diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2009-06-11 13:01:41 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2009-06-11 13:01:41 -0400 |
commit | 3296ca27f50ecbd71db1d808c7a72d311027f919 (patch) | |
tree | 833eaa58b2013bda86d4bd95faf6efad7a2d5ca4 /security/tomoyo/domain.c | |
parent | e893123c7378192c094747dadec326b7c000c190 (diff) | |
parent | 73fbad283cfbbcf02939bdbda31fc4a30e729cca (diff) |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (44 commits)
nommu: Provide mmap_min_addr definition.
TOMOYO: Add description of lists and structures.
TOMOYO: Remove unused field.
integrity: ima audit dentry_open failure
TOMOYO: Remove unused parameter.
security: use mmap_min_addr indepedently of security models
TOMOYO: Simplify policy reader.
TOMOYO: Remove redundant markers.
SELinux: define audit permissions for audit tree netlink messages
TOMOYO: Remove unused mutex.
tomoyo: avoid get+put of task_struct
smack: Remove redundant initialization.
integrity: nfsd imbalance bug fix
rootplug: Remove redundant initialization.
smack: do not beyond ARRAY_SIZE of data
integrity: move ima_counts_get
integrity: path_check update
IMA: Add __init notation to ima functions
IMA: Minimal IMA policy and boot param for TCB IMA policy
selinux: remove obsolete read buffer limit from sel_read_bool
...
Diffstat (limited to 'security/tomoyo/domain.c')
-rw-r--r-- | security/tomoyo/domain.c | 240 |
1 files changed, 200 insertions, 40 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index 2d6748741a26..1d8b16960576 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c | |||
@@ -19,11 +19,63 @@ | |||
19 | /* The initial domain. */ | 19 | /* The initial domain. */ |
20 | struct tomoyo_domain_info tomoyo_kernel_domain; | 20 | struct tomoyo_domain_info tomoyo_kernel_domain; |
21 | 21 | ||
22 | /* The list for "struct tomoyo_domain_info". */ | 22 | /* |
23 | * tomoyo_domain_list is used for holding list of domains. | ||
24 | * The ->acl_info_list of "struct tomoyo_domain_info" is used for holding | ||
25 | * permissions (e.g. "allow_read /lib/libc-2.5.so") given to each domain. | ||
26 | * | ||
27 | * An entry is added by | ||
28 | * | ||
29 | * # ( echo "<kernel>"; echo "allow_execute /sbin/init" ) > \ | ||
30 | * /sys/kernel/security/tomoyo/domain_policy | ||
31 | * | ||
32 | * and is deleted by | ||
33 | * | ||
34 | * # ( echo "<kernel>"; echo "delete allow_execute /sbin/init" ) > \ | ||
35 | * /sys/kernel/security/tomoyo/domain_policy | ||
36 | * | ||
37 | * and all entries are retrieved by | ||
38 | * | ||
39 | * # cat /sys/kernel/security/tomoyo/domain_policy | ||
40 | * | ||
41 | * A domain is added by | ||
42 | * | ||
43 | * # echo "<kernel>" > /sys/kernel/security/tomoyo/domain_policy | ||
44 | * | ||
45 | * and is deleted by | ||
46 | * | ||
47 | * # echo "delete <kernel>" > /sys/kernel/security/tomoyo/domain_policy | ||
48 | * | ||
49 | * and all domains are retrieved by | ||
50 | * | ||
51 | * # grep '^<kernel>' /sys/kernel/security/tomoyo/domain_policy | ||
52 | * | ||
53 | * Normally, a domainname is monotonically getting longer because a domainname | ||
54 | * which the process will belong to if an execve() operation succeeds is | ||
55 | * defined as a concatenation of "current domainname" + "pathname passed to | ||
56 | * execve()". | ||
57 | * See tomoyo_domain_initializer_list and tomoyo_domain_keeper_list for | ||
58 | * exceptions. | ||
59 | */ | ||
