1 files changed, 25 insertions, 35 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index 05450b17c57f..4e0101b0041a 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -134,26 +134,22 @@ struct list_head tomoyo_policy_list[TOMOYO_MAX_POLICY];
 struct list_head tomoyo_group_list[TOMOYO_MAX_GROUP];
 /**
- * tomoyo_get_last_name - Get last component of a domainname.
+ * tomoyo_last_word - Get last component of a domainname.
 *
- * @domain: Pointer to "struct tomoyo_domain_info".
+ * @domainname: Domainname to check.
 *
- * Returns the last component of the domainname.
+ * Returns the last word of @domainname.
 */
-const char *tomoyo_get_last_name(const struct tomoyo_domain_info *domain)
+static const char *tomoyo_last_word(const char *name)
 {
-        const char *cp0 = domain->domainname->name;
+        const char *cp = strrchr(name, ' ');
-        const char *cp1 = strrchr(cp0, ' ');
+        if (cp)
+                return cp + 1;
-        if (cp1)
+        return name;
-                return cp1 + 1;
-        return cp0;
 }
-static bool tomoyo_same_transition_control_entry(const struct tomoyo_acl_head *
+static bool tomoyo_same_transition_control(const struct tomoyo_acl_head *a,
-                                                 a,
+                                           const struct tomoyo_acl_head *b)
-                                                 const struct tomoyo_acl_head *
-                                                 b)
 {
        const struct tomoyo_transition_control *p1 = container_of(a,
                                                                  typeof(*p1),
@@ -203,7 +199,7 @@ static int tomoyo_update_transition_control_entry(const char *domainname,
        error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
                                     &tomoyo_policy_list
                                     [TOMOYO_ID_TRANSITION_CONTROL],
-                                     tomoyo_same_transition_control_entry);
+                                     tomoyo_same_transition_control);
 out:
        tomoyo_put_name(e.domainname);
        tomoyo_put_name(e.program);
@@ -292,19 +288,17 @@ static u8 tomoyo_transition_type(const struct tomoyo_path_info *domainname,
        return type;
 }
-static bool tomoyo_same_aggregator_entry(const struct tomoyo_acl_head *a,
+static bool tomoyo_same_aggregator(const struct tomoyo_acl_head *a,
-                                         const struct tomoyo_acl_head *b)
+                                   const struct tomoyo_acl_head *b)
 {
-        const struct tomoyo_aggregator_entry *p1 = container_of(a, typeof(*p1),
+        const struct tomoyo_aggregator *p1 = container_of(a, typeof(*p1), head);
-                                                                head);
+        const struct tomoyo_aggregator *p2 = container_of(b, typeof(*p2), head);
-        const struct tomoyo_aggregator_entry *p2 = container_of(b, typeof(*p2),
-                                                                head);
        return p1->original_name == p2->original_name &&
                p1->aggregated_name == p2->aggregated_name;
 }
 /**
- * tomoyo_update_aggregator_entry - Update "struct tomoyo_aggregator_entry" list.
+ * tomoyo_update_aggregator_entry - Update "struct tomoyo_aggregator" list.
 *
 * @original_name:   The original program's name.
 * @aggregated_name: The program name to use.
@@ -318,7 +312,7 @@ static int tomoyo_update_aggregator_entry(const char *original_name,
                                          const char *aggregated_name,
                                          const bool is_delete)
 {
-        struct tomoyo_aggregator_entry e = { };
+        struct tomoyo_aggregator e = { };
        int error = is_delete ? -ENOENT : -ENOMEM;
        if (!tomoyo_correct_path(original_name) ||
@@ -331,7 +325,7 @@ static int tomoyo_update_aggregator_entry(const char *original_name,
                goto out;
        error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
                                     &tomoyo_policy_list[TOMOYO_ID_AGGREGATOR],
-                                     tomoyo_same_aggregator_entry);
+                                     tomoyo_same_aggregator);
 out:
        tomoyo_put_name(e.original_name);
        tomoyo_put_name(e.aggregated_name);
@@ -339,7 +333,7 @@ static int tomoyo_update_aggregator_entry(const char *original_name,
 }
 /**
- * tomoyo_write_aggregator_policy - Write "struct tomoyo_aggregator_entry" list.
