diff options
-rw-r--r-- | security/tomoyo/common.c | 44 | ||||
-rw-r--r-- | security/tomoyo/common.h | 42 | ||||
-rw-r--r-- | security/tomoyo/domain.c | 38 | ||||
-rw-r--r-- | security/tomoyo/file.c | 104 | ||||
-rw-r--r-- | security/tomoyo/gc.c | 4 | ||||
-rw-r--r-- | security/tomoyo/mount.c | 10 | ||||
-rw-r--r-- | security/tomoyo/number_group.c | 2 | ||||
-rw-r--r-- | security/tomoyo/path_group.c | 2 | ||||
-rw-r--r-- | security/tomoyo/tomoyo.c | 2 | ||||
-rw-r--r-- | security/tomoyo/util.c | 66 |
10 files changed, 157 insertions, 157 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 4ee47af0917d..1a22fff89e70 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
@@ -494,12 +494,12 @@ static int tomoyo_update_manager_entry(const char *manager, | |||
494 | struct tomoyo_policy_manager_entry e = { }; | 494 | struct tomoyo_policy_manager_entry e = { }; |
495 | int error; | 495 | int error; |
496 | 496 | ||
497 | if (tomoyo_is_domain_def(manager)) { | 497 | if (tomoyo_domain_def(manager)) { |
498 | if (!tomoyo_is_correct_domain(manager)) | 498 | if (!tomoyo_correct_domain(manager)) |
499 | return -EINVAL; | 499 | return -EINVAL; |
500 | e.is_domain = true; | 500 | e.is_domain = true; |
501 | } else { | 501 | } else { |
502 | if (!tomoyo_is_correct_path(manager)) | 502 | if (!tomoyo_correct_path(manager)) |
503 | return -EINVAL; | 503 | return -EINVAL; |
504 | } | 504 | } |
505 | e.manager = tomoyo_get_name(manager); | 505 | e.manager = tomoyo_get_name(manager); |
@@ -565,14 +565,14 @@ static int tomoyo_read_manager_policy(struct tomoyo_io_buffer *head) | |||
565 | } | 565 | } |
566 | 566 | ||
567 | /** | 567 | /** |
568 | * tomoyo_is_policy_manager - Check whether the current process is a policy manager. | 568 | * tomoyo_policy_manager - Check whether the current process is a policy manager. |
569 | * | 569 | * |
570 | * Returns true if the current process is permitted to modify policy | 570 | * Returns true if the current process is permitted to modify policy |
571 | * via /sys/kernel/security/tomoyo/ interface. | 571 | * via /sys/kernel/security/tomoyo/ interface. |
572 | * | 572 | * |
573 | * Caller holds tomoyo_read_lock(). | 573 | * Caller holds tomoyo_read_lock(). |
574 | */ | 574 | */ |
575 | static bool tomoyo_is_policy_manager(void) | 575 | static bool tomoyo_policy_manager(void) |
576 | { | 576 | { |
577 | struct tomoyo_policy_manager_entry *ptr; | 577 | struct tomoyo_policy_manager_entry *ptr; |
578 | const char *exe; | 578 | const char *exe; |
@@ -617,7 +617,7 @@ static bool tomoyo_is_policy_manager(void) | |||
617 | } | 617 | } |
618 | 618 | ||
619 | /** | 619 | /** |
620 | * tomoyo_is_select_one - Parse select command. | 620 | * tomoyo_select_one - Parse select command. |
621 | * | 621 | * |
622 | * @head: Pointer to "struct tomoyo_io_buffer". | 622 | * @head: Pointer to "struct tomoyo_io_buffer". |
623 | * @data: String to parse. | 623 | * @data: String to parse. |
@@ -626,7 +626,7 @@ static bool tomoyo_is_policy_manager(void) | |||
626 | * | 626 | * |
627 | * Caller holds tomoyo_read_lock(). | 627 | * Caller holds tomoyo_read_lock(). |
628 | */ | 628 | */ |
629 | static bool tomoyo_is_select_one(struct tomoyo_io_buffer *head, | 629 | static bool tomoyo_select_one(struct tomoyo_io_buffer *head, |
630 | const char *data) | 630 | const char *data) |
631 | { | 631 | { |
632 | unsigned int pid; | 632 | unsigned int pid; |
@@ -647,7 +647,7 @@ static bool tomoyo_is_select_one(struct tomoyo_io_buffer *head, | |||
647 | read_unlock(&tasklist_lock); | 647 | read_unlock(&tasklist_lock); |
648 | rcu_read_unlock(); | 648 | rcu_read_unlock(); |
649 | } else if (!strncmp(data, "domain=", 7)) { | 649 | } else if (!strncmp(data, "domain=", 7)) { |
650 | if (tomoyo_is_domain_def(data + 7)) | 650 | if (tomoyo_domain_def(data + 7)) |
651 | domain = tomoyo_find_domain(data + 7); | 651 | domain = tomoyo_find_domain(data + 7); |
652 | } else | 652 | } else |
653 | return false; | 653 | return false; |
@@ -748,12 +748,12 @@ static int tomoyo_write_domain_policy(struct tomoyo_io_buffer *head) | |||
748 | is_delete = true; | 748 | is_delete = true; |
749 | else if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_SELECT)) | 749 | else if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_SELECT)) |
750 | is_select = true; | 750 | is_select = true; |
751 | if (is_select && tomoyo_is_select_one(head, data)) | 751 | if (is_select && tomoyo_select_one(head, data)) |
752 | return 0; | 752 | return 0; |
753 | /* Don't allow updating policies by non manager programs. */ | 753 | /* Don't allow updating policies by non manager programs. */ |
754 | if (!tomoyo_is_policy_manager()) | 754 | if (!tomoyo_policy_manager()) |
755 | return -EPERM; | 755 | return -EPERM; |
756 | if (tomoyo_is_domain_def(data)) { | 756 | if (tomoyo_domain_def(data)) { |
757 | domain = NULL; | 757 | domain = NULL; |
758 | if (is_delete) | 758 | if (is_delete) |
759 | tomoyo_delete_domain(data); | 759 | tomoyo_delete_domain(data); |
@@ -894,26 +894,26 @@ static bool tomoyo_print_path_number_acl(struct tomoyo_io_buffer *head, | |||
894 | } | 894 | } |
895 | 895 | ||
896 | /** | 896 | /** |
897 | * tomoyo_print_path_number3_acl - Print a path_number3 ACL entry. | 897 | * tomoyo_print_mkdev_acl - Print a mkdev ACL entry. |
898 | * | 898 | * |
899 | * @head: Pointer to "struct tomoyo_io_buffer". | 899 | * @head: Pointer to "struct tomoyo_io_buffer". |
900 | * @ptr: Pointer to "struct tomoyo_path_number3_acl". | 900 | * @ptr: Pointer to "struct tomoyo_mkdev_acl". |
901 | * | 901 | * |
902 | * Returns true on success, false otherwise. | 902 | * Returns true on success, false otherwise. |
903 | */ | 903 | */ |
904 | static bool tomoyo_print_path_number3_acl(struct tomoyo_io_buffer *head, | 904 | static bool tomoyo_print_mkdev_acl(struct tomoyo_io_buffer *head, |
905 | struct tomoyo_path_number3_acl *ptr) | 905 | struct tomoyo_mkdev_acl *ptr) |
906 | { | 906 | { |
907 | int pos; | 907 | int pos; |
908 | u8 bit; | 908 | u8 bit; |
909 | const u16 perm = ptr->perm; | 909 | const u16 perm = ptr->perm; |
910 | for (bit = head->read_bit; bit < TOMOYO_MAX_PATH_NUMBER3_OPERATION; | 910 | for (bit = head->read_bit; bit < TOMOYO_MAX_MKDEV_OPERATION; |
911 | bit++) { | 911 | bit++) { |
912 | if (!(perm & (1 << bit))) | 912 | if (!(perm & (1 << bit))) |
913 | continue; | 913 | continue; |
914 | pos = head->read_avail; | 914 | pos = head->read_avail; |
915 | if (!tomoyo_io_printf(head, "allow_%s", | 915 | if (!tomoyo_io_printf(head, "allow_%s", |
916 | tomoyo_path_number32keyword(bit)) || | 916 | tomoyo_mkdev2keyword(bit)) || |
917 | !tomoyo_print_name_union(head, &ptr->name) || | 917 | !tomoyo_print_name_union(head, &ptr->name) || |
918 | !tomoyo_print_number_union(head, &ptr->mode) || | 918 | !tomoyo_print_number_union(head, &ptr->mode) || |
919 | !tomoyo_print_number_union(head, &ptr->major) || | 919 | !tomoyo_print_number_union(head, &ptr->major) || |
@@ -984,11 +984,11 @@ static bool tomoyo_print_entry(struct tomoyo_io_buffer *head, | |||
984 | head); | 984 | head); |
985 | return tomoyo_print_path_number_acl(head, acl); | 985 | return tomoyo_print_path_number_acl(head, acl); |
986 | } | 986 | } |
987 | if (acl_type == TOMOYO_TYPE_PATH_NUMBER3_ACL) { | 987 | if (acl_type == TOMOYO_TYPE_MKDEV_ACL) { |
988 | struct tomoyo_path_number3_acl *acl | 988 | struct tomoyo_mkdev_acl *acl |
989 | = container_of(ptr, struct tomoyo_path_number3_acl, | 989 | = container_of(ptr, struct tomoyo_mkdev_acl, |
990 | head); | 990 | head); |
991 | return tomoyo_print_path_number3_acl(head, acl); | 991 | return tomoyo_print_mkdev_acl(head, acl); |
992 | } | 992 | } |
993 | if (acl_type == TOMOYO_TYPE_MOUNT_ACL) { | 993 | if (acl_type == TOMOYO_TYPE_MOUNT_ACL) { |
994 | struct tomoyo_mount_acl *acl | 994 | struct tomoyo_mount_acl *acl |
@@ -1910,7 +1910,7 @@ int tomoyo_write_control(struct file *file, const char __user *buffer, | |||
1910 | /* Don't allow updating policies by non manager programs. */ | 1910 | /* Don't allow updating policies by non manager programs. */ |