23 | LIST_HEAD(tomoyo_domain_list); | 60 | LIST_HEAD(tomoyo_domain_list); |
24 | DECLARE_RWSEM(tomoyo_domain_list_lock); | 61 | DECLARE_RWSEM(tomoyo_domain_list_lock); |
25 | 62 | ||
26 | /* Structure for "initialize_domain" and "no_initialize_domain" keyword. */ | 63 | /* |
64 | * tomoyo_domain_initializer_entry is a structure which is used for holding | ||
65 | * "initialize_domain" and "no_initialize_domain" entries. | ||
66 | * It has following fields. | ||
67 | * | ||
68 | * (1) "list" which is linked to tomoyo_domain_initializer_list . | ||
69 | * (2) "domainname" which is "a domainname" or "the last component of a | ||
70 | * domainname". This field is NULL if "from" clause is not specified. | ||
71 | * (3) "program" which is a program's pathname. | ||
72 | * (4) "is_deleted" is a bool which is true if marked as deleted, false | ||
73 | * otherwise. | ||
74 | * (5) "is_not" is a bool which is true if "no_initialize_domain", false | ||
75 | * otherwise. | ||
76 | * (6) "is_last_name" is a bool which is true if "domainname" is "the last | ||
77 | * component of a domainname", false otherwise. | ||
78 | */ | ||
27 | struct tomoyo_domain_initializer_entry { | 79 | struct tomoyo_domain_initializer_entry { |
28 | struct list_head list; | 80 | struct list_head list; |
29 | const struct tomoyo_path_info *domainname; /* This may be NULL */ | 81 | const struct tomoyo_path_info *domainname; /* This may be NULL */ |
@@ -34,7 +86,23 @@ struct tomoyo_domain_initializer_entry { | |||
34 | bool is_last_name; | 86 | bool is_last_name; |
35 | }; | 87 | }; |
36 | 88 | ||
37 | /* Structure for "keep_domain" and "no_keep_domain" keyword. */ | 89 | /* |
90 | * tomoyo_domain_keeper_entry is a structure which is used for holding | ||
91 | * "keep_domain" and "no_keep_domain" entries. | ||
92 | * It has following fields. | ||
93 | * | ||
94 | * (1) "list" which is linked to tomoyo_domain_keeper_list . | ||
95 | * (2) "domainname" which is "a domainname" or "the last component of a | ||
96 | * domainname". | ||
97 | * (3) "program" which is a program's pathname. | ||
98 | * This field is NULL if "from" clause is not specified. | ||
99 | * (4) "is_deleted" is a bool which is true if marked as deleted, false | ||
100 | * otherwise. | ||
101 | * (5) "is_not" is a bool which is true if "no_initialize_domain", false | ||
102 | * otherwise. | ||
103 | * (6) "is_last_name" is a bool which is true if "domainname" is "the last | ||
104 | * component of a domainname", false otherwise. | ||
105 | */ | ||
38 | struct tomoyo_domain_keeper_entry { | 106 | struct tomoyo_domain_keeper_entry { |
39 | struct list_head list; | 107 | struct list_head list; |
40 | const struct tomoyo_path_info *domainname; | 108 | const struct tomoyo_path_info *domainname; |
@@ -45,7 +113,16 @@ struct tomoyo_domain_keeper_entry { | |||
45 | bool is_last_name; | 113 | bool is_last_name; |
46 | }; | 114 | }; |
47 | 115 | ||
48 | /* Structure for "alias" keyword. */ | 116 | /* |
117 | * tomoyo_alias_entry is a structure which is used for holding "alias" entries. | ||
118 | * It has following fields. | ||
119 | * | ||
120 | * (1) "list" which is linked to tomoyo_alias_list . | ||
121 | * (2) "original_name" which is a dereferenced pathname. | ||
122 | * (3) "aliased_name" which is a symlink's pathname. | ||
123 | * (4) "is_deleted" is a bool which is true if marked as deleted, false | ||
124 | * otherwise. | ||
125 | */ | ||
49 | struct tomoyo_alias_entry { | 126 | struct tomoyo_alias_entry { |
