aboutsummaryrefslogtreecommitdiffstats
path: root/security/tomoyo
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2010-06-14 21:10:37 -0400
committerJames Morris <jmorris@namei.org>2010-08-02 01:34:30 -0400
commitd2f8b2348f3406652ee00ee7221441bd36fe0195 (patch)
tree5860237612bfefe2ec2006830048842b2fc94ad1 /security/tomoyo
parent36f5e1ffbf2bb951105ae4e261bcc1de3eaf510c (diff)
TOMOYO: Use common code for garbage collection.
Use common code for elements using "struct list_head" + "bool" structure. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo')
-rw-r--r--security/tomoyo/gc.c212
1 files changed, 66 insertions, 146 deletions
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c
index 2dd9665af260..4290e519eaa8 100644
--- a/security/tomoyo/gc.c
+++ b/security/tomoyo/gc.c
@@ -11,7 +11,7 @@
11#include <linux/kthread.h> 11#include <linux/kthread.h>
12#include <linux/slab.h> 12#include <linux/slab.h>
13 13
14enum tomoyo_gc_id { 14enum tomoyo_policy_id {
15 TOMOYO_ID_PATH_GROUP, 15 TOMOYO_ID_PATH_GROUP,
16 TOMOYO_ID_PATH_GROUP_MEMBER, 16 TOMOYO_ID_PATH_GROUP_MEMBER,
17 TOMOYO_ID_NUMBER_GROUP, 17 TOMOYO_ID_NUMBER_GROUP,
@@ -26,7 +26,8 @@ enum tomoyo_gc_id {
26 TOMOYO_ID_MANAGER, 26 TOMOYO_ID_MANAGER,
27 TOMOYO_ID_NAME, 27 TOMOYO_ID_NAME,
28 TOMOYO_ID_ACL, 28 TOMOYO_ID_ACL,
29 TOMOYO_ID_DOMAIN 29 TOMOYO_ID_DOMAIN,
30 TOMOYO_MAX_POLICY
30}; 31};
31 32
32struct tomoyo_gc_entry { 33struct tomoyo_gc_entry {
@@ -209,117 +210,58 @@ static void tomoyo_del_number_group(struct tomoyo_number_group *group)
209 tomoyo_put_name(group->group_name); 210 tomoyo_put_name(group->group_name);
210} 211}
211 212
213static struct list_head *tomoyo_policy_list[TOMOYO_MAX_POLICY] = {
214 [TOMOYO_ID_GLOBALLY_READABLE] = &tomoyo_globally_readable_list,
215 [TOMOYO_ID_PATTERN] = &tomoyo_pattern_list,
216 [TOMOYO_ID_NO_REWRITE] = &tomoyo_no_rewrite_list,
217 [TOMOYO_ID_DOMAIN_INITIALIZER] = &tomoyo_domain_initializer_list,
218 [TOMOYO_ID_DOMAIN_KEEPER] = &tomoyo_domain_keeper_list,
219 [TOMOYO_ID_AGGREGATOR] = &tomoyo_aggregator_list,
220 [TOMOYO_ID_ALIAS] = &tomoyo_alias_list,
221 [TOMOYO_ID_MANAGER] = &tomoyo_policy_manager_list,
222};
223
224static bool tomoyo_collect_member(struct list_head *member_list, int id)
225{
226 struct tomoyo_acl_head *member;
227 list_for_each_entry(member, member_list, list) {
228 if (!member->is_deleted)
229 continue;
230 if (!tomoyo_add_to_gc(id, &member->list))
231 return false;
232 list_del_rcu(&member->list);
233 }
234 return true;
235}
236
237static bool tomoyo_collect_acl(struct tomoyo_domain_info *domain)
238{
239 struct tomoyo_acl_info *acl;
240 list_for_each_entry(acl, &domain->acl_info_list, list) {
241 if (!acl->is_deleted)
242 continue;
243 if (!tomoyo_add_to_gc(TOMOYO_ID_ACL, &acl->list))
244 return false;
245 list_del_rcu(&acl->list);
246 }
247 return true;
248}
249
212static void tomoyo_collect_entry(void) 250static void tomoyo_collect_entry(void)
213{ 251{
252 int i;
214 if (mutex_lock_interruptible(&tomoyo_policy_lock)) 253 if (mutex_lock_interruptible(&tomoyo_policy_lock))
215 return; 254 return;
216 { 255 for (i = 0; i < TOMOYO_MAX_POLICY; i++) {
