TOMOYO: Cleanup part 1.

In order to synchronize with TOMOYO 1.8's syntax, (1) Remove special handling for allow_read/write permission. (2) Replace deny_rewrite/allow_rewrite permission with allow_append permission. (3) Remove file_pattern keyword. (4) Remove allow_read permission from exception policy. (5) Allow creating domains in enforcing mode without calling supervisor. (6) Add permission check for opening directory for reading. (7) Add permission check for stat() operation. (8) Make "cat < /sys/kernel/security/tomoyo/self_domain" behave as if "cat /sys/kernel/security/tomoyo/self_domain". Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> 2011-06-26 10:15:31 -0400
committer: James Morris <jmorris@namei.org> 2011-06-28 19:31:19 -0400
commit: 7c75964f432d14062d8eccfc916aa290f56b5aab (patch)
tree: 8aecdb96f9f079dd36735c3acccb79f3d10d6559 /security/tomoyo/file.c
parent: 1252cc3b232e582e887623dc5f70979418caaaa2 (diff)
1 files changed, 36 insertions, 332 deletions
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c
index d64e8ecb6fb3..41ed7de44ef1 100644
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -11,15 +11,15 @@
 /* Keyword array for operations with one pathname. */
 const char *tomoyo_path_keyword[TOMOYO_MAX_PATH_OPERATION] = {
-        [TOMOYO_TYPE_READ_WRITE] = "read/write",
        [TOMOYO_TYPE_EXECUTE]    = "execute",
        [TOMOYO_TYPE_READ]       = "read",
        [TOMOYO_TYPE_WRITE]      = "write",
+        [TOMOYO_TYPE_APPEND]     = "append",
        [TOMOYO_TYPE_UNLINK]     = "unlink",
+        [TOMOYO_TYPE_GETATTR]    = "getattr",
        [TOMOYO_TYPE_RMDIR]      = "rmdir",
        [TOMOYO_TYPE_TRUNCATE]   = "truncate",
        [TOMOYO_TYPE_SYMLINK]    = "symlink",
-        [TOMOYO_TYPE_REWRITE]    = "rewrite",
        [TOMOYO_TYPE_CHROOT]     = "chroot",
        [TOMOYO_TYPE_UMOUNT]     = "unmount",
 };
@@ -50,15 +50,15 @@ const char *tomoyo_path_number_keyword[TOMOYO_MAX_PATH_NUMBER_OPERATION] = {
 };
 static const u8 tomoyo_p2mac[TOMOYO_MAX_PATH_OPERATION] = {
-        [TOMOYO_TYPE_READ_WRITE] = TOMOYO_MAC_FILE_OPEN,
        [TOMOYO_TYPE_EXECUTE]    = TOMOYO_MAC_FILE_EXECUTE,
        [TOMOYO_TYPE_READ]       = TOMOYO_MAC_FILE_OPEN,
        [TOMOYO_TYPE_WRITE]      = TOMOYO_MAC_FILE_OPEN,
+        [TOMOYO_TYPE_APPEND]     = TOMOYO_MAC_FILE_OPEN,
        [TOMOYO_TYPE_UNLINK]     = TOMOYO_MAC_FILE_UNLINK,
+        [TOMOYO_TYPE_GETATTR]    = TOMOYO_MAC_FILE_GETATTR,
        [TOMOYO_TYPE_RMDIR]      = TOMOYO_MAC_FILE_RMDIR,
        [TOMOYO_TYPE_TRUNCATE]   = TOMOYO_MAC_FILE_TRUNCATE,
        [TOMOYO_TYPE_SYMLINK]    = TOMOYO_MAC_FILE_SYMLINK,
-        [TOMOYO_TYPE_REWRITE]    = TOMOYO_MAC_FILE_REWRITE,
        [TOMOYO_TYPE_CHROOT]     = TOMOYO_MAC_FILE_CHROOT,
        [TOMOYO_TYPE_UMOUNT]     = TOMOYO_MAC_FILE_UMOUNT,
 };
@@ -132,24 +132,6 @@ static void tomoyo_add_slash(struct tomoyo_path_info *buf)
 }
 /**
- * tomoyo_strendswith - Check whether the token ends with the given token.
- *
- * @name: The token to check.
- * @tail: The token to find.
- *
- * Returns true if @name ends with @tail, false otherwise.
- */
-static bool tomoyo_strendswith(const char *name, const char *tail)
-{
-        int len;
-        if (!name || !tail)
-                return false;
-        len = strlen(name) - strlen(tail);
-        return len >= 0 && !strcmp(name + len, tail);
-}
-/**
 * tomoyo_get_realpath - Get realpath.
 *
 * @buf:  Pointer to "struct tomoyo_path_info".
@@ -182,7 +164,7 @@ static int tomoyo_audit_path_log(struct tomoyo_request_info *r)
                return 0;
        tomoyo_warn_log(r, "%s %s", operation, filename->name);
        return tomoyo_supervisor(r, "allow_%s %s\n", operation,
-                                 tomoyo_pattern(filename));
+                                 filename->name);
 }
 /**
@@ -202,8 +184,7 @@ static int tomoyo_audit_path2_log(struct tomoyo_request_info *r)
        tomoyo_warn_log(r, "%s %s %s", operation, filename1->name,
                        filename2->name);
        return tomoyo_supervisor(r, "allow_%s %s %s\n", operation,
-                                 tomoyo_pattern(filename1),
+                                 filename1->name, filename2->name);
-                                 tomoyo_pattern(filename2));
 }
 /**
@@ -225,7 +206,7 @@ static int tomoyo_audit_mkdev_log(struct tomoyo_request_info *r)
        tomoyo_warn_log(r, "%s %s 0%o %u %u", operation, filename->name, mode,
                        major, minor);
        return tomoyo_supervisor(r, "allow_%s %s 0%o %u %u\n", operation,
-                                 tomoyo_pattern(filename), mode, major, minor);
+                                 filename->name, mode, major, minor);
 }
 /**
@@ -264,247 +245,7 @@ static int tomoyo_audit_path_number_log(struct tomoyo_request_info *r)
                           radix);
        tomoyo_warn_log(r, "%s %s %s", operation, filename->name, buffer);
        return tomoyo_supervisor(r, "allow_%s %s %s\n", operation,
-                                 tomoyo_pattern(filename), buffer);
+                                 filename->name, buffer);
-}
-static bool tomoyo_same_globally_readable(const struct tomoyo_acl_head *a,
-                                          const struct tomoyo_acl_head *b)
-{
-        return container_of(a, struct tomoyo_readable_file,
-                            head)->filename ==
-                container_of(b, struct tomoyo_readable_file,
-                             head)->filename;
-}
-/**
- * tomoyo_update_globally_readable_entry - Update "struct tomoyo_readable_file" list.
