diff options
Diffstat (limited to 'security/tomoyo/common.c')
| -rw-r--r-- | security/tomoyo/common.c | 43 |
1 files changed, 19 insertions, 24 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 1c340217a06a..2e6792ded357 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
| @@ -192,7 +192,7 @@ static void tomoyo_print_name_union(struct tomoyo_io_buffer *head, | |||
| 192 | const struct tomoyo_name_union *ptr) | 192 | const struct tomoyo_name_union *ptr) |
| 193 | { | 193 | { |
| 194 | tomoyo_set_space(head); | 194 | tomoyo_set_space(head); |
| 195 | if (ptr->is_group) { | 195 | if (ptr->group) { |
| 196 | tomoyo_set_string(head, "@"); | 196 | tomoyo_set_string(head, "@"); |
| 197 | tomoyo_set_string(head, ptr->group->group_name->name); | 197 | tomoyo_set_string(head, ptr->group->group_name->name); |
| 198 | } else { | 198 | } else { |
| @@ -210,15 +210,15 @@ static void tomoyo_print_number_union(struct tomoyo_io_buffer *head, | |||
| 210 | const struct tomoyo_number_union *ptr) | 210 | const struct tomoyo_number_union *ptr) |
| 211 | { | 211 | { |
| 212 | tomoyo_set_space(head); | 212 | tomoyo_set_space(head); |
| 213 | if (ptr->is_group) { | 213 | if (ptr->group) { |
| 214 | tomoyo_set_string(head, "@"); | 214 | tomoyo_set_string(head, "@"); |
| 215 | tomoyo_set_string(head, ptr->group->group_name->name); | 215 | tomoyo_set_string(head, ptr->group->group_name->name); |
| 216 | } else { | 216 | } else { |
| 217 | int i; | 217 | int i; |
| 218 | unsigned long min = ptr->values[0]; | 218 | unsigned long min = ptr->values[0]; |
| 219 | const unsigned long max = ptr->values[1]; | 219 | const unsigned long max = ptr->values[1]; |
| 220 | u8 min_type = ptr->min_type; | 220 | u8 min_type = ptr->value_type[0]; |
| 221 | const u8 max_type = ptr->max_type; | 221 | const u8 max_type = ptr->value_type[1]; |
| 222 | char buffer[128]; | 222 | char buffer[128]; |
| 223 | buffer[0] = '\0'; | 223 | buffer[0] = '\0'; |
| 224 | for (i = 0; i < 2; i++) { | 224 | for (i = 0; i < 2; i++) { |
| @@ -769,7 +769,7 @@ static bool tomoyo_select_one(struct tomoyo_io_buffer *head, const char *data) | |||
| 769 | domain = tomoyo_find_domain(data + 7); | 769 | domain = tomoyo_find_domain(data + 7); |
| 770 | } else | 770 | } else |
| 771 | return false; | 771 | return false; |
| 772 | head->write_var1 = domain; | 772 | head->w.domain = domain; |
| 773 | /* Accessing read_buf is safe because head->io_sem is held. */ | 773 | /* Accessing read_buf is safe because head->io_sem is held. */ |
| 774 | if (!head->read_buf) | 774 | if (!head->read_buf) |
| 775 | return true; /* Do nothing if open(O_WRONLY). */ | 775 | return true; /* Do nothing if open(O_WRONLY). */ |
| @@ -847,7 +847,7 @@ static int tomoyo_write_domain2(char *data, struct tomoyo_domain_info *domain, | |||
| 847 | static int tomoyo_write_domain(struct tomoyo_io_buffer *head) | 847 | static int tomoyo_write_domain(struct tomoyo_io_buffer *head) |
| 848 | { | 848 | { |
| 849 | char *data = head->write_buf; | 849 | char *data = head->write_buf; |
| 850 | struct tomoyo_domain_info *domain = head->write_var1; | 850 | struct tomoyo_domain_info *domain = head->w.domain; |
| 851 | bool is_delete = false; | 851 | bool is_delete = false; |
| 852 | bool is_select = false; | 852 | bool is_select = false; |
| 853 | unsigned int profile; | 853 | unsigned int profile; |
| @@ -869,7 +869,7 @@ static int tomoyo_write_domain(struct tomoyo_io_buffer *head) | |||
