aboutsummaryrefslogtreecommitdiffstats
path: root/security/tomoyo
diff options
context:
space:
mode:
Diffstat (limited to 'security/tomoyo')
-rw-r--r--security/tomoyo/common.c18
-rw-r--r--security/tomoyo/common.h112
-rw-r--r--security/tomoyo/domain.c62
-rw-r--r--security/tomoyo/file.c46
-rw-r--r--security/tomoyo/gc.c63
-rw-r--r--security/tomoyo/number_group.c15
-rw-r--r--security/tomoyo/path_group.c15
7 files changed, 167 insertions, 164 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 6556e5d27d74..7bfad45fcd61 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -499,10 +499,10 @@ static int tomoyo_update_manager_entry(const char *manager,
499 return -ENOMEM; 499 return -ENOMEM;
500 if (mutex_lock_interruptible(&tomoyo_policy_lock)) 500 if (mutex_lock_interruptible(&tomoyo_policy_lock))
501 goto out; 501 goto out;
502 list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) { 502 list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, head.list) {
503 if (ptr->manager != e.manager) 503 if (ptr->manager != e.manager)
504 continue; 504 continue;
505 ptr->is_deleted = is_delete; 505 ptr->head.is_deleted = is_delete;
506 error = 0; 506 error = 0;
507 break; 507 break;
508 } 508 }
@@ -510,7 +510,7 @@ static int tomoyo_update_manager_entry(const char *manager,
510 struct tomoyo_policy_manager_entry *entry = 510 struct tomoyo_policy_manager_entry *entry =
511 tomoyo_commit_ok(&e, sizeof(e)); 511 tomoyo_commit_ok(&e, sizeof(e));
512 if (entry) { 512 if (entry) {
513 list_add_tail_rcu(&entry->list, 513 list_add_tail_rcu(&entry->head.list,
514 &tomoyo_policy_manager_list); 514 &tomoyo_policy_manager_list);
515 error = 0; 515 error = 0;
516 } 516 }
@@ -562,8 +562,8 @@ static int tomoyo_read_manager_policy(struct tomoyo_io_buffer *head)
562 &tomoyo_policy_manager_list) { 562 &tomoyo_policy_manager_list) {
563 struct tomoyo_policy_manager_entry *ptr; 563 struct tomoyo_policy_manager_entry *ptr;
564 ptr = list_entry(pos, struct tomoyo_policy_manager_entry, 564 ptr = list_entry(pos, struct tomoyo_policy_manager_entry,
565 list); 565 head.list);
566 if (ptr->is_deleted) 566 if (ptr->head.is_deleted)
567 continue; 567 continue;
568 done = tomoyo_io_printf(head, "%s\n", ptr->manager->name); 568 done = tomoyo_io_printf(head, "%s\n", ptr->manager->name);
569 if (!done) 569 if (!done)
@@ -593,8 +593,8 @@ static bool tomoyo_is_policy_manager(void)
593 return true; 593 return true;
594 if (!tomoyo_manage_by_non_root && (task->cred->uid || task->cred->euid)) 594 if (!tomoyo_manage_by_non_root && (task->cred->uid || task->cred->euid))
595 return false; 595 return false;
596 list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) { 596 list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, head.list) {
597 if (!ptr->is_deleted && ptr->is_domain 597 if (!ptr->head.is_deleted && ptr->is_domain
598 && !tomoyo_pathcmp(domainname, ptr->manager)) { 598 && !tomoyo_pathcmp(domainname, ptr->manager)) {
599 found = true; 599 found = true;
600 break; 600 break;
@@ -605,8 +605,8 @@ static bool tomoyo_is_policy_manager(void)
605 exe = tomoyo_get_exe(); 605 exe = tomoyo_get_exe();
606 if (!exe) 606 if (!exe)
607 return false; 607 return false;
608 list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) { 608 list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, head.list) {
609 if (!ptr->is_deleted && !ptr->is_domain 609 if (!ptr->head.is_deleted && !ptr->is_domain
610 && !strcmp(exe, ptr->manager->name)) { 610 && !strcmp(exe, ptr->manager->name)) {
611 found = true; 611 found = true;
612 break; 612 break;
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h
index 539b9a28b739..0ab6e86f90aa 100644
--- a/security/tomoyo/common.h
+++ b/security/tomoyo/common.h
@@ -189,6 +189,20 @@ enum tomoyo_mac_category_index {
189/********** Structure definitions. **********/ 189/********** Structure definitions. **********/
190 190
191/* 191/*
192 * tomoyo_acl_head is a structure which is used for holding elements not in
193 * domain policy.