- *
- * @filename:  Filename unconditionally permitted to open() for reading.
- * @is_delete: True if it is a delete request.
- *
- * Returns 0 on success, negative value otherwise.
- *
- * Caller holds tomoyo_read_lock().
- */
-static int tomoyo_update_globally_readable_entry(const char *filename,
-                                                 const bool is_delete)
-{
-        struct tomoyo_readable_file e = { };
-        int error;
-        if (!tomoyo_correct_word(filename))
-                return -EINVAL;
-        e.filename = tomoyo_get_name(filename);
-        if (!e.filename)
-                return -ENOMEM;
-        error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-                                     &tomoyo_policy_list
-                                     [TOMOYO_ID_GLOBALLY_READABLE],
-                                     tomoyo_same_globally_readable);
-        tomoyo_put_name(e.filename);
-        return error;
-}
-/**
- * tomoyo_globally_readable_file - Check if the file is unconditionnaly permitted to be open()ed for reading.
- *
- * @filename: The filename to check.
- *
- * Returns true if any domain can open @filename for reading, false otherwise.
- *
- * Caller holds tomoyo_read_lock().
- */
-static bool tomoyo_globally_readable_file(const struct tomoyo_path_info *
-                                             filename)
-{
-        struct tomoyo_readable_file *ptr;
-        bool found = false;
-        list_for_each_entry_rcu(ptr, &tomoyo_policy_list
-                                [TOMOYO_ID_GLOBALLY_READABLE], head.list) {
-                if (!ptr->head.is_deleted &&
-                    tomoyo_path_matches_pattern(filename, ptr->filename)) {
-                        found = true;
-                        break;
-                }
-        }
-        return found;
-}
-/**
- * tomoyo_write_globally_readable - Write "struct tomoyo_readable_file" list.
- *
- * @data:      String to parse.
- * @is_delete: True if it is a delete request.
- *
- * Returns 0 on success, negative value otherwise.
- *
- * Caller holds tomoyo_read_lock().
- */
-int tomoyo_write_globally_readable(char *data, const bool is_delete)
-{
-        return tomoyo_update_globally_readable_entry(data, is_delete);
-}
-static bool tomoyo_same_pattern(const struct tomoyo_acl_head *a,
-                                const struct tomoyo_acl_head *b)
-{
-        return container_of(a, struct tomoyo_no_pattern, head)->pattern ==
-                container_of(b, struct tomoyo_no_pattern, head)->pattern;
-}
-/**
- * tomoyo_update_file_pattern_entry - Update "struct tomoyo_no_pattern" list.
- *
- * @pattern:   Pathname pattern.
- * @is_delete: True if it is a delete request.
- *
- * Returns 0 on success, negative value otherwise.
- *
- * Caller holds tomoyo_read_lock().
- */
-static int tomoyo_update_file_pattern_entry(const char *pattern,
-                                            const bool is_delete)
-{
-        struct tomoyo_no_pattern e = { };
-        int error;
-        if (!tomoyo_correct_word(pattern))
-                return -EINVAL;
-        e.pattern = tomoyo_get_name(pattern);
-        if (!e.pattern)
-                return -ENOMEM;
-        error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-                                     &tomoyo_policy_list[TOMOYO_ID_PATTERN],
-                                     tomoyo_same_pattern);
-        tomoyo_put_name(e.pattern);
-        return error;
-}
-/**
- * tomoyo_pattern - Get patterned pathname.
- *
- * @filename: The filename to find patterned pathname.
- *
- * Returns pointer to pathname pattern if matched, @filename otherwise.
- *
- * Caller holds tomoyo_read_lock().
- */
-const char *tomoyo_pattern(const struct tomoyo_path_info *filename)
-{
-        struct tomoyo_no_pattern *ptr;
-        const struct tomoyo_path_info *pattern = NULL;
-        list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_PATTERN],
-                                head.list) {
-                if (ptr->head.is_deleted)
-                        continue;
-                if (!tomoyo_path_matches_pattern(filename, ptr->pattern))
-                        continue;
-                pattern = ptr->pattern;
-                if (tomoyo_strendswith(pattern->name, "/\\*")) {
-                        /* Do nothing. Try to find the better match. */
-                } else {
-                        /* This would be the better match. Use this. */
-                        break;
-                }
-        }
-        if (pattern)
-                filename = pattern;
-        return filename->name;
-}
-/**
- * tomoyo_write_pattern - Write "struct tomoyo_no_pattern" list.
- *
- * @data:      String to parse.
- * @is_delete: True if it is a delete request.
- *
- * Returns 0 on success, negative value otherwise.
- *
- * Caller holds tomoyo_read_lock().
- */
-int tomoyo_write_pattern(char *data, const bool is_delete)
-{
-        return tomoyo_update_file_pattern_entry(data, is_delete);
-}
-static bool tomoyo_same_no_rewrite(const struct tomoyo_acl_head *a,
-                                   const struct tomoyo_acl_head *b)
-{
-        return container_of(a, struct tomoyo_no_rewrite, head)->pattern
-                == container_of(b, struct tomoyo_no_rewrite, head)
-                ->pattern;
-}
-/**
- * tomoyo_update_no_rewrite_entry - Update "struct tomoyo_no_rewrite" list.
- *
- * @pattern:   Pathname pattern that are not rewritable by default.
- * @is_delete: True if it is a delete request.
- *
- * Returns 0 on success, negative value otherwise.
- *
- * Caller holds tomoyo_read_lock().
- */
-static int tomoyo_update_no_rewrite_entry(const char *pattern,
-                                          const bool is_delete)
-{
-        struct tomoyo_no_rewrite e = { };
-        int error;
-        if (!tomoyo_correct_word(pattern))
-                return -EINVAL;
-        e.pattern = tomoyo_get_name(pattern);
-        if (!e.pattern)
-                return -ENOMEM;
-        error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-                                     &tomoyo_policy_list[TOMOYO_ID_NO_REWRITE],
-                                     tomoyo_same_no_rewrite);
-        tomoyo_put_name(e.pattern);
-        return error;
-}
-/**
- * tomoyo_no_rewrite_file - Check if the given pathname is not permitted to be rewrited.
