13 files changed, 269 insertions, 62 deletions
diff --git a/security/tomoyo/audit.c b/security/tomoyo/audit.c
index eefedd9e48e6..5dbb1f7617c0 100644
--- a/security/tomoyo/audit.c
+++ b/security/tomoyo/audit.c
@@ -1,9 +1,7 @@
 /*
 * security/tomoyo/audit.c
 *
- * Pathname restriction functions.
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
- *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
 */
 #include "common.h"
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 4f9047e94bd1..c8439cf2a448 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -1,9 +1,7 @@
 /*
 * security/tomoyo/common.c
 *
- * Common functions for TOMOYO.
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
- *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
 */
 #include <linux/uaccess.h>
@@ -775,6 +773,14 @@ static void tomoyo_read_profile(struct tomoyo_io_buffer *head)
                goto next;
 }
+/**
+ * tomoyo_same_manager - Check for duplicated "struct tomoyo_manager" entry.
+ *
+ * @a: Pointer to "struct tomoyo_acl_head".
+ * @b: Pointer to "struct tomoyo_acl_head".
+ *
+ * Returns true if @a == @b, false otherwise.
+ */
 static bool tomoyo_same_manager(const struct tomoyo_acl_head *a,
                                const struct tomoyo_acl_head *b)
 {
@@ -1516,6 +1522,7 @@ static void tomoyo_read_pid(struct tomoyo_io_buffer *head)
        tomoyo_set_string(head, domain->domainname->name);
 }
+/* String table for domain transition control keywords. */
 static const char *tomoyo_transition_type[TOMOYO_MAX_TRANSITION_TYPE] = {
        [TOMOYO_TRANSITION_CONTROL_NO_RESET]      = "no_reset_domain ",
        [TOMOYO_TRANSITION_CONTROL_RESET]         = "reset_domain ",
@@ -1525,6 +1532,7 @@ static const char *tomoyo_transition_type[TOMOYO_MAX_TRANSITION_TYPE] = {
        [TOMOYO_TRANSITION_CONTROL_KEEP]          = "keep_domain ",
 };
+/* String table for grouping keywords. */
 static const char *tomoyo_group_name[TOMOYO_MAX_GROUP] = {
        [TOMOYO_PATH_GROUP]   = "path_group ",
        [TOMOYO_NUMBER_GROUP] = "number_group ",
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index 878d0206f43e..cd0f92d88bb4 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -1,9 +1,7 @@
 /*
 * security/tomoyo/domain.c
 *
- * Domain transition functions for TOMOYO.
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
- *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
 */
 #include "common.h"
@@ -182,10 +180,10 @@ LIST_HEAD(tomoyo_domain_list);
 */
 static const char *tomoyo_last_word(const char *name)
 {
-        const char *cp = strrchr(name, ' ');
+        const char *cp = strrchr(name, ' ');
-        if (cp)
+        if (cp)
-                return cp + 1;
+                return cp + 1;
-        return name;
+        return name;
 }
 /**
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c
index 31a9a4ab7af9..743c35f5084a 100644
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -1,9 +1,7 @@
 /*
 * security/tomoyo/file.c
 *
- * Pathname restriction functions.
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
- *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
 */
 #include "common.h"
@@ -154,7 +152,7 @@ static bool tomoyo_get_realpath(struct tomoyo_path_info *buf, struct path *path)
                tomoyo_fill_path_info(buf);
                return true;
        }
-        return false;
+        return false;
 }
 /**
@@ -883,16 +881,16 @@ int tomoyo_path2_perm(const u8 operation, struct path *path1,
        switch (operation) {
                struct dentry *dentry;
        case TOMOYO_TYPE_RENAME:
-        case TOMOYO_TYPE_LINK:
+        case TOMOYO_TYPE_LINK:
                dentry = path1->dentry;
-                if (!dentry->d_inode || !S_ISDIR(dentry->d_inode->i_mode))
+                if (!dentry->d_inode || !S_ISDIR(dentry->d_inode->i_mode))
-                        break;
+                        break;
-                /* fall through */
+                /* fall through */
-        case TOMOYO_TYPE_PIVOT_ROOT:
+        case TOMOYO_TYPE_PIVOT_ROOT:
-                tomoyo_add_slash(&buf1);
+                tomoyo_add_slash(&buf1);
-                tomoyo_add_slash(&buf2);
+                tomoyo_add_slash(&buf2);
                break;
-        }
+        }
        r.obj = &obj;
        r.param_type = TOMOYO_TYPE_PATH2_ACL;
        r.param.path2.operation = operation;
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c
index 1ac3312059f6..ae135fbbbe95 100644
--- a/security/tomoyo/gc.c
+++ b/security/tomoyo/gc.c
@@ -1,10 +1,7 @@
 /*
 * security/tomoyo/gc.c
 *
- * Implementation of the Domain-Based Mandatory Access Control.
