diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-21 19:01:40 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-21 19:01:40 -0400 |
| commit | 19b5b517a8b81a448be9b2bdaf18a761a7b9799e (patch) | |
| tree | b1e83e331769d44f98e564c984acf3841261c2a8 /security/selinux/selinuxfs.c | |
| parent | bda0c0afa7a694bb1459fd023515aca681e4d79a (diff) | |
| parent | 95fff33b8e306a4331024bbd31c0999d5bf48fcf (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6:
SELinux: one little, two little, three little whitespaces, the avc.c saga.
SELinux: cleanup on isle selinuxfs.c
changing whitespace for fun and profit: policydb.c
SELinux: whitespace and formating fixes for hooks.c
SELinux: clean up printks
SELinux: sidtab.c whitespace, syntax, and static declaraction cleanups
SELinux: services.c whitespace, syntax, and static declaraction cleanups
SELinux: mls.c whitespace, syntax, and static declaraction cleanups
SELinux: hashtab.c whitespace, syntax, and static declaraction cleanups
SELinux: ebitmap.c whitespace, syntax, and static declaraction cleanups
SELinux: conditional.c whitespace, syntax, and static declaraction cleanups
SELinux: avtab.c whitespace, syntax, and static declaraction cleanups
SELinux: xfrm.c whitespace, syntax, and static declaraction cleanups
SELinux: nlmsgtab.c whitespace, syntax, and static declaraction cleanups
SELinux: netnode.c whitespace, syntax, and static declaraction cleanups
SELinux: netlink.c whitespace, syntax, and static declaraction cleanups
SELinux: netlabel.c whitespace, syntax, and static declaraction cleanups
SELinux: netif.c whitespace, syntax, and static declaraction cleanups
Diffstat (limited to 'security/selinux/selinuxfs.c')
| -rw-r--r-- | security/selinux/selinuxfs.c | 127 |
1 files changed, 65 insertions, 62 deletions
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index 7b681692be47..ac1ccc13a704 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c | |||
| @@ -1,16 +1,16 @@ | |||
| 1 | /* Updated: Karl MacMillan <kmacmillan@tresys.com> | 1 | /* Updated: Karl MacMillan <kmacmillan@tresys.com> |
| 2 | * | 2 | * |
| 3 | * Added conditional policy language extensions | 3 | * Added conditional policy language extensions |
| 4 | * | 4 | * |
| 5 | * Updated: Hewlett-Packard <paul.moore@hp.com> | 5 | * Updated: Hewlett-Packard <paul.moore@hp.com> |
| 6 | * | 6 | * |
| 7 | * Added support for the policy capability bitmap | 7 | * Added support for the policy capability bitmap |
| 8 | * | 8 | * |
| 9 | * Copyright (C) 2007 Hewlett-Packard Development Company, L.P. | 9 | * Copyright (C) 2007 Hewlett-Packard Development Company, L.P. |
| 10 | * Copyright (C) 2003 - 2004 Tresys Technology, LLC | 10 | * Copyright (C) 2003 - 2004 Tresys Technology, LLC |
| 11 | * Copyright (C) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com> | 11 | * Copyright (C) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com> |
| 12 | * This program is free software; you can redistribute it and/or modify | 12 | * This program is free software; you can redistribute it and/or modify |
| 13 | * it under the terms of the GNU General Public License as published by | 13 | * it under the terms of the GNU General Public License as published by |
| 14 | * the Free Software Foundation, version 2. | 14 | * the Free Software Foundation, version 2. |
| 15 | */ | 15 | */ |
| 16 | 16 | ||