- *
- * @filename: Filename to check.
- *
- * Returns true if @filename is specified by "deny_rewrite" directive,
- * false otherwise.
- *
- * Caller holds tomoyo_read_lock().
- */
-static bool tomoyo_no_rewrite_file(const struct tomoyo_path_info *filename)
-{
-        struct tomoyo_no_rewrite *ptr;
-        bool found = false;
-        list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_NO_REWRITE],
-                                head.list) {
-                if (ptr->head.is_deleted)
-                        continue;
-                if (!tomoyo_path_matches_pattern(filename, ptr->pattern))
-                        continue;
-                found = true;
-                break;
-        }
-        return found;
-}
-/**
- * tomoyo_write_no_rewrite - Write "struct tomoyo_no_rewrite" list.
- *
- * @data:      String to parse.
- * @is_delete: True if it is a delete request.
- *
- * Returns 0 on success, negative value otherwise.
- *
- * Caller holds tomoyo_read_lock().
- */
-int tomoyo_write_no_rewrite(char *data, const bool is_delete)
-{
-        return tomoyo_update_no_rewrite_entry(data, is_delete);
 }
 static bool tomoyo_check_path_acl(struct tomoyo_request_info *r,
@@ -569,6 +310,15 @@ static bool tomoyo_same_path_acl(const struct tomoyo_acl_info *a,
                tomoyo_same_name_union(&p1->name, &p2->name);
 }
+/**
+ * tomoyo_merge_path_acl - Merge duplicated "struct tomoyo_path_acl" entry.
+ *
+ * @a:         Pointer to "struct tomoyo_acl_info".
+ * @b:         Pointer to "struct tomoyo_acl_info".
+ * @is_delete: True for @a &= ~@b, false for @a |= @b.
+ *
+ * Returns true if @a is empty, false otherwise.
+ */
 static bool tomoyo_merge_path_acl(struct tomoyo_acl_info *a,
                                  struct tomoyo_acl_info *b,
                                  const bool is_delete)
@@ -577,19 +327,10 @@ static bool tomoyo_merge_path_acl(struct tomoyo_acl_info *a,
                ->perm;
        u16 perm = *a_perm;
        const u16 b_perm = container_of(b, struct tomoyo_path_acl, head)->perm;
-        if (is_delete) {
+        if (is_delete)
                perm &= ~b_perm;
-                if ((perm & TOMOYO_RW_MASK) != TOMOYO_RW_MASK)
+        else
-                        perm &= ~(1 << TOMOYO_TYPE_READ_WRITE);
-                else if (!(perm & (1 << TOMOYO_TYPE_READ_WRITE)))
-                        perm &= ~TOMOYO_RW_MASK;
-        } else {
                perm |= b_perm;
-                if ((perm & TOMOYO_RW_MASK) == TOMOYO_RW_MASK)
-                        perm |= (1 << TOMOYO_TYPE_READ_WRITE);
-                else if (perm & (1 << TOMOYO_TYPE_READ_WRITE))
-                        perm |= TOMOYO_RW_MASK;
-        }
        *a_perm = perm;
        return !perm;
 }
@@ -615,8 +356,6 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename,
                .perm = 1 << type
        };
        int error;
-        if (e.perm == (1 << TOMOYO_TYPE_READ_WRITE))
-                e.perm |= TOMOYO_RW_MASK;
        if (!tomoyo_parse_name_union(filename, &e.name))
                return -EINVAL;
        error = tomoyo_update_domain(&e.head, sizeof(e), is_delete, domain,
@@ -775,7 +514,6 @@ int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation,
 {
        int error;
- next:
        r->type = tomoyo_p2mac[operation];
        r->mode = tomoyo_get_mode(r->profile, r->type);
        if (r->mode == TOMOYO_CONFIG_DISABLED)
@@ -785,10 +523,6 @@ int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation,
        r->param.path.operation = operation;
        do {
                tomoyo_check_acl(r, tomoyo_check_path_acl);
-                if (!r->granted && operation == TOMOYO_TYPE_READ &&
-                    !r->domain->ignore_global_allow_read &&
-                    tomoyo_globally_readable_file(filename))
-                        r->granted = true;
                error = tomoyo_audit_path_log(r);
                /*
                 * Do not retry for execute request, for alias may have
@@ -796,16 +530,6 @@ int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation,
                 */
        } while (error == TOMOYO_RETRY_REQUEST &&
                 operation != TOMOYO_TYPE_EXECUTE);
-        /*
-         * Since "allow_truncate" doesn't imply "allow_rewrite" permission,
-         * we need to check "allow_rewrite" permission if the filename is
-         * specified by "deny_rewrite" keyword.
-         */
-        if (!error && operation == TOMOYO_TYPE_TRUNCATE &&
-            tomoyo_no_rewrite_file(filename)) {
-                operation = TOMOYO_TYPE_REWRITE;
-                goto next;
-        }
        return error;
 }
@@ -932,43 +656,26 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
        struct tomoyo_request_info r;
        int idx;
-        if (!path->mnt ||
+        if (!path->mnt)
-            (path->dentry->d_inode && S_ISDIR(path->dentry->d_inode->i_mode)))
                return 0;
        buf.name = NULL;
        r.mode = TOMOYO_CONFIG_DISABLED;
        idx = tomoyo_read_lock();
-        /*
+        if (acc_mode &&
-         * If the filename is specified by "deny_rewrite" keyword,
+            tomoyo_init_request_info(&r, domain, TOMOYO_MAC_FILE_OPEN)
-         * we need to check "allow_rewrite" permission when the filename is not
-         * opened for append mode or the filename is truncated at open time.
