TOMOYO: Support longer pathname.

Allow pathnames longer than 4000 bytes. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> 2010-06-03 07:36:43 -0400
committer: James Morris <jmorris@namei.org> 2010-08-02 01:33:41 -0400
commit: c8c57e842720d8cc92ac8607f2d1c16d92314573 (patch)
tree: dc921366b931ba5817ad530433f3b1ee178bc56a /security/tomoyo/common.h
parent: 9b244373da3eab671da6c5125482121528a9ebf3 (diff)
1 files changed, 2 insertions, 46 deletions
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h
index 6270a530c4d..f4a8aa244af 100644
--- a/security/tomoyo/common.h
+++ b/security/tomoyo/common.h
@@ -33,14 +33,7 @@ struct linux_binprm;
 #define TOMOYO_HASH_BITS  8
 #define TOMOYO_MAX_HASH (1u<<TOMOYO_HASH_BITS)
-/*
+#define TOMOYO_EXEC_TMPSIZE     4096
- * This is the max length of a token.
- *
- * A token consists of only ASCII printable characters.
- * Non printable characters in a token is represented in \ooo style
- * octal string. Thus, \ itself is represented as \\.
- */
-#define TOMOYO_MAX_PATHNAME_LEN 4000
 /* Profile number is an integer between 0 and 255. */
 #define TOMOYO_MAX_PROFILES 256
@@ -168,17 +161,6 @@ enum tomoyo_securityfs_interface_index {
 /********** Structure definitions. **********/
 /*
- * tomoyo_page_buffer is a structure which is used for holding a pathname
- * obtained from "struct dentry" and "struct vfsmount" pair.
- * As of now, it is 4096 bytes. If users complain that 4096 bytes is too small
- * (because TOMOYO escapes non ASCII printable characters using \ooo format),
- * we will make the buffer larger.
- */
-struct tomoyo_page_buffer {
-        char buffer[4096];
-};
-/*
 * tomoyo_request_info is a structure which is used for holding
 *
 * (1) Domain information of current process.
@@ -231,28 +213,6 @@ struct tomoyo_name_entry {
        struct tomoyo_path_info entry;
 };
-/*
- * tomoyo_path_info_with_data is a structure which is used for holding a
- * pathname obtained from "struct dentry" and "struct vfsmount" pair.
- *
- * "struct tomoyo_path_info_with_data" consists of "struct tomoyo_path_info"
- * and buffer for the pathname, while "struct tomoyo_page_buffer" consists of
- * buffer for the pathname only.
- *
- * "struct tomoyo_path_info_with_data" is intended to allow TOMOYO to release
- * both "struct tomoyo_path_info" and buffer for the pathname by single kfree()
- * so that we don't need to return two pointers to the caller. If the caller
- * puts "struct tomoyo_path_info" on stack memory, we will be able to remove
- * "struct tomoyo_path_info_with_data".
- */
-struct tomoyo_path_info_with_data {
-        /* Keep "head" first, for this pointer is passed to kfree(). */
-        struct tomoyo_path_info head;
-        char barrier1[16]; /* Safeguard for overrun. */
-        char body[TOMOYO_MAX_PATHNAME_LEN];
-        char barrier2[16]; /* Safeguard for overrun. */
-};
 struct tomoyo_name_union {
        const struct tomoyo_path_info *filename;
        struct tomoyo_path_group *group;
@@ -827,11 +787,7 @@ void tomoyo_load_policy(const char *filename);
 void tomoyo_put_number_union(struct tomoyo_number_union *ptr);
 /* Convert binary string to ascii string. */
-int tomoyo_encode(char *buffer, int buflen, const char *str);
+char *tomoyo_encode(const char *str);
-/* Returns realpath(3) of the given pathname but ignores chroot'ed root. */
-int tomoyo_realpath_from_path2(struct path *path, char *newname,
-                               int newname_len);
 /*
 * Returns realpath(3) of the given pathname but ignores chroot'ed root.
author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>	2010-06-03 07:36:43 -0400
committer	James Morris <jmorris@namei.org>	2010-08-02 01:33:41 -0400
commit	c8c57e842720d8cc92ac8607f2d1c16d92314573 (patch)
tree	dc921366b931ba5817ad530433f3b1ee178bc56a /security/tomoyo/common.h
parent	9b244373da3eab671da6c5125482121528a9ebf3 (diff)

diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 6270a530c4d..f4a8aa244af 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h
@@ -33,14 +33,7 @@ struct linux_binprm;
33	#define TOMOYO_HASH_BITS 8	33	#define TOMOYO_HASH_BITS 8
34	#define TOMOYO_MAX_HASH (1u<<TOMOYO_HASH_BITS)	34	#define TOMOYO_MAX_HASH (1u<<TOMOYO_HASH_BITS)
35		35
36	/*	36	#define TOMOYO_EXEC_TMPSIZE 4096
37	* This is the max length of a token.