| @@ -57,14 +57,14 @@ int selinux_compat_net = SELINUX_COMPAT_NET_VALUE; | |||
| 57 | 57 | ||
| 58 | static int __init checkreqprot_setup(char *str) | 58 | static int __init checkreqprot_setup(char *str) |
| 59 | { | 59 | { |
| 60 | selinux_checkreqprot = simple_strtoul(str,NULL,0) ? 1 : 0; | 60 | selinux_checkreqprot = simple_strtoul(str, NULL, 0) ? 1 : 0; |
| 61 | return 1; | 61 | return 1; |
| 62 | } | 62 | } |
| 63 | __setup("checkreqprot=", checkreqprot_setup); | 63 | __setup("checkreqprot=", checkreqprot_setup); |
| 64 | 64 | ||
| 65 | static int __init selinux_compat_net_setup(char *str) | 65 | static int __init selinux_compat_net_setup(char *str) |
| 66 | { | 66 | { |
| 67 | selinux_compat_net = simple_strtoul(str,NULL,0) ? 1 : 0; | 67 | selinux_compat_net = simple_strtoul(str, NULL, 0) ? 1 : 0; |
| 68 | return 1; | 68 | return 1; |
| 69 | } | 69 | } |
| 70 | __setup("selinux_compat_net=", selinux_compat_net_setup); | 70 | __setup("selinux_compat_net=", selinux_compat_net_setup); |
| @@ -73,17 +73,17 @@ __setup("selinux_compat_net=", selinux_compat_net_setup); | |||
| 73 | static DEFINE_MUTEX(sel_mutex); | 73 | static DEFINE_MUTEX(sel_mutex); |
| 74 | 74 | ||
| 75 | /* global data for booleans */ | 75 | /* global data for booleans */ |
| 76 | static struct dentry *bool_dir = NULL; | 76 | static struct dentry *bool_dir; |
| 77 | static int bool_num = 0; | 77 | static int bool_num; |
| 78 | static char **bool_pending_names; | 78 | static char **bool_pending_names; |
| 79 | static int *bool_pending_values = NULL; | 79 | static int *bool_pending_values; |
| 80 | 80 | ||
| 81 | /* global data for classes */ | 81 | /* global data for classes */ |
| 82 | static struct dentry *class_dir = NULL; | 82 | static struct dentry *class_dir; |
| 83 | static unsigned long last_class_ino; | 83 | static unsigned long last_class_ino; |
| 84 | 84 | ||
| 85 | /* global data for policy capabilities */ | 85 | /* global data for policy capabilities */ |
| 86 | static struct dentry *policycap_dir = NULL; | 86 | static struct dentry *policycap_dir; |
| 87 | 87 | ||
| 88 | extern void selnl_notify_setenforce(int val); | 88 | extern void selnl_notify_setenforce(int val); |
| 89 | 89 | ||
| @@ -142,7 +142,7 @@ static ssize_t sel_read_enforce(struct file *filp, char __user *buf, | |||
| 142 | } | 142 | } |
| 143 | 143 | ||
| 144 | #ifdef CONFIG_SECURITY_SELINUX_DEVELOP | 144 | #ifdef CONFIG_SECURITY_SELINUX_DEVELOP |
| 145 | static ssize_t sel_write_enforce(struct file * file, const char __user * buf, | 145 | static ssize_t sel_write_enforce(struct file *file, const char __user *buf, |
| 146 | size_t count, loff_t *ppos) | 146 | size_t count, loff_t *ppos) |
| 147 | 147 | ||
| 148 | { | 148 | { |
| @@ -156,7 +156,7 @@ static ssize_t sel_write_enforce(struct file * file, const char __user * buf, | |||
| 156 | /* No partial writes. */ | 156 | /* No partial writes. */ |
| 157 | return -EINVAL; | 157 | return -EINVAL; |
| 158 | } | 158 | } |
| 159 | page = (char*)get_zeroed_page(GFP_KERNEL); | 159 | page = (char *)get_zeroed_page(GFP_KERNEL); |
| 160 | if (!page) | 160 | if (!page) |
| 161 | return -ENOMEM; | 161 | return -ENOMEM; |
| 162 | length = -EFAULT; | 162 | length = -EFAULT; |
| @@ -213,7 +213,7 @@ static const struct file_operations sel_handle_unknown_ops = { | |||
| 213 | }; | 213 | }; |
| 214 | 214 | ||