50 | struct list_head list; | 127 | struct list_head list; |
51 | const struct tomoyo_path_info *original_name; | 128 | const struct tomoyo_path_info *original_name; |
@@ -67,14 +144,12 @@ void tomoyo_set_domain_flag(struct tomoyo_domain_info *domain, | |||
67 | { | 144 | { |
68 | /* We need to serialize because this is bitfield operation. */ | 145 | /* We need to serialize because this is bitfield operation. */ |
69 | static DEFINE_SPINLOCK(lock); | 146 | static DEFINE_SPINLOCK(lock); |
70 | /***** CRITICAL SECTION START *****/ | ||
71 | spin_lock(&lock); | 147 | spin_lock(&lock); |
72 | if (!is_delete) | 148 | if (!is_delete) |
73 | domain->flags |= flags; | 149 | domain->flags |= flags; |
74 | else | 150 | else |
75 | domain->flags &= ~flags; | 151 | domain->flags &= ~flags; |
76 | spin_unlock(&lock); | 152 | spin_unlock(&lock); |
77 | /***** CRITICAL SECTION END *****/ | ||
78 | } | 153 | } |
79 | 154 | ||
80 | /** | 155 | /** |
@@ -94,7 +169,42 @@ const char *tomoyo_get_last_name(const struct tomoyo_domain_info *domain) | |||
94 | return cp0; | 169 | return cp0; |
95 | } | 170 | } |
96 | 171 | ||
97 | /* The list for "struct tomoyo_domain_initializer_entry". */ | 172 | /* |
173 | * tomoyo_domain_initializer_list is used for holding list of programs which | ||
174 | * triggers reinitialization of domainname. Normally, a domainname is | ||
175 | * monotonically getting longer. But sometimes, we restart daemon programs. | ||
176 | * It would be convenient for us that "a daemon started upon system boot" and | ||
177 | * "the daemon restarted from console" belong to the same domain. Thus, TOMOYO | ||
178 | * provides a way to shorten domainnames. | ||
179 | * | ||
180 | * An entry is added by | ||
181 | * | ||
182 | * # echo 'initialize_domain /usr/sbin/httpd' > \ | ||
183 | * /sys/kernel/security/tomoyo/exception_policy | ||
184 | * | ||
185 | * and is deleted by | ||
186 | * | ||
187 | * # echo 'delete initialize_domain /usr/sbin/httpd' > \ | ||
188 | * /sys/kernel/security/tomoyo/exception_policy | ||
189 | * | ||
190 | * and all entries are retrieved by | ||
191 | * | ||
192 | * # grep ^initialize_domain /sys/kernel/security/tomoyo/exception_policy | ||
193 | * | ||
194 | * In the example above, /usr/sbin/httpd will belong to | ||
195 | * "<kernel> /usr/sbin/httpd" domain. | ||
196 | * | ||
197 | * You may specify a domainname using "from" keyword. | ||
198 | * "initialize_domain /usr/sbin/httpd from <kernel> /etc/rc.d/init.d/httpd" | ||
199 | * will cause "/usr/sbin/httpd" executed from "<kernel> /etc/rc.d/init.d/httpd" | ||
200 | * domain to belong to "<kernel> /usr/sbin/httpd" domain. | ||
201 | * | ||
202 | * You may add "no_" prefix to "initialize_domain". | ||
203 | * "initialize_domain /usr/sbin/httpd" and | ||
204 | * "no_initialize_domain /usr/sbin/httpd from <kernel> /etc/rc.d/init.d/httpd" | ||
205 | * will cause "/usr/sbin/httpd" to belong to "<kernel> /usr/sbin/httpd" domain | ||
206 | * unless executed from "<kernel> /etc/rc.d/init.d/httpd" domain. | ||
207 | */ | ||
98 | static LIST_HEAD(tomoyo_domain_initializer_list); | 208 | static LIST_HEAD(tomoyo_domain_initializer_list); |
99 | static DECLARE_RWSEM(tomoyo_domain_initializer_list_lock); | 209 | static DECLARE_RWSEM(tomoyo_domain_initializer_list_lock); |
100 | 210 | ||
@@ -135,7 +245,6 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, | |||
135 | saved_program = tomoyo_save_name(program); | 245 | saved_program = tomoyo_save_name(program); |
