5 files changed, 59 insertions, 84 deletions

diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h
index e0c4ae11bf6c..9f289e412a63 100644
--- a/security/tomoyo/common.h
+++ b/security/tomoyo/common.h
@@ -291,28 +291,20 @@ struct tomoyo_name_entry {
 
 struct tomoyo_name_union {
         const struct tomoyo_path_info *filename;
-        struct tomoyo_path_group *group;
+        struct tomoyo_group *group;
         u8 is_group;
 };
 
 struct tomoyo_number_union {
         unsigned long values[2];
-        struct tomoyo_number_group *group;
+        struct tomoyo_group *group;
         u8 min_type;
         u8 max_type;
         u8 is_group;
 };
 
-/* Structure for "path_group" directive. */
-struct tomoyo_path_group {
-        struct list_head list;
-        const struct tomoyo_path_info *group_name;
-        struct list_head member_list;
-        atomic_t users;
-};
-
-/* Structure for "number_group" directive. */
-struct tomoyo_number_group {
+/* Structure for "path_group"/"number_group" directive. */
+struct tomoyo_group {
         struct list_head list;
         const struct tomoyo_path_info *group_name;
         struct list_head member_list;
@@ -320,13 +312,13 @@ struct tomoyo_number_group {
 };
 
 /* Structure for "path_group" directive. */
-struct tomoyo_path_group_member {
+struct tomoyo_path_group {
         struct tomoyo_acl_head head;
         const struct tomoyo_path_info *member_name;
 };
 
 /* Structure for "number_group" directive. */
-struct tomoyo_number_group_member {
+struct tomoyo_number_group {
         struct tomoyo_acl_head head;
         struct tomoyo_number_union number;
 };
@@ -766,11 +758,11 @@ bool tomoyo_parse_name_union(const char *filename,
                              struct tomoyo_name_union *ptr);
 /* Check whether the given filename matches the given path_group. */
 bool tomoyo_path_matches_group(const struct tomoyo_path_info *pathname,
-                               const struct tomoyo_path_group *group);
+                               const struct tomoyo_group *group);
 /* Check whether the given value matches the given number_group. */
 bool tomoyo_number_matches_group(const unsigned long min,
                                  const unsigned long max,
-                                 const struct tomoyo_number_group *group);
+                                 const struct tomoyo_group *group);
 /* Check whether the given filename matches the given pattern. */
 bool tomoyo_path_matches_pattern(const struct tomoyo_path_info *filename,
                                  const struct tomoyo_path_info *pattern);
@@ -858,8 +850,8 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
                                                             const u8 profile);
 struct tomoyo_profile *tomoyo_profile(const u8 profile);
 /* Allocate memory for "struct tomoyo_path_group". */
-struct tomoyo_path_group *tomoyo_get_path_group(const char *group_name);
-struct tomoyo_number_group *tomoyo_get_number_group(const char *group_name);
+struct tomoyo_group *tomoyo_get_path_group(const char *group_name);
+struct tomoyo_group *tomoyo_get_number_group(const char *group_name);
 
 /* Check mode for specified functionality. */
 unsigned int tomoyo_check_flags(const struct tomoyo_domain_info *domain,
@@ -1039,13 +1031,7 @@ static inline void tomoyo_put_name(const struct tomoyo_path_info *name)
         }
 }
 
-static inline void tomoyo_put_path_group(struct tomoyo_path_group *group)
-{
-        if (group)
-                atomic_dec(&group->users);
-}
-
-static inline void tomoyo_put_number_group(struct tomoyo_number_group *group)
+static inline void tomoyo_put_group(struct tomoyo_group *group)
 {
         if (group)
                 atomic_dec(&group->users);
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c
index de87c45ba9d0..6c2ba69fc89e 100644
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -90,7 +90,7 @@ void tomoyo_put_name_union(struct tomoyo_name_union *ptr)
         if (!ptr)
                 return;
         if (ptr->is_group)
-                tomoyo_put_path_group(ptr->group);
+                tomoyo_put_group(ptr->group);
         else
                 tomoyo_put_name(ptr->filename);
 }
@@ -106,7 +106,7 @@ bool tomoyo_compare_name_union(const struct tomoyo_path_info *name,
 void tomoyo_put_number_union(struct tomoyo_number_union *ptr)
 {
         if (ptr && ptr->is_group)
-                tomoyo_put_number_group(ptr->group);
+                tomoyo_put_group(ptr->group);
 }
 