| 215 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE | 215 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE |
| 216 | static ssize_t sel_write_disable(struct file * file, const char __user * buf, | 216 | static ssize_t sel_write_disable(struct file *file, const char __user *buf, |
| 217 | size_t count, loff_t *ppos) | 217 | size_t count, loff_t *ppos) |
| 218 | 218 | ||
| 219 | { | 219 | { |
| @@ -228,7 +228,7 @@ static ssize_t sel_write_disable(struct file * file, const char __user * buf, | |||
| 228 | /* No partial writes. */ | 228 | /* No partial writes. */ |
| 229 | return -EINVAL; | 229 | return -EINVAL; |
| 230 | } | 230 | } |
| 231 | page = (char*)get_zeroed_page(GFP_KERNEL); | 231 | page = (char *)get_zeroed_page(GFP_KERNEL); |
| 232 | if (!page) | 232 | if (!page) |
| 233 | return -ENOMEM; | 233 | return -ENOMEM; |
| 234 | length = -EFAULT; | 234 | length = -EFAULT; |
| @@ -263,7 +263,7 @@ static const struct file_operations sel_disable_ops = { | |||
| 263 | }; | 263 | }; |
| 264 | 264 | ||
| 265 | static ssize_t sel_read_policyvers(struct file *filp, char __user *buf, | 265 | static ssize_t sel_read_policyvers(struct file *filp, char __user *buf, |
| 266 | size_t count, loff_t *ppos) | 266 | size_t count, loff_t *ppos) |
| 267 | { | 267 | { |
| 268 | char tmpbuf[TMPBUFLEN]; | 268 | char tmpbuf[TMPBUFLEN]; |
| 269 | ssize_t length; | 269 | ssize_t length; |
| @@ -299,7 +299,7 @@ static const struct file_operations sel_mls_ops = { | |||
| 299 | .read = sel_read_mls, | 299 | .read = sel_read_mls, |
| 300 | }; | 300 | }; |
| 301 | 301 | ||
| 302 | static ssize_t sel_write_load(struct file * file, const char __user * buf, | 302 | static ssize_t sel_write_load(struct file *file, const char __user *buf, |
| 303 | size_t count, loff_t *ppos) | 303 | size_t count, loff_t *ppos) |
| 304 | 304 | ||
| 305 | { | 305 | { |
| @@ -371,7 +371,7 @@ static const struct file_operations sel_load_ops = { | |||
| 371 | .write = sel_write_load, | 371 | .write = sel_write_load, |
| 372 | }; | 372 | }; |
| 373 | 373 | ||
| 374 | static ssize_t sel_write_context(struct file * file, char *buf, size_t size) | 374 | static ssize_t sel_write_context(struct file *file, char *buf, size_t size) |
| 375 | { | 375 | { |
| 376 | char *canon; | 376 | char *canon; |
| 377 | u32 sid, len; | 377 | u32 sid, len; |
| @@ -390,8 +390,8 @@ static ssize_t sel_write_context(struct file * file, char *buf, size_t size) | |||
| 390 | return length; | 390 | return length; |
| 391 | 391 | ||
| 392 | if (len > SIMPLE_TRANSACTION_LIMIT) { | 392 | if (len > SIMPLE_TRANSACTION_LIMIT) { |
| 393 | printk(KERN_ERR "%s: context size (%u) exceeds payload " | 393 | printk(KERN_ERR "SELinux: %s: context size (%u) exceeds " |
| 394 | "max\n", __func__, len); | 394 | "payload max\n", __func__, len); |
| 395 | length = -ERANGE; | 395 | length = -ERANGE; |
| 396 | goto out; | 396 | goto out; |
| 397 | } | 397 | } |
| @@ -413,7 +413,7 @@ static ssize_t sel_read_checkreqprot(struct file *filp, char __user *buf, | |||
| 413 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | 413 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); |
| 414 | } | 414 | } |
| 415 | 415 | ||
| 416 | static ssize_t sel_write_checkreqprot(struct file * file, const char __user * buf, | 416 | static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, |
