diff options
| author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-06-17 03:53:24 -0400 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2010-08-02 01:34:40 -0400 |
| commit | a230f9e7121cbcbfe23bd5a630abf6b53cece555 (patch) | |
| tree | a81820f41d57ffd8704aaef4331f696030d7ba77 /security/tomoyo/common.c | |
| parent | a98aa4debe2728abb3353e35fc5d110dcc0d7f0d (diff) | |
TOMOYO: Use array of "struct list_head".
Assign list id and make the lists as array of "struct list_head".
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/common.c')
| -rw-r--r-- | security/tomoyo/common.c | 42 |
1 files changed, 6 insertions, 36 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 9eeb19ec6af4..cb1aaf148ad4 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
| @@ -434,38 +434,6 @@ static void tomoyo_read_profile(struct tomoyo_io_buffer *head) | |||
| 434 | head->read_eof = true; | 434 | head->read_eof = true; |
| 435 | } | 435 | } |
| 436 | 436 | ||
| 437 | /* | ||
| 438 | * tomoyo_policy_manager_list is used for holding list of domainnames or | ||
| 439 | * programs which are permitted to modify configuration via | ||
| 440 | * /sys/kernel/security/tomoyo/ interface. | ||
| 441 | * | ||
| 442 | * An entry is added by | ||
| 443 | * | ||
| 444 | * # echo '<kernel> /sbin/mingetty /bin/login /bin/bash' > \ | ||
| 445 | * /sys/kernel/security/tomoyo/manager | ||
| 446 | * (if you want to specify by a domainname) | ||
| 447 | * | ||
| 448 | * or | ||
| 449 | * | ||
| 450 | * # echo '/usr/sbin/tomoyo-editpolicy' > /sys/kernel/security/tomoyo/manager | ||
| 451 | * (if you want to specify by a program's location) | ||
| 452 | * | ||
| 453 | * and is deleted by | ||
| 454 | * | ||
| 455 | * # echo 'delete <kernel> /sbin/mingetty /bin/login /bin/bash' > \ | ||
| 456 | * /sys/kernel/security/tomoyo/manager | ||
| 457 | * | ||
| 458 | * or | ||
| 459 | * | ||
| 460 | * # echo 'delete /usr/sbin/tomoyo-editpolicy' > \ | ||
| 461 | * /sys/kernel/security/tomoyo/manager | ||
| 462 | * | ||
| 463 | * and all entries are retrieved by | ||
| 464 | * | ||
| 465 | * # cat /sys/kernel/security/tomoyo/manager | ||
| 466 | */ | ||
| 467 | LIST_HEAD(tomoyo_policy_manager_list); | ||
| 468 | |||
| 469 | static bool tomoyo_same_manager_entry(const struct tomoyo_acl_head *a, | 437 | static bool tomoyo_same_manager_entry(const struct tomoyo_acl_head *a, |
| 470 | const struct tomoyo_acl_head *b) | 438 | const struct tomoyo_acl_head *b) |
| 471 | { | 439 | { |
| @@ -503,7 +471,7 @@ static int tomoyo_update_manager_entry(const char *manager, | |||
| 503 | if (!e.manager) | 471 | if (!e.manager) |
| 504 | return -ENOMEM; | 472 | return -ENOMEM; |
| 505 | error = tomoyo_update_policy(&e.head, sizeof(e), is_delete, | 473 | error = tomoyo_update_policy(&e.head, sizeof(e), is_delete, |
| 506 | &tomoyo_policy_manager_list, | 474 | &tomoyo_policy_list[TOMOYO_ID_MANAGER], |
| 507 | tomoyo_same_manager_entry); | 475 | tomoyo_same_manager_entry); |
| 508 | tomoyo_put_name(e.manager); | 476 | tomoyo_put_name(e.manager); |
| 509 | return error; | 477 | return error; |
| @@ -545,7 +513,7 @@ static void tomoyo_read_manager_policy(struct tomoyo_io_buffer *head) | |||
| 545 | if (head->read_eof) | 513 | if (head->read_eof) |
| 546 | return; | 514 | return; |
| 547 | list_for_each_cookie(pos, head->read_var2, | 515 | list_for_each_cookie(pos, head->read_var2, |
| 548 | &tomoyo_policy_manager_list) { | 516 | &tomoyo_policy_list[TOMOYO_ID_MANAGER]) { |
| 549 | struct tomoyo_policy_manager_entry *ptr; | 517 | struct tomoyo_policy_manager_entry *ptr; |
| 550 | ptr = list_entry(pos, struct tomoyo_policy_manager_entry, | 518 | ptr = list_entry(pos, struct tomoyo_policy_manager_entry, |
| 551 | head.list); | 519 | head.list); |
| @@ -578,7 +546,8 @@ static bool tomoyo_policy_manager(void) | |||
| 578 | return true; | 546 | return true; |
| 579 | if (!tomoyo_manage_by_non_root && (task->cred->uid || task->cred->euid)) | 547 | if (!tomoyo_manage_by_non_root && (task->cred->uid || task->cred->euid)) |
| 580 | return false; | 548 | return false; |
| 581 | list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, head.list) { | 549 | list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_MANAGER], |
| 550 | head.list) { | ||
| 582 | if (!ptr->head.is_deleted && ptr->is_domain | 551 | if (!ptr->head.is_deleted && ptr->is_domain |
| 583 | && !tomoyo_pathcmp(domainname, ptr->manager)) { | 552 | && !tomoyo_pathcmp(domainname, ptr->manager)) { |
| 584 | found = true; | 553 | found = true; |
| @@ -590,7 +559,8 @@ static bool tomoyo_policy_manager(void) | |||
| 590 | exe = tomoyo_get_exe(); | 559 | exe = tomoyo_get_exe(); |
| 591 | if (!exe) | 560 | if (!exe) |
| 592 | return false; | 561 | return false; |
| 593 | list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, head.list) { | 562 | list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_MANAGER], |
| 563 | head.list) { | ||
| 594 | if (!ptr->head.is_deleted && !ptr->is_domain | 564 | if (!ptr->head.is_deleted && !ptr->is_domain |
| 595 | && !strcmp(exe, ptr->manager->name)) { | 565 | && !strcmp(exe, ptr->manager->name)) { |
| 596 | found = true; | 566 | found = true; |