/drivers/media/video/samsung/fimg2d3x/

3.0'>archive/unc-master-3.0 The LITMUS^RT kernel.Bjoern Brandenburg
aboutsummaryrefslogblamecommitdiffstats
path: root/security/device_cgroup.c
blob: 5ba78701adc3ab868079ee180b1fc2e4ffc3b95f (plain) (tree) 
08ce5f16ee46

47c59803becb

08ce5f16ee46









29486df325e1

47c59803becb

08ce5f16ee46












47c59803becb


08ce5f16ee46







4efd1a1b2f09

08ce5f16ee46





08ce5f16ee46


b66862f76633





08ce5f16ee46


b66862f76633

08ce5f16ee46


f92523e3a786





08ce5f16ee46



















2cdc7241a290

08ce5f16ee46


08ce5f16ee46
















08ce5f16ee46




d1ee2971f5bd

08ce5f16ee46

2cdc7241a290

08ce5f16ee46



d1ee2971f5bd














4efd1a1b2f09

08ce5f16ee46



4efd1a1b2f09








08ce5f16ee46


08ce5f16ee46






08ce5f16ee46













4efd1a1b2f09


08ce5f16ee46


08ce5f16ee46



























7759fc9d10d3

08ce5f16ee46











08ce5f16ee46



















29486df325e1


17d213f806da

29486df325e1

08ce5f16ee46




29486df325e1

08ce5f16ee46



















29486df325e1

08ce5f16ee46

08ce5f16ee46

7759fc9d10d3

08ce5f16ee46

7759fc9d10d3

08ce5f16ee46


29486df325e1


08ce5f16ee46

29486df325e1

08ce5f16ee46

29486df325e1

08ce5f16ee46

4efd1a1b2f09


08ce5f16ee46

29486df325e1




08ce5f16ee46

4efd1a1b2f09

08ce5f16ee46

29486df325e1

08ce5f16ee46

























ec229e830060

08ce5f16ee46











f92523e3a786

08ce5f16ee46


f92523e3a786

08ce5f16ee46

08ce5f16ee46




47c59803becb

08ce5f16ee46















f92523e3a786


08ce5f16ee46

f92523e3a786

7759fc9d10d3

c012a54ae0b2

08ce5f16ee46





08ce5f16ee46







d823f6bfec28


08ce5f16ee46








f92523e3a786

08ce5f16ee46


f92523e3a786


08ce5f16ee46





7759fc9d10d3


08ce5f16ee46

f92523e3a786

08ce5f16ee46

f92523e3a786


08ce5f16ee46







7759fc9d10d3


08ce5f16ee46

f92523e3a786

08ce5f16ee46

f92523e3a786


08ce5f16ee46
















f92523e3a786

08ce5f16ee46




08ce5f16ee46


f92523e3a786



08ce5f16ee46




f92523e3a786

08ce5f16ee46

f92523e3a786


08ce5f16ee46

f92523e3a786








08ce5f16ee46

08ce5f16ee46






f92523e3a786

08ce5f16ee46




f92523e3a786

08ce5f16ee46


29486df325e1





08ce5f16ee46




















08ce5f16ee46








08ce5f16ee46

4efd1a1b2f09

36fd71d29389



4efd1a1b2f09

08ce5f16ee46















4efd1a1b2f09

08ce5f16ee46


36fd71d29389

4efd1a1b2f09

08ce5f16ee46






08ce5f16ee46



4efd1a1b2f09

36fd71d29389



08ce5f16ee46














4efd1a1b2f09

08ce5f16ee46


36fd71d29389

4efd1a1b2f09

36fd71d29389

08ce5f16ee46


1

2

3
4
5
6
7
8
9
10
11

12

13

14
15
16
17
18
19
20
21
22
23
24
25

26
27

28
29
30
31
32
33
34

35

36
37
38
39
40

41
42

43
44
45
46
47

48
49

50

51
52

53
54
55
56
57

58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

77

78
79

80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

96
97
98
99

100

101

102

103
104
105

106
107
108
109
110
111
112
113
114
115
116
117
118
119

120

121
122
123

124
125
126
127
128
129
130
131

132
133

134
135
136
137
138
139

140
141
142
143
144
145
146
147
148
149
150
151
152

153
154

155
156

157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183

184

185
186
187
188
189
190
191
192
193
194
195

196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214

215
216

217

218

219
220
221
222

223

224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242

243

244

245

246

247

248

249
250

251
252

253

254

255

256

257

258
259

260

261
262
263
264

265

266

267

268

269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293

294

295
296
297
298
299
300
301
302
303
304
305

306

307
308

309

310

311
312
313
314

315

316
317
318
319
320
321
322
323
324
325
326
327
328
329
330

331
332

333

334

335

336

337
338
339
340
341

342
343
344
345
346
347
348

349
350

351
352
353
354
355
356
357
358

359

360
361

362
363

364
365
366
367
368

369
370

371

372

373

374
375

376
377
378
379
380
381
382

383
384

385

386

387

388
389

390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405

406

407
408
409
410

411
412

413
414
415

416
417
418
419

420

421

422
423

424

425
426
427
428
429
430
431
432

433

434
435
436
437
438
439

440

441
442
443
444

445

446
447

448
449
450
451
452

453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472

473
474
475
476
477
478
479
480

481

482

483
484
485

486

487
488
489
490
491
492
493
494
495
496
497
498
499
500
501

502

503
504

505

506

507
508
509
510
511
512

513
514
515

516

517
518
519

520
521
522
523
524
525
526
527
528
529
530
531
532
533

534

535
536

537

538

539

540
541

  
                                            