136 | if (!saved_program) | 246 | if (!saved_program) |
137 | return -ENOMEM; | 247 | return -ENOMEM; |
138 | /***** EXCLUSIVE SECTION START *****/ | ||
139 | down_write(&tomoyo_domain_initializer_list_lock); | 248 | down_write(&tomoyo_domain_initializer_list_lock); |
140 | list_for_each_entry(ptr, &tomoyo_domain_initializer_list, list) { | 249 | list_for_each_entry(ptr, &tomoyo_domain_initializer_list, list) { |
141 | if (ptr->is_not != is_not || | 250 | if (ptr->is_not != is_not || |
@@ -161,7 +270,6 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, | |||
161 | error = 0; | 270 | error = 0; |
162 | out: | 271 | out: |
163 | up_write(&tomoyo_domain_initializer_list_lock); | 272 | up_write(&tomoyo_domain_initializer_list_lock); |
164 | /***** EXCLUSIVE SECTION END *****/ | ||
165 | return error; | 273 | return error; |
166 | } | 274 | } |
167 | 275 | ||
@@ -193,13 +301,12 @@ bool tomoyo_read_domain_initializer_policy(struct tomoyo_io_buffer *head) | |||
193 | from = " from "; | 301 | from = " from "; |
194 | domain = ptr->domainname->name; | 302 | domain = ptr->domainname->name; |
195 | } | 303 | } |
196 | if (!tomoyo_io_printf(head, | 304 | done = tomoyo_io_printf(head, |
197 | "%s" TOMOYO_KEYWORD_INITIALIZE_DOMAIN | 305 | "%s" TOMOYO_KEYWORD_INITIALIZE_DOMAIN |
198 | "%s%s%s\n", no, ptr->program->name, from, | 306 | "%s%s%s\n", no, ptr->program->name, |
199 | domain)) { | 307 | from, domain); |
200 | done = false; | 308 | if (!done) |
201 | break; | 309 | break; |
202 | } | ||
203 | } | 310 | } |
204 | up_read(&tomoyo_domain_initializer_list_lock); | 311 | up_read(&tomoyo_domain_initializer_list_lock); |
205 | return done; | 312 | return done; |
@@ -273,7 +380,44 @@ static bool tomoyo_is_domain_initializer(const struct tomoyo_path_info * | |||
273 | return flag; | 380 | return flag; |
274 | } | 381 | } |
275 | 382 | ||
276 | /* The list for "struct tomoyo_domain_keeper_entry". */ | 383 | /* |
384 | * tomoyo_domain_keeper_list is used for holding list of domainnames which | ||
385 | * suppresses domain transition. Normally, a domainname is monotonically | ||
386 | * getting longer. But sometimes, we want to suppress domain transition. | ||
387 | * It would be convenient for us that programs executed from a login session | ||
388 | * belong to the same domain. Thus, TOMOYO provides a way to suppress domain | ||
389 | * transition. | ||
390 | * | ||
391 | * An entry is added by | ||
392 | * | ||
393 | * # echo 'keep_domain <kernel> /usr/sbin/sshd /bin/bash' > \ | ||
394 | * /sys/kernel/security/tomoyo/exception_policy | ||
395 | * | ||
396 | * and is deleted by | ||
397 | * | ||
398 | * # echo 'delete keep_domain <kernel> /usr/sbin/sshd /bin/bash' > \ | ||
399 | * /sys/kernel/security/tomoyo/exception_policy | ||
400 | * | ||
401 | * and all entries are retrieved by | ||
402 | * | ||
403 | * # grep ^keep_domain /sys/kernel/security/tomoyo/exception_policy | ||
404 | * | ||
405 | * In the example above, any process which belongs to | ||
406 | * "<kernel> /usr/sbin/sshd /bin/bash" domain will remain in that domain, | ||
407 | * unless explicitly specified by "initialize_domain" or "no_keep_domain". | ||
408 | * | ||
409 | * You may specify a program using "from" keyword. | ||
410 | * "keep_domain /bin/pwd from <kernel> /usr/sbin/sshd /bin/bash" | ||
411 | * will cause "/bin/pwd" executed from "<kernel> /usr/sbin/sshd /bin/bash" | ||