1911 | if (head->write != tomoyo_write_pid && | 1911 | if (head->write != tomoyo_write_pid && |
1912 | head->write != tomoyo_write_domain_policy && | 1912 | head->write != tomoyo_write_domain_policy && |
1913 | !tomoyo_is_policy_manager()) | 1913 | !tomoyo_policy_manager()) |
1914 | return -EPERM; | 1914 | return -EPERM; |
1915 | if (mutex_lock_interruptible(&head->io_sem)) | 1915 | if (mutex_lock_interruptible(&head->io_sem)) |
1916 | return -EINTR; | 1916 | return -EINTR; |
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 36b027460ea6..9b106e9adbec 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h | |||
@@ -80,7 +80,7 @@ enum tomoyo_acl_entry_type_index { | |||
80 | TOMOYO_TYPE_PATH_ACL, | 80 | TOMOYO_TYPE_PATH_ACL, |
81 | TOMOYO_TYPE_PATH2_ACL, | 81 | TOMOYO_TYPE_PATH2_ACL, |
82 | TOMOYO_TYPE_PATH_NUMBER_ACL, | 82 | TOMOYO_TYPE_PATH_NUMBER_ACL, |
83 | TOMOYO_TYPE_PATH_NUMBER3_ACL, | 83 | TOMOYO_TYPE_MKDEV_ACL, |
84 | TOMOYO_TYPE_MOUNT_ACL, | 84 | TOMOYO_TYPE_MOUNT_ACL, |
85 | }; | 85 | }; |
86 | 86 | ||
@@ -114,10 +114,10 @@ enum tomoyo_path_acl_index { | |||
114 | 114 | ||
115 | #define TOMOYO_RW_MASK ((1 << TOMOYO_TYPE_READ) | (1 << TOMOYO_TYPE_WRITE)) | 115 | #define TOMOYO_RW_MASK ((1 << TOMOYO_TYPE_READ) | (1 << TOMOYO_TYPE_WRITE)) |
116 | 116 | ||
117 | enum tomoyo_path_number3_acl_index { | 117 | enum tomoyo_mkdev_acl_index { |
118 | TOMOYO_TYPE_MKBLOCK, | 118 | TOMOYO_TYPE_MKBLOCK, |
119 | TOMOYO_TYPE_MKCHAR, | 119 | TOMOYO_TYPE_MKCHAR, |
120 | TOMOYO_MAX_PATH_NUMBER3_OPERATION | 120 | TOMOYO_MAX_MKDEV_OPERATION |
121 | }; | 121 | }; |
122 | 122 | ||
123 | enum tomoyo_path2_acl_index { | 123 | enum tomoyo_path2_acl_index { |
@@ -342,7 +342,7 @@ struct tomoyo_number_group_member { | |||
342 | * | 342 | * |
343 | * Packing "struct tomoyo_acl_info" allows | 343 | * Packing "struct tomoyo_acl_info" allows |
344 | * "struct tomoyo_path_acl" to embed "u16" and "struct tomoyo_path2_acl" | 344 | * "struct tomoyo_path_acl" to embed "u16" and "struct tomoyo_path2_acl" |
345 | * "struct tomoyo_path_number_acl" "struct tomoyo_path_number3_acl" to embed | 345 | * "struct tomoyo_path_number_acl" "struct tomoyo_mkdev_acl" to embed |
346 | * "u8" without enlarging their structure size. | 346 | * "u8" without enlarging their structure size. |
347 | */ | 347 | */ |
348 | struct tomoyo_acl_info { | 348 | struct tomoyo_acl_info { |
@@ -439,7 +439,7 @@ struct tomoyo_path_number_acl { | |||
439 | }; | 439 | }; |
440 | 440 | ||
441 | /* | 441 | /* |
442 | * tomoyo_path_number3_acl is a structure which is used for holding an | 442 | * tomoyo_mkdev_acl is a structure which is used for holding an |
443 | * entry with one pathname and three numbers operation. | 443 | * entry with one pathname and three numbers operation. |
444 | * It has following fields. | 444 | * It has following fields. |
445 | * | 445 | * |
@@ -452,8 +452,8 @@ struct tomoyo_path_number_acl { | |||
452 | * Directives held by this structure are "allow_mkchar", "allow_mkblock". | 452 | * Directives held by this structure are "allow_mkchar", "allow_mkblock". |
453 | * | 453 | * |
454 | */ | 454 | */ |
455 | struct tomoyo_path_number3_acl { | 455 | struct tomoyo_mkdev_acl { |
456 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH_NUMBER3_ACL */ | 456 | struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_MKDEV_ACL */ |
457 | u8 perm; | 457 | u8 perm; |
458 | struct tomoyo_name_union name; | 458 | struct tomoyo_name_union name; |
459 | struct tomoyo_number_union mode; | 459 | struct tomoyo_number_union mode; |
@@ -756,12 +756,12 @@ int tomoyo_get_mode(const u8 profile, const u8 index); | |||
756 | bool tomoyo_io_printf(struct tomoyo_io_buffer *head, const char *fmt, ...) | 756 | bool tomoyo_io_printf(struct tomoyo_io_buffer *head, const char *fmt, ...) |
757 | __attribute__ ((format(printf, 2, 3))); | 757 | __attribute__ ((format(printf, 2, 3))); |
758 | /* Check whether the domainname is correct. */ | 758 | /* Check whether the domainname is correct. */ |
759 | bool tomoyo_is_correct_domain(const unsigned char *domainname); | 759 | bool tomoyo_correct_domain(const unsigned char *domainname); |
760 | /* Check whether the token is correct. */ | 760 | /* Check whether the token is correct. */ |
761 | bool tomoyo_is_correct_path(const char *filename); | 761 | bool tomoyo_correct_path(const char *filename); |
762 | bool tomoyo_is_correct_word(const char *string); | 762 | bool tomoyo_correct_word(const char *string); |
763 | /* Check whether the token can be a domainname. */ | 763 | /* Check whether the token can be a domainname. */ |
764 | bool tomoyo_is_domain_def(const unsigned char *buffer); | 764 | bool tomoyo_domain_def(const unsigned char *buffer); |
765 | bool tomoyo_parse_name_union(const char *filename, | 765 | bool tomoyo_parse_name_union(const char *filename, |
766 | struct tomoyo_name_union *ptr); | 766 | struct tomoyo_name_union *ptr); |
767 | /* Check whether the given filename matches the given path_group. */ | 767 | /* Check whether the given filename matches the given path_group. */ |
@@ -807,7 +807,7 @@ bool tomoyo_verbose_mode(const struct tomoyo_domain_info *domain); | |||
807 | /* Convert double path operation to operation name. */ | 807 | /* Convert double path operation to operation name. */ |
808 | const char *tomoyo_path22keyword(const u8 operation); | 808 | const char *tomoyo_path22keyword(const u8 operation); |
809 | const char *tomoyo_path_number2keyword(const u8 operation); | 809 | const char *tomoyo_path_number2keyword(const u8 operation); |
810 | const char *tomoyo_path_number32keyword(const u8 operation); | 810 | const char *tomoyo_mkdev2keyword(const u8 operation); |
811 | /* Get the last component of the given domainname. */ | 811 | /* Get the last component of the given domainname. */ |
812 | const char *tomoyo_get_last_name(const struct tomoyo_domain_info *domain); | 812 | const char *tomoyo_get_last_name(const struct tomoyo_domain_info *domain); |
813 | /* Convert single path operation to operation name. */ | 813 | /* Convert single path operation to operation name. */ |
@@ -919,8 +919,8 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, | |||
919 | struct path *path, const int flag); | 919 | struct path *path, const int flag); |
920 | int tomoyo_path_number_perm(const u8 operation, struct path *path, | 920 | int tomoyo_path_number_perm(const u8 operation, struct path *path, |
921 | unsigned long number); | 921 | unsigned long number); |
922 | int tomoyo_path_number3_perm(const u8 operation, struct path *path, | 922 | int tomoyo_mkdev_perm(const u8 operation, struct path *path, |
923 | const unsigned int mode, unsigned int dev); | 923 | const unsigned int mode, unsigned int dev); |
924 | int tomoyo_path_perm(const u8 operation, struct path *path); | 924 | int tomoyo_path_perm(const u8 operation, struct path *path); |
925 | int tomoyo_path2_perm(const u8 operation, struct path *path1, | 925 | int tomoyo_path2_perm(const u8 operation, struct path *path1, |
926 | struct path *path2); | 926 | struct path *path2); |
@@ -1008,25 +1008,25 @@ static inline bool tomoyo_pathcmp(const struct tomoyo_path_info *a, | |||
1008 | } | 1008 | } |
1009 | 1009 | ||
1010 | /** | 1010 | /** |
1011 | * tomoyo_is_valid - Check whether the character is a valid char. | 1011 | * tomoyo_valid - Check whether the character is a valid char. |
1012 | * | 1012 | * |
1013 | * @c: The character to check. | 1013 | * @c: The character to check. |
1014 | * | 1014 | * |
1015 | * Returns true if @c is a valid character, false otherwise. | 1015 | * Returns true if @c is a valid character, false otherwise. |
1016 | */ | 1016 | */ |
1017 | static inline bool tomoyo_is_valid(const unsigned char c) | 1017 | static inline bool tomoyo_valid(const unsigned char c) |
1018 | { | 1018 | { |
1019 | return c > ' ' && c < 127; | 1019 | return c > ' ' && c < 127; |
1020 | } | 1020 | } |
1021 | 1021 | ||