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
- *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
- *
 */
 #include "common.h"
@@ -455,7 +452,7 @@ static bool tomoyo_collect_member(const enum tomoyo_policy_id id,
                if (!tomoyo_add_to_gc(id, &member->list))
                        return false;
        }
-        return true;
+        return true;
 }
 /**
diff --git a/security/tomoyo/group.c b/security/tomoyo/group.c
index 2e5b7bc73264..5fb0e1298400 100644
--- a/security/tomoyo/group.c
+++ b/security/tomoyo/group.c
@@ -1,21 +1,37 @@
 /*
 * security/tomoyo/group.c
 *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
 */
 #include <linux/slab.h>
 #include "common.h"
+/**
+ * tomoyo_same_path_group - Check for duplicated "struct tomoyo_path_group" entry.
+ *
+ * @a: Pointer to "struct tomoyo_acl_head".
+ * @b: Pointer to "struct tomoyo_acl_head".
+ *
+ * Returns true if @a == @b, false otherwise.
+ */
 static bool tomoyo_same_path_group(const struct tomoyo_acl_head *a,
-                                const struct tomoyo_acl_head *b)
+                                   const struct tomoyo_acl_head *b)
 {
        return container_of(a, struct tomoyo_path_group, head)->member_name ==
                container_of(b, struct tomoyo_path_group, head)->member_name;
 }
+/**
+ * tomoyo_same_number_group - Check for duplicated "struct tomoyo_number_group" entry.
+ *
+ * @a: Pointer to "struct tomoyo_acl_head".
+ * @b: Pointer to "struct tomoyo_acl_head".
+ *
+ * Returns true if @a == @b, false otherwise.
+ */
 static bool tomoyo_same_number_group(const struct tomoyo_acl_head *a,
-                                  const struct tomoyo_acl_head *b)
+                                     const struct tomoyo_acl_head *b)
 {
        return !memcmp(&container_of(a, struct tomoyo_number_group, head)
                       ->number,
@@ -29,7 +45,7 @@ static bool tomoyo_same_number_group(const struct tomoyo_acl_head *a,
 * tomoyo_write_group - Write "struct tomoyo_path_group"/"struct tomoyo_number_group" list.
 *
 * @param: Pointer to "struct tomoyo_acl_param".
- * @type:      Type of this group.
+ * @type:  Type of this group.
 *
 * Returns 0 on success, negative value otherwise.
 */
@@ -70,8 +86,8 @@ out:
 /**
 * tomoyo_path_matches_group - Check whether the given pathname matches members of the given pathname group.
 *
- * @pathname:        The name of pathname.
+ * @pathname: The name of pathname.
- * @group:           Pointer to "struct tomoyo_path_group".
+ * @group:    Pointer to "struct tomoyo_path_group".
 *
 * Returns matched member's pathname if @pathname matches pathnames in @group,
 * NULL otherwise.
diff --git a/security/tomoyo/load_policy.c b/security/tomoyo/load_policy.c
index 6a5463d26635..67975405140f 100644
--- a/security/tomoyo/load_policy.c
+++ b/security/tomoyo/load_policy.c
@@ -1,9 +1,7 @@
 /*
 * security/tomoyo/load_policy.c
 *
- * Policy loader launcher for TOMOYO.
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
- *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
 */
 #include "common.h"
diff --git a/security/tomoyo/memory.c b/security/tomoyo/memory.c
index 46538ce47d72..7a56051146c2 100644
--- a/security/tomoyo/memory.c
+++ b/security/tomoyo/memory.c
@@ -1,9 +1,7 @@
 /*
 * security/tomoyo/memory.c
 *
- * Memory management functions for TOMOYO.
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
- *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
 */
 #include <linux/hash.h>
diff --git a/security/tomoyo/mount.c b/security/tomoyo/mount.c
index 408385307470..bee09d062057 100644
--- a/security/tomoyo/mount.c
+++ b/security/tomoyo/mount.c
@@ -1,7 +1,7 @@
 /*
 * security/tomoyo/mount.c
 *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
 */
 #include <linux/slab.h>
@@ -62,7 +62,7 @@ static bool tomoyo_check_mount_acl(struct tomoyo_request_info *r,
 * tomoyo_mount_acl - Check permission for mount() operation.
 *
 * @r:        Pointer to "struct tomoyo_request_info".
- * @dev_name: Name of device file.
+ * @dev_name: Name of device file. Maybe NULL.