-         */
-        if ((acc_mode & MAY_WRITE) && !(flag & O_APPEND)
-            && tomoyo_init_request_info(&r, domain, TOMOYO_MAC_FILE_REWRITE)
            != TOMOYO_CONFIG_DISABLED) {
                if (!tomoyo_get_realpath(&buf, path)) {
                        error = -ENOMEM;
                        goto out;
                }
-                if (tomoyo_no_rewrite_file(&buf))
+                if (acc_mode & MAY_READ)
-                        error = tomoyo_path_permission(&r, TOMOYO_TYPE_REWRITE,
+                        error = tomoyo_path_permission(&r, TOMOYO_TYPE_READ,
+                                                       &buf);
+                if (!error && (acc_mode & MAY_WRITE))
+                        error = tomoyo_path_permission(&r, (flag & O_APPEND) ?
+                                                       TOMOYO_TYPE_APPEND :
+                                                       TOMOYO_TYPE_WRITE,
                                                       &buf);
-        }
-        if (!error && acc_mode &&
-            tomoyo_init_request_info(&r, domain, TOMOYO_MAC_FILE_OPEN)
-            != TOMOYO_CONFIG_DISABLED) {
-                u8 operation;
-                if (!buf.name && !tomoyo_get_realpath(&buf, path)) {
-                        error = -ENOMEM;
-                        goto out;
-                }
-                if (acc_mode == (MAY_READ | MAY_WRITE))
-                        operation = TOMOYO_TYPE_READ_WRITE;
-                else if (acc_mode == MAY_READ)
-                        operation = TOMOYO_TYPE_READ;
-                else
-                        operation = TOMOYO_TYPE_WRITE;
-                error = tomoyo_path_permission(&r, operation, &buf);
        }
 out:
        kfree(buf.name);
@@ -979,7 +686,7 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
 }
 /**
- * tomoyo_path_perm - Check permission for "unlink", "rmdir", "truncate", "symlink", "rewrite", "chroot" and "unmount".
+ * tomoyo_path_perm - Check permission for "unlink", "rmdir", "truncate", "symlink", "append", "chroot" and "unmount".
 *
 * @operation: Type of operation.
 * @path:      Pointer to "struct path".
@@ -988,9 +695,10 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
 */
 int tomoyo_path_perm(const u8 operation, struct path *path)
 {
-        int error = -ENOMEM;
-        struct tomoyo_path_info buf;
        struct tomoyo_request_info r;
+        int error;
+        struct tomoyo_path_info buf;
+        bool is_enforce;
        int idx;
        if (!path->mnt)
@@ -998,17 +706,13 @@ int tomoyo_path_perm(const u8 operation, struct path *path)
        if (tomoyo_init_request_info(&r, NULL, tomoyo_p2mac[operation])
            == TOMOYO_CONFIG_DISABLED)
                return 0;
+        is_enforce = (r.mode == TOMOYO_CONFIG_ENFORCING);
+        error = -ENOMEM;
        buf.name = NULL;
        idx = tomoyo_read_lock();
        if (!tomoyo_get_realpath(&buf, path))
                goto out;
        switch (operation) {
-        case TOMOYO_TYPE_REWRITE:
-                if (!tomoyo_no_rewrite_file(&buf)) {
-                        error = 0;
-                        goto out;
-                }
-                break;
        case TOMOYO_TYPE_RMDIR:
        case TOMOYO_TYPE_CHROOT:
                tomoyo_add_slash(&buf);
@@ -1018,7 +722,7 @@ int tomoyo_path_perm(const u8 operation, struct path *path)
 out:
        kfree(buf.name);
        tomoyo_read_unlock(idx);
-        if (r.mode != TOMOYO_CONFIG_ENFORCING)
+        if (!is_enforce)
                error = 0;
        return error;
 }
author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>	2011-06-26 10:15:31 -0400
committer	James Morris <jmorris@namei.org>	2011-06-28 19:31:19 -0400
commit	7c75964f432d14062d8eccfc916aa290f56b5aab (patch)
tree	8aecdb96f9f079dd36735c3acccb79f3d10d6559 /security/tomoyo/file.c
parent	1252cc3b232e582e887623dc5f70979418caaaa2 (diff)

diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c index d64e8ecb6fb3..41ed7de44ef1 100644 --- a/security/tomoyo/file.c +++ b/security/tomoyo/file.c
@@ -11,15 +11,15 @@
11		11
12	/* Keyword array for operations with one pathname. */	12	/* Keyword array for operations with one pathname. */
13	const char *tomoyo_path_keyword[TOMOYO_MAX_PATH_OPERATION] = {	13	const char *tomoyo_path_keyword[TOMOYO_MAX_PATH_OPERATION] = {
14	[TOMOYO_TYPE_READ_WRITE] = "read/write",
15	[TOMOYO_TYPE_EXECUTE] = "execute",	14	[TOMOYO_TYPE_EXECUTE] = "execute",
16	[TOMOYO_TYPE_READ] = "read",	15	[TOMOYO_TYPE_READ] = "read",
17	[TOMOYO_TYPE_WRITE] = "write",	16	[TOMOYO_TYPE_WRITE] = "write",
		17	[TOMOYO_TYPE_APPEND] = "append",
18	[TOMOYO_TYPE_UNLINK] = "unlink",	18	[TOMOYO_TYPE_UNLINK] = "unlink",
		19	[TOMOYO_TYPE_GETATTR] = "getattr",
19	[TOMOYO_TYPE_RMDIR] = "rmdir",	20	[TOMOYO_TYPE_RMDIR] = "rmdir",