38	*
39	* A token consists of only ASCII printable characters.
40	* Non printable characters in a token is represented in \ooo style
41	* octal string. Thus, \ itself is represented as \\.
42	*/
43	#define TOMOYO_MAX_PATHNAME_LEN 4000
44		37
45	/* Profile number is an integer between 0 and 255. */	38	/* Profile number is an integer between 0 and 255. */
46	#define TOMOYO_MAX_PROFILES 256	39	#define TOMOYO_MAX_PROFILES 256
@@ -168,17 +161,6 @@ enum tomoyo_securityfs_interface_index {
168	/******** Structure definitions. ********/	161	/******** Structure definitions. ********/
169		162
170	/*	163	/*
171	* tomoyo_page_buffer is a structure which is used for holding a pathname
172	* obtained from "struct dentry" and "struct vfsmount" pair.
173	* As of now, it is 4096 bytes. If users complain that 4096 bytes is too small
174	* (because TOMOYO escapes non ASCII printable characters using \ooo format),
175	* we will make the buffer larger.
176	*/
177	struct tomoyo_page_buffer {
178	char buffer[4096];
179	};
180
181	/*
182	* tomoyo_request_info is a structure which is used for holding	164	* tomoyo_request_info is a structure which is used for holding
183	*	165	*
184	* (1) Domain information of current process.	166	* (1) Domain information of current process.
@@ -231,28 +213,6 @@ struct tomoyo_name_entry {
231	struct tomoyo_path_info entry;	213	struct tomoyo_path_info entry;
232	};	214	};
233		215
234	/*
235	* tomoyo_path_info_with_data is a structure which is used for holding a
236	* pathname obtained from "struct dentry" and "struct vfsmount" pair.
237	*
238	* "struct tomoyo_path_info_with_data" consists of "struct tomoyo_path_info"
239	* and buffer for the pathname, while "struct tomoyo_page_buffer" consists of
240	* buffer for the pathname only.
241	*
242	* "struct tomoyo_path_info_with_data" is intended to allow TOMOYO to release
243	* both "struct tomoyo_path_info" and buffer for the pathname by single kfree()
244	* so that we don't need to return two pointers to the caller. If the caller
245	* puts "struct tomoyo_path_info" on stack memory, we will be able to remove
246	* "struct tomoyo_path_info_with_data".
247	*/
248	struct tomoyo_path_info_with_data {
249	/* Keep "head" first, for this pointer is passed to kfree(). */
250	struct tomoyo_path_info head;
251	char barrier1[16]; /* Safeguard for overrun. */
252	char body[TOMOYO_MAX_PATHNAME_LEN];
253	char barrier2[16]; /* Safeguard for overrun. */
254	};
255
256	struct tomoyo_name_union {	216	struct tomoyo_name_union {
257	const struct tomoyo_path_info *filename;	217	const struct tomoyo_path_info *filename;
258	struct tomoyo_path_group *group;	218	struct tomoyo_path_group *group;
@@ -827,11 +787,7 @@ void tomoyo_load_policy(const char *filename);
827	void tomoyo_put_number_union(struct tomoyo_number_union *ptr);	787	void tomoyo_put_number_union(struct tomoyo_number_union *ptr);
828		788
829	/* Convert binary string to ascii string. */	789	/* Convert binary string to ascii string. */
830	int tomoyo_encode(char buffer, int buflen, const char str);	790	char tomoyo_encode(const char str);
831
832	/* Returns realpath(3) of the given pathname but ignores chroot'ed root. */
833	int tomoyo_realpath_from_path2(struct path path, char newname,
834	int newname_len);
835		791
836	/*	792	/*
837	* Returns realpath(3) of the given pathname but ignores chroot'ed root.	793	* Returns realpath(3) of the given pathname but ignores chroot'ed root.