 * @dir:      Pointer to "struct path".
 * @type:     Name of filesystem type.
 * @flags:    Mount options.
@@ -175,11 +175,11 @@ static int tomoyo_mount_acl(struct tomoyo_request_info *r, char *dev_name,
 /**
 * tomoyo_mount_permission - Check permission for mount() operation.
 *
- * @dev_name:  Name of device file.
+ * @dev_name:  Name of device file. Maybe NULL.
 * @path:      Pointer to "struct path".
- * @type:      Name of filesystem type. May be NULL.
+ * @type:      Name of filesystem type. Maybe NULL.
 * @flags:     Mount options.
- * @data_page: Optional data. May be NULL.
+ * @data_page: Optional data. Maybe NULL.
 *
 * Returns 0 on success, negative value otherwise.
 */
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index 1a785777118b..6c601bd300f3 100644
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -1,9 +1,7 @@
 /*
 * security/tomoyo/realpath.c
 *
- * Pathname calculation functions for TOMOYO.
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
- *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
 */
 #include <linux/types.h>
diff --git a/security/tomoyo/securityfs_if.c b/security/tomoyo/securityfs_if.c
index 888e83dd4cf6..a49c3bfd4dd5 100644
--- a/security/tomoyo/securityfs_if.c
+++ b/security/tomoyo/securityfs_if.c
@@ -1,9 +1,7 @@
 /*
- * security/tomoyo/common.c
+ * security/tomoyo/securityfs_if.c
 *
- * Securityfs interface for TOMOYO.
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
- *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
 */
 #include <linux/security.h>
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c
index a536cb182c05..f776400a8f31 100644
--- a/security/tomoyo/tomoyo.c
+++ b/security/tomoyo/tomoyo.c
@@ -1,20 +1,35 @@
 /*
 * security/tomoyo/tomoyo.c
 *
- * LSM hooks for TOMOYO Linux.
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
- *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
 */
 #include <linux/security.h>
 #include "common.h"
+/**
+ * tomoyo_cred_alloc_blank - Target for security_cred_alloc_blank().
+ *
+ * @new: Pointer to "struct cred".
+ * @gfp: Memory allocation flags.
+ *
+ * Returns 0.
+ */
 static int tomoyo_cred_alloc_blank(struct cred *new, gfp_t gfp)
 {
        new->security = NULL;
        return 0;
 }
+/**
+ * tomoyo_cred_prepare - Target for security_prepare_creds().
+ *
+ * @new: Pointer to "struct cred".
+ * @old: Pointer to "struct cred".
+ * @gfp: Memory allocation flags.
+ *
+ * Returns 0.
+ */
 static int tomoyo_cred_prepare(struct cred *new, const struct cred *old,
                               gfp_t gfp)
 {
@@ -25,11 +40,22 @@ static int tomoyo_cred_prepare(struct cred *new, const struct cred *old,
        return 0;
 }
+/**
+ * tomoyo_cred_transfer - Target for security_transfer_creds().
+ *
+ * @new: Pointer to "struct cred".
+ * @old: Pointer to "struct cred".
+ */
 static void tomoyo_cred_transfer(struct cred *new, const struct cred *old)
 {
        tomoyo_cred_prepare(new, old, 0);
 }
+/**
+ * tomoyo_cred_free - Target for security_cred_free().
+ *
+ * @cred: Pointer to "struct cred".
+ */
 static void tomoyo_cred_free(struct cred *cred)
 {
        struct tomoyo_domain_info *domain = cred->security;
@@ -37,6 +63,13 @@ static void tomoyo_cred_free(struct cred *cred)
                atomic_dec(&domain->users);
 }
+/**
+ * tomoyo_bprm_set_creds - Target for security_bprm_set_creds().
+ *
+ * @bprm: Pointer to "struct linux_binprm".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_bprm_set_creds(struct linux_binprm *bprm)
 {
        int rc;
@@ -75,6 +108,13 @@ static int tomoyo_bprm_set_creds(struct linux_binprm *bprm)
        return 0;
 }
+/**
+ * tomoyo_bprm_check_security - Target for security_bprm_check().
+ *
+ * @bprm: Pointer to "struct linux_binprm".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_bprm_check_security(struct linux_binprm *bprm)
 {
        struct tomoyo_domain_info *domain = bprm->cred->security;
@@ -92,26 +132,59 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm)
        /*
         * Read permission is checked against interpreters using next domain.
         */
-        return tomoyo_check_open_permission(domain, &bprm->file->f_path, O_RDONLY);
+        return tomoyo_check_open_permission(domain, &bprm->file->f_path,
+                                            O_RDONLY);
 }
+/**
+ * tomoyo_inode_getattr - Target for security_inode_getattr().