412 | * domain to remain in "<kernel> /usr/sbin/sshd /bin/bash" domain. | ||
413 | * | ||
414 | * You may add "no_" prefix to "keep_domain". | ||
415 | * "keep_domain <kernel> /usr/sbin/sshd /bin/bash" and | ||
416 | * "no_keep_domain /usr/bin/passwd from <kernel> /usr/sbin/sshd /bin/bash" will | ||
417 | * cause "/usr/bin/passwd" to belong to | ||
418 | * "<kernel> /usr/sbin/sshd /bin/bash /usr/bin/passwd" domain, unless | ||
419 | * explicitly specified by "initialize_domain". | ||
420 | */ | ||
277 | static LIST_HEAD(tomoyo_domain_keeper_list); | 421 | static LIST_HEAD(tomoyo_domain_keeper_list); |
278 | static DECLARE_RWSEM(tomoyo_domain_keeper_list_lock); | 422 | static DECLARE_RWSEM(tomoyo_domain_keeper_list_lock); |
279 | 423 | ||
@@ -296,7 +440,6 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, | |||
296 | struct tomoyo_domain_keeper_entry *ptr; | 440 | struct tomoyo_domain_keeper_entry *ptr; |
297 | const struct tomoyo_path_info *saved_domainname; | 441 | const struct tomoyo_path_info *saved_domainname; |
298 | const struct tomoyo_path_info *saved_program = NULL; | 442 | const struct tomoyo_path_info *saved_program = NULL; |
299 | static DEFINE_MUTEX(lock); | ||
300 | int error = -ENOMEM; | 443 | int error = -ENOMEM; |
301 | bool is_last_name = false; | 444 | bool is_last_name = false; |
302 | 445 | ||
@@ -315,7 +458,6 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, | |||
315 | saved_domainname = tomoyo_save_name(domainname); | 458 | saved_domainname = tomoyo_save_name(domainname); |
316 | if (!saved_domainname) | 459 | if (!saved_domainname) |
317 | return -ENOMEM; | 460 | return -ENOMEM; |
318 | /***** EXCLUSIVE SECTION START *****/ | ||
319 | down_write(&tomoyo_domain_keeper_list_lock); | 461 | down_write(&tomoyo_domain_keeper_list_lock); |
320 | list_for_each_entry(ptr, &tomoyo_domain_keeper_list, list) { | 462 | list_for_each_entry(ptr, &tomoyo_domain_keeper_list, list) { |
321 | if (ptr->is_not != is_not || | 463 | if (ptr->is_not != is_not || |
@@ -341,7 +483,6 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, | |||
341 | error = 0; | 483 | error = 0; |
342 | out: | 484 | out: |
343 | up_write(&tomoyo_domain_keeper_list_lock); | 485 | up_write(&tomoyo_domain_keeper_list_lock); |
344 | /***** EXCLUSIVE SECTION END *****/ | ||
345 | return error; | 486 | return error; |
346 | } | 487 | } |
347 | 488 | ||
@@ -394,13 +535,12 @@ bool tomoyo_read_domain_keeper_policy(struct tomoyo_io_buffer *head) | |||
394 | from = " from "; | 535 | from = " from "; |
395 | program = ptr->program->name; | 536 | program = ptr->program->name; |
396 | } | 537 | } |
397 | if (!tomoyo_io_printf(head, | 538 | done = tomoyo_io_printf(head, |
398 | "%s" TOMOYO_KEYWORD_KEEP_DOMAIN | 539 | "%s" TOMOYO_KEYWORD_KEEP_DOMAIN |
399 | "%s%s%s\n", no, program, from, | 540 | "%s%s%s\n", no, program, from, |
400 | ptr->domainname->name)) { | 541 | ptr->domainname->name); |
401 | done = false; | 542 | if (!done) |
402 | break; | 543 | break; |
403 | } | ||
404 | } | 544 | } |
405 | up_read(&tomoyo_domain_keeper_list_lock); | 545 | up_read(&tomoyo_domain_keeper_list_lock); |
406 | return done; | 546 | return done; |
@@ -446,7 +586,36 @@ static bool tomoyo_is_domain_keeper(const struct tomoyo_path_info *domainname, | |||
446 | return flag; | 586 | return flag; |
447 | } | 587 | } |
448 | 588 | ||
449 | /* The list for "struct tomoyo_alias_entry". */ | 589 | /* |
590 | * tomoyo_alias_list is used for holding list of symlink's pathnames which are | ||