| 417 | size_t count, loff_t *ppos) | 417 | size_t count, loff_t *ppos) |
| 418 | { | 418 | { |
| 419 | char *page; | 419 | char *page; |
| @@ -430,7 +430,7 @@ static ssize_t sel_write_checkreqprot(struct file * file, const char __user * bu | |||
| 430 | /* No partial writes. */ | 430 | /* No partial writes. */ |
| 431 | return -EINVAL; | 431 | return -EINVAL; |
| 432 | } | 432 | } |
| 433 | page = (char*)get_zeroed_page(GFP_KERNEL); | 433 | page = (char *)get_zeroed_page(GFP_KERNEL); |
| 434 | if (!page) | 434 | if (!page) |
| 435 | return -ENOMEM; | 435 | return -ENOMEM; |
| 436 | length = -EFAULT; | 436 | length = -EFAULT; |
| @@ -462,7 +462,7 @@ static ssize_t sel_read_compat_net(struct file *filp, char __user *buf, | |||
| 462 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | 462 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); |
| 463 | } | 463 | } |
| 464 | 464 | ||
| 465 | static ssize_t sel_write_compat_net(struct file * file, const char __user * buf, | 465 | static ssize_t sel_write_compat_net(struct file *file, const char __user *buf, |
| 466 | size_t count, loff_t *ppos) | 466 | size_t count, loff_t *ppos) |
| 467 | { | 467 | { |
| 468 | char *page; | 468 | char *page; |
| @@ -479,7 +479,7 @@ static ssize_t sel_write_compat_net(struct file * file, const char __user * buf, | |||
| 479 | /* No partial writes. */ | 479 | /* No partial writes. */ |
| 480 | return -EINVAL; | 480 | return -EINVAL; |
| 481 | } | 481 | } |
| 482 | page = (char*)get_zeroed_page(GFP_KERNEL); | 482 | page = (char *)get_zeroed_page(GFP_KERNEL); |
| 483 | if (!page) | 483 | if (!page) |
| 484 | return -ENOMEM; | 484 | return -ENOMEM; |
| 485 | length = -EFAULT; | 485 | length = -EFAULT; |
| @@ -504,11 +504,11 @@ static const struct file_operations sel_compat_net_ops = { | |||
| 504 | /* | 504 | /* |
| 505 | * Remaining nodes use transaction based IO methods like nfsd/nfsctl.c | 505 | * Remaining nodes use transaction based IO methods like nfsd/nfsctl.c |
| 506 | */ | 506 | */ |
| 507 | static ssize_t sel_write_access(struct file * file, char *buf, size_t size); | 507 | static ssize_t sel_write_access(struct file *file, char *buf, size_t size); |
| 508 | static ssize_t sel_write_create(struct file * file, char *buf, size_t size); | 508 | static ssize_t sel_write_create(struct file *file, char *buf, size_t size); |
| 509 | static ssize_t sel_write_relabel(struct file * file, char *buf, size_t size); | 509 | static ssize_t sel_write_relabel(struct file *file, char *buf, size_t size); |
| 510 | static ssize_t sel_write_user(struct file * file, char *buf, size_t size); | 510 | static ssize_t sel_write_user(struct file *file, char *buf, size_t size); |
| 511 | static ssize_t sel_write_member(struct file * file, char *buf, size_t size); | 511 | static ssize_t sel_write_member(struct file *file, char *buf, size_t size); |
| 512 | 512 | ||
| 513 | static ssize_t (*write_op[])(struct file *, char *, size_t) = { | 513 | static ssize_t (*write_op[])(struct file *, char *, size_t) = { |
| 514 | [SEL_ACCESS] = sel_write_access, | 514 | [SEL_ACCESS] = sel_write_access, |
| @@ -521,7 +521,7 @@ static ssize_t (*write_op[])(struct file *, char *, size_t) = { | |||
| 521 | 521 | ||
| 522 | static ssize_t selinux_transaction_write(struct file *file, const char __user *buf, size_t size, loff_t *pos) | 522 | static ssize_t selinux_transaction_write(struct file *file, const char __user *buf, size_t size, loff_t *pos) |