1022 | /** | 1022 | /** |
1023 | * tomoyo_is_invalid - Check whether the character is an invalid char. | 1023 | * tomoyo_invalid - Check whether the character is an invalid char. |
1024 | * | 1024 | * |
1025 | * @c: The character to check. | 1025 | * @c: The character to check. |
1026 | * | 1026 | * |
1027 | * Returns true if @c is an invalid character, false otherwise. | 1027 | * Returns true if @c is an invalid character, false otherwise. |
1028 | */ | 1028 | */ |
1029 | static inline bool tomoyo_is_invalid(const unsigned char c) | 1029 | static inline bool tomoyo_invalid(const unsigned char c) |
1030 | { | 1030 | { |
1031 | return c && (c <= ' ' || c >= 127); | 1031 | return c && (c <= ' ' || c >= 127); |
1032 | } | 1032 | } |
@@ -1063,20 +1063,20 @@ static inline struct tomoyo_domain_info *tomoyo_real_domain(struct task_struct | |||
1063 | return task_cred_xxx(task, security); | 1063 | return task_cred_xxx(task, security); |
1064 | } | 1064 | } |
1065 | 1065 | ||
1066 | static inline bool tomoyo_is_same_acl_head(const struct tomoyo_acl_info *p1, | 1066 | static inline bool tomoyo_same_acl_head(const struct tomoyo_acl_info *p1, |
1067 | const struct tomoyo_acl_info *p2) | 1067 | const struct tomoyo_acl_info *p2) |
1068 | { | 1068 | { |
1069 | return p1->type == p2->type; | 1069 | return p1->type == p2->type; |
1070 | } | 1070 | } |
1071 | 1071 | ||
1072 | static inline bool tomoyo_is_same_name_union | 1072 | static inline bool tomoyo_same_name_union |
1073 | (const struct tomoyo_name_union *p1, const struct tomoyo_name_union *p2) | 1073 | (const struct tomoyo_name_union *p1, const struct tomoyo_name_union *p2) |
1074 | { | 1074 | { |
1075 | return p1->filename == p2->filename && p1->group == p2->group && | 1075 | return p1->filename == p2->filename && p1->group == p2->group && |
1076 | p1->is_group == p2->is_group; | 1076 | p1->is_group == p2->is_group; |
1077 | } | 1077 | } |
1078 | 1078 | ||
1079 | static inline bool tomoyo_is_same_number_union | 1079 | static inline bool tomoyo_same_number_union |
1080 | (const struct tomoyo_number_union *p1, const struct tomoyo_number_union *p2) | 1080 | (const struct tomoyo_number_union *p1, const struct tomoyo_number_union *p2) |
1081 | { | 1081 | { |
1082 | return p1->values[0] == p2->values[0] && p1->values[1] == p2->values[1] | 1082 | return p1->values[0] == p2->values[0] && p1->values[1] == p2->values[1] |
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index 13f4f39baf8f..1a122974240f 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c | |||
@@ -256,13 +256,13 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, | |||
256 | struct tomoyo_domain_initializer_entry e = { .is_not = is_not }; | 256 | struct tomoyo_domain_initializer_entry e = { .is_not = is_not }; |
257 | int error = is_delete ? -ENOENT : -ENOMEM; | 257 | int error = is_delete ? -ENOENT : -ENOMEM; |
258 | 258 | ||
259 | if (!tomoyo_is_correct_path(program)) | 259 | if (!tomoyo_correct_path(program)) |
260 | return -EINVAL; | 260 | return -EINVAL; |
261 | if (domainname) { | 261 | if (domainname) { |
262 | if (!tomoyo_is_domain_def(domainname) && | 262 | if (!tomoyo_domain_def(domainname) && |
263 | tomoyo_is_correct_path(domainname)) | 263 | tomoyo_correct_path(domainname)) |
264 | e.is_last_name = true; | 264 | e.is_last_name = true; |
265 | else if (!tomoyo_is_correct_domain(domainname)) | 265 | else if (!tomoyo_correct_domain(domainname)) |
266 | return -EINVAL; | 266 | return -EINVAL; |
267 | e.domainname = tomoyo_get_name(domainname); | 267 | e.domainname = tomoyo_get_name(domainname); |
268 | if (!e.domainname) | 268 | if (!e.domainname) |
@@ -346,7 +346,7 @@ int tomoyo_write_domain_initializer_policy(char *data, const bool is_not, | |||
346 | } | 346 | } |
347 | 347 | ||
348 | /** | 348 | /** |
349 | * tomoyo_is_domain_initializer - Check whether the given program causes domainname reinitialization. | 349 | * tomoyo_domain_initializer - Check whether the given program causes domainname reinitialization. |
350 | * | 350 | * |
351 | * @domainname: The name of domain. | 351 | * @domainname: The name of domain. |
352 | * @program: The name of program. | 352 | * @program: The name of program. |
@@ -357,7 +357,7 @@ int tomoyo_write_domain_initializer_policy(char *data, const bool is_not, | |||
357 | * | 357 | * |
358 | * Caller holds tomoyo_read_lock(). | 358 | * Caller holds tomoyo_read_lock(). |
359 | */ | 359 | */ |
360 | static bool tomoyo_is_domain_initializer(const struct tomoyo_path_info * | 360 | static bool tomoyo_domain_initializer(const struct tomoyo_path_info * |
361 | domainname, | 361 | domainname, |
362 | const struct tomoyo_path_info *program, | 362 | const struct tomoyo_path_info *program, |
363 | const struct tomoyo_path_info * | 363 | const struct tomoyo_path_info * |
@@ -462,13 +462,13 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, | |||
462 | struct tomoyo_domain_keeper_entry e = { .is_not = is_not }; | 462 | struct tomoyo_domain_keeper_entry e = { .is_not = is_not }; |
463 | int error = is_delete ? -ENOENT : -ENOMEM; | 463 | int error = is_delete ? -ENOENT : -ENOMEM; |
464 | 464 | ||
465 | if (!tomoyo_is_domain_def(domainname) && | 465 | if (!tomoyo_domain_def(domainname) && |
466 | tomoyo_is_correct_path(domainname)) | 466 | tomoyo_correct_path(domainname)) |
467 | e.is_last_name = true; | 467 | e.is_last_name = true; |
468 | else if (!tomoyo_is_correct_domain(domainname)) | 468 | else if (!tomoyo_correct_domain(domainname)) |
469 | return -EINVAL; | 469 | return -EINVAL; |
470 | if (program) { | 470 | if (program) { |
471 | if (!tomoyo_is_correct_path(program)) | 471 | if (!tomoyo_correct_path(program)) |
472 | return -EINVAL; | 472 | return -EINVAL; |
473 | e.program = tomoyo_get_name(program); | 473 | e.program = tomoyo_get_name(program); |
474 | if (!e.program) | 474 | if (!e.program) |
@@ -549,7 +549,7 @@ bool tomoyo_read_domain_keeper_policy(struct tomoyo_io_buffer *head) | |||
549 | } | 549 | } |
550 | 550 | ||
551 | /** | 551 | /** |
552 | * tomoyo_is_domain_keeper - Check whether the given program causes domain transition suppression. | 552 | * tomoyo_domain_keeper - Check whether the given program causes domain transition suppression. |
553 | * | 553 | * |
554 | * @domainname: The name of domain. | 554 | * @domainname: The name of domain. |
555 | * @program: The name of program. | 555 | * @program: The name of program. |
@@ -560,7 +560,7 @@ bool tomoyo_read_domain_keeper_policy(struct tomoyo_io_buffer *head) | |||
560 | * | 560 | * |
561 | * Caller holds tomoyo_read_lock(). | 561 | * Caller holds tomoyo_read_lock(). |
562 | */ | 562 | */ |
563 | static bool tomoyo_is_domain_keeper(const struct tomoyo_path_info *domainname, | 563 | static bool tomoyo_domain_keeper(const struct tomoyo_path_info *domainname, |
564 | const struct tomoyo_path_info *program, | 564 | const struct tomoyo_path_info *program, |
565 | const struct tomoyo_path_info *last_name) | 565 | const struct tomoyo_path_info *last_name) |
566 | { | 566 | { |
@@ -646,8 +646,8 @@ static int tomoyo_update_aggregator_entry(const char *original_name, | |||
646 | struct tomoyo_aggregator_entry e = { }; | 646 | struct tomoyo_aggregator_entry e = { }; |
647 | int error = is_delete ? -ENOENT : -ENOMEM; | 647 | int error = is_delete ? -ENOENT : -ENOMEM; |
648 | 648 | ||
649 | if (!tomoyo_is_correct_path(original_name) || | 649 | if (!tomoyo_correct_path(original_name) || |
650 | !tomoyo_is_correct_path(aggregated_name)) | 650 | !tomoyo_correct_path(aggregated_name)) |
651 | return -EINVAL; | 651 | return -EINVAL; |
652 | e.original_name = tomoyo_get_name(original_name); | 652 | e.original_name = tomoyo_get_name(original_name); |
653 | e.aggregated_name = tomoyo_get_name(aggregated_name); | 653 | e.aggregated_name = tomoyo_get_name(aggregated_name); |
@@ -774,8 +774,8 @@ static int tomoyo_update_alias_entry(const char *original_name, | |||
774 | struct tomoyo_alias_entry e = { }; | 774 | struct tomoyo_alias_entry e = { }; |