+ * tomoyo_write_aggregator - Write "struct tomoyo_aggregator" list.
 *
 * @data:      String to parse.
 * @is_delete: True if it is a delete request.
@@ -348,7 +342,7 @@ static int tomoyo_update_aggregator_entry(const char *original_name,
 *
 * Caller holds tomoyo_read_lock().
 */
-int tomoyo_write_aggregator_policy(char *data, const bool is_delete)
+int tomoyo_write_aggregator(char *data, const bool is_delete)
 {
        char *cp = strchr(data, ' ');
@@ -359,7 +353,7 @@ int tomoyo_write_aggregator_policy(char *data, const bool is_delete)
 }
 /**
- * tomoyo_find_or_assign_new_domain - Create a domain.
+ * tomoyo_assign_domain - Create a domain.
 *
 * @domainname: The name of domain.
 * @profile:    Profile number to assign if the domain was newly created.
@@ -368,9 +362,8 @@ int tomoyo_write_aggregator_policy(char *data, const bool is_delete)
 *
 * Caller holds tomoyo_read_lock().
 */
-struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
+struct tomoyo_domain_info *tomoyo_assign_domain(const char *domainname,
-                                                            domainname,
+                                                const u8 profile)
-                                                            const u8 profile)
 {
        struct tomoyo_domain_info *entry;
        struct tomoyo_domain_info *domain = NULL;
@@ -430,10 +423,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
        int retval = -ENOMEM;
        bool need_kfree = false;
        struct tomoyo_path_info rn = { }; /* real name */
-        struct tomoyo_path_info ln; /* last name */
-        ln.name = tomoyo_get_last_name(old_domain);
-        tomoyo_fill_path_info(&ln);
        mode = tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE);
        is_enforce = (mode == TOMOYO_CONFIG_ENFORCING);
        if (!tmp)
@@ -454,7 +444,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
        /* Check 'aggregator' directive. */
        {
-                struct tomoyo_aggregator_entry *ptr;
+                struct tomoyo_aggregator *ptr;
                list_for_each_entry_rcu(ptr, &tomoyo_policy_list
                                        [TOMOYO_ID_AGGREGATOR], head.list) {
                        if (ptr->head.is_deleted ||
@@ -517,7 +507,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
                if (error < 0)
                        goto done;
        }
-        domain = tomoyo_find_or_assign_new_domain(tmp, old_domain->profile);
+        domain = tomoyo_assign_domain(tmp, old_domain->profile);
 done:
        if (domain)
                goto out;

diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index 05450b17c57f..4e0101b0041a 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c
@@ -134,26 +134,22 @@ struct list_head tomoyo_policy_list[TOMOYO_MAX_POLICY];
134	struct list_head tomoyo_group_list[TOMOYO_MAX_GROUP];	134	struct list_head tomoyo_group_list[TOMOYO_MAX_GROUP];
135		135
136	/**	136	/**
137	* tomoyo_get_last_name - Get last component of a domainname.	137	* tomoyo_last_word - Get last component of a domainname.
138	*	138	*
139	* @domain: Pointer to "struct tomoyo_domain_info".	139	* @domainname: Domainname to check.
140	*	140	*
141	* Returns the last component of the domainname.	141	* Returns the last word of @domainname.