| 523 | { | 523 | { |
| 524 | ino_t ino = file->f_path.dentry->d_inode->i_ino; | 524 | ino_t ino = file->f_path.dentry->d_inode->i_ino; |
| 525 | char *data; | 525 | char *data; |
| 526 | ssize_t rv; | 526 | ssize_t rv; |
| 527 | 527 | ||
| @@ -532,8 +532,8 @@ static ssize_t selinux_transaction_write(struct file *file, const char __user *b | |||
| 532 | if (IS_ERR(data)) | 532 | if (IS_ERR(data)) |
| 533 | return PTR_ERR(data); | 533 | return PTR_ERR(data); |
| 534 | 534 | ||
| 535 | rv = write_op[ino](file, data, size); | 535 | rv = write_op[ino](file, data, size); |
| 536 | if (rv>0) { | 536 | if (rv > 0) { |
| 537 | simple_transaction_set(file, rv); | 537 | simple_transaction_set(file, rv); |
| 538 | rv = size; | 538 | rv = size; |
| 539 | } | 539 | } |
| @@ -552,7 +552,7 @@ static const struct file_operations transaction_ops = { | |||
| 552 | * and the length returned. Otherwise return 0 or and -error. | 552 | * and the length returned. Otherwise return 0 or and -error. |
| 553 | */ | 553 | */ |
| 554 | 554 | ||
| 555 | static ssize_t sel_write_access(struct file * file, char *buf, size_t size) | 555 | static ssize_t sel_write_access(struct file *file, char *buf, size_t size) |
| 556 | { | 556 | { |
| 557 | char *scon, *tcon; | 557 | char *scon, *tcon; |
| 558 | u32 ssid, tsid; | 558 | u32 ssid, tsid; |
| @@ -601,7 +601,7 @@ out: | |||
| 601 | return length; | 601 | return length; |
| 602 | } | 602 | } |
| 603 | 603 | ||
| 604 | static ssize_t sel_write_create(struct file * file, char *buf, size_t size) | 604 | static ssize_t sel_write_create(struct file *file, char *buf, size_t size) |
| 605 | { | 605 | { |
| 606 | char *scon, *tcon; | 606 | char *scon, *tcon; |
| 607 | u32 ssid, tsid, newsid; | 607 | u32 ssid, tsid, newsid; |
| @@ -643,8 +643,8 @@ static ssize_t sel_write_create(struct file * file, char *buf, size_t size) | |||
| 643 | goto out2; | 643 | goto out2; |
| 644 | 644 | ||
| 645 | if (len > SIMPLE_TRANSACTION_LIMIT) { | 645 | if (len > SIMPLE_TRANSACTION_LIMIT) { |
| 646 | printk(KERN_ERR "%s: context size (%u) exceeds payload " | 646 | printk(KERN_ERR "SELinux: %s: context size (%u) exceeds " |
| 647 | "max\n", __func__, len); | 647 | "payload max\n", __func__, len); |
| 648 | length = -ERANGE; | 648 | length = -ERANGE; |
| 649 | goto out3; | 649 | goto out3; |
| 650 | } | 650 | } |
| @@ -660,7 +660,7 @@ out: | |||
| 660 | return length; | 660 | return length; |
| 661 | } | 661 | } |
| 662 | 662 | ||
| 663 | static ssize_t sel_write_relabel(struct file * file, char *buf, size_t size) | 663 | static ssize_t sel_write_relabel(struct file *file, char *buf, size_t size) |
| 664 | { | 664 | { |
| 665 | char *scon, *tcon; | 665 | char *scon, *tcon; |
| 666 | u32 ssid, tsid, newsid; | 666 | u32 ssid, tsid, newsid; |
| @@ -717,7 +717,7 @@ out: | |||
| 717 | return length; | 717 | return length; |
| 718 | } | 718 | } |
| 719 | 719 | ||
| 720 | static ssize_t sel_write_user(struct file * file, char *buf, size_t size) | 720 | static ssize_t sel_write_user(struct file *file, char *buf, size_t size) |
| 721 | { | 721 | { |
| 722 | char *con, *user, *ptr; | 722 | char *con, *user, *ptr; |
| 723 | u32 sid, *sids; | 723 | u32 sid, *sids; |
| @@ -778,7 +778,7 @@ out: | |||
| 778 | return length; | 778 | return length; |