+ *
+ * @mnt:    Pointer to "struct vfsmount".
+ * @dentry: Pointer to "struct dentry".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_inode_getattr(struct vfsmount *mnt, struct dentry *dentry)
 {
        struct path path = { mnt, dentry };
        return tomoyo_path_perm(TOMOYO_TYPE_GETATTR, &path, NULL);
 }
+/**
+ * tomoyo_path_truncate - Target for security_path_truncate().
+ *
+ * @path: Pointer to "struct path".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_truncate(struct path *path)
 {
        return tomoyo_path_perm(TOMOYO_TYPE_TRUNCATE, path, NULL);
 }
+/**
+ * tomoyo_path_unlink - Target for security_path_unlink().
+ *
+ * @parent: Pointer to "struct path".
+ * @dentry: Pointer to "struct dentry".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry)
 {
        struct path path = { parent->mnt, dentry };
        return tomoyo_path_perm(TOMOYO_TYPE_UNLINK, &path, NULL);
 }
+/**
+ * tomoyo_path_mkdir - Target for security_path_mkdir().
+ *
+ * @parent: Pointer to "struct path".
+ * @dentry: Pointer to "struct dentry".
+ * @mode:   DAC permission mode.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry,
                             int mode)
 {
@@ -120,12 +193,29 @@ static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry,
                                       mode & S_IALLUGO);
 }
+/**
+ * tomoyo_path_rmdir - Target for security_path_rmdir().
+ *
+ * @parent: Pointer to "struct path".
+ * @dentry: Pointer to "struct dentry".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_rmdir(struct path *parent, struct dentry *dentry)
 {
        struct path path = { parent->mnt, dentry };
        return tomoyo_path_perm(TOMOYO_TYPE_RMDIR, &path, NULL);
 }
+/**
+ * tomoyo_path_symlink - Target for security_path_symlink().
+ *
+ * @parent:   Pointer to "struct path".
+ * @dentry:   Pointer to "struct dentry".
+ * @old_name: Symlink's content.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry,
                               const char *old_name)
 {
@@ -133,6 +223,16 @@ static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry,
        return tomoyo_path_perm(TOMOYO_TYPE_SYMLINK, &path, old_name);
 }
+/**
+ * tomoyo_path_mknod - Target for security_path_mknod().
+ *
+ * @parent: Pointer to "struct path".
+ * @dentry: Pointer to "struct dentry".
+ * @mode:   DAC permission mode.
+ * @dev:    Device attributes.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry,
                             int mode, unsigned int dev)
 {
@@ -163,6 +263,15 @@ static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry,
        return tomoyo_path_number_perm(type, &path, perm);
 }
+/**
+ * tomoyo_path_link - Target for security_path_link().
+ *
+ * @old_dentry: Pointer to "struct dentry".
+ * @new_dir:    Pointer to "struct path".
+ * @new_dentry: Pointer to "struct dentry".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_link(struct dentry *old_dentry, struct path *new_dir,
                            struct dentry *new_dentry)
 {
@@ -171,6 +280,16 @@ static int tomoyo_path_link(struct dentry *old_dentry, struct path *new_dir,
        return tomoyo_path2_perm(TOMOYO_TYPE_LINK, &path1, &path2);
 }
+/**
+ * tomoyo_path_rename - Target for security_path_rename().
+ *
+ * @old_parent: Pointer to "struct path".
+ * @old_dentry: Pointer to "struct dentry".
+ * @new_parent: Pointer to "struct path".
+ * @new_dentry: Pointer to "struct dentry".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_rename(struct path *old_parent,
                              struct dentry *old_dentry,
                              struct path *new_parent,
@@ -181,6 +300,15 @@ static int tomoyo_path_rename(struct path *old_parent,
        return tomoyo_path2_perm(TOMOYO_TYPE_RENAME, &path1, &path2);
 }
+/**
+ * tomoyo_file_fcntl - Target for security_file_fcntl().
+ *
+ * @file: Pointer to "struct file".
+ * @cmd:  Command for fcntl().
+ * @arg:  Argument for @cmd.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_file_fcntl(struct file *file, unsigned int cmd,
                             unsigned long arg)
 {
@@ -190,6 +318,14 @@ static int tomoyo_file_fcntl(struct file *file, unsigned int cmd,
                                            O_WRONLY | (arg & O_APPEND));
 }
+/**
+ * tomoyo_dentry_open - Target for security_dentry_open().
+ *
+ * @f:    Pointer to "struct file".