 bool tomoyo_compare_number_union(const unsigned long value,
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c
index a54bd823fcd5..446d59f8ae25 100644
--- a/security/tomoyo/gc.c
+++ b/security/tomoyo/gc.c
@@ -12,10 +12,9 @@
 #include <linux/slab.h>
 
 enum tomoyo_policy_id {
+        TOMOYO_ID_GROUP,
         TOMOYO_ID_PATH_GROUP,
-        TOMOYO_ID_PATH_GROUP_MEMBER,
         TOMOYO_ID_NUMBER_GROUP,
-        TOMOYO_ID_NUMBER_GROUP_MEMBER,
         TOMOYO_ID_DOMAIN_INITIALIZER,
         TOMOYO_ID_DOMAIN_KEEPER,
         TOMOYO_ID_AGGREGATOR,
@@ -207,31 +206,24 @@ static void tomoyo_del_name(struct list_head *element)
                 container_of(element, typeof(*ptr), list);
 }
 
-static void tomoyo_del_path_group_member(struct list_head *element)
+static void tomoyo_del_path_group(struct list_head *element)
 {
-        struct tomoyo_path_group_member *member =
+        struct tomoyo_path_group *member =
                 container_of(element, typeof(*member), head.list);
         tomoyo_put_name(member->member_name);
 }
 
-static void tomoyo_del_path_group(struct list_head *element)
+static void tomoyo_del_group(struct list_head *element)
 {
-        struct tomoyo_path_group *group =
+        struct tomoyo_group *group =
                 container_of(element, typeof(*group), list);
         tomoyo_put_name(group->group_name);
 }
 
-static void tomoyo_del_number_group_member(struct list_head *element)
-{
-        struct tomoyo_number_group_member *member =
-                container_of(element, typeof(*member), head.list);
-}
-
 static void tomoyo_del_number_group(struct list_head *element)
 {
-        struct tomoyo_number_group *group =
-                container_of(element, typeof(*group), list);
-        tomoyo_put_name(group->group_name);
+        struct tomoyo_number_group *member =
+                container_of(element, typeof(*member), head.list);
 }
 
 static struct list_head *tomoyo_policy_list[TOMOYO_MAX_POLICY] = {
@@ -305,28 +297,28 @@ static void tomoyo_collect_entry(void)
                 }
         }
         {
-                struct tomoyo_path_group *group;
+                struct tomoyo_group *group;
                 list_for_each_entry_rcu(group, &tomoyo_path_group_list, list) {
                         tomoyo_collect_member(&group->member_list,
-                                              TOMOYO_ID_PATH_GROUP_MEMBER);
+                                              TOMOYO_ID_PATH_GROUP);
                         if (!list_empty(&group->member_list) ||
                             atomic_read(&group->users))
                                 continue;
-                        if (!tomoyo_add_to_gc(TOMOYO_ID_PATH_GROUP,
+                        if (!tomoyo_add_to_gc(TOMOYO_ID_GROUP,
                                               &group->list))
                                 goto unlock;
                 }
         }
         {
-                struct tomoyo_number_group *group;
+                struct tomoyo_group *group;
                 list_for_each_entry_rcu(group, &tomoyo_number_group_list,
                                         list) {
                         tomoyo_collect_member(&group->member_list,
-                                              TOMOYO_ID_NUMBER_GROUP_MEMBER);
+                                              TOMOYO_ID_NUMBER_GROUP);
                         if (!list_empty(&group->member_list) ||
                             atomic_read(&group->users))
                                 continue;
-                        if (!tomoyo_add_to_gc(TOMOYO_ID_NUMBER_GROUP,
+                        if (!tomoyo_add_to_gc(TOMOYO_ID_GROUP,
                                               &group->list))
                                 goto unlock;
                 }
@@ -377,14 +369,11 @@ static void tomoyo_kfree_entry(void)
                         if (!tomoyo_del_domain(element))
                                 continue;
                         break;
-                case TOMOYO_ID_PATH_GROUP_MEMBER:
-                        tomoyo_del_path_group_member(element);
-                        break;
                 case TOMOYO_ID_PATH_GROUP:
                         tomoyo_del_path_group(element);
                         break;
-                case TOMOYO_ID_NUMBER_GROUP_MEMBER:
-                        tomoyo_del_number_group_member(element);
+                case TOMOYO_ID_GROUP:
+                        tomoyo_del_group(element);
                         break;
                 case TOMOYO_ID_NUMBER_GROUP:
                         tomoyo_del_number_group(element);
diff --git a/security/tomoyo/number_group.c b/security/tomoyo/number_group.c
index 8779309c5b44..eca20d6f4e8b 100644
--- a/security/tomoyo/number_group.c
+++ b/security/tomoyo/number_group.c
@@ -11,17 +11,17 @@
 LIST_HEAD(tomoyo_number_group_list);
 
