aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2011-11-02 20:01:01 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2011-11-02 20:01:01 -0400
commit2380078cdb7e6d520e33dcf834e0be979d542e48 (patch)
tree105a729f483b77453ea7a570f39e9efe76e38aa0
parent6681ba7ec480bc839584fd0817991d248b4b9e44 (diff)
parent59df3166ef293288d164ab3362a717743e62d20c (diff)
Merge branch 'for-linus' of git://git.selinuxproject.org/~jmorris/linux-security
* 'for-linus' of git://git.selinuxproject.org/~jmorris/linux-security: TOMOYO: Fix interactive judgment functionality.
Diffstat
-rw-r--r--security/tomoyo/common.c30
1 files changed, 30 insertions, 0 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 150911c7ff08..c47d3ce6c733 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -966,6 +966,9 @@ static bool tomoyo_manager(void)
966 return found; 966 return found;
967} 967}
968 968
969static struct tomoyo_domain_info *tomoyo_find_domain_by_qid
970(unsigned int serial);
971
969/** 972/**
970 * tomoyo_select_domain - Parse select command. 973 * tomoyo_select_domain - Parse select command.
971 * 974 *
@@ -999,6 +1002,8 @@ static bool tomoyo_select_domain(struct tomoyo_io_buffer *head,
999 } else if (!strncmp(data, "domain=", 7)) { 1002 } else if (!strncmp(data, "domain=", 7)) {
1000 if (tomoyo_domain_def(data + 7)) 1003 if (tomoyo_domain_def(data + 7))
1001 domain = tomoyo_find_domain(data + 7); 1004 domain = tomoyo_find_domain(data + 7);
1005 } else if (sscanf(data, "Q=%u", &pid) == 1) {
1006 domain = tomoyo_find_domain_by_qid(pid);
1002 } else 1007 } else
1003 return false; 1008 return false;
1004 head->w.domain = domain; 1009 head->w.domain = domain;
@@ -1894,6 +1899,7 @@ static DECLARE_WAIT_QUEUE_HEAD(tomoyo_answer_wait);
1894/* Structure for query. */ 1899/* Structure for query. */
1895struct tomoyo_query { 1900struct tomoyo_query {
1896 struct list_head list; 1901 struct list_head list;
1902 struct tomoyo_domain_info *domain;
1897 char *query; 1903 char *query;
1898 size_t query_len; 1904 size_t query_len;
1899 unsigned int serial; 1905 unsigned int serial;
@@ -2044,6 +2050,7 @@ int tomoyo_supervisor(struct tomoyo_request_info *r, const char *fmt, ...)
2044 goto out; 2050 goto out;
2045 } 2051 }
2046 len = tomoyo_round2(entry.query_len); 2052 len = tomoyo_round2(entry.query_len);
2053 entry.domain = r->domain;
2047 spin_lock(&tomoyo_query_list_lock); 2054 spin_lock(&tomoyo_query_list_lock);
2048 if (tomoyo_memory_quota[TOMOYO_MEMORY_QUERY] && 2055 if (tomoyo_memory_quota[TOMOYO_MEMORY_QUERY] &&
2049 tomoyo_memory_used[TOMOYO_MEMORY_QUERY] + len 2056 tomoyo_memory_used[TOMOYO_MEMORY_QUERY] + len
@@ -2091,6 +2098,29 @@ out:
2091} 2098}
2092 2099
2093/** 2100/**
2101 * tomoyo_find_domain_by_qid - Get domain by query id.
2102 *
2103 * @serial: Query ID assigned by tomoyo_supervisor().
2104 *
2105 * Returns pointer to "struct tomoyo_domain_info" if found, NULL otherwise.
2106 */
2107static struct tomoyo_domain_info *tomoyo_find_domain_by_qid
2108(unsigned int serial)
2109{
2110 struct tomoyo_query *ptr;
2111 struct tomoyo_domain_info *domain = NULL;
2112 spin_lock(&tomoyo_query_list_lock);
2113 list_for_each_entry(ptr, &tomoyo_query_list, list) {
2114 if (ptr->serial != serial || ptr->answer)
2115 continue;
2116 domain = ptr->domain;
2117 break;
2118 }
2119 spin_unlock(&tomoyo_query_list_lock);
2120 return domain;
2121}
2122
2123/**
2094 * tomoyo_poll_query - poll() for /sys/kernel/security/tomoyo/query. 2124 * tomoyo_poll_query - poll() for /sys/kernel/security/tomoyo/query.
2095 * 2125 *
2096 * @file: Pointer to "struct file". 2126 * @file: Pointer to "struct file".
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-05 09:04:51 -0500