diff options
Diffstat (limited to 'security/tomoyo/domain.c')
-rw-r--r-- | security/tomoyo/domain.c | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index 13f4f39baf8f..1a122974240f 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c | |||
@@ -256,13 +256,13 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, | |||
256 | struct tomoyo_domain_initializer_entry e = { .is_not = is_not }; | 256 | struct tomoyo_domain_initializer_entry e = { .is_not = is_not }; |
257 | int error = is_delete ? -ENOENT : -ENOMEM; | 257 | int error = is_delete ? -ENOENT : -ENOMEM; |
258 | 258 | ||
259 | if (!tomoyo_is_correct_path(program)) | 259 | if (!tomoyo_correct_path(program)) |
260 | return -EINVAL; | 260 | return -EINVAL; |
261 | if (domainname) { | 261 | if (domainname) { |
262 | if (!tomoyo_is_domain_def(domainname) && | 262 | if (!tomoyo_domain_def(domainname) && |
263 | tomoyo_is_correct_path(domainname)) | 263 | tomoyo_correct_path(domainname)) |
264 | e.is_last_name = true; | 264 | e.is_last_name = true; |
265 | else if (!tomoyo_is_correct_domain(domainname)) | 265 | else if (!tomoyo_correct_domain(domainname)) |
266 | return -EINVAL; | 266 | return -EINVAL; |
267 | e.domainname = tomoyo_get_name(domainname); | 267 | e.domainname = tomoyo_get_name(domainname); |
268 | if (!e.domainname) | 268 | if (!e.domainname) |
@@ -346,7 +346,7 @@ int tomoyo_write_domain_initializer_policy(char *data, const bool is_not, | |||
346 | } | 346 | } |
347 | 347 | ||
348 | /** | 348 | /** |
349 | * tomoyo_is_domain_initializer - Check whether the given program causes domainname reinitialization. | 349 | * tomoyo_domain_initializer - Check whether the given program causes domainname reinitialization. |
350 | * | 350 | * |
351 | * @domainname: The name of domain. | 351 | * @domainname: The name of domain. |
352 | * @program: The name of program. | 352 | * @program: The name of program. |
@@ -357,7 +357,7 @@ int tomoyo_write_domain_initializer_policy(char *data, const bool is_not, | |||
357 | * | 357 | * |
358 | * Caller holds tomoyo_read_lock(). | 358 | * Caller holds tomoyo_read_lock(). |
359 | */ | 359 | */ |
360 | static bool tomoyo_is_domain_initializer(const struct tomoyo_path_info * | 360 | static bool tomoyo_domain_initializer(const struct tomoyo_path_info * |
361 | domainname, | 361 | domainname, |
362 | const struct tomoyo_path_info *program, | 362 | const struct tomoyo_path_info *program, |
363 | const struct tomoyo_path_info * | 363 | const struct tomoyo_path_info * |
@@ -462,13 +462,13 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, | |||
462 | struct tomoyo_domain_keeper_entry e = { .is_not = is_not }; | 462 | struct tomoyo_domain_keeper_entry e = { .is_not = is_not }; |
463 | int error = is_delete ? -ENOENT : -ENOMEM; | 463 | int error = is_delete ? -ENOENT : -ENOMEM; |
464 | 464 | ||
465 | if (!tomoyo_is_domain_def(domainname) && | 465 | if (!tomoyo_domain_def(domainname) && |
466 | tomoyo_is_correct_path(domainname)) | 466 | tomoyo_correct_path(domainname)) |
467 | e.is_last_name = true; | 467 | e.is_last_name = true; |
468 | else if (!tomoyo_is_correct_domain(domainname)) | 468 | else if (!tomoyo_correct_domain(domainname)) |
469 | return -EINVAL; | 469 | return -EINVAL; |
470 | if (program) { | 470 | if (program) { |
471 | if (!tomoyo_is_correct_path(program)) | 471 | if (!tomoyo_correct_path(program)) |
472 | return -EINVAL; | 472 | return -EINVAL; |
473 | e.program = tomoyo_get_name(program); | 473 | e.program = tomoyo_get_name(program); |
474 | if (!e.program) | 474 | if (!e.program) |
@@ -549,7 +549,7 @@ bool tomoyo_read_domain_keeper_policy(struct tomoyo_io_buffer *head) | |||
549 | } | 549 | } |
550 | 550 | ||
551 | /** | 551 | /** |
552 | * tomoyo_is_domain_keeper - Check whether the given program causes domain transition suppression. | 552 | * tomoyo_domain_keeper - Check whether the given program causes domain transition suppression. |
553 | * | 553 | * |
554 | * @domainname: The name of domain. | 554 | * @domainname: The name of domain. |