20	[TOMOYO_TYPE_TRUNCATE] = "truncate",	21	[TOMOYO_TYPE_TRUNCATE] = "truncate",
21	[TOMOYO_TYPE_SYMLINK] = "symlink",	22	[TOMOYO_TYPE_SYMLINK] = "symlink",
22	[TOMOYO_TYPE_REWRITE] = "rewrite",
23	[TOMOYO_TYPE_CHROOT] = "chroot",	23	[TOMOYO_TYPE_CHROOT] = "chroot",
24	[TOMOYO_TYPE_UMOUNT] = "unmount",	24	[TOMOYO_TYPE_UMOUNT] = "unmount",
25	};	25	};
@@ -50,15 +50,15 @@ const char *tomoyo_path_number_keyword[TOMOYO_MAX_PATH_NUMBER_OPERATION] = {
50	};	50	};
51		51
52	static const u8 tomoyo_p2mac[TOMOYO_MAX_PATH_OPERATION] = {	52	static const u8 tomoyo_p2mac[TOMOYO_MAX_PATH_OPERATION] = {
53	[TOMOYO_TYPE_READ_WRITE] = TOMOYO_MAC_FILE_OPEN,
54	[TOMOYO_TYPE_EXECUTE] = TOMOYO_MAC_FILE_EXECUTE,	53	[TOMOYO_TYPE_EXECUTE] = TOMOYO_MAC_FILE_EXECUTE,
55	[TOMOYO_TYPE_READ] = TOMOYO_MAC_FILE_OPEN,	54	[TOMOYO_TYPE_READ] = TOMOYO_MAC_FILE_OPEN,
56	[TOMOYO_TYPE_WRITE] = TOMOYO_MAC_FILE_OPEN,	55	[TOMOYO_TYPE_WRITE] = TOMOYO_MAC_FILE_OPEN,
		56	[TOMOYO_TYPE_APPEND] = TOMOYO_MAC_FILE_OPEN,
57	[TOMOYO_TYPE_UNLINK] = TOMOYO_MAC_FILE_UNLINK,	57	[TOMOYO_TYPE_UNLINK] = TOMOYO_MAC_FILE_UNLINK,
		58	[TOMOYO_TYPE_GETATTR] = TOMOYO_MAC_FILE_GETATTR,
58	[TOMOYO_TYPE_RMDIR] = TOMOYO_MAC_FILE_RMDIR,	59	[TOMOYO_TYPE_RMDIR] = TOMOYO_MAC_FILE_RMDIR,
59	[TOMOYO_TYPE_TRUNCATE] = TOMOYO_MAC_FILE_TRUNCATE,	60	[TOMOYO_TYPE_TRUNCATE] = TOMOYO_MAC_FILE_TRUNCATE,
60	[TOMOYO_TYPE_SYMLINK] = TOMOYO_MAC_FILE_SYMLINK,	61	[TOMOYO_TYPE_SYMLINK] = TOMOYO_MAC_FILE_SYMLINK,
61	[TOMOYO_TYPE_REWRITE] = TOMOYO_MAC_FILE_REWRITE,
62	[TOMOYO_TYPE_CHROOT] = TOMOYO_MAC_FILE_CHROOT,	62	[TOMOYO_TYPE_CHROOT] = TOMOYO_MAC_FILE_CHROOT,
63	[TOMOYO_TYPE_UMOUNT] = TOMOYO_MAC_FILE_UMOUNT,	63	[TOMOYO_TYPE_UMOUNT] = TOMOYO_MAC_FILE_UMOUNT,
64	};	64	};
@@ -132,24 +132,6 @@ static void tomoyo_add_slash(struct tomoyo_path_info *buf)
132	}	132	}
133		133
134	/**	134	/**
135	* tomoyo_strendswith - Check whether the token ends with the given token.
136	*
137	* @name: The token to check.
138	* @tail: The token to find.
139	*
140	* Returns true if @name ends with @tail, false otherwise.
141	*/
142	static bool tomoyo_strendswith(const char name, const char tail)
143	{
144	int len;
145
146	if (!name \|\| !tail)
147	return false;
148	len = strlen(name) - strlen(tail);
149	return len >= 0 && !strcmp(name + len, tail);
150	}
151
152	/**
153	* tomoyo_get_realpath - Get realpath.	135	* tomoyo_get_realpath - Get realpath.
154	*	136	*
155	* @buf: Pointer to "struct tomoyo_path_info".	137	* @buf: Pointer to "struct tomoyo_path_info".
@@ -182,7 +164,7 @@ static int tomoyo_audit_path_log(struct tomoyo_request_info *r)
182	return 0;	164	return 0;
183	tomoyo_warn_log(r, "%s %s", operation, filename->name);	165	tomoyo_warn_log(r, "%s %s", operation, filename->name);
184	return tomoyo_supervisor(r, "allow_%s %s\n", operation,	166	return tomoyo_supervisor(r, "allow_%s %s\n", operation,
185	tomoyo_pattern(filename));	167	filename->name);
186	}	168	}
187		169
188	/**	170	/**
@@ -202,8 +184,7 @@ static int tomoyo_audit_path2_log(struct tomoyo_request_info *r)
202	tomoyo_warn_log(r, "%s %s %s", operation, filename1->name,	184	tomoyo_warn_log(r, "%s %s %s", operation, filename1->name,
203	filename2->name);	185	filename2->name);
204	return tomoyo_supervisor(r, "allow_%s %s %s\n", operation,	186	return tomoyo_supervisor(r, "allow_%s %s %s\n", operation,
205	tomoyo_pattern(filename1),	187	filename1->name, filename2->name);
206	tomoyo_pattern(filename2));
207	}	188	}
208		189
209	/**	190	/**
@@ -225,7 +206,7 @@ static int tomoyo_audit_mkdev_log(struct tomoyo_request_info *r)
225	tomoyo_warn_log(r, "%s %s 0%o %u %u", operation, filename->name, mode,	206	tomoyo_warn_log(r, "%s %s 0%o %u %u", operation, filename->name, mode,
226	major, minor);	207	major, minor);
227	return tomoyo_supervisor(r, "allow_%s %s 0%o %u %u\n", operation,	208	return tomoyo_supervisor(r, "allow_%s %s 0%o %u %u\n", operation,
228	tomoyo_pattern(filename), mode, major, minor);	209	filename->name, mode, major, minor);
229	}	210	}
230		211
231	/**	212	/**
@@ -264,247 +245,7 @@ static int tomoyo_audit_path_number_log(struct tomoyo_request_info *r)
264	radix);	245	radix);
265	tomoyo_warn_log(r, "%s %s %s", operation, filename->name, buffer);	246	tomoyo_warn_log(r, "%s %s %s", operation, filename->name, buffer);
266	return tomoyo_supervisor(r, "allow_%s %s %s\n", operation,	247	return tomoyo_supervisor(r, "allow_%s %s %s\n", operation,
267	tomoyo_pattern(filename), buffer);	248	filename->name, buffer);
268	}
269
270	static bool tomoyo_same_globally_readable(const struct tomoyo_acl_head *a,
271	const struct tomoyo_acl_head *b)
272	{
273	return container_of(a, struct tomoyo_readable_file,
274	head)->filename ==
275	container_of(b, struct tomoyo_readable_file,
276	head)->filename;
277	}
278
279	/**
280	* tomoyo_update_globally_readable_entry - Update "struct tomoyo_readable_file" list.