775 | int error = is_delete ? -ENOENT : -ENOMEM; | 775 | int error = is_delete ? -ENOENT : -ENOMEM; |
776 | 776 | ||
777 | if (!tomoyo_is_correct_path(original_name) || | 777 | if (!tomoyo_correct_path(original_name) || |
778 | !tomoyo_is_correct_path(aliased_name)) | 778 | !tomoyo_correct_path(aliased_name)) |
779 | return -EINVAL; | 779 | return -EINVAL; |
780 | e.original_name = tomoyo_get_name(original_name); | 780 | e.original_name = tomoyo_get_name(original_name); |
781 | e.aliased_name = tomoyo_get_name(aliased_name); | 781 | e.aliased_name = tomoyo_get_name(aliased_name); |
@@ -859,7 +859,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
859 | const struct tomoyo_path_info *saved_domainname; | 859 | const struct tomoyo_path_info *saved_domainname; |
860 | bool found = false; | 860 | bool found = false; |
861 | 861 | ||
862 | if (!tomoyo_is_correct_domain(domainname)) | 862 | if (!tomoyo_correct_domain(domainname)) |
863 | return NULL; | 863 | return NULL; |
864 | saved_domainname = tomoyo_get_name(domainname); | 864 | saved_domainname = tomoyo_get_name(domainname); |
865 | if (!saved_domainname) | 865 | if (!saved_domainname) |
@@ -984,7 +984,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
984 | if (retval < 0) | 984 | if (retval < 0) |
985 | goto out; | 985 | goto out; |
986 | 986 | ||
987 | if (tomoyo_is_domain_initializer(old_domain->domainname, &rn, &ln)) { | 987 | if (tomoyo_domain_initializer(old_domain->domainname, &rn, &ln)) { |
988 | /* Transit to the child of tomoyo_kernel_domain domain. */ | 988 | /* Transit to the child of tomoyo_kernel_domain domain. */ |
989 | snprintf(tmp, TOMOYO_EXEC_TMPSIZE - 1, | 989 | snprintf(tmp, TOMOYO_EXEC_TMPSIZE - 1, |
990 | TOMOYO_ROOT_NAME " " "%s", rn.name); | 990 | TOMOYO_ROOT_NAME " " "%s", rn.name); |
@@ -996,7 +996,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
996 | * initializers because they might start before /sbin/init. | 996 | * initializers because they might start before /sbin/init. |
997 | */ | 997 | */ |
998 | domain = old_domain; | 998 | domain = old_domain; |
999 | } else if (tomoyo_is_domain_keeper(old_domain->domainname, &rn, &ln)) { | 999 | } else if (tomoyo_domain_keeper(old_domain->domainname, &rn, &ln)) { |
1000 | /* Keep current domain. */ | 1000 | /* Keep current domain. */ |
1001 | domain = old_domain; | 1001 | domain = old_domain; |
1002 | } else { | 1002 | } else { |
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c index 18969e77f5e8..94e1493ab6b6 100644 --- a/security/tomoyo/file.c +++ b/security/tomoyo/file.c | |||
@@ -25,8 +25,8 @@ static const char *tomoyo_path_keyword[TOMOYO_MAX_PATH_OPERATION] = { | |||
25 | }; | 25 | }; |
26 | 26 | ||
27 | /* Keyword array for operations with one pathname and three numbers. */ | 27 | /* Keyword array for operations with one pathname and three numbers. */ |
28 | static const char *tomoyo_path_number3_keyword | 28 | static const char *tomoyo_mkdev_keyword |
29 | [TOMOYO_MAX_PATH_NUMBER3_OPERATION] = { | 29 | [TOMOYO_MAX_MKDEV_OPERATION] = { |
30 | [TOMOYO_TYPE_MKBLOCK] = "mkblock", | 30 | [TOMOYO_TYPE_MKBLOCK] = "mkblock", |
31 | [TOMOYO_TYPE_MKCHAR] = "mkchar", | 31 | [TOMOYO_TYPE_MKCHAR] = "mkchar", |
32 | }; | 32 | }; |
@@ -65,7 +65,7 @@ static const u8 tomoyo_p2mac[TOMOYO_MAX_PATH_OPERATION] = { | |||
65 | [TOMOYO_TYPE_UMOUNT] = TOMOYO_MAC_FILE_UMOUNT, | 65 | [TOMOYO_TYPE_UMOUNT] = TOMOYO_MAC_FILE_UMOUNT, |
66 | }; | 66 | }; |
67 | 67 | ||
68 | static const u8 tomoyo_pnnn2mac[TOMOYO_MAX_PATH_NUMBER3_OPERATION] = { | 68 | static const u8 tomoyo_pnnn2mac[TOMOYO_MAX_MKDEV_OPERATION] = { |
69 | [TOMOYO_TYPE_MKBLOCK] = TOMOYO_MAC_FILE_MKBLOCK, | 69 | [TOMOYO_TYPE_MKBLOCK] = TOMOYO_MAC_FILE_MKBLOCK, |
70 | [TOMOYO_TYPE_MKCHAR] = TOMOYO_MAC_FILE_MKCHAR, | 70 | [TOMOYO_TYPE_MKCHAR] = TOMOYO_MAC_FILE_MKCHAR, |
71 | }; | 71 | }; |
@@ -133,16 +133,16 @@ const char *tomoyo_path2keyword(const u8 operation) | |||
133 | } | 133 | } |
134 | 134 | ||
135 | /** | 135 | /** |
136 | * tomoyo_path_number32keyword - Get the name of path/number/number/number operations. | 136 | * tomoyo_mkdev2keyword - Get the name of path/number/number/number operations. |
137 | * | 137 | * |
138 | * @operation: Type of operation. | 138 | * @operation: Type of operation. |
139 | * | 139 | * |
140 | * Returns the name of path/number/number/number operation. | 140 | * Returns the name of path/number/number/number operation. |
141 | */ | 141 | */ |
142 | const char *tomoyo_path_number32keyword(const u8 operation) | 142 | const char *tomoyo_mkdev2keyword(const u8 operation) |
143 | { | 143 | { |
144 | return (operation < TOMOYO_MAX_PATH_NUMBER3_OPERATION) | 144 | return (operation < TOMOYO_MAX_MKDEV_OPERATION) |
145 | ? tomoyo_path_number3_keyword[operation] : NULL; | 145 | ? tomoyo_mkdev_keyword[operation] : NULL; |
146 | } | 146 | } |
147 | 147 | ||
148 | /** | 148 | /** |
@@ -266,7 +266,7 @@ static int tomoyo_audit_path2_log(struct tomoyo_request_info *r) | |||
266 | */ | 266 | */ |
267 | static int tomoyo_audit_mkdev_log(struct tomoyo_request_info *r) | 267 | static int tomoyo_audit_mkdev_log(struct tomoyo_request_info *r) |
268 | { | 268 | { |
269 | const char *operation = tomoyo_path_number32keyword(r->param.mkdev. | 269 | const char *operation = tomoyo_mkdev2keyword(r->param.mkdev. |
270 | operation); | 270 | operation); |
271 | const struct tomoyo_path_info *filename = r->param.mkdev.filename; | 271 | const struct tomoyo_path_info *filename = r->param.mkdev.filename; |
272 | const unsigned int major = r->param.mkdev.major; | 272 | const unsigned int major = r->param.mkdev.major; |
@@ -380,7 +380,7 @@ static int tomoyo_update_globally_readable_entry(const char *filename, | |||
380 | struct tomoyo_globally_readable_file_entry e = { }; | 380 | struct tomoyo_globally_readable_file_entry e = { }; |
381 | int error; | 381 | int error; |
382 | 382 | ||
383 | if (!tomoyo_is_correct_word(filename)) | 383 | if (!tomoyo_correct_word(filename)) |
384 | return -EINVAL; | 384 | return -EINVAL; |
385 | e.filename = tomoyo_get_name(filename); | 385 | e.filename = tomoyo_get_name(filename); |
386 | if (!e.filename) | 386 | if (!e.filename) |
@@ -393,7 +393,7 @@ static int tomoyo_update_globally_readable_entry(const char *filename, | |||
393 | } | 393 | } |
394 | 394 | ||
395 | /** | 395 | /** |
396 | * tomoyo_is_globally_readable_file - Check if the file is unconditionnaly permitted to be open()ed for reading. | 396 | * tomoyo_globally_readable_file - Check if the file is unconditionnaly permitted to be open()ed for reading. |
397 | * | 397 | * |
398 | * @filename: The filename to check. | 398 | * @filename: The filename to check. |
399 | * | 399 | * |
@@ -401,7 +401,7 @@ static int tomoyo_update_globally_readable_entry(const char *filename, | |||
401 | * | 401 | * |
402 | * Caller holds tomoyo_read_lock(). | 402 | * Caller holds tomoyo_read_lock(). |
403 | */ | 403 | */ |
404 | static bool tomoyo_is_globally_readable_file(const struct tomoyo_path_info * | 404 | static bool tomoyo_globally_readable_file(const struct tomoyo_path_info * |
405 | filename) | 405 | filename) |
406 | { | 406 | { |
407 | struct tomoyo_globally_readable_file_entry *ptr; | 407 | struct tomoyo_globally_readable_file_entry *ptr; |
@@ -517,7 +517,7 @@ static int tomoyo_update_file_pattern_entry(const char *pattern, | |||
517 | struct tomoyo_pattern_entry e = { }; | 517 | struct tomoyo_pattern_entry e = { }; |
518 | int error; | 518 | int error; |
519 | 519 | ||
520 | if (!tomoyo_is_correct_word(pattern)) | 520 | if (!tomoyo_correct_word(pattern)) |
521 | return -EINVAL; | 521 | return -EINVAL; |
522 | e.pattern = tomoyo_get_name(pattern); | 522 | e.pattern = tomoyo_get_name(pattern); |
523 | if (!e.pattern) | 523 | if (!e.pattern) |
@@ -658,7 +658,7 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern, | |||
658 | struct tomoyo_no_rewrite_entry e = { }; | 658 | struct tomoyo_no_rewrite_entry e = { }; |
659 | int error; | 659 | int error; |
660 | 660 | ||