194 * It has following fields.
195 *
196 * (1) "list" which is linked to tomoyo_policy_list[] .
197 * (2) "is_deleted" is a bool which is true if marked as deleted, false
198 * otherwise.
199 */
200struct tomoyo_acl_head {
201 struct list_head list;
202 bool is_deleted;
203} __packed;
204
205/*
192 * tomoyo_request_info is a structure which is used for holding 206 * tomoyo_request_info is a structure which is used for holding
193 * 207 *
194 * (1) Domain information of current process. 208 * (1) Domain information of current process.
@@ -274,15 +288,13 @@ struct tomoyo_number_group {
274 288
275/* Structure for "path_group" directive. */ 289/* Structure for "path_group" directive. */
276struct tomoyo_path_group_member { 290struct tomoyo_path_group_member {
277 struct list_head list; 291 struct tomoyo_acl_head head;
278 bool is_deleted;
279 const struct tomoyo_path_info *member_name; 292 const struct tomoyo_path_info *member_name;
280}; 293};
281 294
282/* Structure for "number_group" directive. */ 295/* Structure for "number_group" directive. */
283struct tomoyo_number_group_member { 296struct tomoyo_number_group_member {
284 struct list_head list; 297 struct tomoyo_acl_head head;
285 bool is_deleted;
286 struct tomoyo_number_union number; 298 struct tomoyo_number_union number;
287}; 299};
288 300
@@ -523,15 +535,12 @@ struct tomoyo_io_buffer {
523 * "allow_read" entries. 535 * "allow_read" entries.
524 * It has following fields. 536 * It has following fields.
525 * 537 *
526 * (1) "list" which is linked to tomoyo_globally_readable_list . 538 * (1) "head" is "struct tomoyo_acl_head".
527 * (2) "filename" is a pathname which is allowed to open(O_RDONLY). 539 * (2) "filename" is a pathname which is allowed to open(O_RDONLY).
528 * (3) "is_deleted" is a bool which is true if marked as deleted, false
529 * otherwise.
530 */ 540 */
531struct tomoyo_globally_readable_file_entry { 541struct tomoyo_globally_readable_file_entry {
532 struct list_head list; 542 struct tomoyo_acl_head head;
533 const struct tomoyo_path_info *filename; 543 const struct tomoyo_path_info *filename;
534 bool is_deleted;
535}; 544};
536 545
537/* 546/*
@@ -539,16 +548,13 @@ struct tomoyo_globally_readable_file_entry {
539 * "tomoyo_pattern_list" entries. 548 * "tomoyo_pattern_list" entries.
540 * It has following fields. 549 * It has following fields.
541 * 550 *
542 * (1) "list" which is linked to tomoyo_pattern_list . 551 * (1) "head" is "struct tomoyo_acl_head".
543 * (2) "pattern" is a pathname pattern which is used for converting pathnames 552 * (2) "pattern" is a pathname pattern which is used for converting pathnames
544 * to pathname patterns during learning mode. 553 * to pathname patterns during learning mode.
545 * (3) "is_deleted" is a bool which is true if marked as deleted, false
546 * otherwise.
547 */ 554 */
548struct tomoyo_pattern_entry { 555struct tomoyo_pattern_entry {
549 struct list_head list; 556 struct tomoyo_acl_head head;
550 const struct tomoyo_path_info *pattern; 557 const struct tomoyo_path_info *pattern;
551 bool is_deleted;
552}; 558};
553 559
554/* 560/*
@@ -556,16 +562,13 @@ struct tomoyo_pattern_entry {
556 * "deny_rewrite" entries. 562 * "deny_rewrite" entries.
557 * It has following fields. 563 * It has following fields.
558 * 564 *
559 * (1) "list" which is linked to tomoyo_no_rewrite_list . 565 * (1) "head" is "struct tomoyo_acl_head".