281	*
282	* @filename: Filename unconditionally permitted to open() for reading.
283	* @is_delete: True if it is a delete request.
284	*
285	* Returns 0 on success, negative value otherwise.
286	*
287	* Caller holds tomoyo_read_lock().
288	*/
289	static int tomoyo_update_globally_readable_entry(const char *filename,
290	const bool is_delete)
291	{
292	struct tomoyo_readable_file e = { };
293	int error;
294
295	if (!tomoyo_correct_word(filename))
296	return -EINVAL;
297	e.filename = tomoyo_get_name(filename);
298	if (!e.filename)
299	return -ENOMEM;
300	error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
301	&tomoyo_policy_list
302	[TOMOYO_ID_GLOBALLY_READABLE],
303	tomoyo_same_globally_readable);
304	tomoyo_put_name(e.filename);
305	return error;
306	}
307
308	/**
309	* tomoyo_globally_readable_file - Check if the file is unconditionnaly permitted to be open()ed for reading.
310	*
311	* @filename: The filename to check.
312	*
313	* Returns true if any domain can open @filename for reading, false otherwise.
314	*
315	* Caller holds tomoyo_read_lock().
316	*/
317	static bool tomoyo_globally_readable_file(const struct tomoyo_path_info *
318	filename)
319	{
320	struct tomoyo_readable_file *ptr;
321	bool found = false;
322
323	list_for_each_entry_rcu(ptr, &tomoyo_policy_list
324	[TOMOYO_ID_GLOBALLY_READABLE], head.list) {
325	if (!ptr->head.is_deleted &&
326	tomoyo_path_matches_pattern(filename, ptr->filename)) {
327	found = true;
328	break;
329	}
330	}
331	return found;
332	}
333
334	/**
335	* tomoyo_write_globally_readable - Write "struct tomoyo_readable_file" list.
336	*
337	* @data: String to parse.
338	* @is_delete: True if it is a delete request.
339	*
340	* Returns 0 on success, negative value otherwise.
341	*
342	* Caller holds tomoyo_read_lock().
343	*/
344	int tomoyo_write_globally_readable(char *data, const bool is_delete)
345	{
346	return tomoyo_update_globally_readable_entry(data, is_delete);
347	}
348
349	static bool tomoyo_same_pattern(const struct tomoyo_acl_head *a,
350	const struct tomoyo_acl_head *b)
351	{
352	return container_of(a, struct tomoyo_no_pattern, head)->pattern ==
353	container_of(b, struct tomoyo_no_pattern, head)->pattern;
354	}
355
356	/**
357	* tomoyo_update_file_pattern_entry - Update "struct tomoyo_no_pattern" list.
358	*
359	* @pattern: Pathname pattern.
360	* @is_delete: True if it is a delete request.
361	*
362	* Returns 0 on success, negative value otherwise.
363	*
364	* Caller holds tomoyo_read_lock().
365	*/
366	static int tomoyo_update_file_pattern_entry(const char *pattern,
367	const bool is_delete)
368	{
369	struct tomoyo_no_pattern e = { };
370	int error;
371
372	if (!tomoyo_correct_word(pattern))
373	return -EINVAL;
374	e.pattern = tomoyo_get_name(pattern);
375	if (!e.pattern)
376	return -ENOMEM;
377	error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
378	&tomoyo_policy_list[TOMOYO_ID_PATTERN],
379	tomoyo_same_pattern);
380	tomoyo_put_name(e.pattern);
381	return error;
382	}
383
384	/**
385	* tomoyo_pattern - Get patterned pathname.
386	*
387	* @filename: The filename to find patterned pathname.
388	*
389	* Returns pointer to pathname pattern if matched, @filename otherwise.
390	*
391	* Caller holds tomoyo_read_lock().
392	*/
393	const char tomoyo_pattern(const struct tomoyo_path_info filename)
394	{
395	struct tomoyo_no_pattern *ptr;
396	const struct tomoyo_path_info *pattern = NULL;
397
398	list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_PATTERN],
399	head.list) {
400	if (ptr->head.is_deleted)
401	continue;
402	if (!tomoyo_path_matches_pattern(filename, ptr->pattern))
403	continue;
404	pattern = ptr->pattern;
405	if (tomoyo_strendswith(pattern->name, "/\\*")) {
406	/* Do nothing. Try to find the better match. */
407	} else {
408	/* This would be the better match. Use this. */
409	break;
410	}
411	}
412	if (pattern)
413	filename = pattern;
414	return filename->name;
415	}
416
417	/**
418	* tomoyo_write_pattern - Write "struct tomoyo_no_pattern" list.
419	*
420	* @data: String to parse.
421	* @is_delete: True if it is a delete request.
422	*
423	* Returns 0 on success, negative value otherwise.
424	*
425	* Caller holds tomoyo_read_lock().
426	*/
427	int tomoyo_write_pattern(char *data, const bool is_delete)
428	{
429	return tomoyo_update_file_pattern_entry(data, is_delete);
430	}
431
432	static bool tomoyo_same_no_rewrite(const struct tomoyo_acl_head *a,
433	const struct tomoyo_acl_head *b)
434	{
435	return container_of(a, struct tomoyo_no_rewrite, head)->pattern
436	== container_of(b, struct tomoyo_no_rewrite, head)
437	->pattern;
438	}
439
440	/**
441	* tomoyo_update_no_rewrite_entry - Update "struct tomoyo_no_rewrite" list.
442	*
443	* @pattern: Pathname pattern that are not rewritable by default.
444	* @is_delete: True if it is a delete request.
445	*
446	* Returns 0 on success, negative value otherwise.
447	*
448	* Caller holds tomoyo_read_lock().
449	*/
450	static int tomoyo_update_no_rewrite_entry(const char *pattern,
451	const bool is_delete)
452	{
453	struct tomoyo_no_rewrite e = { };
454	int error;
455
456	if (!tomoyo_correct_word(pattern))
457	return -EINVAL;
458	e.pattern = tomoyo_get_name(pattern);
459	if (!e.pattern)
460	return -ENOMEM;
461	error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
462	&tomoyo_policy_list[TOMOYO_ID_NO_REWRITE],
463	tomoyo_same_no_rewrite);
464	tomoyo_put_name(e.pattern);
465	return error;
466	}
467
468	/**
469	* tomoyo_no_rewrite_file - Check if the given pathname is not permitted to be rewrited.