661 | if (!tomoyo_is_correct_word(pattern)) | 661 | if (!tomoyo_correct_word(pattern)) |
662 | return -EINVAL; | 662 | return -EINVAL; |
663 | e.pattern = tomoyo_get_name(pattern); | 663 | e.pattern = tomoyo_get_name(pattern); |
664 | if (!e.pattern) | 664 | if (!e.pattern) |
@@ -671,7 +671,7 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern, | |||
671 | } | 671 | } |
672 | 672 | ||
673 | /** | 673 | /** |
674 | * tomoyo_is_no_rewrite_file - Check if the given pathname is not permitted to be rewrited. | 674 | * tomoyo_no_rewrite_file - Check if the given pathname is not permitted to be rewrited. |
675 | * | 675 | * |
676 | * @filename: Filename to check. | 676 | * @filename: Filename to check. |
677 | * | 677 | * |
@@ -680,7 +680,7 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern, | |||
680 | * | 680 | * |
681 | * Caller holds tomoyo_read_lock(). | 681 | * Caller holds tomoyo_read_lock(). |
682 | */ | 682 | */ |
683 | static bool tomoyo_is_no_rewrite_file(const struct tomoyo_path_info *filename) | 683 | static bool tomoyo_no_rewrite_file(const struct tomoyo_path_info *filename) |
684 | { | 684 | { |
685 | struct tomoyo_no_rewrite_entry *ptr; | 685 | struct tomoyo_no_rewrite_entry *ptr; |
686 | bool found = false; | 686 | bool found = false; |
@@ -774,7 +774,7 @@ static bool tomoyo_check_path2_acl(const struct tomoyo_request_info *r, | |||
774 | static bool tomoyo_check_mkdev_acl(const struct tomoyo_request_info *r, | 774 | static bool tomoyo_check_mkdev_acl(const struct tomoyo_request_info *r, |
775 | const struct tomoyo_acl_info *ptr) | 775 | const struct tomoyo_acl_info *ptr) |
776 | { | 776 | { |
777 | const struct tomoyo_path_number3_acl *acl = | 777 | const struct tomoyo_mkdev_acl *acl = |
778 | container_of(ptr, typeof(*acl), head); | 778 | container_of(ptr, typeof(*acl), head); |
779 | return (acl->perm & (1 << r->param.mkdev.operation)) && | 779 | return (acl->perm & (1 << r->param.mkdev.operation)) && |
780 | tomoyo_compare_number_union(r->param.mkdev.mode, | 780 | tomoyo_compare_number_union(r->param.mkdev.mode, |
@@ -792,8 +792,8 @@ static bool tomoyo_same_path_acl(const struct tomoyo_acl_info *a, | |||
792 | { | 792 | { |
793 | const struct tomoyo_path_acl *p1 = container_of(a, typeof(*p1), head); | 793 | const struct tomoyo_path_acl *p1 = container_of(a, typeof(*p1), head); |
794 | const struct tomoyo_path_acl *p2 = container_of(b, typeof(*p2), head); | 794 | const struct tomoyo_path_acl *p2 = container_of(b, typeof(*p2), head); |
795 | return tomoyo_is_same_acl_head(&p1->head, &p2->head) && | 795 | return tomoyo_same_acl_head(&p1->head, &p2->head) && |
796 | tomoyo_is_same_name_union(&p1->name, &p2->name); | 796 | tomoyo_same_name_union(&p1->name, &p2->name); |
797 | } | 797 | } |
798 | 798 | ||
799 | static bool tomoyo_merge_path_acl(struct tomoyo_acl_info *a, | 799 | static bool tomoyo_merge_path_acl(struct tomoyo_acl_info *a, |
@@ -853,28 +853,28 @@ static int tomoyo_update_path_acl(const u8 type, const char *filename, | |||
853 | return error; | 853 | return error; |
854 | } | 854 | } |
855 | 855 | ||
856 | static bool tomoyo_same_path_number3_acl(const struct tomoyo_acl_info *a, | 856 | static bool tomoyo_same_mkdev_acl(const struct tomoyo_acl_info *a, |
857 | const struct tomoyo_acl_info *b) | 857 | const struct tomoyo_acl_info *b) |
858 | { | 858 | { |
859 | const struct tomoyo_path_number3_acl *p1 = container_of(a, typeof(*p1), | 859 | const struct tomoyo_mkdev_acl *p1 = container_of(a, typeof(*p1), |
860 | head); | 860 | head); |
861 | const struct tomoyo_path_number3_acl *p2 = container_of(b, typeof(*p2), | 861 | const struct tomoyo_mkdev_acl *p2 = container_of(b, typeof(*p2), |
862 | head); | 862 | head); |
863 | return tomoyo_is_same_acl_head(&p1->head, &p2->head) | 863 | return tomoyo_same_acl_head(&p1->head, &p2->head) |
864 | && tomoyo_is_same_name_union(&p1->name, &p2->name) | 864 | && tomoyo_same_name_union(&p1->name, &p2->name) |
865 | && tomoyo_is_same_number_union(&p1->mode, &p2->mode) | 865 | && tomoyo_same_number_union(&p1->mode, &p2->mode) |
866 | && tomoyo_is_same_number_union(&p1->major, &p2->major) | 866 | && tomoyo_same_number_union(&p1->major, &p2->major) |
867 | && tomoyo_is_same_number_union(&p1->minor, &p2->minor); | 867 | && tomoyo_same_number_union(&p1->minor, &p2->minor); |
868 | } | 868 | } |
869 | 869 | ||
870 | static bool tomoyo_merge_path_number3_acl(struct tomoyo_acl_info *a, | 870 | static bool tomoyo_merge_mkdev_acl(struct tomoyo_acl_info *a, |
871 | struct tomoyo_acl_info *b, | 871 | struct tomoyo_acl_info *b, |
872 | const bool is_delete) | 872 | const bool is_delete) |
873 | { | 873 | { |
874 | u8 *const a_perm = &container_of(a, struct tomoyo_path_number3_acl, | 874 | u8 *const a_perm = &container_of(a, struct tomoyo_mkdev_acl, |
875 | head)->perm; | 875 | head)->perm; |
876 | u8 perm = *a_perm; | 876 | u8 perm = *a_perm; |
877 | const u8 b_perm = container_of(b, struct tomoyo_path_number3_acl, head) | 877 | const u8 b_perm = container_of(b, struct tomoyo_mkdev_acl, head) |
878 | ->perm; | 878 | ->perm; |
879 | if (is_delete) | 879 | if (is_delete) |
880 | perm &= ~b_perm; | 880 | perm &= ~b_perm; |
@@ -885,7 +885,7 @@ static bool tomoyo_merge_path_number3_acl(struct tomoyo_acl_info *a, | |||
885 | } | 885 | } |
886 | 886 | ||
887 | /** | 887 | /** |
888 | * tomoyo_update_path_number3_acl - Update "struct tomoyo_path_number3_acl" list. | 888 | * tomoyo_update_mkdev_acl - Update "struct tomoyo_mkdev_acl" list. |
889 | * | 889 | * |
890 | * @type: Type of operation. | 890 | * @type: Type of operation. |
891 | * @filename: Filename. | 891 | * @filename: Filename. |
@@ -899,13 +899,13 @@ static bool tomoyo_merge_path_number3_acl(struct tomoyo_acl_info *a, | |||
899 | * | 899 | * |
900 | * Caller holds tomoyo_read_lock(). | 900 | * Caller holds tomoyo_read_lock(). |
901 | */ | 901 | */ |
902 | static int tomoyo_update_path_number3_acl(const u8 type, const char *filename, | 902 | static int tomoyo_update_mkdev_acl(const u8 type, const char *filename, |
903 | char *mode, char *major, char *minor, | 903 | char *mode, char *major, char *minor, |
904 | struct tomoyo_domain_info * const | 904 | struct tomoyo_domain_info * const |
905 | domain, const bool is_delete) | 905 | domain, const bool is_delete) |
906 | { | 906 | { |
907 | struct tomoyo_path_number3_acl e = { | 907 | struct tomoyo_mkdev_acl e = { |
908 | .head.type = TOMOYO_TYPE_PATH_NUMBER3_ACL, | 908 | .head.type = TOMOYO_TYPE_MKDEV_ACL, |
909 | .perm = 1 << type | 909 | .perm = 1 << type |
910 | }; | 910 | }; |
911 | int error = is_delete ? -ENOENT : -ENOMEM; | 911 | int error = is_delete ? -ENOENT : -ENOMEM; |
@@ -915,8 +915,8 @@ static int tomoyo_update_path_number3_acl(const u8 type, const char *filename, | |||
915 | !tomoyo_parse_number_union(minor, &e.minor)) | 915 | !tomoyo_parse_number_union(minor, &e.minor)) |
916 | goto out; | 916 | goto out; |
917 | error = tomoyo_update_domain(&e.head, sizeof(e), is_delete, domain, | 917 | error = tomoyo_update_domain(&e.head, sizeof(e), is_delete, domain, |
918 | tomoyo_same_path_number3_acl, | 918 | tomoyo_same_mkdev_acl, |
919 | tomoyo_merge_path_number3_acl); | 919 | tomoyo_merge_mkdev_acl); |
920 | out: | 920 | out: |
921 | tomoyo_put_name_union(&e.name); | 921 | tomoyo_put_name_union(&e.name); |
922 | tomoyo_put_number_union(&e.mode); | 922 | tomoyo_put_number_union(&e.mode); |
@@ -930,9 +930,9 @@ static bool tomoyo_same_path2_acl(const struct tomoyo_acl_info *a, | |||
930 | { | 930 | { |
931 | const struct tomoyo_path2_acl *p1 = container_of(a, typeof(*p1), head); | 931 | const struct tomoyo_path2_acl *p1 = container_of(a, typeof(*p1), head); |
932 | const struct tomoyo_path2_acl *p2 = container_of(b, typeof(*p2), head); | 932 | const struct tomoyo_path2_acl *p2 = container_of(b, typeof(*p2), head); |
933 | return tomoyo_is_same_acl_head(&p1->head, &p2->head) | 933 | return tomoyo_same_acl_head(&p1->head, &p2->head) |
