TOMOYO: Cleanup part 3.

Use common structure for ACL with "struct list_head" + "atomic_t".
Use array/struct where possible.
Remove is_group from "struct tomoyo_name_union"/"struct tomoyo_number_union".
Pass "struct file"->private_data rather than "struct file".
Update some of comments.
Bring tomoyo_same_acl_head() from common.h to domain.c .
Bring tomoyo_invalid()/tomoyo_valid() from common.h to util.c .

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>

1 files changed, 16 insertions, 1 deletions

diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index 355b536262b1..43977083254b 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -59,6 +59,20 @@ int tomoyo_update_policy(struct tomoyo_acl_head *new_entry, const int size,
 }
 
 /**
+ * tomoyo_same_acl_head - Check for duplicated "struct tomoyo_acl_info" entry.
+ *
+ * @a: Pointer to "struct tomoyo_acl_info".
+ * @b: Pointer to "struct tomoyo_acl_info".
+ *
+ * Returns true if @a == @b, false otherwise.
+ */
+static inline bool tomoyo_same_acl_head(const struct tomoyo_acl_info *a,
+                                        const struct tomoyo_acl_info *b)
+{
+        return a->type == b->type;
+}
+
+/**
  * tomoyo_update_domain - Update an entry for domain policy.
  *
  * @new_entry:       Pointer to "struct tomoyo_acl_info".
@@ -88,7 +102,8 @@ int tomoyo_update_domain(struct tomoyo_acl_info *new_entry, const int size,
         if (mutex_lock_interruptible(&tomoyo_policy_lock))
                 return error;
         list_for_each_entry_rcu(entry, &domain->acl_info_list, list) {
-                if (!check_duplicate(entry, new_entry))
+                if (!tomoyo_same_acl_head(entry, new_entry) ||
+                    !check_duplicate(entry, new_entry))
                         continue;
                 if (merge_duplicate)
                         entry->is_deleted = merge_duplicate(entry, new_entry,