217 struct tomoyo_globally_readable_file_entry *ptr; 256 if (tomoyo_policy_list[i])
218 list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, 257 if (!tomoyo_collect_member(tomoyo_policy_list[i], i))
219 head.list) { 258 goto unlock;
220 if (!ptr->head.is_deleted)
221 continue;
222 if (tomoyo_add_to_gc(TOMOYO_ID_GLOBALLY_READABLE, ptr))
223 list_del_rcu(&ptr->head.list);
224 else
225 break;
226 }
227 }
228 {
229 struct tomoyo_pattern_entry *ptr;
230 list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, head.list) {
231 if (!ptr->head.is_deleted)
232 continue;
233 if (tomoyo_add_to_gc(TOMOYO_ID_PATTERN, ptr))
234 list_del_rcu(&ptr->head.list);
235 else
236 break;
237 }
238 }
239 {
240 struct tomoyo_no_rewrite_entry *ptr;
241 list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list,
242 head.list) {
243 if (!ptr->head.is_deleted)
244 continue;
245 if (tomoyo_add_to_gc(TOMOYO_ID_NO_REWRITE, ptr))
246 list_del_rcu(&ptr->head.list);
247 else
248 break;
249 }
250 }
251 {
252 struct tomoyo_domain_initializer_entry *ptr;
253 list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list,
254 head.list) {
255 if (!ptr->head.is_deleted)
256 continue;
257 if (tomoyo_add_to_gc(TOMOYO_ID_DOMAIN_INITIALIZER, ptr))
258 list_del_rcu(&ptr->head.list);
259 else
260 break;
261 }
262 }
263 {
264 struct tomoyo_domain_keeper_entry *ptr;
265 list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list,
266 head.list) {
267 if (!ptr->head.is_deleted)
268 continue;
269 if (tomoyo_add_to_gc(TOMOYO_ID_DOMAIN_KEEPER, ptr))
270 list_del_rcu(&ptr->head.list);
271 else
272 break;
273 }
274 }
275 {
276 struct tomoyo_aggregator_entry *ptr;
277 list_for_each_entry_rcu(ptr, &tomoyo_aggregator_list,
278 head.list) {
279 if (!ptr->head.is_deleted)
280 continue;
281 if (tomoyo_add_to_gc(TOMOYO_ID_AGGREGATOR, ptr))
282 list_del_rcu(&ptr->head.list);
283 else
284 break;
285 }
286 }
287 {
288 struct tomoyo_alias_entry *ptr;
289 list_for_each_entry_rcu(ptr, &tomoyo_alias_list, head.list) {
290 if (!ptr->head.is_deleted)
291 continue;
292 if (tomoyo_add_to_gc(TOMOYO_ID_ALIAS, ptr))
293 list_del_rcu(&ptr->head.list);
294 else
295 break;
296 }
297 }
298 {
299 struct tomoyo_policy_manager_entry *ptr;
300 list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list,
301 head.list) {
302 if (!ptr->head.is_deleted)
303 continue;
304 if (tomoyo_add_to_gc(TOMOYO_ID_MANAGER, ptr))
305 list_del_rcu(&ptr->head.list);
306 else
307 break;
308 }
309 } 259 }
310 { 260 {
311 struct tomoyo_domain_info *domain; 261 struct tomoyo_domain_info *domain;
312 list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { 262 list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) {
313 struct tomoyo_acl_info *acl; 263 if (!tomoyo_collect_acl(domain))
314 list_for_each_entry_rcu(acl, &domain->acl_info_list, 264 goto unlock;
315 list) {
316 if (!acl->is_deleted)
317 continue;
318 if (tomoyo_add_to_gc(TOMOYO_ID_ACL, acl))
319 list_del_rcu(&acl->list);
320 else
321 break;
322 }
323 if (!domain->is_deleted || atomic_read(&domain->users)) 265 if (!domain->is_deleted || atomic_read(&domain->users))
324 continue; 266 continue;
325 /* 267 /*