| 869 | domain = tomoyo_find_domain(data); | 869 | domain = tomoyo_find_domain(data); |
| 870 | else | 870 | else |
| 871 | domain = tomoyo_assign_domain(data, 0); | 871 | domain = tomoyo_assign_domain(data, 0); |
| 872 | head->write_var1 = domain; | 872 | head->w.domain = domain; |
| 873 | return 0; | 873 | return 0; |
| 874 | } | 874 | } |
| 875 | if (!domain) | 875 | if (!domain) |
| @@ -1250,7 +1250,7 @@ static bool tomoyo_read_group(struct tomoyo_io_buffer *head, const int idx) | |||
| 1250 | { | 1250 | { |
| 1251 | list_for_each_cookie(head->r.group, &tomoyo_group_list[idx]) { | 1251 | list_for_each_cookie(head->r.group, &tomoyo_group_list[idx]) { |
| 1252 | struct tomoyo_group *group = | 1252 | struct tomoyo_group *group = |
| 1253 | list_entry(head->r.group, typeof(*group), list); | 1253 | list_entry(head->r.group, typeof(*group), head.list); |
| 1254 | list_for_each_cookie(head->r.acl, &group->member_list) { | 1254 | list_for_each_cookie(head->r.acl, &group->member_list) { |
| 1255 | struct tomoyo_acl_head *ptr = | 1255 | struct tomoyo_acl_head *ptr = |
| 1256 | list_entry(head->r.acl, typeof(*ptr), list); | 1256 | list_entry(head->r.acl, typeof(*ptr), list); |
| @@ -1874,7 +1874,7 @@ int tomoyo_poll_control(struct file *file, poll_table *wait) | |||
| 1874 | /** | 1874 | /** |
| 1875 | * tomoyo_read_control - read() for /sys/kernel/security/tomoyo/ interface. | 1875 | * tomoyo_read_control - read() for /sys/kernel/security/tomoyo/ interface. |
| 1876 | * | 1876 | * |
| 1877 | * @file: Pointer to "struct file". | 1877 | * @head: Pointer to "struct tomoyo_io_buffer". |
| 1878 | * @buffer: Poiner to buffer to write to. | 1878 | * @buffer: Poiner to buffer to write to. |
| 1879 | * @buffer_len: Size of @buffer. | 1879 | * @buffer_len: Size of @buffer. |
| 1880 | * | 1880 | * |
| @@ -1882,11 +1882,10 @@ int tomoyo_poll_control(struct file *file, poll_table *wait) | |||
| 1882 | * | 1882 | * |
| 1883 | * Caller holds tomoyo_read_lock(). | 1883 | * Caller holds tomoyo_read_lock(). |
| 1884 | */ | 1884 | */ |
| 1885 | int tomoyo_read_control(struct file *file, char __user *buffer, | 1885 | int tomoyo_read_control(struct tomoyo_io_buffer *head, char __user *buffer, |
| 1886 | const int buffer_len) | 1886 | const int buffer_len) |
| 1887 | { | 1887 | { |
| 1888 | int len; | 1888 | int len; |
| 1889 | struct tomoyo_io_buffer *head = file->private_data; | ||
| 1890 | 1889 | ||
| 1891 | if (!head->read) | 1890 | if (!head->read) |
| 1892 | return -ENOSYS; | 1891 | return -ENOSYS; |
| @@ -1906,7 +1905,7 @@ int tomoyo_read_control(struct file *file, char __user *buffer, | |||
| 1906 | /** | 1905 | /** |
| 1907 | * tomoyo_write_control - write() for /sys/kernel/security/tomoyo/ interface. | 1906 | * tomoyo_write_control - write() for /sys/kernel/security/tomoyo/ interface. |
| 1908 | * | 1907 | * |
| 1909 | * @file: Pointer to "struct file". | 1908 | * @head: Pointer to "struct tomoyo_io_buffer". |
| 1910 | * @buffer: Pointer to buffer to read from. | 1909 | * @buffer: Pointer to buffer to read from. |
| 1911 | * @buffer_len: Size of @buffer. | 1910 | * @buffer_len: Size of @buffer. |
| 1912 | * | 1911 | * |
| @@ -1914,10 +1913,9 @@ int tomoyo_read_control(struct file *file, char __user *buffer, | |||
| 1914 | * | 1913 | * |
| 1915 | * Caller holds tomoyo_read_lock(). | 1914 | * Caller holds tomoyo_read_lock(). |
