diff options
| author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-05-16 21:06:58 -0400 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2010-08-02 01:33:35 -0400 |
| commit | 4c3e9e2ded48bcf696a45945ea7d25bb15b873fd (patch) | |
| tree | 0be326f0f90b0279ae83594e9244c3739d348df1 /security/tomoyo/gc.c | |
| parent | babcd37821fba57048b30151969d28303f2a8b6b (diff) | |
TOMOYO: Add numeric values grouping support.
This patch adds numeric values grouping support, which is useful for grouping
numeric values such as file's UID, DAC's mode, ioctl()'s cmd number.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/gc.c')
| -rw-r--r-- | security/tomoyo/gc.c | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c index b9cc71b04314..6a48197f6ce5 100644 --- a/security/tomoyo/gc.c +++ b/security/tomoyo/gc.c | |||
| @@ -14,6 +14,8 @@ | |||
| 14 | enum tomoyo_gc_id { | 14 | enum tomoyo_gc_id { |
| 15 | TOMOYO_ID_PATH_GROUP, | 15 | TOMOYO_ID_PATH_GROUP, |
| 16 | TOMOYO_ID_PATH_GROUP_MEMBER, | 16 | TOMOYO_ID_PATH_GROUP_MEMBER, |
| 17 | TOMOYO_ID_NUMBER_GROUP, | ||
| 18 | TOMOYO_ID_NUMBER_GROUP_MEMBER, | ||
| 17 | TOMOYO_ID_DOMAIN_INITIALIZER, | 19 | TOMOYO_ID_DOMAIN_INITIALIZER, |
| 18 | TOMOYO_ID_DOMAIN_KEEPER, | 20 | TOMOYO_ID_DOMAIN_KEEPER, |
| 19 | TOMOYO_ID_ALIAS, | 21 | TOMOYO_ID_ALIAS, |
| @@ -162,6 +164,16 @@ static void tomoyo_del_path_group(struct tomoyo_path_group *group) | |||
| 162 | tomoyo_put_name(group->group_name); | 164 | tomoyo_put_name(group->group_name); |
| 163 | } | 165 | } |
| 164 | 166 | ||
| 167 | static void tomoyo_del_number_group_member(struct tomoyo_number_group_member | ||
| 168 | *member) | ||
| 169 | { | ||
| 170 | } | ||
| 171 | |||
| 172 | static void tomoyo_del_number_group(struct tomoyo_number_group *group) | ||
| 173 | { | ||
| 174 | tomoyo_put_name(group->group_name); | ||
| 175 | } | ||
| 176 | |||
| 165 | static void tomoyo_collect_entry(void) | 177 | static void tomoyo_collect_entry(void) |
| 166 | { | 178 | { |
| 167 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) | 179 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| @@ -329,6 +341,29 @@ static void tomoyo_collect_entry(void) | |||
| 329 | break; | 341 | break; |
| 330 | } | 342 | } |
| 331 | } | 343 | } |
| 344 | { | ||
| 345 | struct tomoyo_number_group *group; | ||
| 346 | list_for_each_entry_rcu(group, &tomoyo_number_group_list, list) { | ||
| 347 | struct tomoyo_number_group_member *member; | ||
| 348 | list_for_each_entry_rcu(member, &group->member_list, | ||
| 349 | list) { | ||
| 350 | if (!member->is_deleted) | ||
| 351 | continue; | ||
| 352 | if (tomoyo_add_to_gc(TOMOYO_ID_NUMBER_GROUP_MEMBER, | ||
| 353 | member)) | ||
| 354 | list_del_rcu(&member->list); | ||
| 355 | else | ||
| 356 | break; | ||
| 357 | } | ||
| 358 | if (!list_empty(&group->member_list) || | ||
| 359 | atomic_read(&group->users)) | ||
| 360 | continue; | ||
| 361 | if (tomoyo_add_to_gc(TOMOYO_ID_NUMBER_GROUP, group)) | ||
| 362 | list_del_rcu(&group->list); | ||
| 363 | else | ||
| 364 | break; | ||
| 365 | } | ||
| 366 | } | ||
| 332 | mutex_unlock(&tomoyo_policy_lock); | 367 | mutex_unlock(&tomoyo_policy_lock); |
| 333 | } | 368 | } |
| 334 | 369 | ||
| @@ -376,6 +411,12 @@ static void tomoyo_kfree_entry(void) | |||
| 376 | case TOMOYO_ID_PATH_GROUP: | 411 | case TOMOYO_ID_PATH_GROUP: |
| 377 | tomoyo_del_path_group(p->element); | 412 | tomoyo_del_path_group(p->element); |
| 378 | break; | 413 | break; |
| 414 | case TOMOYO_ID_NUMBER_GROUP_MEMBER: | ||
| 415 | tomoyo_del_number_group_member(p->element); | ||
| 416 | break; | ||
| 417 | case TOMOYO_ID_NUMBER_GROUP: | ||
| 418 | tomoyo_del_number_group(p->element); | ||
| 419 | break; | ||
| 379 | default: | 420 | default: |
| 380 | printk(KERN_WARNING "Unknown type\n"); | 421 | printk(KERN_WARNING "Unknown type\n"); |
| 381 | break; | 422 | break; |