                                
                           
                           











                                                      

                                      






                              
                            




                                       

  




                                                                                

                                                                           
                                                                                

 




                                                                            


















                                                                             
                                                           

                                           















                                                                



                                                           
                                                 
 
                                                      


                               













                                                                 
                                                                         


                 







                                                                 

                             





                                                           












                                                                           

                                                                  

                 


























                                                                             
                                      










                                                                       


















                                                                         

                    
                    
                



                                               
                               


















                                    
                                             
 
                    
                                 
            
                                      

 

                                                                        
 
                                                                   
                                      
                                                         
 

                                                                  
                                            



                                                                      
         
                          
 
                 
























                                                                             
                                                      










                                                               
                                                      

                                                                
                                                         
                                  



                                          
                                                














                                                                           

                                                                    
 
                      
                   
                  




                                     






                                     

                              







                                    
                               

            

                               




                                 

                                                        
                
                               
         

                               






                                 

                                                        
                
                               
         

                               















                                                       
                                       



                 

                           


                                                         



                                                 
                               
         

                 
 







                                                                          
                        





                                           
                                                        



                                       
                                                       

                                      




                                                      



















                                                                      







                                                               
 
                        


                                             
                                                                   














                                                                      
                                  

                         
 
                          





                                              


                                      
                        


                                             













                                                               
                                  

                         
 
                          
 

                      
/*
 * device_cgroup.c - device cgroup subsystem
 *
 * Copyright 2007 IBM Corp
 */

#include <linux/device_cgroup.h>
#include <linux/cgroup.h>
#include <linux/ctype.h>
#include <linux/list.h>
#include <linux/uaccess.h>
#include <linux/seq_file.h>
#include <linux/rcupdate.h>

#define ACC_MKNOD 1
#define ACC_READ  2
#define ACC_WRITE 4
#define ACC_MASK (ACC_MKNOD | ACC_READ | ACC_WRITE)

#define DEV_BLOCK 1
#define DEV_CHAR  2
#define DEV_ALL   4  /* this represents all devices */

/*
 * whitelist locking rules:
 * hold cgroup_lock() for update/read.
 * hold rcu_read_lock() for read.
 */

struct dev_whitelist_item {
	u32 major, minor;
	short type;
	short access;
	struct list_head list;
	struct rcu_head rcu;
};

struct dev_cgroup {
	struct cgroup_subsys_state css;
	struct list_head whitelist;
};

static inline struct dev_cgroup *css_to_devcgroup(struct cgroup_subsys_state *s)
{
	return container_of(s, struct dev_cgroup, css);
}

static inline struct dev_cgroup *cgroup_to_devcgroup(struct cgroup *cgroup)
{
	return css_to_devcgroup(cgroup_subsys_state(cgroup, devices_subsys_id));
}

static inline struct dev_cgroup *task_devcgroup(struct task_struct *task)
{
	return css_to_devcgroup(task_subsys_state(task, devices_subsys_id));
}

struct cgroup_subsys devices_subsys;

static int devcgroup_can_attach(struct cgroup_subsys *ss,
		struct cgroup *new_cgroup, struct task_struct *task)
{
	if (current != task && !capable(CAP_SYS_ADMIN))
			return -EPERM;

	return 0;
}

/*
 * called under cgroup_lock()
 */
static int dev_whitelist_copy(struct list_head *dest, struct list_head *orig)
{
	struct dev_whitelist_item *wh, *tmp, *new;

	list_for_each_entry(wh, orig, list) {
		new = kmemdup(wh, sizeof(*wh), GFP_KERNEL);
		if (!new)
			goto free_and_exit;
		list_add_tail(&new->list, dest);
	}

	return 0;

free_and_exit:
	list_for_each_entry_safe(wh, tmp, dest, list) {
		list_del(&wh->list);
		kfree(wh);
	}
	return -ENOMEM;
}

/* Stupid prototype - don't bother combining existing entries */
/*
 * called under cgroup_lock()
 */
static int dev_whitelist_add(struct dev_cgroup *dev_cgroup,
			struct dev_whitelist_item *wh)
{
	struct dev_whitelist_item *whcopy, *walk;

	whcopy = kmemdup(wh, sizeof(*wh), GFP_KERNEL);
	if (!whcopy)
		return -ENOMEM;

	list_for_each_entry(walk, &dev_cgroup->whitelist, list) {
		if (walk->type != wh->type)
			continue;
		if (walk->major != wh->major)
			continue;
		if (walk->minor != wh->minor)
			continue;

		walk->access |= wh->access;
		kfree(whcopy);
		whcopy = NULL;
	}

	if (whcopy != NULL)
		list_add_tail_rcu(&whcopy->list, &dev_cgroup->whitelist);
	return 0;
}

static void whitelist_item_free(struct rcu_head *rcu)
{
	struct dev_whitelist_item *item;

	item = container_of(rcu, struct dev_whitelist_item, rcu);
	kfree(item);
}

/*
 * called under cgroup_lock()
 */
static void dev_whitelist_rm(struct dev_cgroup *dev_cgroup,
			struct dev_whitelist_item *wh)
{
	struct dev_whitelist_item *walk, *tmp;

	list_for_each_entry_safe(walk, tmp, &dev_cgroup->whitelist, list) {
		if (walk->type == DEV_ALL)
			goto remove;
		if (walk->type != wh->type)
			continue;