| 1916 | */ | 1915 | */ |
| 1917 | int tomoyo_write_control(struct file *file, const char __user *buffer, | 1916 | int tomoyo_write_control(struct tomoyo_io_buffer *head, |
| 1918 | const int buffer_len) | 1917 | const char __user *buffer, const int buffer_len) |
| 1919 | { | 1918 | { |
| 1920 | struct tomoyo_io_buffer *head = file->private_data; | ||
| 1921 | int error = buffer_len; | 1919 | int error = buffer_len; |
| 1922 | int avail_len = buffer_len; | 1920 | int avail_len = buffer_len; |
| 1923 | char *cp0 = head->write_buf; | 1921 | char *cp0 = head->write_buf; |
| @@ -1935,7 +1933,7 @@ int tomoyo_write_control(struct file *file, const char __user *buffer, | |||
| 1935 | /* Read a line and dispatch it to the policy handler. */ | 1933 | /* Read a line and dispatch it to the policy handler. */ |
| 1936 | while (avail_len > 0) { | 1934 | while (avail_len > 0) { |
| 1937 | char c; | 1935 | char c; |
| 1938 | if (head->write_avail >= head->writebuf_size - 1) { | 1936 | if (head->w.avail >= head->writebuf_size - 1) { |
| 1939 | error = -ENOMEM; | 1937 | error = -ENOMEM; |
| 1940 | break; | 1938 | break; |
| 1941 | } else if (get_user(c, buffer)) { | 1939 | } else if (get_user(c, buffer)) { |
| @@ -1944,11 +1942,11 @@ int tomoyo_write_control(struct file *file, const char __user *buffer, | |||
| 1944 | } | 1942 | } |
| 1945 | buffer++; | 1943 | buffer++; |
| 1946 | avail_len--; | 1944 | avail_len--; |
| 1947 | cp0[head->write_avail++] = c; | 1945 | cp0[head->w.avail++] = c; |
| 1948 | if (c != '\n') | 1946 | if (c != '\n') |
| 1949 | continue; | 1947 | continue; |
| 1950 | cp0[head->write_avail - 1] = '\0'; | 1948 | cp0[head->w.avail - 1] = '\0'; |
| 1951 | head->write_avail = 0; | 1949 | head->w.avail = 0; |
| 1952 | tomoyo_normalize_line(cp0); | 1950 | tomoyo_normalize_line(cp0); |
| 1953 | head->write(head); | 1951 | head->write(head); |
| 1954 | } | 1952 | } |
| @@ -1959,15 +1957,14 @@ int tomoyo_write_control(struct file *file, const char __user *buffer, | |||
| 1959 | /** | 1957 | /** |
| 1960 | * tomoyo_close_control - close() for /sys/kernel/security/tomoyo/ interface. | 1958 | * tomoyo_close_control - close() for /sys/kernel/security/tomoyo/ interface. |
| 1961 | * | 1959 | * |
| 1962 | * @file: Pointer to "struct file". | 1960 | * @head: Pointer to "struct tomoyo_io_buffer". |
| 1963 | * | 1961 | * |
| 1964 | * Releases memory and returns 0. | 1962 | * Releases memory and returns 0. |
| 1965 | * | 1963 | * |
| 1966 | * Caller looses tomoyo_read_lock(). | 1964 | * Caller looses tomoyo_read_lock(). |
| 1967 | */ | 1965 | */ |
| 1968 | int tomoyo_close_control(struct file *file) | 1966 | int tomoyo_close_control(struct tomoyo_io_buffer *head) |
| 1969 | { | 1967 | { |
| 1970 | struct tomoyo_io_buffer *head = file->private_data; | ||
| 1971 | const bool is_write = !!head->write_buf; | 1968 | const bool is_write = !!head->write_buf; |
| 1972 | 1969 | ||
| 1973 | /* | 1970 | /* |
| @@ -1984,8 +1981,6 @@ int tomoyo_close_control(struct file *file) | |||
| 1984 | kfree(head->write_buf); | 1981 | kfree(head->write_buf); |
| 1985 | head->write_buf = NULL; | 1982 | head->write_buf = NULL; |
| 1986 | kfree(head); | 1983 | kfree(head); |
| 1987 | head = NULL; | ||
| 1988 | file->private_data = NULL; | ||
| 1989 | if (is_write) | 1984 | if (is_write) |
| 1990 | tomoyo_run_gc(); | 1985 | tomoyo_run_gc(); |
| 1991 | return 0; | 1986 | return 0; |