diff options
Diffstat (limited to 'security/tomoyo/common.h')
| -rw-r--r-- | security/tomoyo/common.h | 32 |
1 files changed, 20 insertions, 12 deletions
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 7aa55eef67bd..6f9711ff73c1 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h | |||
| @@ -397,6 +397,13 @@ struct tomoyo_mount_acl { | |||
| 397 | struct tomoyo_number_union flags; | 397 | struct tomoyo_number_union flags; |
| 398 | }; | 398 | }; |
| 399 | 399 | ||
| 400 | /* Structure for holding a line from /sys/kernel/security/tomoyo/ interface. */ | ||
| 401 | struct tomoyo_acl_param { | ||
| 402 | char *data; | ||
| 403 | struct list_head *list; | ||
| 404 | bool is_delete; | ||
| 405 | }; | ||
| 406 | |||
| 400 | #define TOMOYO_MAX_IO_READ_QUEUE 32 | 407 | #define TOMOYO_MAX_IO_READ_QUEUE 32 |
| 401 | 408 | ||
| 402 | /* | 409 | /* |
| @@ -521,7 +528,7 @@ bool tomoyo_correct_domain(const unsigned char *domainname); | |||
| 521 | bool tomoyo_correct_path(const char *filename); | 528 | bool tomoyo_correct_path(const char *filename); |
| 522 | bool tomoyo_correct_word(const char *string); | 529 | bool tomoyo_correct_word(const char *string); |
| 523 | bool tomoyo_domain_def(const unsigned char *buffer); | 530 | bool tomoyo_domain_def(const unsigned char *buffer); |
| 524 | bool tomoyo_parse_name_union(const char *filename, | 531 | bool tomoyo_parse_name_union(struct tomoyo_acl_param *param, |
| 525 | struct tomoyo_name_union *ptr); | 532 | struct tomoyo_name_union *ptr); |
| 526 | const struct tomoyo_path_info * | 533 | const struct tomoyo_path_info * |
| 527 | tomoyo_path_matches_group(const struct tomoyo_path_info *pathname, | 534 | tomoyo_path_matches_group(const struct tomoyo_path_info *pathname, |
| @@ -531,7 +538,8 @@ bool tomoyo_number_matches_group(const unsigned long min, | |||
| 531 | const struct tomoyo_group *group); | 538 | const struct tomoyo_group *group); |
| 532 | bool tomoyo_path_matches_pattern(const struct tomoyo_path_info *filename, | 539 | bool tomoyo_path_matches_pattern(const struct tomoyo_path_info *filename, |
| 533 | const struct tomoyo_path_info *pattern); | 540 | const struct tomoyo_path_info *pattern); |
| 534 | bool tomoyo_parse_number_union(char *data, struct tomoyo_number_union *num); | 541 | bool tomoyo_parse_number_union(struct tomoyo_acl_param *param, |
| 542 | struct tomoyo_number_union *ptr); | ||
| 535 | bool tomoyo_tokenize(char *buffer, char *w[], size_t size); | 543 | bool tomoyo_tokenize(char *buffer, char *w[], size_t size); |
| 536 | bool tomoyo_verbose_mode(const struct tomoyo_domain_info *domain); | 544 | bool tomoyo_verbose_mode(const struct tomoyo_domain_info *domain); |
| 537 | int tomoyo_init_request_info(struct tomoyo_request_info *r, | 545 | int tomoyo_init_request_info(struct tomoyo_request_info *r, |
| @@ -540,21 +548,19 @@ int tomoyo_init_request_info(struct tomoyo_request_info *r, | |||
| 540 | int tomoyo_mount_permission(char *dev_name, struct path *path, | 548 | int tomoyo_mount_permission(char *dev_name, struct path *path, |
| 541 | const char *type, unsigned long flags, | 549 | const char *type, unsigned long flags, |
| 542 | void *data_page); | 550 | void *data_page); |
| 543 | int tomoyo_write_aggregator(char *data, const bool is_delete); | 551 | int tomoyo_write_aggregator(struct tomoyo_acl_param *param); |
| 544 | int tomoyo_write_transition_control(char *data, const bool is_delete, | 552 | int tomoyo_write_transition_control(struct tomoyo_acl_param *param, |
| 545 | const u8 type); | 553 | const u8 type); |
| 546 | int tomoyo_write_file(char *data, struct tomoyo_domain_info *domain, | 554 | int tomoyo_write_file(struct tomoyo_acl_param *param); |
| 547 | const bool is_delete); | 555 | int tomoyo_write_group(struct tomoyo_acl_param *param, const u8 type); |