+ * @cred: Pointer to "struct cred".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_dentry_open(struct file *f, const struct cred *cred)
 {
        int flags = f->f_flags;
@@ -199,12 +335,30 @@ static int tomoyo_dentry_open(struct file *f, const struct cred *cred)
        return tomoyo_check_open_permission(tomoyo_domain(), &f->f_path, flags);
 }
+/**
+ * tomoyo_file_ioctl - Target for security_file_ioctl().
+ *
+ * @file: Pointer to "struct file".
+ * @cmd:  Command for ioctl().
+ * @arg:  Argument for @cmd.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_file_ioctl(struct file *file, unsigned int cmd,
                             unsigned long arg)
 {
        return tomoyo_path_number_perm(TOMOYO_TYPE_IOCTL, &file->f_path, cmd);
 }
+/**
+ * tomoyo_path_chmod - Target for security_path_chmod().
+ *
+ * @dentry: Pointer to "struct dentry".
+ * @mnt:    Pointer to "struct vfsmount".
+ * @mode:   DAC permission mode.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_chmod(struct dentry *dentry, struct vfsmount *mnt,
                             mode_t mode)
 {
@@ -213,6 +367,15 @@ static int tomoyo_path_chmod(struct dentry *dentry, struct vfsmount *mnt,
                                       mode & S_IALLUGO);
 }
+/**
+ * tomoyo_path_chown - Target for security_path_chown().
+ *
+ * @path: Pointer to "struct path".
+ * @uid:  Owner ID.
+ * @gid:  Group ID.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_chown(struct path *path, uid_t uid, gid_t gid)
 {
        int error = 0;
@@ -223,23 +386,57 @@ static int tomoyo_path_chown(struct path *path, uid_t uid, gid_t gid)
        return error;
 }
+/**
+ * tomoyo_path_chroot - Target for security_path_chroot().
+ *
+ * @path: Pointer to "struct path".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_path_chroot(struct path *path)
 {
        return tomoyo_path_perm(TOMOYO_TYPE_CHROOT, path, NULL);
 }
+/**
+ * tomoyo_sb_mount - Target for security_sb_mount().
+ *
+ * @dev_name: Name of device file. Maybe NULL.
+ * @path:     Pointer to "struct path".
+ * @type:     Name of filesystem type. Maybe NULL.
+ * @flags:    Mount options.
+ * @data:     Optional data. Maybe NULL.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_sb_mount(char *dev_name, struct path *path,
                           char *type, unsigned long flags, void *data)
 {
        return tomoyo_mount_permission(dev_name, path, type, flags, data);
 }
+/**
+ * tomoyo_sb_umount - Target for security_sb_umount().
+ *
+ * @mnt:   Pointer to "struct vfsmount".
+ * @flags: Unmount options.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_sb_umount(struct vfsmount *mnt, int flags)
 {
        struct path path = { mnt, mnt->mnt_root };
        return tomoyo_path_perm(TOMOYO_TYPE_UMOUNT, &path, NULL);
 }
+/**
+ * tomoyo_sb_pivotroot - Target for security_sb_pivotroot().
+ *
+ * @old_path: Pointer to "struct path".
+ * @new_path: Pointer to "struct path".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
 static int tomoyo_sb_pivotroot(struct path *old_path, struct path *new_path)
 {
        return tomoyo_path2_perm(TOMOYO_TYPE_PIVOT_ROOT, new_path, old_path);
@@ -280,6 +477,11 @@ static struct security_operations tomoyo_security_ops = {
 /* Lock for GC. */
 struct srcu_struct tomoyo_ss;
+/**
+ * tomoyo_init - Register TOMOYO Linux as a LSM module.
+ *
+ * Returns 0.
+ */
 static int __init tomoyo_init(void)
 {
        struct cred *cred = (struct cred *) current_cred();
diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c
index e25f7ffd5ba7..c36bd1107fc8 100644
--- a/security/tomoyo/util.c
+++ b/security/tomoyo/util.c
@@ -1,9 +1,7 @@
 /*
 * security/tomoyo/util.c
 *
- * Utility functions for TOMOYO.
+ * Copyright (C) 2005-2011  NTT DATA CORPORATION
- *
- * Copyright (C) 2005-2010  NTT DATA CORPORATION
 */
 #include <linux/slab.h>
@@ -378,7 +376,7 @@ void tomoyo_normalize_line(unsigned char *buffer)
 /**
 * tomoyo_correct_word2 - Validate a string.
 *
- * @string: The string to check. May be non-'\0'-terminated.
+ * @string: The string to check. Maybe non-'\0'-terminated.
 * @len:    Length of @string.
 *
 * Check whether the given string follows the naming rules.