diff options
Diffstat (limited to 'security/tomoyo')
| -rw-r--r-- | security/tomoyo/common.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index d41900de8a69..610b535108af 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
| @@ -963,6 +963,9 @@ static bool tomoyo_manager(void) | |||
| 963 | return found; | 963 | return found; |
| 964 | } | 964 | } |
| 965 | 965 | ||
| 966 | static struct tomoyo_domain_info *tomoyo_find_domain_by_qid | ||
| 967 | (unsigned int serial); | ||
| 968 | |||
| 966 | /** | 969 | /** |
| 967 | * tomoyo_select_domain - Parse select command. | 970 | * tomoyo_select_domain - Parse select command. |
| 968 | * | 971 | * |
| @@ -996,6 +999,8 @@ static bool tomoyo_select_domain(struct tomoyo_io_buffer *head, | |||
| 996 | } else if (!strncmp(data, "domain=", 7)) { | 999 | } else if (!strncmp(data, "domain=", 7)) { |
| 997 | if (tomoyo_domain_def(data + 7)) | 1000 | if (tomoyo_domain_def(data + 7)) |
| 998 | domain = tomoyo_find_domain(data + 7); | 1001 | domain = tomoyo_find_domain(data + 7); |
| 1002 | } else if (sscanf(data, "Q=%u", &pid) == 1) { | ||
| 1003 | domain = tomoyo_find_domain_by_qid(pid); | ||
| 999 | } else | 1004 | } else |
| 1000 | return false; | 1005 | return false; |
| 1001 | head->w.domain = domain; | 1006 | head->w.domain = domain; |
| @@ -1891,6 +1896,7 @@ static DECLARE_WAIT_QUEUE_HEAD(tomoyo_answer_wait); | |||
| 1891 | /* Structure for query. */ | 1896 | /* Structure for query. */ |
| 1892 | struct tomoyo_query { | 1897 | struct tomoyo_query { |
| 1893 | struct list_head list; | 1898 | struct list_head list; |
| 1899 | struct tomoyo_domain_info *domain; | ||
| 1894 | char *query; | 1900 | char *query; |
| 1895 | size_t query_len; | 1901 | size_t query_len; |
| 1896 | unsigned int serial; | 1902 | unsigned int serial; |
| @@ -2041,6 +2047,7 @@ int tomoyo_supervisor(struct tomoyo_request_info *r, const char *fmt, ...) | |||
| 2041 | goto out; | 2047 | goto out; |
| 2042 | } | 2048 | } |
| 2043 | len = tomoyo_round2(entry.query_len); | 2049 | len = tomoyo_round2(entry.query_len); |
| 2050 | entry.domain = r->domain; | ||
| 2044 | spin_lock(&tomoyo_query_list_lock); | 2051 | spin_lock(&tomoyo_query_list_lock); |
| 2045 | if (tomoyo_memory_quota[TOMOYO_MEMORY_QUERY] && | 2052 | if (tomoyo_memory_quota[TOMOYO_MEMORY_QUERY] && |
| 2046 | tomoyo_memory_used[TOMOYO_MEMORY_QUERY] + len | 2053 | tomoyo_memory_used[TOMOYO_MEMORY_QUERY] + len |
| @@ -2088,6 +2095,29 @@ out: | |||
| 2088 | } | 2095 | } |
| 2089 | 2096 | ||
| 2090 | /** | 2097 | /** |
| 2098 | * tomoyo_find_domain_by_qid - Get domain by query id. | ||
| 2099 | * | ||
| 2100 | * @serial: Query ID assigned by tomoyo_supervisor(). | ||
| 2101 | * | ||
| 2102 | * Returns pointer to "struct tomoyo_domain_info" if found, NULL otherwise. | ||
| 2103 | */ | ||
| 2104 | static struct tomoyo_domain_info *tomoyo_find_domain_by_qid | ||
| 2105 | (unsigned int serial) | ||
| 2106 | { | ||
| 2107 | struct tomoyo_query *ptr; | ||
| 2108 | struct tomoyo_domain_info *domain = NULL; | ||
| 2109 | spin_lock(&tomoyo_query_list_lock); | ||
| 2110 | list_for_each_entry(ptr, &tomoyo_query_list, list) { | ||
| 2111 | if (ptr->serial != serial || ptr->answer) | ||
| 2112 | continue; | ||
| 2113 | domain = ptr->domain; | ||
| 2114 | break; | ||
| 2115 | } | ||
| 2116 | spin_unlock(&tomoyo_query_list_lock); | ||
| 2117 | return domain; | ||
| 2118 | } | ||
| 2119 | |||
| 2120 | /** | ||
| 2091 | * tomoyo_poll_query - poll() for /sys/kernel/security/tomoyo/query. | 2121 | * tomoyo_poll_query - poll() for /sys/kernel/security/tomoyo/query. |
| 2092 | * | 2122 | * |
| 2093 | * @file: Pointer to "struct file". | 2123 | * @file: Pointer to "struct file". |