| 548 | int tomoyo_write_mount(char *data, struct tomoyo_domain_info *domain, | ||
| 549 | const bool is_delete); | ||
| 550 | int tomoyo_write_group(char *data, const bool is_delete, const u8 type); | ||
| 551 | int tomoyo_supervisor(struct tomoyo_request_info *r, const char *fmt, ...) | 556 | int tomoyo_supervisor(struct tomoyo_request_info *r, const char *fmt, ...) |
| 552 | __attribute__ ((format(printf, 2, 3))); | 557 | __attribute__ ((format(printf, 2, 3))); |
| 553 | struct tomoyo_domain_info *tomoyo_find_domain(const char *domainname); | 558 | struct tomoyo_domain_info *tomoyo_find_domain(const char *domainname); |
| 554 | struct tomoyo_domain_info *tomoyo_assign_domain(const char *domainname, | 559 | struct tomoyo_domain_info *tomoyo_assign_domain(const char *domainname, |
| 555 | const u8 profile); | 560 | const u8 profile); |
| 556 | struct tomoyo_profile *tomoyo_profile(const u8 profile); | 561 | struct tomoyo_profile *tomoyo_profile(const u8 profile); |
| 557 | struct tomoyo_group *tomoyo_get_group(const char *group_name, const u8 type); | 562 | struct tomoyo_group *tomoyo_get_group(struct tomoyo_acl_param *param, |
| 563 | const u8 idx); | ||
| 558 | unsigned int tomoyo_check_flags(const struct tomoyo_domain_info *domain, | 564 | unsigned int tomoyo_check_flags(const struct tomoyo_domain_info *domain, |
| 559 | const u8 index); | 565 | const u8 index); |
| 560 | void tomoyo_fill_path_info(struct tomoyo_path_info *ptr); | 566 | void tomoyo_fill_path_info(struct tomoyo_path_info *ptr); |
| @@ -587,7 +593,7 @@ void tomoyo_put_name_union(struct tomoyo_name_union *ptr); | |||
| 587 | void tomoyo_run_gc(void); | 593 | void tomoyo_run_gc(void); |
| 588 | void tomoyo_memory_free(void *ptr); | 594 | void tomoyo_memory_free(void *ptr); |
| 589 | int tomoyo_update_domain(struct tomoyo_acl_info *new_entry, const int size, | 595 | int tomoyo_update_domain(struct tomoyo_acl_info *new_entry, const int size, |
| 590 | bool is_delete, struct tomoyo_domain_info *domain, | 596 | struct tomoyo_acl_param *param, |
| 591 | bool (*check_duplicate) (const struct tomoyo_acl_info | 597 | bool (*check_duplicate) (const struct tomoyo_acl_info |
| 592 | *, | 598 | *, |
| 593 | const struct tomoyo_acl_info | 599 | const struct tomoyo_acl_info |
| @@ -596,7 +602,7 @@ int tomoyo_update_domain(struct tomoyo_acl_info *new_entry, const int size, | |||
| 596 | struct tomoyo_acl_info *, | 602 | struct tomoyo_acl_info *, |
| 597 | const bool)); | 603 | const bool)); |
| 598 | int tomoyo_update_policy(struct tomoyo_acl_head *new_entry, const int size, | 604 | int tomoyo_update_policy(struct tomoyo_acl_head *new_entry, const int size, |
| 599 | bool is_delete, struct list_head *list, | 605 | struct tomoyo_acl_param *param, |
| 600 | bool (*check_duplicate) (const struct tomoyo_acl_head | 606 | bool (*check_duplicate) (const struct tomoyo_acl_head |
| 601 | *, | 607 | *, |
| 602 | const struct tomoyo_acl_head | 608 | const struct tomoyo_acl_head |
| @@ -604,6 +610,8 @@ int tomoyo_update_policy(struct tomoyo_acl_head *new_entry, const int size, | |||
| 604 | void tomoyo_check_acl(struct tomoyo_request_info *r, | 610 | void tomoyo_check_acl(struct tomoyo_request_info *r, |
| 605 | bool (*check_entry) (struct tomoyo_request_info *, | 611 | bool (*check_entry) (struct tomoyo_request_info *, |
| 606 | const struct tomoyo_acl_info *)); | 612 | const struct tomoyo_acl_info *)); |
| 613 | char *tomoyo_read_token(struct tomoyo_acl_param *param); | ||
| 614 | bool tomoyo_permstr(const char *string, const char *keyword); | ||
| 607 | 615 | ||
| 608 | /********** External variable definitions. **********/ | 616 | /********** External variable definitions. **********/ |
| 609 | 617 | ||