TOMOYO: Use callback for permission check.

We can use callback function since parameters are passed via "const struct tomoyo_request_info". Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> 2010-06-16 03:22:51 -0400
committer: James Morris <jmorris@namei.org> 2010-08-02 01:34:32 -0400
commit: 99a852596beb26cc449ca1a79834c107ef4080e1 (patch)
tree: 8d593b0af85f6cbbfe73b916f7449148ccf93133 /security/tomoyo/domain.c
parent: cf6e9a6468ec82a94cbc707b607452ec4454182c (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index 35317e783f34..13f4f39baf8f 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -109,6 +109,24 @@ int tomoyo_update_domain(struct tomoyo_acl_info *new_entry, const int size,
        return error;
 }
+void tomoyo_check_acl(struct tomoyo_request_info *r,
+                      bool (*check_entry) (const struct tomoyo_request_info *,
+                                           const struct tomoyo_acl_info *))
+{
+        const struct tomoyo_domain_info *domain = r->domain;
+        struct tomoyo_acl_info *ptr;
+        list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) {
+                if (ptr->is_deleted || ptr->type != r->param_type)
+                        continue;
+                if (check_entry(r, ptr)) {
+                        r->granted = true;
+                        return;
+                }
+        }
+        r->granted = false;
+}
 /*
 * tomoyo_domain_list is used for holding list of domains.
 * The ->acl_info_list of "struct tomoyo_domain_info" is used for holding
author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>	2010-06-16 03:22:51 -0400
committer	James Morris <jmorris@namei.org>	2010-08-02 01:34:32 -0400
commit	99a852596beb26cc449ca1a79834c107ef4080e1 (patch)
tree	8d593b0af85f6cbbfe73b916f7449148ccf93133 /security/tomoyo/domain.c
parent	cf6e9a6468ec82a94cbc707b607452ec4454182c (diff)

diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index 35317e783f34..13f4f39baf8f 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c
@@ -109,6 +109,24 @@ int tomoyo_update_domain(struct tomoyo_acl_info *new_entry, const int size,
109	return error;	109	return error;
110	}	110	}
111		111
		112	void tomoyo_check_acl(struct tomoyo_request_info *r,
		113	bool (check_entry) (const struct tomoyo_request_info ,
		114	const struct tomoyo_acl_info *))
		115	{
		116	const struct tomoyo_domain_info *domain = r->domain;
		117	struct tomoyo_acl_info *ptr;
		118
		119	list_for_each_entry_rcu(ptr, &domain->acl_info_list, list) {
		120	if (ptr->is_deleted \|\| ptr->type != r->param_type)
		121	continue;
		122	if (check_entry(r, ptr)) {
		123	r->granted = true;
		124	return;
		125	}
		126	}
		127	r->granted = false;
		128	}
		129
112	/*	130	/*
113	* tomoyo_domain_list is used for holding list of domains.	131	* tomoyo_domain_list is used for holding list of domains.
114	* The ->acl_info_list of "struct tomoyo_domain_info" is used for holding	132	* The ->acl_info_list of "struct tomoyo_domain_info" is used for holding