934 | && tomoyo_is_same_name_union(&p1->name1, &p2->name1) | 934 | && tomoyo_same_name_union(&p1->name1, &p2->name1) |
935 | && tomoyo_is_same_name_union(&p1->name2, &p2->name2); | 935 | && tomoyo_same_name_union(&p1->name2, &p2->name2); |
936 | } | 936 | } |
937 | 937 | ||
938 | static bool tomoyo_merge_path2_acl(struct tomoyo_acl_info *a, | 938 | static bool tomoyo_merge_path2_acl(struct tomoyo_acl_info *a, |
@@ -1014,7 +1014,7 @@ int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation, | |||
1014 | tomoyo_check_acl(r, tomoyo_check_path_acl); | 1014 | tomoyo_check_acl(r, tomoyo_check_path_acl); |
1015 | if (!r->granted && operation == TOMOYO_TYPE_READ && | 1015 | if (!r->granted && operation == TOMOYO_TYPE_READ && |
1016 | !r->domain->ignore_global_allow_read && | 1016 | !r->domain->ignore_global_allow_read && |
1017 | tomoyo_is_globally_readable_file(filename)) | 1017 | tomoyo_globally_readable_file(filename)) |
1018 | r->granted = true; | 1018 | r->granted = true; |
1019 | error = tomoyo_audit_path_log(r); | 1019 | error = tomoyo_audit_path_log(r); |
1020 | /* | 1020 | /* |
@@ -1029,7 +1029,7 @@ int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation, | |||
1029 | * specified by "deny_rewrite" keyword. | 1029 | * specified by "deny_rewrite" keyword. |
1030 | */ | 1030 | */ |
1031 | if (!error && operation == TOMOYO_TYPE_TRUNCATE && | 1031 | if (!error && operation == TOMOYO_TYPE_TRUNCATE && |
1032 | tomoyo_is_no_rewrite_file(filename)) { | 1032 | tomoyo_no_rewrite_file(filename)) { |
1033 | operation = TOMOYO_TYPE_REWRITE; | 1033 | operation = TOMOYO_TYPE_REWRITE; |
1034 | goto next; | 1034 | goto next; |
1035 | } | 1035 | } |
@@ -1043,9 +1043,9 @@ static bool tomoyo_same_path_number_acl(const struct tomoyo_acl_info *a, | |||
1043 | head); | 1043 | head); |
1044 | const struct tomoyo_path_number_acl *p2 = container_of(b, typeof(*p2), | 1044 | const struct tomoyo_path_number_acl *p2 = container_of(b, typeof(*p2), |
1045 | head); | 1045 | head); |
1046 | return tomoyo_is_same_acl_head(&p1->head, &p2->head) | 1046 | return tomoyo_same_acl_head(&p1->head, &p2->head) |
1047 | && tomoyo_is_same_name_union(&p1->name, &p2->name) | 1047 | && tomoyo_same_name_union(&p1->name, &p2->name) |
1048 | && tomoyo_is_same_number_union(&p1->number, &p2->number); | 1048 | && tomoyo_same_number_union(&p1->number, &p2->number); |
1049 | } | 1049 | } |
1050 | 1050 | ||
1051 | static bool tomoyo_merge_path_number_acl(struct tomoyo_acl_info *a, | 1051 | static bool tomoyo_merge_path_number_acl(struct tomoyo_acl_info *a, |
@@ -1204,7 +1204,7 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, | |||
1204 | error = -ENOMEM; | 1204 | error = -ENOMEM; |
1205 | goto out; | 1205 | goto out; |
1206 | } | 1206 | } |
1207 | if (tomoyo_is_no_rewrite_file(&buf)) | 1207 | if (tomoyo_no_rewrite_file(&buf)) |
1208 | error = tomoyo_path_permission(&r, TOMOYO_TYPE_REWRITE, | 1208 | error = tomoyo_path_permission(&r, TOMOYO_TYPE_REWRITE, |
1209 | &buf); | 1209 | &buf); |
1210 | } | 1210 | } |
@@ -1258,7 +1258,7 @@ int tomoyo_path_perm(const u8 operation, struct path *path) | |||
1258 | goto out; | 1258 | goto out; |
1259 | switch (operation) { | 1259 | switch (operation) { |
1260 | case TOMOYO_TYPE_REWRITE: | 1260 | case TOMOYO_TYPE_REWRITE: |
1261 | if (!tomoyo_is_no_rewrite_file(&buf)) { | 1261 | if (!tomoyo_no_rewrite_file(&buf)) { |
1262 | error = 0; | 1262 | error = 0; |
1263 | goto out; | 1263 | goto out; |
1264 | } | 1264 | } |
@@ -1279,7 +1279,7 @@ int tomoyo_path_perm(const u8 operation, struct path *path) | |||
1279 | } | 1279 | } |
1280 | 1280 | ||
1281 | /** | 1281 | /** |
1282 | * tomoyo_path_number3_perm - Check permission for "mkblock" and "mkchar". | 1282 | * tomoyo_mkdev_perm - Check permission for "mkblock" and "mkchar". |
1283 | * | 1283 | * |
1284 | * @operation: Type of operation. (TOMOYO_TYPE_MKCHAR or TOMOYO_TYPE_MKBLOCK) | 1284 | * @operation: Type of operation. (TOMOYO_TYPE_MKCHAR or TOMOYO_TYPE_MKBLOCK) |
1285 | * @path: Pointer to "struct path". | 1285 | * @path: Pointer to "struct path". |
@@ -1288,7 +1288,7 @@ int tomoyo_path_perm(const u8 operation, struct path *path) | |||
1288 | * | 1288 | * |
1289 | * Returns 0 on success, negative value otherwise. | 1289 | * Returns 0 on success, negative value otherwise. |
1290 | */ | 1290 | */ |
1291 | int tomoyo_path_number3_perm(const u8 operation, struct path *path, | 1291 | int tomoyo_mkdev_perm(const u8 operation, struct path *path, |
1292 | const unsigned int mode, unsigned int dev) | 1292 | const unsigned int mode, unsigned int dev) |
1293 | { | 1293 | { |
1294 | struct tomoyo_request_info r; | 1294 | struct tomoyo_request_info r; |
@@ -1304,7 +1304,7 @@ int tomoyo_path_number3_perm(const u8 operation, struct path *path, | |||
1304 | error = -ENOMEM; | 1304 | error = -ENOMEM; |
1305 | if (tomoyo_get_realpath(&buf, path)) { | 1305 | if (tomoyo_get_realpath(&buf, path)) { |
1306 | dev = new_decode_dev(dev); | 1306 | dev = new_decode_dev(dev); |
1307 | r.param_type = TOMOYO_TYPE_PATH_NUMBER3_ACL; | 1307 | r.param_type = TOMOYO_TYPE_MKDEV_ACL; |
1308 | r.param.mkdev.filename = &buf; | 1308 | r.param.mkdev.filename = &buf; |
1309 | r.param.mkdev.operation = operation; | 1309 | r.param.mkdev.operation = operation; |
1310 | r.param.mkdev.mode = mode; | 1310 | r.param.mkdev.mode = mode; |
@@ -1420,11 +1420,11 @@ int tomoyo_write_file_policy(char *data, struct tomoyo_domain_info *domain, | |||
1420 | } | 1420 | } |
1421 | if (!w[3][0] || !w[4][0]) | 1421 | if (!w[3][0] || !w[4][0]) |
1422 | goto out; | 1422 | goto out; |
1423 | for (type = 0; type < TOMOYO_MAX_PATH_NUMBER3_OPERATION; type++) { | 1423 | for (type = 0; type < TOMOYO_MAX_MKDEV_OPERATION; type++) { |
1424 | if (strcmp(w[0], tomoyo_path_number3_keyword[type])) | 1424 | if (strcmp(w[0], tomoyo_mkdev_keyword[type])) |
1425 | continue; | 1425 | continue; |
1426 | return tomoyo_update_path_number3_acl(type, w[1], w[2], w[3], | 1426 | return tomoyo_update_mkdev_acl(type, w[1], w[2], w[3], |
1427 | w[4], domain, is_delete); | 1427 | w[4], domain, is_delete); |
1428 | } | 1428 | } |
1429 | out: | 1429 | out: |
1430 | return -EINVAL; | 1430 | return -EINVAL; |
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c index 4290e519eaa8..d129317ca481 100644 --- a/security/tomoyo/gc.c +++ b/security/tomoyo/gc.c | |||
@@ -122,9 +122,9 @@ static void tomoyo_del_acl(struct tomoyo_acl_info *acl) | |||
122 | tomoyo_put_number_union(&entry->number); | 122 | tomoyo_put_number_union(&entry->number); |
123 | } | 123 | } |
124 | break; | 124 | break; |
125 | case TOMOYO_TYPE_PATH_NUMBER3_ACL: | 125 | case TOMOYO_TYPE_MKDEV_ACL: |
126 | { | 126 | { |
127 | struct tomoyo_path_number3_acl *entry | 127 | struct tomoyo_mkdev_acl *entry |
128 | = container_of(acl, typeof(*entry), head); | 128 | = container_of(acl, typeof(*entry), head); |
129 | tomoyo_put_name_union(&entry->name); | 129 | tomoyo_put_name_union(&entry->name); |
130 | tomoyo_put_number_union(&entry->mode); | 130 | tomoyo_put_number_union(&entry->mode); |
diff --git a/security/tomoyo/mount.c b/security/tomoyo/mount.c index 8f3ac251c571..54015b9964dc 100644 --- a/security/tomoyo/mount.c +++ b/security/tomoyo/mount.c | |||
@@ -300,11 +300,11 @@ static bool tomoyo_same_mount_acl(const struct tomoyo_acl_info *a, | |||
300 | { | 300 | { |
301 | const struct tomoyo_mount_acl *p1 = container_of(a, typeof(*p1), head); | 301 | const struct tomoyo_mount_acl *p1 = container_of(a, typeof(*p1), head); |
302 | const struct tomoyo_mount_acl *p2 = container_of(b, typeof(*p2), head); | 302 | const struct tomoyo_mount_acl *p2 = container_of(b, typeof(*p2), head); |
303 | return tomoyo_is_same_acl_head(&p1->head, &p2->head) && | 303 | return tomoyo_same_acl_head(&p1->head, &p2->head) && |
304 | tomoyo_is_same_name_union(&p1->dev_name, &p2->dev_name) && | 304 | tomoyo_same_name_union(&p1->dev_name, &p2->dev_name) && |
305 | tomoyo_is_same_name_union(&p1->dir_name, &p2->dir_name) && | 305 | tomoyo_same_name_union(&p1->dir_name, &p2->dir_name) && |