| 779 | } | 779 | } |
| 780 | 780 | ||
| 781 | static ssize_t sel_write_member(struct file * file, char *buf, size_t size) | 781 | static ssize_t sel_write_member(struct file *file, char *buf, size_t size) |
| 782 | { | 782 | { |
| 783 | char *scon, *tcon; | 783 | char *scon, *tcon; |
| 784 | u32 ssid, tsid, newsid; | 784 | u32 ssid, tsid, newsid; |
| @@ -820,8 +820,8 @@ static ssize_t sel_write_member(struct file * file, char *buf, size_t size) | |||
| 820 | goto out2; | 820 | goto out2; |
| 821 | 821 | ||
| 822 | if (len > SIMPLE_TRANSACTION_LIMIT) { | 822 | if (len > SIMPLE_TRANSACTION_LIMIT) { |
| 823 | printk(KERN_ERR "%s: context size (%u) exceeds payload " | 823 | printk(KERN_ERR "SELinux: %s: context size (%u) exceeds " |
| 824 | "max\n", __func__, len); | 824 | "payload max\n", __func__, len); |
| 825 | length = -ERANGE; | 825 | length = -ERANGE; |
| 826 | goto out3; | 826 | goto out3; |
| 827 | } | 827 | } |
| @@ -872,7 +872,8 @@ static ssize_t sel_read_bool(struct file *filep, char __user *buf, | |||
| 872 | ret = -EINVAL; | 872 | ret = -EINVAL; |
| 873 | goto out; | 873 | goto out; |
| 874 | } | 874 | } |
| 875 | if (!(page = (char*)get_zeroed_page(GFP_KERNEL))) { | 875 | page = (char *)get_zeroed_page(GFP_KERNEL); |
| 876 | if (!page) { | ||
| 876 | ret = -ENOMEM; | 877 | ret = -ENOMEM; |
| 877 | goto out; | 878 | goto out; |
| 878 | } | 879 | } |
| @@ -923,7 +924,7 @@ static ssize_t sel_write_bool(struct file *filep, const char __user *buf, | |||
| 923 | length = -EINVAL; | 924 | length = -EINVAL; |
| 924 | goto out; | 925 | goto out; |
| 925 | } | 926 | } |
| 926 | page = (char*)get_zeroed_page(GFP_KERNEL); | 927 | page = (char *)get_zeroed_page(GFP_KERNEL); |
| 927 | if (!page) { | 928 | if (!page) { |
| 928 | length = -ENOMEM; | 929 | length = -ENOMEM; |
| 929 | goto out; | 930 | goto out; |
| @@ -951,8 +952,8 @@ out: | |||
| 951 | } | 952 | } |
| 952 | 953 | ||
| 953 | static const struct file_operations sel_bool_ops = { | 954 | static const struct file_operations sel_bool_ops = { |
| 954 | .read = sel_read_bool, | 955 | .read = sel_read_bool, |
| 955 | .write = sel_write_bool, | 956 | .write = sel_write_bool, |
| 956 | }; | 957 | }; |
| 957 | 958 | ||
| 958 | static ssize_t sel_commit_bools_write(struct file *filep, | 959 | static ssize_t sel_commit_bools_write(struct file *filep, |
| @@ -977,7 +978,7 @@ static ssize_t sel_commit_bools_write(struct file *filep, | |||
| 977 | /* No partial writes. */ | 978 | /* No partial writes. */ |
| 978 | goto out; | 979 | goto out; |
| 979 | } | 980 | } |
| 980 | page = (char*)get_zeroed_page(GFP_KERNEL); | 981 | page = (char *)get_zeroed_page(GFP_KERNEL); |
| 981 | if (!page) { | 982 | if (!page) { |
| 982 | length = -ENOMEM; | 983 | length = -ENOMEM; |
| 983 | goto out; | 984 | goto out; |
| @@ -991,9 +992,8 @@ static ssize_t sel_commit_bools_write(struct file *filep, | |||
| 991 | if (sscanf(page, "%d", &new_value) != 1) | 992 | if (sscanf(page, "%d", &new_value) != 1) |
| 992 | goto out; | 993 | goto out; |
| 993 | 994 | ||
| 994 | if (new_value && bool_pending_values) { | 995 | if (new_value && bool_pending_values) |
| 995 | security_set_bools(bool_num, bool_pending_values); | 996 | security_set_bools(bool_num, bool_pending_values); |
| 996 | } | ||
| 997 | 997 | ||
| 998 | length = count; | 998 | length = count; |
| 999 | 999 | ||