560 * (2) "pattern" is a pathname which is by default not permitted to modify 566 * (2) "pattern" is a pathname which is by default not permitted to modify
561 * already existing content. 567 * already existing content.
562 * (3) "is_deleted" is a bool which is true if marked as deleted, false
563 * otherwise.
564 */ 568 */
565struct tomoyo_no_rewrite_entry { 569struct tomoyo_no_rewrite_entry {
566 struct list_head list; 570 struct tomoyo_acl_head head;
567 const struct tomoyo_path_info *pattern; 571 const struct tomoyo_path_info *pattern;
568 bool is_deleted;
569}; 572};
570 573
571/* 574/*
@@ -573,25 +576,22 @@ struct tomoyo_no_rewrite_entry {
573 * "initialize_domain" and "no_initialize_domain" entries. 576 * "initialize_domain" and "no_initialize_domain" entries.
574 * It has following fields. 577 * It has following fields.
575 * 578 *
576 * (1) "list" which is linked to tomoyo_domain_initializer_list . 579 * (1) "head" is "struct tomoyo_acl_head".
577 * (2) "domainname" which is "a domainname" or "the last component of a 580 * (2) "is_not" is a bool which is true if "no_initialize_domain", false
578 * domainname". This field is NULL if "from" clause is not specified.
579 * (3) "program" which is a program's pathname.
580 * (4) "is_deleted" is a bool which is true if marked as deleted, false
581 * otherwise. 581 * otherwise.
582 * (5) "is_not" is a bool which is true if "no_initialize_domain", false 582 * (3) "is_last_name" is a bool which is true if "domainname" is "the last
583 * otherwise.
584 * (6) "is_last_name" is a bool which is true if "domainname" is "the last
585 * component of a domainname", false otherwise. 583 * component of a domainname", false otherwise.
584 * (4) "domainname" which is "a domainname" or "the last component of a
585 * domainname". This field is NULL if "from" clause is not specified.
586 * (5) "program" which is a program's pathname.
586 */ 587 */
587struct tomoyo_domain_initializer_entry { 588struct tomoyo_domain_initializer_entry {
588 struct list_head list; 589 struct tomoyo_acl_head head;
589 const struct tomoyo_path_info *domainname; /* This may be NULL */
590 const struct tomoyo_path_info *program;
591 bool is_deleted;
592 bool is_not; /* True if this entry is "no_initialize_domain". */ 590 bool is_not; /* True if this entry is "no_initialize_domain". */
593 /* True if the domainname is tomoyo_get_last_name(). */ 591 /* True if the domainname is tomoyo_get_last_name(). */
594 bool is_last_name; 592 bool is_last_name;
593 const struct tomoyo_path_info *domainname; /* This may be NULL */
594 const struct tomoyo_path_info *program;
595}; 595};
596 596
597/* 597/*
@@ -599,26 +599,23 @@ struct tomoyo_domain_initializer_entry {
599 * "keep_domain" and "no_keep_domain" entries. 599 * "keep_domain" and "no_keep_domain" entries.
600 * It has following fields. 600 * It has following fields.
601 * 601 *
602 * (1) "list" which is linked to tomoyo_domain_keeper_list . 602 * (1) "head" is "struct tomoyo_acl_head".
603 * (2) "domainname" which is "a domainname" or "the last component of a 603 * (2) "is_not" is a bool which is true if "no_initialize_domain", false
604 * domainname".
605 * (3) "program" which is a program's pathname.
606 * This field is NULL if "from" clause is not specified.
607 * (4) "is_deleted" is a bool which is true if marked as deleted, false
608 * otherwise. 604 * otherwise.
609 * (5) "is_not" is a bool which is true if "no_initialize_domain", false 605 * (3) "is_last_name" is a bool which is true if "domainname" is "the last
610 * otherwise.
611 * (6) "is_last_name" is a bool which is true if "domainname" is "the last
612 * component of a domainname", false otherwise. 606 * component of a domainname", false otherwise.
607 * (4) "domainname" which is "a domainname" or "the last component of a
608 * domainname".
609 * (5) "program" which is a program's pathname.