306 | tomoyo_is_same_name_union(&p1->fs_type, &p2->fs_type) && | 306 | tomoyo_same_name_union(&p1->fs_type, &p2->fs_type) && |
307 | tomoyo_is_same_number_union(&p1->flags, &p2->flags); | 307 | tomoyo_same_number_union(&p1->flags, &p2->flags); |
308 | } | 308 | } |
309 | 309 | ||
310 | /** | 310 | /** |
diff --git a/security/tomoyo/number_group.c b/security/tomoyo/number_group.c index 7266a7462c45..8779309c5b44 100644 --- a/security/tomoyo/number_group.c +++ b/security/tomoyo/number_group.c | |||
@@ -24,7 +24,7 @@ struct tomoyo_number_group *tomoyo_get_number_group(const char *group_name) | |||
24 | struct tomoyo_number_group *group = NULL; | 24 | struct tomoyo_number_group *group = NULL; |
25 | const struct tomoyo_path_info *saved_group_name; | 25 | const struct tomoyo_path_info *saved_group_name; |
26 | int error = -ENOMEM; | 26 | int error = -ENOMEM; |
27 | if (!tomoyo_is_correct_word(group_name)) | 27 | if (!tomoyo_correct_word(group_name)) |
28 | return NULL; | 28 | return NULL; |
29 | saved_group_name = tomoyo_get_name(group_name); | 29 | saved_group_name = tomoyo_get_name(group_name); |
30 | if (!saved_group_name) | 30 | if (!saved_group_name) |
diff --git a/security/tomoyo/path_group.c b/security/tomoyo/path_group.c index 5b71d8868453..c78c57cd94ee 100644 --- a/security/tomoyo/path_group.c +++ b/security/tomoyo/path_group.c | |||
@@ -22,7 +22,7 @@ struct tomoyo_path_group *tomoyo_get_path_group(const char *group_name) | |||
22 | struct tomoyo_path_group *group = NULL; | 22 | struct tomoyo_path_group *group = NULL; |
23 | const struct tomoyo_path_info *saved_group_name; | 23 | const struct tomoyo_path_info *saved_group_name; |
24 | int error = -ENOMEM; | 24 | int error = -ENOMEM; |
25 | if (!tomoyo_is_correct_word(group_name)) | 25 | if (!tomoyo_correct_word(group_name)) |
26 | return NULL; | 26 | return NULL; |
27 | saved_group_name = tomoyo_get_name(group_name); | 27 | saved_group_name = tomoyo_get_name(group_name); |
28 | if (!saved_group_name) | 28 | if (!saved_group_name) |
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 7be732cadd47..95d3f9572237 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c | |||
@@ -142,7 +142,7 @@ static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, | |||
142 | default: | 142 | default: |
143 | goto no_dev; | 143 | goto no_dev; |
144 | } | 144 | } |
145 | return tomoyo_path_number3_perm(type, &path, perm, dev); | 145 | return tomoyo_mkdev_perm(type, &path, perm, dev); |
146 | no_dev: | 146 | no_dev: |
147 | switch (mode & S_IFMT) { | 147 | switch (mode & S_IFMT) { |
148 | case S_IFIFO: | 148 | case S_IFIFO: |
diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c index e5931686ca33..945eeefbbdfe 100644 --- a/security/tomoyo/util.c +++ b/security/tomoyo/util.c | |||
@@ -89,7 +89,7 @@ void tomoyo_print_ulong(char *buffer, const int buffer_len, | |||
89 | bool tomoyo_parse_name_union(const char *filename, | 89 | bool tomoyo_parse_name_union(const char *filename, |
90 | struct tomoyo_name_union *ptr) | 90 | struct tomoyo_name_union *ptr) |
91 | { | 91 | { |
92 | if (!tomoyo_is_correct_word(filename)) | 92 | if (!tomoyo_correct_word(filename)) |
93 | return false; | 93 | return false; |
94 | if (filename[0] == '@') { | 94 | if (filename[0] == '@') { |
95 | ptr->group = tomoyo_get_path_group(filename + 1); | 95 | ptr->group = tomoyo_get_path_group(filename + 1); |
@@ -115,7 +115,7 @@ bool tomoyo_parse_number_union(char *data, struct tomoyo_number_union *num) | |||
115 | unsigned long v; | 115 | unsigned long v; |
116 | memset(num, 0, sizeof(*num)); | 116 | memset(num, 0, sizeof(*num)); |
117 | if (data[0] == '@') { | 117 | if (data[0] == '@') { |
118 | if (!tomoyo_is_correct_word(data)) | 118 | if (!tomoyo_correct_word(data)) |
119 | return false; | 119 | return false; |
120 | num->group = tomoyo_get_number_group(data + 1); | 120 | num->group = tomoyo_get_number_group(data + 1); |
121 | num->is_group = true; | 121 | num->is_group = true; |
@@ -142,7 +142,7 @@ bool tomoyo_parse_number_union(char *data, struct tomoyo_number_union *num) | |||
142 | } | 142 | } |
143 | 143 | ||
144 | /** | 144 | /** |
145 | * tomoyo_is_byte_range - Check whether the string is a \ooo style octal value. | 145 | * tomoyo_byte_range - Check whether the string is a \ooo style octal value. |
146 | * | 146 | * |
147 | * @str: Pointer to the string. | 147 | * @str: Pointer to the string. |
148 | * | 148 | * |
@@ -151,7 +151,7 @@ bool tomoyo_parse_number_union(char *data, struct tomoyo_number_union *num) | |||
151 | * TOMOYO uses \ooo style representation for 0x01 - 0x20 and 0x7F - 0xFF. | 151 | * TOMOYO uses \ooo style representation for 0x01 - 0x20 and 0x7F - 0xFF. |
152 | * This function verifies that \ooo is in valid range. | 152 | * This function verifies that \ooo is in valid range. |
153 | */ | 153 | */ |
154 | static inline bool tomoyo_is_byte_range(const char *str) | 154 | static inline bool tomoyo_byte_range(const char *str) |
155 | { | 155 | { |
156 | return *str >= '0' && *str++ <= '3' && | 156 | return *str >= '0' && *str++ <= '3' && |
157 | *str >= '0' && *str++ <= '7' && | 157 | *str >= '0' && *str++ <= '7' && |
@@ -159,13 +159,13 @@ static inline bool tomoyo_is_byte_range(const char *str) | |||
159 | } | 159 | } |
160 | 160 | ||
161 | /** | 161 | /** |
162 | * tomoyo_is_alphabet_char - Check whether the character is an alphabet. | 162 | * tomoyo_alphabet_char - Check whether the character is an alphabet. |
163 | * | 163 | * |
164 | * @c: The character to check. | 164 | * @c: The character to check. |
165 | * | 165 | * |
166 | * Returns true if @c is an alphabet character, false otherwise. | 166 | * Returns true if @c is an alphabet character, false otherwise. |
167 | */ | 167 | */ |
168 | static inline bool tomoyo_is_alphabet_char(const char c) | 168 | static inline bool tomoyo_alphabet_char(const char c) |
169 | { | 169 | { |
170 | return (c >= 'A' && c <= 'Z') || (c >= 'a' && c <= 'z'); | 170 | return (c >= 'A' && c <= 'Z') || (c >= 'a' && c <= 'z'); |
171 | } | 171 | } |
@@ -223,15 +223,15 @@ void tomoyo_normalize_line(unsigned char *buffer) | |||
223 | unsigned char *dp = buffer; | 223 | unsigned char *dp = buffer; |
224 | bool first = true; | 224 | bool first = true; |
225 | 225 | ||
226 | while (tomoyo_is_invalid(*sp)) | 226 | while (tomoyo_invalid(*sp)) |
227 | sp++; | 227 | sp++; |
228 | while (*sp) { | 228 | while (*sp) { |
229 | if (!first) | 229 | if (!first) |
230 | *dp++ = ' '; | 230 | *dp++ = ' '; |
231 | first = false; | 231 | first = false; |
232 | while (tomoyo_is_valid(*sp)) | 232 | while (tomoyo_valid(*sp)) |
233 | *dp++ = *sp++; | 233 | *dp++ = *sp++; |
234 | while (tomoyo_is_invalid(*sp)) | 234 | while (tomoyo_invalid(*sp)) |
235 | sp++; | 235 | sp++; |
236 | } | 236 | } |
237 | *dp = '\0'; | 237 | *dp = '\0'; |
@@ -265,7 +265,7 @@ bool tomoyo_tokenize(char *buffer, char *w[], size_t size) | |||
265 | } | 265 | } |
266 | 266 | ||
267 | /** | 267 | /** |
268 | * tomoyo_is_correct_word2 - Validate a string. | 268 | * tomoyo_correct_word2 - Validate a string. |
269 | * | 269 | * |
270 | * @string: The string to check. May be non-'\0'-terminated. | 270 | * @string: The string to check. May be non-'\0'-terminated. |
271 | * @len: Length of @string. | 271 | * @len: Length of @string. |
@@ -273,7 +273,7 @@ bool tomoyo_tokenize(char *buffer, char *w[], size_t size) | |||
273 | * Check whether the given string follows the naming rules. | 273 | * Check whether the given string follows the naming rules. |
274 | * Returns true if @string follows the naming rules, false otherwise. | 274 | * Returns true if @string follows the naming rules, false otherwise. |
275 | */ | 275 | */ |
276 | static bool tomoyo_is_correct_word2(const char *string, size_t len) | 276 | static bool tomoyo_correct_word2(const char *string, size_t len) |
277 | { | 277 | { |
278 | const char *const start = string; | 278 | const char *const start = string; |
279 | bool in_repetition = false; | 279 | bool in_repetition = false; |
