diff options
Diffstat (limited to 'security/tomoyo/util.c')
| -rw-r--r-- | security/tomoyo/util.c | 23 |
1 files changed, 6 insertions, 17 deletions
diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c index 6d5393204d95..7fb9bbf7021a 100644 --- a/security/tomoyo/util.c +++ b/security/tomoyo/util.c | |||
| @@ -911,44 +911,33 @@ bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r) | |||
| 911 | if (!domain) | 911 | if (!domain) |
| 912 | return true; | 912 | return true; |
| 913 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { | 913 | list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) { |
| 914 | u16 perm; | ||
| 915 | u8 i; | ||
| 914 | if (ptr->is_deleted) | 916 | if (ptr->is_deleted) |
| 915 | continue; | 917 | continue; |
| 916 | switch (ptr->type) { | 918 | switch (ptr->type) { |
| 917 | u16 perm; | ||
| 918 | u8 i; | ||
| 919 | case TOMOYO_TYPE_PATH_ACL: | 919 | case TOMOYO_TYPE_PATH_ACL: |
| 920 | perm = container_of(ptr, struct tomoyo_path_acl, head) | 920 | perm = container_of(ptr, struct tomoyo_path_acl, head) |
| 921 | ->perm; | 921 | ->perm; |
| 922 | for (i = 0; i < TOMOYO_MAX_PATH_OPERATION; i++) | ||
| 923 | if (perm & (1 << i)) | ||
| 924 | count++; | ||
| 925 | if (perm & (1 << TOMOYO_TYPE_READ_WRITE)) | ||
| 926 | count -= 2; | ||
| 927 | break; | 922 | break; |
| 928 | case TOMOYO_TYPE_PATH2_ACL: | 923 | case TOMOYO_TYPE_PATH2_ACL: |
| 929 | perm = container_of(ptr, struct tomoyo_path2_acl, head) | 924 | perm = container_of(ptr, struct tomoyo_path2_acl, head) |
| 930 | ->perm; | 925 | ->perm; |
| 931 | for (i = 0; i < TOMOYO_MAX_PATH2_OPERATION; i++) | ||
| 932 | if (perm & (1 << i)) | ||
| 933 | count++; | ||
| 934 | break; | 926 | break; |
| 935 | case TOMOYO_TYPE_PATH_NUMBER_ACL: | 927 | case TOMOYO_TYPE_PATH_NUMBER_ACL: |
| 936 | perm = container_of(ptr, struct tomoyo_path_number_acl, | 928 | perm = container_of(ptr, struct tomoyo_path_number_acl, |
| 937 | head)->perm; | 929 | head)->perm; |
| 938 | for (i = 0; i < TOMOYO_MAX_PATH_NUMBER_OPERATION; i++) | ||
| 939 | if (perm & (1 << i)) | ||
| 940 | count++; | ||
| 941 | break; | 930 | break; |
| 942 | case TOMOYO_TYPE_MKDEV_ACL: | 931 | case TOMOYO_TYPE_MKDEV_ACL: |
| 943 | perm = container_of(ptr, struct tomoyo_mkdev_acl, | 932 | perm = container_of(ptr, struct tomoyo_mkdev_acl, |
| 944 | head)->perm; | 933 | head)->perm; |
| 945 | for (i = 0; i < TOMOYO_MAX_MKDEV_OPERATION; i++) | ||
| 946 | if (perm & (1 << i)) | ||
| 947 | count++; | ||
| 948 | break; | 934 | break; |
| 949 | default: | 935 | default: |
| 950 | count++; | 936 | perm = 1; |
| 951 | } | 937 | } |
| 938 | for (i = 0; i < 16; i++) | ||
| 939 | if (perm & (1 << i)) | ||
| 940 | count++; | ||
| 952 | } | 941 | } |
| 953 | if (count < tomoyo_profile(domain->profile)->learning-> | 942 | if (count < tomoyo_profile(domain->profile)->learning-> |
| 954 | learning_max_entry) | 943 | learning_max_entry) |