470	*
471	* @filename: Filename to check.
472	*
473	* Returns true if @filename is specified by "deny_rewrite" directive,
474	* false otherwise.
475	*
476	* Caller holds tomoyo_read_lock().
477	*/
478	static bool tomoyo_no_rewrite_file(const struct tomoyo_path_info *filename)
479	{
480	struct tomoyo_no_rewrite *ptr;
481	bool found = false;
482
483	list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_NO_REWRITE],
484	head.list) {
485	if (ptr->head.is_deleted)
486	continue;
487	if (!tomoyo_path_matches_pattern(filename, ptr->pattern))
488	continue;
489	found = true;
490	break;
491	}
492	return found;
493	}
494
495	/**
496	* tomoyo_write_no_rewrite - Write "struct tomoyo_no_rewrite" list.
497	*
498	* @data: String to parse.
499	* @is_delete: True if it is a delete request.
500	*
501	* Returns 0 on success, negative value otherwise.
502	*
503	* Caller holds tomoyo_read_lock().
504	*/
505	int tomoyo_write_no_rewrite(char *data, const bool is_delete)
506	{
507	return tomoyo_update_no_rewrite_entry(data, is_delete);
508	}	249	}
509		250
510	static bool tomoyo_check_path_acl(struct tomoyo_request_info *r,	251	static bool tomoyo_check_path_acl(struct tomoyo_request_info *r,
@@ -569,6 +310,15 @@ static bool tomoyo_same_path_acl(const struct tomoyo_acl_info *a,
569	tomoyo_same_name_union(&p1->name, &p2->name);	310	tomoyo_same_name_union(&p1->name, &p2->name);
570	}	311	}
571		312
		313	/**
		314	* tomoyo_merge_path_acl - Merge duplicated "struct tomoyo_path_acl" entry.
		315	*
		316	* @a: Pointer to "struct tomoyo_acl_info".
		317	* @b: Pointer to "struct tomoyo_acl_info".
		318	* @is_delete: True for @a &= ~@b, false for @a \|= @b.
		319	*
		320	* Returns true if @a is empty, false otherwise.
		321	*/
572	static bool tomoyo_merge_path_acl(struct tomoyo_acl_info *a,	322	static bool tomoyo_merge_path_acl(struct tomoyo_acl_info *a,
573	struct tomoyo_acl_info *b,	323	struct tomoyo_acl_info *b,
574	const bool is_delete)	324	const bool is_delete)
@@ -577,19 +327,10 @@ static bool tomoyo_merge_path_acl(struct tomoyo_acl_info *a,
577	->perm;	327	->perm;
578	u16 perm = *a_perm;	328	u16 perm = *a_perm;
579	const u16 b_perm = container_of(b, struct tomoyo_path_acl, head)->perm;	329	const u16 b_perm = container_of(b, struct tomoyo_path_acl, head)->perm;
580	if (is_delete) {	330	if (is_delete)
581	perm &= ~b_perm;	331	perm &= ~b_perm;
582	if ((perm & TOMOYO_RW_MASK) != TOMOYO_RW_MASK)	332	else
583	perm &= ~(1 << TOMOYO_TYPE_READ_WRITE);
584	else if (!(perm & (1 << TOMOYO_TYPE_READ_WRITE)))
585	perm &= ~TOMOYO_RW_MASK;
586	} else {
587	perm \|= b_perm;	333	perm \|= b_perm;
588	if ((perm & TOMOYO_RW_MASK) == TOMOYO_RW_MASK)
589	perm \|= (1 << TOMOYO_TYPE_READ_WRITE);
590	else if (perm & (1 << TOMOYO_TYPE_READ_WRITE))
591	perm \|= TOMOYO_RW_MASK;
592	}
593	*a_perm = perm;	334	*a_perm = perm;
594	return !perm;	335	return !perm;
595	}	336	}
@@ -615,8 +356,6 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename,
615	.perm = 1 << type	356	.perm = 1 << type
616	};	357	};
617	int error;	358	int error;
618	if (e.perm == (1 << TOMOYO_TYPE_READ_WRITE))
619	e.perm \|= TOMOYO_RW_MASK;
620	if (!tomoyo_parse_name_union(filename, &e.name))	359	if (!tomoyo_parse_name_union(filename, &e.name))
621	return -EINVAL;	360	return -EINVAL;
622	error = tomoyo_update_domain(&e.head, sizeof(e), is_delete, domain,	361	error = tomoyo_update_domain(&e.head, sizeof(e), is_delete, domain,
@@ -775,7 +514,6 @@ int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation,
775	{	514	{
776	int error;	515	int error;
777		516
778	next:
779	r->type = tomoyo_p2mac[operation];	517	r->type = tomoyo_p2mac[operation];
780	r->mode = tomoyo_get_mode(r->profile, r->type);	518	r->mode = tomoyo_get_mode(r->profile, r->type);
781	if (r->mode == TOMOYO_CONFIG_DISABLED)	519	if (r->mode == TOMOYO_CONFIG_DISABLED)
@@ -785,10 +523,6 @@ int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation,
785	r->param.path.operation = operation;	523	r->param.path.operation = operation;
786	do {	524	do {
787	tomoyo_check_acl(r, tomoyo_check_path_acl);	525	tomoyo_check_acl(r, tomoyo_check_path_acl);
788	if (!r->granted && operation == TOMOYO_TYPE_READ &&
789	!r->domain->ignore_global_allow_read &&
790	tomoyo_globally_readable_file(filename))
791	r->granted = true;
792	error = tomoyo_audit_path_log(r);	526	error = tomoyo_audit_path_log(r);
793	/*	527	/*
794	* Do not retry for execute request, for alias may have	528	* Do not retry for execute request, for alias may have
@@ -796,16 +530,6 @@ int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation,
796	*/	530	*/
797	} while (error == TOMOYO_RETRY_REQUEST &&	531	} while (error == TOMOYO_RETRY_REQUEST &&
798	operation != TOMOYO_TYPE_EXECUTE);	532	operation != TOMOYO_TYPE_EXECUTE);
799	/*
800	* Since "allow_truncate" doesn't imply "allow_rewrite" permission,
801	* we need to check "allow_rewrite" permission if the filename is
802	* specified by "deny_rewrite" keyword.