@@ -325,13 +325,13 @@ static bool tomoyo_is_correct_word2(const char *string, size_t len) | |||
325 | if (d < '0' || d > '7' || e < '0' || e > '7') | 325 | if (d < '0' || d > '7' || e < '0' || e > '7') |
326 | break; | 326 | break; |
327 | c = tomoyo_make_byte(c, d, e); | 327 | c = tomoyo_make_byte(c, d, e); |
328 | if (tomoyo_is_invalid(c)) | 328 | if (tomoyo_invalid(c)) |
329 | continue; /* pattern is not \000 */ | 329 | continue; /* pattern is not \000 */ |
330 | } | 330 | } |
331 | goto out; | 331 | goto out; |
332 | } else if (in_repetition && c == '/') { | 332 | } else if (in_repetition && c == '/') { |
333 | goto out; | 333 | goto out; |
334 | } else if (tomoyo_is_invalid(c)) { | 334 | } else if (tomoyo_invalid(c)) { |
335 | goto out; | 335 | goto out; |
336 | } | 336 | } |
337 | } | 337 | } |
@@ -343,39 +343,39 @@ static bool tomoyo_is_correct_word2(const char *string, size_t len) | |||
343 | } | 343 | } |
344 | 344 | ||
345 | /** | 345 | /** |
346 | * tomoyo_is_correct_word - Validate a string. | 346 | * tomoyo_correct_word - Validate a string. |
347 | * | 347 | * |
348 | * @string: The string to check. | 348 | * @string: The string to check. |
349 | * | 349 | * |
350 | * Check whether the given string follows the naming rules. | 350 | * Check whether the given string follows the naming rules. |
351 | * Returns true if @string follows the naming rules, false otherwise. | 351 | * Returns true if @string follows the naming rules, false otherwise. |
352 | */ | 352 | */ |
353 | bool tomoyo_is_correct_word(const char *string) | 353 | bool tomoyo_correct_word(const char *string) |
354 | { | 354 | { |
355 | return tomoyo_is_correct_word2(string, strlen(string)); | 355 | return tomoyo_correct_word2(string, strlen(string)); |
356 | } | 356 | } |
357 | 357 | ||
358 | /** | 358 | /** |
359 | * tomoyo_is_correct_path - Validate a pathname. | 359 | * tomoyo_correct_path - Validate a pathname. |
360 | * | 360 | * |
361 | * @filename: The pathname to check. | 361 | * @filename: The pathname to check. |
362 | * | 362 | * |
363 | * Check whether the given pathname follows the naming rules. | 363 | * Check whether the given pathname follows the naming rules. |
364 | * Returns true if @filename follows the naming rules, false otherwise. | 364 | * Returns true if @filename follows the naming rules, false otherwise. |
365 | */ | 365 | */ |
366 | bool tomoyo_is_correct_path(const char *filename) | 366 | bool tomoyo_correct_path(const char *filename) |
367 | { | 367 | { |
368 | return *filename == '/' && tomoyo_is_correct_word(filename); | 368 | return *filename == '/' && tomoyo_correct_word(filename); |
369 | } | 369 | } |
370 | 370 | ||
371 | /** | 371 | /** |
372 | * tomoyo_is_correct_domain - Check whether the given domainname follows the naming rules. | 372 | * tomoyo_correct_domain - Check whether the given domainname follows the naming rules. |
373 | * | 373 | * |
374 | * @domainname: The domainname to check. | 374 | * @domainname: The domainname to check. |
375 | * | 375 | * |
376 | * Returns true if @domainname follows the naming rules, false otherwise. | 376 | * Returns true if @domainname follows the naming rules, false otherwise. |
377 | */ | 377 | */ |
378 | bool tomoyo_is_correct_domain(const unsigned char *domainname) | 378 | bool tomoyo_correct_domain(const unsigned char *domainname) |
379 | { | 379 | { |
380 | if (!domainname || strncmp(domainname, TOMOYO_ROOT_NAME, | 380 | if (!domainname || strncmp(domainname, TOMOYO_ROOT_NAME, |
381 | TOMOYO_ROOT_NAME_LEN)) | 381 | TOMOYO_ROOT_NAME_LEN)) |
@@ -390,23 +390,23 @@ bool tomoyo_is_correct_domain(const unsigned char *domainname) | |||
390 | if (!cp) | 390 | if (!cp) |
391 | break; | 391 | break; |
392 | if (*domainname != '/' || | 392 | if (*domainname != '/' || |
393 | !tomoyo_is_correct_word2(domainname, cp - domainname - 1)) | 393 | !tomoyo_correct_word2(domainname, cp - domainname - 1)) |
394 | goto out; | 394 | goto out; |
395 | domainname = cp + 1; | 395 | domainname = cp + 1; |
396 | } | 396 | } |
397 | return tomoyo_is_correct_path(domainname); | 397 | return tomoyo_correct_path(domainname); |
398 | out: | 398 | out: |
399 | return false; | 399 | return false; |
400 | } | 400 | } |
401 | 401 | ||
402 | /** | 402 | /** |
403 | * tomoyo_is_domain_def - Check whether the given token can be a domainname. | 403 | * tomoyo_domain_def - Check whether the given token can be a domainname. |
404 | * | 404 | * |
405 | * @buffer: The token to check. | 405 | * @buffer: The token to check. |
406 | * | 406 | * |
407 | * Returns true if @buffer possibly be a domainname, false otherwise. | 407 | * Returns true if @buffer possibly be a domainname, false otherwise. |
408 | */ | 408 | */ |
409 | bool tomoyo_is_domain_def(const unsigned char *buffer) | 409 | bool tomoyo_domain_def(const unsigned char *buffer) |
410 | { | 410 | { |
411 | return !strncmp(buffer, TOMOYO_ROOT_NAME, TOMOYO_ROOT_NAME_LEN); | 411 | return !strncmp(buffer, TOMOYO_ROOT_NAME, TOMOYO_ROOT_NAME_LEN); |
412 | } | 412 | } |
@@ -528,7 +528,7 @@ static bool tomoyo_file_matches_pattern2(const char *filename, | |||
528 | } else if (c == '\\') { | 528 | } else if (c == '\\') { |
529 | if (filename[1] == '\\') | 529 | if (filename[1] == '\\') |
530 | filename++; | 530 | filename++; |
531 | else if (tomoyo_is_byte_range(filename + 1)) | 531 | else if (tomoyo_byte_range(filename + 1)) |
532 | filename += 3; | 532 | filename += 3; |
533 | else | 533 | else |
534 | return false; | 534 | return false; |
@@ -549,14 +549,14 @@ static bool tomoyo_file_matches_pattern2(const char *filename, | |||
549 | return false; | 549 | return false; |
550 | break; | 550 | break; |
551 | case 'a': | 551 | case 'a': |
552 | if (!tomoyo_is_alphabet_char(c)) | 552 | if (!tomoyo_alphabet_char(c)) |
553 | return false; | 553 | return false; |
554 | break; | 554 | break; |
555 | case '0': | 555 | case '0': |
556 | case '1': | 556 | case '1': |
557 | case '2': | 557 | case '2': |
558 | case '3': | 558 | case '3': |
559 | if (c == '\\' && tomoyo_is_byte_range(filename + 1) | 559 | if (c == '\\' && tomoyo_byte_range(filename + 1) |
560 | && strncmp(filename + 1, pattern, 3) == 0) { | 560 | && strncmp(filename + 1, pattern, 3) == 0) { |
561 | filename += 3; | 561 | filename += 3; |
562 | pattern += 2; | 562 | pattern += 2; |
@@ -577,7 +577,7 @@ static bool tomoyo_file_matches_pattern2(const char *filename, | |||
577 | continue; | 577 | continue; |
578 | if (filename[i + 1] == '\\') | 578 | if (filename[i + 1] == '\\') |
579 | i++; | 579 | i++; |
580 | else if (tomoyo_is_byte_range(filename + i + 1)) | 580 | else if (tomoyo_byte_range(filename + i + 1)) |
581 | i += 3; | 581 | i += 3; |
582 | else | 582 | else |
583 | break; /* Bad pattern. */ | 583 | break; /* Bad pattern. */ |
@@ -593,7 +593,7 @@ static bool tomoyo_file_matches_pattern2(const char *filename, | |||
593 | while (isxdigit(filename[j])) | 593 | while (isxdigit(filename[j])) |
594 | j++; | 594 | j++; |
595 | } else if (c == 'A') { | 595 | } else if (c == 'A') { |
596 | while (tomoyo_is_alphabet_char(filename[j])) | 596 | while (tomoyo_alphabet_char(filename[j])) |
597 | j++; | 597 | j++; |
598 | } | 598 | } |
599 | for (i = 1; i <= j; i++) { | 599 | for (i = 1; i <= j; i++) { |
@@ -939,10 +939,10 @@ bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r) | |||
939 | if (perm & (1 << i)) | 939 | if (perm & (1 << i)) |
940 | count++; | 940 | count++; |
941 | break; | 941 | break; |
942 | case TOMOYO_TYPE_PATH_NUMBER3_ACL: | 942 | case TOMOYO_TYPE_MKDEV_ACL: |
943 | perm = container_of(ptr, struct tomoyo_path_number3_acl, | 943 | perm = container_of(ptr, struct tomoyo_mkdev_acl, |
944 | head)->perm; | 944 | head)->perm; |
945 | for (i = 0; i < TOMOYO_MAX_PATH_NUMBER3_OPERATION; i++) | 945 | for (i = 0; i < TOMOYO_MAX_MKDEV_OPERATION; i++) |
946 | if (perm & (1 << i)) | 946 | if (perm & (1 << i)) |
947 | count++; | 947 | count++; |
948 | break; | 948 | break; |