142	*/	142	*/
143	const char tomoyo_get_last_name(const struct tomoyo_domain_info domain)	143	static const char tomoyo_last_word(const char name)
144	{	144	{
145	const char *cp0 = domain->domainname->name;	145	const char *cp = strrchr(name, ' ');
146	const char *cp1 = strrchr(cp0, ' ');	146	if (cp)
147		147	return cp + 1;
148	if (cp1)	148	return name;
149	return cp1 + 1;
150	return cp0;
151	}	149	}
152		150
153	static bool tomoyo_same_transition_control_entry(const struct tomoyo_acl_head *	151	static bool tomoyo_same_transition_control(const struct tomoyo_acl_head *a,
154	a,	152	const struct tomoyo_acl_head *b)
155	const struct tomoyo_acl_head *
156	b)
157	{	153	{
158	const struct tomoyo_transition_control *p1 = container_of(a,	154	const struct tomoyo_transition_control *p1 = container_of(a,
159	typeof(*p1),	155	typeof(*p1),
@@ -203,7 +199,7 @@ static int tomoyo_update_transition_control_entry(const char *domainname,
203	error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,	199	error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
204	&tomoyo_policy_list	200	&tomoyo_policy_list
205	[TOMOYO_ID_TRANSITION_CONTROL],	201	[TOMOYO_ID_TRANSITION_CONTROL],
206	tomoyo_same_transition_control_entry);	202	tomoyo_same_transition_control);
207	out:	203	out:
208	tomoyo_put_name(e.domainname);	204	tomoyo_put_name(e.domainname);
209	tomoyo_put_name(e.program);	205	tomoyo_put_name(e.program);
@@ -292,19 +288,17 @@ static u8 tomoyo_transition_type(const struct tomoyo_path_info *domainname,
292	return type;	288	return type;
293	}	289	}
294		290
295	static bool tomoyo_same_aggregator_entry(const struct tomoyo_acl_head *a,	291	static bool tomoyo_same_aggregator(const struct tomoyo_acl_head *a,
296	const struct tomoyo_acl_head *b)	292	const struct tomoyo_acl_head *b)
297	{	293	{
298	const struct tomoyo_aggregator_entry p1 = container_of(a, typeof(p1),	294	const struct tomoyo_aggregator p1 = container_of(a, typeof(p1), head);
299	head);	295	const struct tomoyo_aggregator p2 = container_of(b, typeof(p2), head);
300	const struct tomoyo_aggregator_entry p2 = container_of(b, typeof(p2),
301	head);
302	return p1->original_name == p2->original_name &&	296	return p1->original_name == p2->original_name &&
303	p1->aggregated_name == p2->aggregated_name;	297	p1->aggregated_name == p2->aggregated_name;
304	}	298	}
305		299
306	/**	300	/**
307	* tomoyo_update_aggregator_entry - Update "struct tomoyo_aggregator_entry" list.	301	* tomoyo_update_aggregator_entry - Update "struct tomoyo_aggregator" list.
308	*	302	*
309	* @original_name: The original program's name.	303	* @original_name: The original program's name.
310	* @aggregated_name: The program name to use.	304	* @aggregated_name: The program name to use.
@@ -318,7 +312,7 @@ static int tomoyo_update_aggregator_entry(const char *original_name,
318	const char *aggregated_name,	312	const char *aggregated_name,
319	const bool is_delete)	313	const bool is_delete)
320	{	314	{
321	struct tomoyo_aggregator_entry e = { };	315	struct tomoyo_aggregator e = { };
322	int error = is_delete ? -ENOENT : -ENOMEM;	316	int error = is_delete ? -ENOENT : -ENOMEM;
323		317
324	if (!tomoyo_correct_path(original_name) \|\|	318	if (!tomoyo_correct_path(original_name) \|\|
@@ -331,7 +325,7 @@ static int tomoyo_update_aggregator_entry(const char *original_name,
331	goto out;	325	goto out;
332	error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,	326	error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
333	&tomoyo_policy_list[TOMOYO_ID_AGGREGATOR],	327	&tomoyo_policy_list[TOMOYO_ID_AGGREGATOR],
334	tomoyo_same_aggregator_entry);	328	tomoyo_same_aggregator);
335	out:	329	out:
336	tomoyo_put_name(e.original_name);	330	tomoyo_put_name(e.original_name);
337	tomoyo_put_name(e.aggregated_name);	331	tomoyo_put_name(e.aggregated_name);
@@ -339,7 +333,7 @@ static int tomoyo_update_aggregator_entry(const char *original_name,
339	}	333	}
340		334
341	/**	335	/**
342	* tomoyo_write_aggregator_policy - Write "struct tomoyo_aggregator_entry" list.	336	* tomoyo_write_aggregator - Write "struct tomoyo_aggregator" list.