803	*/
804	if (!error && operation == TOMOYO_TYPE_TRUNCATE &&
805	tomoyo_no_rewrite_file(filename)) {
806	operation = TOMOYO_TYPE_REWRITE;
807	goto next;
808	}
809	return error;	533	return error;
810	}	534	}
811		535
@@ -932,43 +656,26 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
932	struct tomoyo_request_info r;	656	struct tomoyo_request_info r;
933	int idx;	657	int idx;
934		658
935	if (!path->mnt \|\|	659	if (!path->mnt)
936	(path->dentry->d_inode && S_ISDIR(path->dentry->d_inode->i_mode)))
937	return 0;	660	return 0;
938	buf.name = NULL;	661	buf.name = NULL;
939	r.mode = TOMOYO_CONFIG_DISABLED;	662	r.mode = TOMOYO_CONFIG_DISABLED;
940	idx = tomoyo_read_lock();	663	idx = tomoyo_read_lock();
941	/*	664	if (acc_mode &&
942	* If the filename is specified by "deny_rewrite" keyword,	665	tomoyo_init_request_info(&r, domain, TOMOYO_MAC_FILE_OPEN)
943	* we need to check "allow_rewrite" permission when the filename is not
944	* opened for append mode or the filename is truncated at open time.
945	*/
946	if ((acc_mode & MAY_WRITE) && !(flag & O_APPEND)
947	&& tomoyo_init_request_info(&r, domain, TOMOYO_MAC_FILE_REWRITE)
948	!= TOMOYO_CONFIG_DISABLED) {	666	!= TOMOYO_CONFIG_DISABLED) {
949	if (!tomoyo_get_realpath(&buf, path)) {	667	if (!tomoyo_get_realpath(&buf, path)) {
950	error = -ENOMEM;	668	error = -ENOMEM;
951	goto out;	669	goto out;
952	}	670	}
953	if (tomoyo_no_rewrite_file(&buf))	671	if (acc_mode & MAY_READ)
954	error = tomoyo_path_permission(&r, TOMOYO_TYPE_REWRITE,	672	error = tomoyo_path_permission(&r, TOMOYO_TYPE_READ,
		673	&buf);
		674	if (!error && (acc_mode & MAY_WRITE))
		675	error = tomoyo_path_permission(&r, (flag & O_APPEND) ?
		676	TOMOYO_TYPE_APPEND :
		677	TOMOYO_TYPE_WRITE,
955	&buf);	678	&buf);
956	}
957	if (!error && acc_mode &&
958	tomoyo_init_request_info(&r, domain, TOMOYO_MAC_FILE_OPEN)
959	!= TOMOYO_CONFIG_DISABLED) {
960	u8 operation;
961	if (!buf.name && !tomoyo_get_realpath(&buf, path)) {
962	error = -ENOMEM;
963	goto out;
964	}
965	if (acc_mode == (MAY_READ \| MAY_WRITE))
966	operation = TOMOYO_TYPE_READ_WRITE;
967	else if (acc_mode == MAY_READ)
968	operation = TOMOYO_TYPE_READ;
969	else
970	operation = TOMOYO_TYPE_WRITE;
971	error = tomoyo_path_permission(&r, operation, &buf);
972	}	679	}
973	out:	680	out:
974	kfree(buf.name);	681	kfree(buf.name);
@@ -979,7 +686,7 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
979	}	686	}
980		687
981	/**	688	/**
982	* tomoyo_path_perm - Check permission for "unlink", "rmdir", "truncate", "symlink", "rewrite", "chroot" and "unmount".	689	* tomoyo_path_perm - Check permission for "unlink", "rmdir", "truncate", "symlink", "append", "chroot" and "unmount".
983	*	690	*
984	* @operation: Type of operation.	691	* @operation: Type of operation.
985	* @path: Pointer to "struct path".	692	* @path: Pointer to "struct path".
@@ -988,9 +695,10 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
988	*/	695	*/
989	int tomoyo_path_perm(const u8 operation, struct path *path)	696	int tomoyo_path_perm(const u8 operation, struct path *path)
990	{	697	{
991	int error = -ENOMEM;
992	struct tomoyo_path_info buf;
993	struct tomoyo_request_info r;	698	struct tomoyo_request_info r;
		699	int error;
		700	struct tomoyo_path_info buf;
		701	bool is_enforce;
994	int idx;	702	int idx;
995		703
996	if (!path->mnt)	704	if (!path->mnt)
@@ -998,17 +706,13 @@ int tomoyo_path_perm(const u8 operation, struct path *path)
998	if (tomoyo_init_request_info(&r, NULL, tomoyo_p2mac[operation])	706	if (tomoyo_init_request_info(&r, NULL, tomoyo_p2mac[operation])
999	== TOMOYO_CONFIG_DISABLED)	707	== TOMOYO_CONFIG_DISABLED)
1000	return 0;	708	return 0;
		709	is_enforce = (r.mode == TOMOYO_CONFIG_ENFORCING);
		710	error = -ENOMEM;
1001	buf.name = NULL;	711	buf.name = NULL;
1002	idx = tomoyo_read_lock();	712	idx = tomoyo_read_lock();
1003	if (!tomoyo_get_realpath(&buf, path))	713	if (!tomoyo_get_realpath(&buf, path))
1004	goto out;	714	goto out;
1005	switch (operation) {	715	switch (operation) {
1006	case TOMOYO_TYPE_REWRITE:
1007	if (!tomoyo_no_rewrite_file(&buf)) {
1008	error = 0;
1009	goto out;
1010	}
1011	break;
1012	case TOMOYO_TYPE_RMDIR:	716	case TOMOYO_TYPE_RMDIR:
1013	case TOMOYO_TYPE_CHROOT:	717	case TOMOYO_TYPE_CHROOT:
1014	tomoyo_add_slash(&buf);	718	tomoyo_add_slash(&buf);
@@ -1018,7 +722,7 @@ int tomoyo_path_perm(const u8 operation, struct path *path)
1018	out:	722	out:
1019	kfree(buf.name);	723	kfree(buf.name);
1020	tomoyo_read_unlock(idx);	724	tomoyo_read_unlock(idx);
1021	if (r.mode != TOMOYO_CONFIG_ENFORCING)	725	if (!is_enforce)
1022	error = 0;	726	error = 0;
1023	return error;	727	return error;
1024	}	728	}