610 * This field is NULL if "from" clause is not specified.
613 */ 611 */
614struct tomoyo_domain_keeper_entry { 612struct tomoyo_domain_keeper_entry {
615 struct list_head list; 613 struct tomoyo_acl_head head;
616 const struct tomoyo_path_info *domainname;
617 const struct tomoyo_path_info *program; /* This may be NULL */
618 bool is_deleted;
619 bool is_not; /* True if this entry is "no_keep_domain". */ 614 bool is_not; /* True if this entry is "no_keep_domain". */
620 /* True if the domainname is tomoyo_get_last_name(). */ 615 /* True if the domainname is tomoyo_get_last_name(). */
621 bool is_last_name; 616 bool is_last_name;
617 const struct tomoyo_path_info *domainname;
618 const struct tomoyo_path_info *program; /* This may be NULL */
622}; 619};
623 620
624/* 621/*
@@ -626,34 +623,28 @@ struct tomoyo_domain_keeper_entry {
626 * "aggregator" entries. 623 * "aggregator" entries.
627 * It has following fields. 624 * It has following fields.
628 * 625 *
629 * (1) "list" which is linked to tomoyo_aggregator_list . 626 * (1) "head" is "struct tomoyo_acl_head".
630 * (2) "original_name" which is originally requested name. 627 * (2) "original_name" which is originally requested name.
631 * (3) "aggregated_name" which is name to rewrite. 628 * (3) "aggregated_name" which is name to rewrite.
632 * (4) "is_deleted" is a bool which is true if marked as deleted, false
633 * otherwise.
634 */ 629 */
635struct tomoyo_aggregator_entry { 630struct tomoyo_aggregator_entry {
636 struct list_head list; 631 struct tomoyo_acl_head head;
637 const struct tomoyo_path_info *original_name; 632 const struct tomoyo_path_info *original_name;
638 const struct tomoyo_path_info *aggregated_name; 633 const struct tomoyo_path_info *aggregated_name;
639 bool is_deleted;
640}; 634};
641 635
642/* 636/*
643 * tomoyo_alias_entry is a structure which is used for holding "alias" entries. 637 * tomoyo_alias_entry is a structure which is used for holding "alias" entries.
644 * It has following fields. 638 * It has following fields.
645 * 639 *
646 * (1) "list" which is linked to tomoyo_alias_list . 640 * (1) "head" is "struct tomoyo_acl_head".
647 * (2) "original_name" which is a dereferenced pathname. 641 * (2) "original_name" which is a dereferenced pathname.
648 * (3) "aliased_name" which is a symlink's pathname. 642 * (3) "aliased_name" which is a symlink's pathname.
649 * (4) "is_deleted" is a bool which is true if marked as deleted, false
650 * otherwise.
651 */ 643 */
652struct tomoyo_alias_entry { 644struct tomoyo_alias_entry {
653 struct list_head list; 645 struct tomoyo_acl_head head;
654 const struct tomoyo_path_info *original_name; 646 const struct tomoyo_path_info *original_name;
655 const struct tomoyo_path_info *aliased_name; 647 const struct tomoyo_path_info *aliased_name;
656 bool is_deleted;
657}; 648};
658 649
659/* 650/*
@@ -662,19 +653,16 @@ struct tomoyo_alias_entry {
662 * /sys/kernel/security/tomoyo/ interface. 653 * /sys/kernel/security/tomoyo/ interface.
663 * It has following fields. 654 * It has following fields.
664 * 655 *
665 * (1) "list" which is linked to tomoyo_policy_manager_list . 656 * (1) "head" is "struct tomoyo_acl_head".
666 * (2) "manager" is a domainname or a program's pathname. 657 * (2) "is_domain" is a bool which is true if "manager" is a domainname, false
667 * (3) "is_domain" is a bool which is true if "manager" is a domainname, false
668 * otherwise.
669 * (4) "is_deleted" is a bool which is true if marked as deleted, false
670 * otherwise. 658 * otherwise.
659 * (3) "manager" is a domainname or a program's pathname.