591 | * allowed to be passed to an execve() request. Normally, the domainname which | ||
592 | * the current process will belong to after execve() succeeds is calculated | ||
593 | * using dereferenced pathnames. But some programs behave differently depending | ||
594 | * on the name passed to argv[0]. For busybox, calculating domainname using | ||
595 | * dereferenced pathnames will cause all programs in the busybox to belong to | ||
596 | * the same domain. Thus, TOMOYO provides a way to allow use of symlink's | ||
597 | * pathname for checking execve()'s permission and calculating domainname which | ||
598 | * the current process will belong to after execve() succeeds. | ||
599 | * | ||
600 | * An entry is added by | ||
601 | * | ||
602 | * # echo 'alias /bin/busybox /bin/cat' > \ | ||
603 | * /sys/kernel/security/tomoyo/exception_policy | ||
604 | * | ||
605 | * and is deleted by | ||
606 | * | ||
607 | * # echo 'delete alias /bin/busybox /bin/cat' > \ | ||
608 | * /sys/kernel/security/tomoyo/exception_policy | ||
609 | * | ||
610 | * and all entries are retrieved by | ||
611 | * | ||
612 | * # grep ^alias /sys/kernel/security/tomoyo/exception_policy | ||
613 | * | ||
614 | * In the example above, if /bin/cat is a symlink to /bin/busybox and execution | ||
615 | * of /bin/cat is requested, permission is checked for /bin/cat rather than | ||
616 | * /bin/busybox and domainname which the current process will belong to after | ||
617 | * execve() succeeds is calculated using /bin/cat rather than /bin/busybox . | ||
618 | */ | ||
450 | static LIST_HEAD(tomoyo_alias_list); | 619 | static LIST_HEAD(tomoyo_alias_list); |
451 | static DECLARE_RWSEM(tomoyo_alias_list_lock); | 620 | static DECLARE_RWSEM(tomoyo_alias_list_lock); |
452 | 621 | ||
@@ -476,7 +645,6 @@ static int tomoyo_update_alias_entry(const char *original_name, | |||
476 | saved_aliased_name = tomoyo_save_name(aliased_name); | 645 | saved_aliased_name = tomoyo_save_name(aliased_name); |
477 | if (!saved_original_name || !saved_aliased_name) | 646 | if (!saved_original_name || !saved_aliased_name) |
478 | return -ENOMEM; | 647 | return -ENOMEM; |
479 | /***** EXCLUSIVE SECTION START *****/ | ||
480 | down_write(&tomoyo_alias_list_lock); | 648 | down_write(&tomoyo_alias_list_lock); |
481 | list_for_each_entry(ptr, &tomoyo_alias_list, list) { | 649 | list_for_each_entry(ptr, &tomoyo_alias_list, list) { |
482 | if (ptr->original_name != saved_original_name || | 650 | if (ptr->original_name != saved_original_name || |
@@ -499,7 +667,6 @@ static int tomoyo_update_alias_entry(const char *original_name, | |||
499 | error = 0; | 667 | error = 0; |
500 | out: | 668 | out: |
501 | up_write(&tomoyo_alias_list_lock); | 669 | up_write(&tomoyo_alias_list_lock); |
502 | /***** EXCLUSIVE SECTION END *****/ | ||
503 | return error; | 670 | return error; |
504 | } | 671 | } |
505 | 672 | ||
@@ -522,12 +689,11 @@ bool tomoyo_read_alias_policy(struct tomoyo_io_buffer *head) | |||
522 | ptr = list_entry(pos, struct tomoyo_alias_entry, list); | 689 | ptr = list_entry(pos, struct tomoyo_alias_entry, list); |
523 | if (ptr->is_deleted) | 690 | if (ptr->is_deleted) |
524 | continue; | 691 | continue; |
525 | if (!tomoyo_io_printf(head, TOMOYO_KEYWORD_ALIAS "%s %s\n", | 692 | done = tomoyo_io_printf(head, TOMOYO_KEYWORD_ALIAS "%s %s\n", |
526 | ptr->original_name->name, | 693 | ptr->original_name->name, |