555 | * @program: The name of program. | 555 | * @program: The name of program. |
@@ -560,7 +560,7 @@ bool tomoyo_read_domain_keeper_policy(struct tomoyo_io_buffer *head) | |||
560 | * | 560 | * |
561 | * Caller holds tomoyo_read_lock(). | 561 | * Caller holds tomoyo_read_lock(). |
562 | */ | 562 | */ |
563 | static bool tomoyo_is_domain_keeper(const struct tomoyo_path_info *domainname, | 563 | static bool tomoyo_domain_keeper(const struct tomoyo_path_info *domainname, |
564 | const struct tomoyo_path_info *program, | 564 | const struct tomoyo_path_info *program, |
565 | const struct tomoyo_path_info *last_name) | 565 | const struct tomoyo_path_info *last_name) |
566 | { | 566 | { |
@@ -646,8 +646,8 @@ static int tomoyo_update_aggregator_entry(const char *original_name, | |||
646 | struct tomoyo_aggregator_entry e = { }; | 646 | struct tomoyo_aggregator_entry e = { }; |
647 | int error = is_delete ? -ENOENT : -ENOMEM; | 647 | int error = is_delete ? -ENOENT : -ENOMEM; |
648 | 648 | ||
649 | if (!tomoyo_is_correct_path(original_name) || | 649 | if (!tomoyo_correct_path(original_name) || |
650 | !tomoyo_is_correct_path(aggregated_name)) | 650 | !tomoyo_correct_path(aggregated_name)) |
651 | return -EINVAL; | 651 | return -EINVAL; |
652 | e.original_name = tomoyo_get_name(original_name); | 652 | e.original_name = tomoyo_get_name(original_name); |
653 | e.aggregated_name = tomoyo_get_name(aggregated_name); | 653 | e.aggregated_name = tomoyo_get_name(aggregated_name); |
@@ -774,8 +774,8 @@ static int tomoyo_update_alias_entry(const char *original_name, | |||
774 | struct tomoyo_alias_entry e = { }; | 774 | struct tomoyo_alias_entry e = { }; |
775 | int error = is_delete ? -ENOENT : -ENOMEM; | 775 | int error = is_delete ? -ENOENT : -ENOMEM; |
776 | 776 | ||
777 | if (!tomoyo_is_correct_path(original_name) || | 777 | if (!tomoyo_correct_path(original_name) || |
778 | !tomoyo_is_correct_path(aliased_name)) | 778 | !tomoyo_correct_path(aliased_name)) |
779 | return -EINVAL; | 779 | return -EINVAL; |
780 | e.original_name = tomoyo_get_name(original_name); | 780 | e.original_name = tomoyo_get_name(original_name); |
781 | e.aliased_name = tomoyo_get_name(aliased_name); | 781 | e.aliased_name = tomoyo_get_name(aliased_name); |
@@ -859,7 +859,7 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
859 | const struct tomoyo_path_info *saved_domainname; | 859 | const struct tomoyo_path_info *saved_domainname; |
860 | bool found = false; | 860 | bool found = false; |
861 | 861 | ||
862 | if (!tomoyo_is_correct_domain(domainname)) | 862 | if (!tomoyo_correct_domain(domainname)) |
863 | return NULL; | 863 | return NULL; |
864 | saved_domainname = tomoyo_get_name(domainname); | 864 | saved_domainname = tomoyo_get_name(domainname); |
865 | if (!saved_domainname) | 865 | if (!saved_domainname) |
@@ -984,7 +984,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
984 | if (retval < 0) | 984 | if (retval < 0) |
985 | goto out; | 985 | goto out; |
986 | 986 | ||
987 | if (tomoyo_is_domain_initializer(old_domain->domainname, &rn, &ln)) { | 987 | if (tomoyo_domain_initializer(old_domain->domainname, &rn, &ln)) { |
988 | /* Transit to the child of tomoyo_kernel_domain domain. */ | 988 | /* Transit to the child of tomoyo_kernel_domain domain. */ |
989 | snprintf(tmp, TOMOYO_EXEC_TMPSIZE - 1, | 989 | snprintf(tmp, TOMOYO_EXEC_TMPSIZE - 1, |
990 | TOMOYO_ROOT_NAME " " "%s", rn.name); | 990 | TOMOYO_ROOT_NAME " " "%s", rn.name); |
@@ -996,7 +996,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
996 | * initializers because they might start before /sbin/init. | 996 | * initializers because they might start before /sbin/init. |
997 | */ | 997 | */ |
998 | domain = old_domain; | 998 | domain = old_domain; |
999 | } else if (tomoyo_is_domain_keeper(old_domain->domainname, &rn, &ln)) { | 999 | } else if (tomoyo_domain_keeper(old_domain->domainname, &rn, &ln)) { |
1000 | /* Keep current domain. */ | 1000 | /* Keep current domain. */ |
1001 | domain = old_domain; | 1001 | domain = old_domain; |
1002 | } else { | 1002 | } else { |