| @@ -1005,7 +1005,7 @@ out: | |||
| 1005 | } | 1005 | } |
| 1006 | 1006 | ||
| 1007 | static const struct file_operations sel_commit_bools_ops = { | 1007 | static const struct file_operations sel_commit_bools_ops = { |
| 1008 | .write = sel_commit_bools_write, | 1008 | .write = sel_commit_bools_write, |
| 1009 | }; | 1009 | }; |
| 1010 | 1010 | ||
| 1011 | static void sel_remove_entries(struct dentry *de) | 1011 | static void sel_remove_entries(struct dentry *de) |
| @@ -1055,7 +1055,8 @@ static int sel_make_bools(void) | |||
| 1055 | 1055 | ||
| 1056 | sel_remove_entries(dir); | 1056 | sel_remove_entries(dir); |
| 1057 | 1057 | ||
| 1058 | if (!(page = (char*)get_zeroed_page(GFP_KERNEL))) | 1058 | page = (char *)get_zeroed_page(GFP_KERNEL); |
| 1059 | if (!page) | ||
| 1059 | return -ENOMEM; | 1060 | return -ENOMEM; |
| 1060 | 1061 | ||
| 1061 | ret = security_get_bools(&num, &names, &values); | 1062 | ret = security_get_bools(&num, &names, &values); |
| @@ -1082,8 +1083,9 @@ static int sel_make_bools(void) | |||
| 1082 | ret = -ENAMETOOLONG; | 1083 | ret = -ENAMETOOLONG; |
| 1083 | goto err; | 1084 | goto err; |
| 1084 | } | 1085 | } |
| 1085 | isec = (struct inode_security_struct*)inode->i_security; | 1086 | isec = (struct inode_security_struct *)inode->i_security; |
| 1086 | if ((ret = security_genfs_sid("selinuxfs", page, SECCLASS_FILE, &sid))) | 1087 | ret = security_genfs_sid("selinuxfs", page, SECCLASS_FILE, &sid); |
| 1088 | if (ret) | ||
| 1087 | goto err; | 1089 | goto err; |
| 1088 | isec->sid = sid; | 1090 | isec->sid = sid; |
| 1089 | isec->initialized = 1; | 1091 | isec->initialized = 1; |
| @@ -1111,7 +1113,7 @@ err: | |||
| 1111 | 1113 | ||
| 1112 | #define NULL_FILE_NAME "null" | 1114 | #define NULL_FILE_NAME "null" |
| 1113 | 1115 | ||
| 1114 | struct dentry *selinux_null = NULL; | 1116 | struct dentry *selinux_null; |
| 1115 | 1117 | ||
| 1116 | static ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf, | 1118 | static ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf, |
| 1117 | size_t count, loff_t *ppos) | 1119 | size_t count, loff_t *ppos) |
| @@ -1123,8 +1125,8 @@ static ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf, | |||
| 1123 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | 1125 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); |
| 1124 | } | 1126 | } |
| 1125 | 1127 | ||
| 1126 | static ssize_t sel_write_avc_cache_threshold(struct file * file, | 1128 | static ssize_t sel_write_avc_cache_threshold(struct file *file, |
| 1127 | const char __user * buf, | 1129 | const char __user *buf, |
| 1128 | size_t count, loff_t *ppos) | 1130 | size_t count, loff_t *ppos) |
| 1129 | 1131 | ||
| 1130 | { | 1132 | { |
| @@ -1143,7 +1145,7 @@ static ssize_t sel_write_avc_cache_threshold(struct file * file, | |||
| 1143 | goto out; | 1145 | goto out; |
| 1144 | } | 1146 | } |
| 1145 | 1147 | ||
| 1146 | page = (char*)get_zeroed_page(GFP_KERNEL); | 1148 | page = (char *)get_zeroed_page(GFP_KERNEL); |
| 1147 | if (!page) { | 1149 | if (!page) { |
| 1148 | ret = -ENOMEM; | 1150 | ret = -ENOMEM; |
| 1149 | goto out; | 1151 | goto out; |
| @@ -1301,7 +1303,7 @@ out: | |||
| 1301 | return ret; | 1303 | return ret; |
| 1302 | } | 1304 | } |
| 1303 | 1305 | ||
| 1304 | static ssize_t sel_read_initcon(struct file * file, char __user *buf, | 1306 | static ssize_t sel_read_initcon(struct file *file, char __user *buf, |
