diff options
| author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2011-06-26 10:17:10 -0400 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2011-06-28 19:31:20 -0400 |
| commit | a238cf5b89ed5285be8de56335665d023972f7d5 (patch) | |
| tree | cd2594f5c80345b5f880a3ccd445d15fb6b7d6cd /security/tomoyo/memory.c | |
| parent | 0df7e8b8f1c25c10820bdc679555f2fbfb897ca0 (diff) | |
TOMOYO: Use struct for passing ACL line.
Use structure for passing ACL line, in preparation for supporting policy
namespace and conditional parameters.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/memory.c')
| -rw-r--r-- | security/tomoyo/memory.c | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/security/tomoyo/memory.c b/security/tomoyo/memory.c index dfef0cb268dc..839b8ebc6fe6 100644 --- a/security/tomoyo/memory.c +++ b/security/tomoyo/memory.c | |||
| @@ -93,15 +93,18 @@ void tomoyo_memory_free(void *ptr) | |||
| 93 | /** | 93 | /** |
| 94 | * tomoyo_get_group - Allocate memory for "struct tomoyo_path_group"/"struct tomoyo_number_group". | 94 | * tomoyo_get_group - Allocate memory for "struct tomoyo_path_group"/"struct tomoyo_number_group". |
| 95 | * | 95 | * |
| 96 | * @group_name: The name of address group. | 96 | * @param: Pointer to "struct tomoyo_acl_param". |
| 97 | * @idx: Index number. | 97 | * @idx: Index number. |
| 98 | * | 98 | * |
| 99 | * Returns pointer to "struct tomoyo_group" on success, NULL otherwise. | 99 | * Returns pointer to "struct tomoyo_group" on success, NULL otherwise. |
| 100 | */ | 100 | */ |
| 101 | struct tomoyo_group *tomoyo_get_group(const char *group_name, const u8 idx) | 101 | struct tomoyo_group *tomoyo_get_group(struct tomoyo_acl_param *param, |
| 102 | const u8 idx) | ||
| 102 | { | 103 | { |
| 103 | struct tomoyo_group e = { }; | 104 | struct tomoyo_group e = { }; |
| 104 | struct tomoyo_group *group = NULL; | 105 | struct tomoyo_group *group = NULL; |
| 106 | struct list_head *list; | ||
| 107 | const char *group_name = tomoyo_read_token(param); | ||
| 105 | bool found = false; | 108 | bool found = false; |
| 106 | if (!tomoyo_correct_word(group_name) || idx >= TOMOYO_MAX_GROUP) | 109 | if (!tomoyo_correct_word(group_name) || idx >= TOMOYO_MAX_GROUP) |
| 107 | return NULL; | 110 | return NULL; |
| @@ -110,7 +113,8 @@ struct tomoyo_group *tomoyo_get_group(const char *group_name, const u8 idx) | |||
| 110 | return NULL; | 113 | return NULL; |
| 111 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) | 114 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| 112 | goto out; | 115 | goto out; |
| 113 | list_for_each_entry(group, &tomoyo_group_list[idx], head.list) { | 116 | list = &tomoyo_group_list[idx]; |
| 117 | list_for_each_entry(group, list, head.list) { | ||
| 114 | if (e.group_name != group->group_name) | 118 | if (e.group_name != group->group_name) |
| 115 | continue; | 119 | continue; |
| 116 | atomic_inc(&group->head.users); | 120 | atomic_inc(&group->head.users); |
| @@ -122,14 +126,13 @@ struct tomoyo_group *tomoyo_get_group(const char *group_name, const u8 idx) | |||
| 122 | if (entry) { | 126 | if (entry) { |
| 123 | INIT_LIST_HEAD(&entry->member_list); | 127 | INIT_LIST_HEAD(&entry->member_list); |
| 124 | atomic_set(&entry->head.users, 1); | 128 | atomic_set(&entry->head.users, 1); |
| 125 | list_add_tail_rcu(&entry->head.list, | 129 | list_add_tail_rcu(&entry->head.list, list); |
| 126 | &tomoyo_group_list[idx]); | ||
| 127 | group = entry; | 130 | group = entry; |
| 128 | found = true; | 131 | found = true; |
| 129 | } | 132 | } |
| 130 | } | 133 | } |
| 131 | mutex_unlock(&tomoyo_policy_lock); | 134 | mutex_unlock(&tomoyo_policy_lock); |
| 132 | out: | 135 | out: |
| 133 | tomoyo_put_name(e.group_name); | 136 | tomoyo_put_name(e.group_name); |
| 134 | return found ? group : NULL; | 137 | return found ? group : NULL; |
| 135 | } | 138 | } |
| @@ -210,6 +213,8 @@ void __init tomoyo_mm_init(void) | |||
| 210 | idx = tomoyo_read_lock(); | 213 | idx = tomoyo_read_lock(); |
| 211 | if (tomoyo_find_domain(TOMOYO_ROOT_NAME) != &tomoyo_kernel_domain) | 214 | if (tomoyo_find_domain(TOMOYO_ROOT_NAME) != &tomoyo_kernel_domain) |
| 212 | panic("Can't register tomoyo_kernel_domain"); | 215 | panic("Can't register tomoyo_kernel_domain"); |
| 216 | #if 0 | ||
| 217 | /* Will be replaced with tomoyo_load_builtin_policy(). */ | ||
| 213 | { | 218 | { |
| 214 | /* Load built-in policy. */ | 219 | /* Load built-in policy. */ |
| 215 | tomoyo_write_transition_control("/sbin/hotplug", false, | 220 | tomoyo_write_transition_control("/sbin/hotplug", false, |
| @@ -217,6 +222,7 @@ void __init tomoyo_mm_init(void) | |||
| 217 | tomoyo_write_transition_control("/sbin/modprobe", false, | 222 | tomoyo_write_transition_control("/sbin/modprobe", false, |
| 218 | TOMOYO_TRANSITION_CONTROL_INITIALIZE); | 223 | TOMOYO_TRANSITION_CONTROL_INITIALIZE); |
| 219 | } | 224 | } |
| 225 | #endif | ||
| 220 | tomoyo_read_unlock(idx); | 226 | tomoyo_read_unlock(idx); |
| 221 | } | 227 | } |
| 222 | 228 | ||