 /**
- * tomoyo_get_number_group - Allocate memory for "struct tomoyo_number_group".
+ * tomoyo_get_group - Allocate memory for "struct tomoyo_number_group".
  *
  * @group_name: The name of number group.
  *
  * Returns pointer to "struct tomoyo_number_group" on success,
  * NULL otherwise.
  */
-struct tomoyo_number_group *tomoyo_get_number_group(const char *group_name)
+struct tomoyo_group *tomoyo_get_number_group(const char *group_name)
 {
-        struct tomoyo_number_group *entry = NULL;
-        struct tomoyo_number_group *group = NULL;
+        struct tomoyo_group *entry = NULL;
+        struct tomoyo_group *group = NULL;
         const struct tomoyo_path_info *saved_group_name;
         int error = -ENOMEM;
         if (!tomoyo_correct_word(group_name))
@@ -59,12 +59,12 @@ struct tomoyo_number_group *tomoyo_get_number_group(const char *group_name)
 static bool tomoyo_same_number_group(const struct tomoyo_acl_head *a,
                                      const struct tomoyo_acl_head *b)
 {
-        return !memcmp(&container_of(a, struct tomoyo_number_group_member,
+        return !memcmp(&container_of(a, struct tomoyo_number_group,
                                      head)->number,
-                       &container_of(b, struct tomoyo_number_group_member,
+                       &container_of(b, struct tomoyo_number_group,
                                      head)->number,
                        sizeof(container_of(a,
-                                           struct tomoyo_number_group_member,
+                                           struct tomoyo_number_group,
                                            head)->number));
 }
 
@@ -78,8 +78,8 @@ static bool tomoyo_same_number_group(const struct tomoyo_acl_head *a,
  */
 int tomoyo_write_number_group_policy(char *data, const bool is_delete)
 {
-        struct tomoyo_number_group *group;
-        struct tomoyo_number_group_member e = { };
+        struct tomoyo_group *group;
+        struct tomoyo_number_group e = { };
         int error;
         char *w[2];
         if (!tomoyo_tokenize(data, w, sizeof(w)))
@@ -93,7 +93,7 @@ int tomoyo_write_number_group_policy(char *data, const bool is_delete)
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
                                      &group->member_list,
                                      tomoyo_same_number_group);
-        tomoyo_put_number_group(group);
+        tomoyo_put_group(group);
         return error;
 }
 
@@ -111,16 +111,16 @@ bool tomoyo_read_number_group_policy(struct tomoyo_io_buffer *head)
         struct list_head *gpos;
         struct list_head *mpos;
         list_for_each_cookie(gpos, head->read_var1, &tomoyo_number_group_list) {
-                struct tomoyo_number_group *group;
+                struct tomoyo_group *group;
                 const char *name;
-                group = list_entry(gpos, struct tomoyo_number_group, list);
+                group = list_entry(gpos, struct tomoyo_group, list);
                 name = group->group_name->name;
                 list_for_each_cookie(mpos, head->read_var2,
                                      &group->member_list) {
                         int pos;
-                        const struct tomoyo_number_group_member *member
+                        const struct tomoyo_number_group *member
                                 = list_entry(mpos,
-                                             struct tomoyo_number_group_member,
+                                             struct tomoyo_number_group,
                                              head.list);
                         if (member->head.is_deleted)
                                 continue;
@@ -150,9 +150,9 @@ bool tomoyo_read_number_group_policy(struct tomoyo_io_buffer *head)
  */
 bool tomoyo_number_matches_group(const unsigned long min,
                                  const unsigned long max,
-                                 const struct tomoyo_number_group *group)
+                                 const struct tomoyo_group *group)
 {
-        struct tomoyo_number_group_member *member;
+        struct tomoyo_number_group *member;
         bool matched = false;
         list_for_each_entry_rcu(member, &group->member_list, head.list) {
                 if (member->head.is_deleted)
diff --git a/security/tomoyo/path_group.c b/security/tomoyo/path_group.c
index c78c57cd94ee..bce2524402fa 100644
--- a/security/tomoyo/path_group.c
+++ b/security/tomoyo/path_group.c
@@ -10,16 +10,16 @@
 LIST_HEAD(tomoyo_path_group_list);
 