527 | ptr->aliased_name->name)) { | 694 | ptr->aliased_name->name); |
528 | done = false; | 695 | if (!done) |
529 | break; | 696 | break; |
530 | } | ||
531 | } | 697 | } |
532 | up_read(&tomoyo_alias_list_lock); | 698 | up_read(&tomoyo_alias_list_lock); |
533 | return done; | 699 | return done; |
@@ -567,7 +733,6 @@ int tomoyo_delete_domain(char *domainname) | |||
567 | 733 | ||
568 | name.name = domainname; | 734 | name.name = domainname; |
569 | tomoyo_fill_path_info(&name); | 735 | tomoyo_fill_path_info(&name); |
570 | /***** EXCLUSIVE SECTION START *****/ | ||
571 | down_write(&tomoyo_domain_list_lock); | 736 | down_write(&tomoyo_domain_list_lock); |
572 | /* Is there an active domain? */ | 737 | /* Is there an active domain? */ |
573 | list_for_each_entry(domain, &tomoyo_domain_list, list) { | 738 | list_for_each_entry(domain, &tomoyo_domain_list, list) { |
@@ -581,7 +746,6 @@ int tomoyo_delete_domain(char *domainname) | |||
581 | break; | 746 | break; |
582 | } | 747 | } |
583 | up_write(&tomoyo_domain_list_lock); | 748 | up_write(&tomoyo_domain_list_lock); |
584 | /***** EXCLUSIVE SECTION END *****/ | ||
585 | return 0; | 749 | return 0; |
586 | } | 750 | } |
587 | 751 | ||
@@ -600,7 +764,6 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
600 | struct tomoyo_domain_info *domain = NULL; | 764 | struct tomoyo_domain_info *domain = NULL; |
601 | const struct tomoyo_path_info *saved_domainname; | 765 | const struct tomoyo_path_info *saved_domainname; |
602 | 766 | ||
603 | /***** EXCLUSIVE SECTION START *****/ | ||
604 | down_write(&tomoyo_domain_list_lock); | 767 | down_write(&tomoyo_domain_list_lock); |
605 | domain = tomoyo_find_domain(domainname); | 768 | domain = tomoyo_find_domain(domainname); |
606 | if (domain) | 769 | if (domain) |
@@ -619,7 +782,6 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
619 | domain->domainname != saved_domainname) | 782 | domain->domainname != saved_domainname) |
620 | continue; | 783 | continue; |
621 | flag = false; | 784 | flag = false; |
622 | /***** CRITICAL SECTION START *****/ | ||
623 | read_lock(&tasklist_lock); | 785 | read_lock(&tasklist_lock); |
624 | for_each_process(p) { | 786 | for_each_process(p) { |
625 | if (tomoyo_real_domain(p) != domain) | 787 | if (tomoyo_real_domain(p) != domain) |
@@ -628,7 +790,6 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
628 | break; | 790 | break; |
629 | } | 791 | } |
630 | read_unlock(&tasklist_lock); | 792 | read_unlock(&tasklist_lock); |
631 | /***** CRITICAL SECTION END *****/ | ||
632 | if (flag) | 793 | if (flag) |
633 | continue; | 794 | continue; |
634 | list_for_each_entry(ptr, &domain->acl_info_list, list) { | 795 | list_for_each_entry(ptr, &domain->acl_info_list, list) { |
@@ -651,7 +812,6 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
651 | } | 812 | } |
652 | out: | 813 | out: |
653 | up_write(&tomoyo_domain_list_lock); | 814 | up_write(&tomoyo_domain_list_lock); |
654 | /***** EXCLUSIVE SECTION END *****/ | ||
655 | return domain; | 815 | return domain; |
656 | } | 816 | } |
657 | 817 | ||
@@ -739,7 +899,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm, | |||
739 | } | 899 | } |
740 | 900 | ||
741 | /* Check execute permission. */ | 901 | /* Check execute permission. */ |
742 | retval = tomoyo_check_exec_perm(old_domain, &r, tmp); | 902 | retval = tomoyo_check_exec_perm(old_domain, &r); |
743 | if (retval < 0) | 903 | if (retval < 0) |
744 | goto out; | 904 | goto out; |
745 | 905 | ||