671 */ 660 */
672struct tomoyo_policy_manager_entry { 661struct tomoyo_policy_manager_entry {
673 struct list_head list; 662 struct tomoyo_acl_head head;
663 bool is_domain; /* True if manager is a domainname. */
674 /* A path to program or a domainname. */ 664 /* A path to program or a domainname. */
675 const struct tomoyo_path_info *manager; 665 const struct tomoyo_path_info *manager;
676 bool is_domain; /* True if manager is a domainname. */
677 bool is_deleted; /* True if this entry is deleted. */
678}; 666};
679 667
680struct tomoyo_preference { 668struct tomoyo_preference {
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index f774e73e0022..60297da6adcf 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -199,10 +199,11 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname,
199 goto out; 199 goto out;
200 if (mutex_lock_interruptible(&tomoyo_policy_lock)) 200 if (mutex_lock_interruptible(&tomoyo_policy_lock))
201 goto out; 201 goto out;
202 list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) { 202 list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list,
203 head.list) {
203 if (!tomoyo_is_same_domain_initializer_entry(ptr, &e)) 204 if (!tomoyo_is_same_domain_initializer_entry(ptr, &e))
204 continue; 205 continue;
205 ptr->is_deleted = is_delete; 206 ptr->head.is_deleted = is_delete;
206 error = 0; 207 error = 0;
207 break; 208 break;
208 } 209 }
@@ -210,7 +211,7 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname,
210 struct tomoyo_domain_initializer_entry *entry = 211 struct tomoyo_domain_initializer_entry *entry =
211 tomoyo_commit_ok(&e, sizeof(e)); 212 tomoyo_commit_ok(&e, sizeof(e));
212 if (entry) { 213 if (entry) {
213 list_add_tail_rcu(&entry->list, 214 list_add_tail_rcu(&entry->head.list,
214 &tomoyo_domain_initializer_list); 215 &tomoyo_domain_initializer_list);
215 error = 0; 216 error = 0;
216 } 217 }
@@ -243,8 +244,8 @@ bool tomoyo_read_domain_initializer_policy(struct tomoyo_io_buffer *head)
243 const char *domain = ""; 244 const char *domain = "";
244 struct tomoyo_domain_initializer_entry *ptr; 245 struct tomoyo_domain_initializer_entry *ptr;
245 ptr = list_entry(pos, struct tomoyo_domain_initializer_entry, 246 ptr = list_entry(pos, struct tomoyo_domain_initializer_entry,
246 list); 247 head.list);
247 if (ptr->is_deleted) 248 if (ptr->head.is_deleted)
248 continue; 249 continue;
249 no = ptr->is_not ? "no_" : ""; 250 no = ptr->is_not ? "no_" : "";
250 if (ptr->domainname) { 251 if (ptr->domainname) {
@@ -308,8 +309,9 @@ static bool tomoyo_is_domain_initializer(const struct tomoyo_path_info *
308 struct tomoyo_domain_initializer_entry *ptr; 309 struct tomoyo_domain_initializer_entry *ptr;
309 bool flag = false; 310 bool flag = false;
310 311
311 list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) { 312 list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list,
312 if (ptr->is_deleted) 313 head.list) {
314 if (ptr->head.is_deleted)
313 continue; 315 continue;
314 if (ptr->domainname) { 316 if (ptr->domainname) {
315 if (!ptr->is_last_name) { 317 if (!ptr->is_last_name) {
@@ -409,10 +411,10 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname,
409 goto out; 411 goto out;
410 if (mutex_lock_interruptible(&tomoyo_policy_lock)) 412 if (mutex_lock_interruptible(&tomoyo_policy_lock))
411 goto out; 413 goto out;
412 list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { 414 list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, head.list) {