343	*	337	*
344	* @data: String to parse.	338	* @data: String to parse.
345	* @is_delete: True if it is a delete request.	339	* @is_delete: True if it is a delete request.
@@ -348,7 +342,7 @@ static int tomoyo_update_aggregator_entry(const char *original_name,
348	*	342	*
349	* Caller holds tomoyo_read_lock().	343	* Caller holds tomoyo_read_lock().
350	*/	344	*/
351	int tomoyo_write_aggregator_policy(char *data, const bool is_delete)	345	int tomoyo_write_aggregator(char *data, const bool is_delete)
352	{	346	{
353	char *cp = strchr(data, ' ');	347	char *cp = strchr(data, ' ');
354		348
@@ -359,7 +353,7 @@ int tomoyo_write_aggregator_policy(char *data, const bool is_delete)
359	}	353	}
360		354
361	/**	355	/**
362	* tomoyo_find_or_assign_new_domain - Create a domain.	356	* tomoyo_assign_domain - Create a domain.
363	*	357	*
364	* @domainname: The name of domain.	358	* @domainname: The name of domain.
365	* @profile: Profile number to assign if the domain was newly created.	359	* @profile: Profile number to assign if the domain was newly created.
@@ -368,9 +362,8 @@ int tomoyo_write_aggregator_policy(char *data, const bool is_delete)
368	*	362	*
369	* Caller holds tomoyo_read_lock().	363	* Caller holds tomoyo_read_lock().
370	*/	364	*/
371	struct tomoyo_domain_info tomoyo_find_or_assign_new_domain(const char	365	struct tomoyo_domain_info tomoyo_assign_domain(const char domainname,
372	domainname,	366	const u8 profile)
373	const u8 profile)
374	{	367	{
375	struct tomoyo_domain_info *entry;	368	struct tomoyo_domain_info *entry;
376	struct tomoyo_domain_info *domain = NULL;	369	struct tomoyo_domain_info *domain = NULL;
@@ -430,10 +423,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
430	int retval = -ENOMEM;	423	int retval = -ENOMEM;
431	bool need_kfree = false;	424	bool need_kfree = false;
432	struct tomoyo_path_info rn = { }; /* real name */	425	struct tomoyo_path_info rn = { }; /* real name */
433	struct tomoyo_path_info ln; /* last name */
434		426
435	ln.name = tomoyo_get_last_name(old_domain);
436	tomoyo_fill_path_info(&ln);
437	mode = tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE);	427	mode = tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE);
438	is_enforce = (mode == TOMOYO_CONFIG_ENFORCING);	428	is_enforce = (mode == TOMOYO_CONFIG_ENFORCING);
439	if (!tmp)	429	if (!tmp)
@@ -454,7 +444,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
454		444
455	/* Check 'aggregator' directive. */	445	/* Check 'aggregator' directive. */
456	{	446	{
457	struct tomoyo_aggregator_entry *ptr;	447	struct tomoyo_aggregator *ptr;
458	list_for_each_entry_rcu(ptr, &tomoyo_policy_list	448	list_for_each_entry_rcu(ptr, &tomoyo_policy_list
459	[TOMOYO_ID_AGGREGATOR], head.list) {	449	[TOMOYO_ID_AGGREGATOR], head.list) {
460	if (ptr->head.is_deleted \|\|	450	if (ptr->head.is_deleted \|\|
@@ -517,7 +507,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
517	if (error < 0)	507	if (error < 0)
518	goto done;	508	goto done;
519	}	509	}
520	domain = tomoyo_find_or_assign_new_domain(tmp, old_domain->profile);	510	domain = tomoyo_assign_domain(tmp, old_domain->profile);
521	done:	511	done:
522	if (domain)	512	if (domain)
523	goto out;	513	goto out;