@@ -330,72 +272,50 @@ static void tomoyo_collect_entry(void)
330 if (tomoyo_add_to_gc(TOMOYO_ID_DOMAIN, domain)) 272 if (tomoyo_add_to_gc(TOMOYO_ID_DOMAIN, domain))
331 list_del_rcu(&domain->list); 273 list_del_rcu(&domain->list);
332 else 274 else
333 break; 275 goto unlock;
334 } 276 }
335 } 277 }
336 { 278 for (i = 0; i < TOMOYO_MAX_HASH; i++) {
337 int i; 279 struct tomoyo_name_entry *ptr;
338 for (i = 0; i < TOMOYO_MAX_HASH; i++) { 280 list_for_each_entry_rcu(ptr, &tomoyo_name_list[i], list) {
339 struct tomoyo_name_entry *ptr; 281 if (atomic_read(&ptr->users))
340 list_for_each_entry_rcu(ptr, &tomoyo_name_list[i], 282 continue;
341 list) { 283 if (tomoyo_add_to_gc(TOMOYO_ID_NAME, ptr))
342 if (atomic_read(&ptr->users)) 284 list_del_rcu(&ptr->list);
343 continue; 285 else
344 if (tomoyo_add_to_gc(TOMOYO_ID_NAME, ptr)) 286 goto unlock;
345 list_del_rcu(&ptr->list);
346 else {
347 i = TOMOYO_MAX_HASH;
348 break;
349 }
350 }
351 } 287 }
352 } 288 }
353 { 289 {
354 struct tomoyo_path_group *group; 290 struct tomoyo_path_group *group;
355 list_for_each_entry_rcu(group, &tomoyo_path_group_list, list) { 291 list_for_each_entry_rcu(group, &tomoyo_path_group_list, list) {
356 struct tomoyo_path_group_member *member; 292 tomoyo_collect_member(&group->member_list,
357 list_for_each_entry_rcu(member, &group->member_list, 293 TOMOYO_ID_PATH_GROUP_MEMBER);
358 head.list) {
359 if (!member->head.is_deleted)
360 continue;
361 if (tomoyo_add_to_gc(TOMOYO_ID_PATH_GROUP_MEMBER,
362 member))
363 list_del_rcu(&member->head.list);
364 else
365 break;
366 }
367 if (!list_empty(&group->member_list) || 294 if (!list_empty(&group->member_list) ||
368 atomic_read(&group->users)) 295 atomic_read(&group->users))
369 continue; 296 continue;
370 if (tomoyo_add_to_gc(TOMOYO_ID_PATH_GROUP, group)) 297 if (tomoyo_add_to_gc(TOMOYO_ID_PATH_GROUP, group))
371 list_del_rcu(&group->list); 298 list_del_rcu(&group->list);
372 else 299 else
373 break; 300 goto unlock;
374 } 301 }
375 } 302 }
376 { 303 {
377 struct tomoyo_number_group *group; 304 struct tomoyo_number_group *group;
378 list_for_each_entry_rcu(group, &tomoyo_number_group_list, list) { 305 list_for_each_entry_rcu(group, &tomoyo_number_group_list,
379 struct tomoyo_number_group_member *member; 306 list) {
380 list_for_each_entry_rcu(member, &group->member_list, 307 tomoyo_collect_member(&group->member_list,
381 head.list) { 308 TOMOYO_ID_NUMBER_GROUP_MEMBER);
382 if (!member->head.is_deleted)
383 continue;
384 if (tomoyo_add_to_gc(TOMOYO_ID_NUMBER_GROUP_MEMBER,
385 member))
386 list_del_rcu(&member->head.list);
387 else
388 break;
389 }
390 if (!list_empty(&group->member_list) || 309 if (!list_empty(&group->member_list) ||
391 atomic_read(&group->users)) 310 atomic_read(&group->users))
392 continue; 311 continue;
393 if (tomoyo_add_to_gc(TOMOYO_ID_NUMBER_GROUP, group)) 312 if (tomoyo_add_to_gc(TOMOYO_ID_NUMBER_GROUP, group))
394 list_del_rcu(&group->list); 313 list_del_rcu(&group->list);
395 else 314 else
396 break; 315 goto unlock;
397 } 316 }
398 } 317 }
318 unlock:
399 mutex_unlock(&tomoyo_policy_lock); 319 mutex_unlock(&tomoyo_policy_lock);
400} 320}
401 321