413 if (!tomoyo_is_same_domain_keeper_entry(ptr, &e)) 415 if (!tomoyo_is_same_domain_keeper_entry(ptr, &e))
414 continue; 416 continue;
415 ptr->is_deleted = is_delete; 417 ptr->head.is_deleted = is_delete;
416 error = 0; 418 error = 0;
417 break; 419 break;
418 } 420 }
@@ -420,7 +422,7 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname,
420 struct tomoyo_domain_keeper_entry *entry = 422 struct tomoyo_domain_keeper_entry *entry =
421 tomoyo_commit_ok(&e, sizeof(e)); 423 tomoyo_commit_ok(&e, sizeof(e));
422 if (entry) { 424 if (entry) {
423 list_add_tail_rcu(&entry->list, 425 list_add_tail_rcu(&entry->head.list,
424 &tomoyo_domain_keeper_list); 426 &tomoyo_domain_keeper_list);
425 error = 0; 427 error = 0;
426 } 428 }
@@ -475,8 +477,9 @@ bool tomoyo_read_domain_keeper_policy(struct tomoyo_io_buffer *head)
475 const char *from = ""; 477 const char *from = "";
476 const char *program = ""; 478 const char *program = "";
477 479
478 ptr = list_entry(pos, struct tomoyo_domain_keeper_entry, list); 480 ptr = list_entry(pos, struct tomoyo_domain_keeper_entry,
479 if (ptr->is_deleted) 481 head.list);
482 if (ptr->head.is_deleted)
480 continue; 483 continue;
481 no = ptr->is_not ? "no_" : ""; 484 no = ptr->is_not ? "no_" : "";
482 if (ptr->program) { 485 if (ptr->program) {
@@ -512,8 +515,8 @@ static bool tomoyo_is_domain_keeper(const struct tomoyo_path_info *domainname,
512 struct tomoyo_domain_keeper_entry *ptr; 515 struct tomoyo_domain_keeper_entry *ptr;
513 bool flag = false; 516 bool flag = false;
514 517
515 list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { 518 list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, head.list) {
516 if (ptr->is_deleted) 519 if (ptr->head.is_deleted)
517 continue; 520 continue;
518 if (!ptr->is_last_name) { 521 if (!ptr->is_last_name) {
519 if (ptr->domainname != domainname) 522 if (ptr->domainname != domainname)
@@ -591,10 +594,10 @@ static int tomoyo_update_aggregator_entry(const char *original_name,
591 goto out; 594 goto out;
592 if (mutex_lock_interruptible(&tomoyo_policy_lock)) 595 if (mutex_lock_interruptible(&tomoyo_policy_lock))
593 goto out; 596 goto out;
594 list_for_each_entry_rcu(ptr, &tomoyo_aggregator_list, list) { 597 list_for_each_entry_rcu(ptr, &tomoyo_aggregator_list, head.list) {
595 if (!tomoyo_is_same_aggregator_entry(ptr, &e)) 598 if (!tomoyo_is_same_aggregator_entry(ptr, &e))
596 continue; 599 continue;
597 ptr->is_deleted = is_delete; 600 ptr->head.is_deleted = is_delete;
598 error = 0; 601 error = 0;
599 break; 602 break;
600 } 603 }
@@ -602,7 +605,7 @@ static int tomoyo_update_aggregator_entry(const char *original_name,
602 struct tomoyo_aggregator_entry *entry = 605 struct tomoyo_aggregator_entry *entry =
603 tomoyo_commit_ok(&e, sizeof(e)); 606 tomoyo_commit_ok(&e, sizeof(e));
604 if (entry) { 607 if (entry) {
605 list_add_tail_rcu(&entry->list, 608 list_add_tail_rcu(&entry->head.list,
606 &tomoyo_aggregator_list); 609 &tomoyo_aggregator_list);
607 error = 0; 610 error = 0;
608 } 611 }
@@ -631,8 +634,9 @@ bool tomoyo_read_aggregator_policy(struct tomoyo_io_buffer *head)
631 list_for_each_cookie(pos, head->read_var2, &tomoyo_aggregator_list) { 634 list_for_each_cookie(pos, head->read_var2, &tomoyo_aggregator_list) {
632 struct tomoyo_aggregator_entry *ptr; 635 struct tomoyo_aggregator_entry *ptr;
633 636
634 ptr = list_entry(pos, struct tomoyo_aggregator_entry, list); 637 ptr = list_entry(pos, struct tomoyo_aggregator_entry,