| 1305 | size_t count, loff_t *ppos) | 1307 | size_t count, loff_t *ppos) |
| 1306 | { | 1308 | { |
| 1307 | struct inode *inode; | 1309 | struct inode *inode; |
| @@ -1375,7 +1377,7 @@ static inline u32 sel_ino_to_perm(unsigned long ino) | |||
| 1375 | return (ino & SEL_INO_MASK) % (SEL_VEC_MAX + 1); | 1377 | return (ino & SEL_INO_MASK) % (SEL_VEC_MAX + 1); |
| 1376 | } | 1378 | } |
| 1377 | 1379 | ||
| 1378 | static ssize_t sel_read_class(struct file * file, char __user *buf, | 1380 | static ssize_t sel_read_class(struct file *file, char __user *buf, |
| 1379 | size_t count, loff_t *ppos) | 1381 | size_t count, loff_t *ppos) |
| 1380 | { | 1382 | { |
| 1381 | ssize_t rc, len; | 1383 | ssize_t rc, len; |
| @@ -1399,7 +1401,7 @@ static const struct file_operations sel_class_ops = { | |||
| 1399 | .read = sel_read_class, | 1401 | .read = sel_read_class, |
| 1400 | }; | 1402 | }; |
| 1401 | 1403 | ||
| 1402 | static ssize_t sel_read_perm(struct file * file, char __user *buf, | 1404 | static ssize_t sel_read_perm(struct file *file, char __user *buf, |
| 1403 | size_t count, loff_t *ppos) | 1405 | size_t count, loff_t *ppos) |
| 1404 | { | 1406 | { |
| 1405 | ssize_t rc, len; | 1407 | ssize_t rc, len; |
| @@ -1412,7 +1414,7 @@ static ssize_t sel_read_perm(struct file * file, char __user *buf, | |||
| 1412 | goto out; | 1414 | goto out; |
| 1413 | } | 1415 | } |
| 1414 | 1416 | ||
| 1415 | len = snprintf(page, PAGE_SIZE,"%d", sel_ino_to_perm(ino)); | 1417 | len = snprintf(page, PAGE_SIZE, "%d", sel_ino_to_perm(ino)); |
| 1416 | rc = simple_read_from_buffer(buf, count, ppos, page, len); | 1418 | rc = simple_read_from_buffer(buf, count, ppos, page, len); |
| 1417 | free_page((unsigned long)page); | 1419 | free_page((unsigned long)page); |
| 1418 | out: | 1420 | out: |
| @@ -1640,7 +1642,7 @@ out: | |||
| 1640 | return ret; | 1642 | return ret; |
| 1641 | } | 1643 | } |
| 1642 | 1644 | ||
| 1643 | static int sel_fill_super(struct super_block * sb, void * data, int silent) | 1645 | static int sel_fill_super(struct super_block *sb, void *data, int silent) |
| 1644 | { | 1646 | { |
| 1645 | int ret; | 1647 | int ret; |
| 1646 | struct dentry *dentry; | 1648 | struct dentry *dentry; |
| @@ -1696,7 +1698,7 @@ static int sel_fill_super(struct super_block * sb, void * data, int silent) | |||
| 1696 | goto err; | 1698 | goto err; |
| 1697 | } | 1699 | } |
| 1698 | inode->i_ino = ++sel_last_ino; | 1700 | inode->i_ino = ++sel_last_ino; |
| 1699 | isec = (struct inode_security_struct*)inode->i_security; | 1701 | isec = (struct inode_security_struct *)inode->i_security; |
| 1700 | isec->sid = SECINITSID_DEVNULL; | 1702 | isec->sid = SECINITSID_DEVNULL; |
| 1701 | isec->sclass = SECCLASS_CHR_FILE; | 1703 | isec->sclass = SECCLASS_CHR_FILE; |
| 1702 | isec->initialized = 1; | 1704 | isec->initialized = 1; |
| @@ -1760,7 +1762,8 @@ static int sel_fill_super(struct super_block * sb, void * data, int silent) | |||
| 1760 | out: | 1762 | out: |
| 1761 | return ret; | 1763 | return ret; |
| 1762 | err: | 1764 | err: |
| 1763 | printk(KERN_ERR "%s: failed while creating inodes\n", __func__); | 1765 | printk(KERN_ERR "SELinux: %s: failed while creating inodes\n", |
| 1766 | __func__); | ||
| 1764 | goto out; | 1767 | goto out; |
| 1765 | } | 1768 | } |
| 1766 | 1769 | ||