path_perm(TOMOYO_TYPE_UMOUNT, &path, NULL);
241	}	430	}
242		431
		432	/**
		433	* tomoyo_sb_pivotroot - Target for security_sb_pivotroot().
		434	*
		435	* @old_path: Pointer to "struct path".
		436	* @new_path: Pointer to "struct path".
		437	*
		438	* Returns 0 on success, negative value otherwise.
		439	*/
243	static int tomoyo_sb_pivotroot(struct path old_path, struct path new_path)	440	static int tomoyo_sb_pivotroot(struct path old_path, struct path new_path)
244	{	441	{
245	return tomoyo_path2_perm(TOMOYO_TYPE_PIVOT_ROOT, new_path, old_path);	442	return tomoyo_path2_perm(TOMOYO_TYPE_PIVOT_ROOT, new_path, old_path);
@@ -280,6 +477,11 @@ static struct security_operations tomoyo_security_ops = {
280	/* Lock for GC. */	477	/* Lock for GC. */
281	struct srcu_struct tomoyo_ss;	478	struct srcu_struct tomoyo_ss;
282		479
		480	/**
		481	* tomoyo_init - Register TOMOYO Linux as a LSM module.
		482	*
		483	* Returns 0.
		484	*/
283	static int __init tomoyo_init(void)	485	static int __init tomoyo_init(void)
284	{	486	{
285	struct cred cred = (struct cred ) current_cred();	487	struct cred cred = (struct cred ) current_cred();