 /**
- * tomoyo_get_path_group - Allocate memory for "struct tomoyo_path_group".
+ * tomoyo_get_group - Allocate memory for "struct tomoyo_path_group".
  *
  * @group_name: The name of pathname group.
  *
  * Returns pointer to "struct tomoyo_path_group" on success, NULL otherwise.
  */
-struct tomoyo_path_group *tomoyo_get_path_group(const char *group_name)
+struct tomoyo_group *tomoyo_get_path_group(const char *group_name)
 {
-        struct tomoyo_path_group *entry = NULL;
-        struct tomoyo_path_group *group = NULL;
+        struct tomoyo_group *entry = NULL;
+        struct tomoyo_group *group = NULL;
         const struct tomoyo_path_info *saved_group_name;
         int error = -ENOMEM;
         if (!tomoyo_correct_word(group_name))
@@ -57,9 +57,9 @@ struct tomoyo_path_group *tomoyo_get_path_group(const char *group_name)
 static bool tomoyo_same_path_group(const struct tomoyo_acl_head *a,
                                    const struct tomoyo_acl_head *b)
 {
-        return container_of(a, struct tomoyo_path_group_member, head)
+        return container_of(a, struct tomoyo_path_group, head)
                 ->member_name ==
-                container_of(b, struct tomoyo_path_group_member, head)
+                container_of(b, struct tomoyo_path_group, head)
                 ->member_name;
 }
 
@@ -73,8 +73,8 @@ static bool tomoyo_same_path_group(const struct tomoyo_acl_head *a,
  */
 int tomoyo_write_path_group_policy(char *data, const bool is_delete)
 {
-        struct tomoyo_path_group *group;
-        struct tomoyo_path_group_member e = { };
+        struct tomoyo_group *group;
+        struct tomoyo_path_group e = { };
         int error = is_delete ? -ENOENT : -ENOMEM;
         char *w[2];
         if (!tomoyo_tokenize(data, w, sizeof(w)) || !w[1][0])
@@ -90,7 +90,7 @@ int tomoyo_write_path_group_policy(char *data, const bool is_delete)
                                      tomoyo_same_path_group);
  out:
         tomoyo_put_name(e.member_name);
-        tomoyo_put_path_group(group);
+        tomoyo_put_group(group);
         return error;
 }
 
@@ -108,13 +108,13 @@ bool tomoyo_read_path_group_policy(struct tomoyo_io_buffer *head)
         struct list_head *gpos;
         struct list_head *mpos;
         list_for_each_cookie(gpos, head->read_var1, &tomoyo_path_group_list) {
-                struct tomoyo_path_group *group;
-                group = list_entry(gpos, struct tomoyo_path_group, list);
+                struct tomoyo_group *group;
+                group = list_entry(gpos, struct tomoyo_group, list);
                 list_for_each_cookie(mpos, head->read_var2,
                                      &group->member_list) {
-                        struct tomoyo_path_group_member *member;
+                        struct tomoyo_path_group *member;
                         member = list_entry(mpos,
-                                            struct tomoyo_path_group_member,
+                                            struct tomoyo_path_group,
                                             head.list);
                         if (member->head.is_deleted)
                                 continue;
@@ -139,9 +139,9 @@ bool tomoyo_read_path_group_policy(struct tomoyo_io_buffer *head)
  * Caller holds tomoyo_read_lock().
  */
 bool tomoyo_path_matches_group(const struct tomoyo_path_info *pathname,
-                               const struct tomoyo_path_group *group)
+                               const struct tomoyo_group *group)
 {
-        struct tomoyo_path_group_member *member;
+        struct tomoyo_path_group *member;
         bool matched = false;
         list_for_each_entry_rcu(member, &group->member_list, head.list) {
                 if (member->head.is_deleted)