diff options
Diffstat (limited to 'security/tomoyo/common.c')
| -rw-r--r-- | security/tomoyo/common.c | 35 |
1 files changed, 13 insertions, 22 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 7bfad45fcd61..4ee47af0917d 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
| @@ -469,6 +469,15 @@ static int tomoyo_read_profile(struct tomoyo_io_buffer *head) | |||
| 469 | */ | 469 | */ |
| 470 | LIST_HEAD(tomoyo_policy_manager_list); | 470 | LIST_HEAD(tomoyo_policy_manager_list); |
| 471 | 471 | ||
| 472 | static bool tomoyo_same_manager_entry(const struct tomoyo_acl_head *a, | ||
| 473 | const struct tomoyo_acl_head *b) | ||
| 474 | { | ||
| 475 | return container_of(a, struct tomoyo_policy_manager_entry, head) | ||
| 476 | ->manager == | ||
| 477 | container_of(b, struct tomoyo_policy_manager_entry, head) | ||
| 478 | ->manager; | ||
| 479 | } | ||
| 480 | |||
| 472 | /** | 481 | /** |
| 473 | * tomoyo_update_manager_entry - Add a manager entry. | 482 | * tomoyo_update_manager_entry - Add a manager entry. |
| 474 | * | 483 | * |
| @@ -482,9 +491,8 @@ LIST_HEAD(tomoyo_policy_manager_list); | |||
| 482 | static int tomoyo_update_manager_entry(const char *manager, | 491 | static int tomoyo_update_manager_entry(const char *manager, |
| 483 | const bool is_delete) | 492 | const bool is_delete) |
| 484 | { | 493 | { |
| 485 | struct tomoyo_policy_manager_entry *ptr; | ||
| 486 | struct tomoyo_policy_manager_entry e = { }; | 494 | struct tomoyo_policy_manager_entry e = { }; |
| 487 | int error = is_delete ? -ENOENT : -ENOMEM; | 495 | int error; |
| 488 | 496 | ||
| 489 | if (tomoyo_is_domain_def(manager)) { | 497 | if (tomoyo_is_domain_def(manager)) { |
| 490 | if (!tomoyo_is_correct_domain(manager)) | 498 | if (!tomoyo_is_correct_domain(manager)) |
| @@ -497,26 +505,9 @@ static int tomoyo_update_manager_entry(const char *manager, | |||
| 497 | e.manager = tomoyo_get_name(manager); | 505 | e.manager = tomoyo_get_name(manager); |
| 498 | if (!e.manager) | 506 | if (!e.manager) |
| 499 | return -ENOMEM; | 507 | return -ENOMEM; |
| 500 | if (mutex_lock_interruptible(&tomoyo_policy_lock)) | 508 | error = tomoyo_update_policy(&e.head, sizeof(e), is_delete, |
| 501 | goto out; | 509 | &tomoyo_policy_manager_list, |
| 502 | list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, head.list) { | 510 | tomoyo_same_manager_entry); |
| 503 | if (ptr->manager != e.manager) | ||
| 504 | continue; | ||
| 505 | ptr->head.is_deleted = is_delete; | ||
| 506 | error = 0; | ||
| 507 | break; | ||
| 508 | } | ||
| 509 | if (!is_delete && error) { | ||
| 510 | struct tomoyo_policy_manager_entry *entry = | ||
| 511 | tomoyo_commit_ok(&e, sizeof(e)); | ||
| 512 | if (entry) { | ||
| 513 | list_add_tail_rcu(&entry->head.list, | ||
| 514 | &tomoyo_policy_manager_list); | ||
| 515 | error = 0; | ||
| 516 | } | ||
| 517 | } | ||
| 518 | mutex_unlock(&tomoyo_policy_lock); | ||
| 519 | out: | ||
| 520 | tomoyo_put_name(e.manager); | 511 | tomoyo_put_name(e.manager); |
| 521 | return error; | 512 | return error; |
| 522 | } | 513 | } |