635 if (ptr->is_deleted) 638 head.list);
639 if (ptr->head.is_deleted)
636 continue; 640 continue;
637 done = tomoyo_io_printf(head, TOMOYO_KEYWORD_AGGREGATOR 641 done = tomoyo_io_printf(head, TOMOYO_KEYWORD_AGGREGATOR
638 "%s %s\n", ptr->original_name->name, 642 "%s %s\n", ptr->original_name->name,
@@ -724,10 +728,10 @@ static int tomoyo_update_alias_entry(const char *original_name,
724 goto out; /* No patterns allowed. */ 728 goto out; /* No patterns allowed. */
725 if (mutex_lock_interruptible(&tomoyo_policy_lock)) 729 if (mutex_lock_interruptible(&tomoyo_policy_lock))
726 goto out; 730 goto out;
727 list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { 731 list_for_each_entry_rcu(ptr, &tomoyo_alias_list, head.list) {
728 if (!tomoyo_is_same_alias_entry(ptr, &e)) 732 if (!tomoyo_is_same_alias_entry(ptr, &e))
729 continue; 733 continue;
730 ptr->is_deleted = is_delete; 734 ptr->head.is_deleted = is_delete;
731 error = 0; 735 error = 0;
732 break; 736 break;
733 } 737 }
@@ -735,7 +739,8 @@ static int tomoyo_update_alias_entry(const char *original_name,
735 struct tomoyo_alias_entry *entry = 739 struct tomoyo_alias_entry *entry =
736 tomoyo_commit_ok(&e, sizeof(e)); 740 tomoyo_commit_ok(&e, sizeof(e));
737 if (entry) { 741 if (entry) {
738 list_add_tail_rcu(&entry->list, &tomoyo_alias_list); 742 list_add_tail_rcu(&entry->head.list,
743 &tomoyo_alias_list);
739 error = 0; 744 error = 0;
740 } 745 }
741 } 746 }
@@ -763,8 +768,8 @@ bool tomoyo_read_alias_policy(struct tomoyo_io_buffer *head)
763 list_for_each_cookie(pos, head->read_var2, &tomoyo_alias_list) { 768 list_for_each_cookie(pos, head->read_var2, &tomoyo_alias_list) {
764 struct tomoyo_alias_entry *ptr; 769 struct tomoyo_alias_entry *ptr;
765 770
766 ptr = list_entry(pos, struct tomoyo_alias_entry, list); 771 ptr = list_entry(pos, struct tomoyo_alias_entry, head.list);
767 if (ptr->is_deleted) 772 if (ptr->head.is_deleted)
768 continue; 773 continue;
769 done = tomoyo_io_printf(head, TOMOYO_KEYWORD_ALIAS "%s %s\n", 774 done = tomoyo_io_printf(head, TOMOYO_KEYWORD_ALIAS "%s %s\n",
770 ptr->original_name->name, 775 ptr->original_name->name,
@@ -901,8 +906,8 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
901 if (tomoyo_pathcmp(&rn, &sn)) { 906 if (tomoyo_pathcmp(&rn, &sn)) {
902 struct tomoyo_alias_entry *ptr; 907 struct tomoyo_alias_entry *ptr;
903 /* Is this program allowed to be called via symbolic links? */ 908 /* Is this program allowed to be called via symbolic links? */
904 list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { 909 list_for_each_entry_rcu(ptr, &tomoyo_alias_list, head.list) {
905 if (ptr->is_deleted || 910 if (ptr->head.is_deleted ||
906 tomoyo_pathcmp(&rn, ptr->original_name) || 911 tomoyo_pathcmp(&rn, ptr->original_name) ||
907 tomoyo_pathcmp(&sn, ptr->aliased_name)) 912 tomoyo_pathcmp(&sn, ptr->aliased_name))
908 continue; 913 continue;
@@ -917,8 +922,9 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
917 /* Check 'aggregator' directive. */ 922 /* Check 'aggregator' directive. */
918 { 923 {
919 struct tomoyo_aggregator_entry *ptr; 924 struct tomoyo_aggregator_entry *ptr;
920 list_for_each_entry_rcu(ptr, &tomoyo_aggregator_list, list) { 925 list_for_each_entry_rcu(ptr, &tomoyo_aggregator_list,
921 if (ptr->is_deleted || 926 head.list) {
927 if (ptr->head.is_deleted ||
922 !tomoyo_path_matches_pattern(&rn, 928 !tomoyo_path_matches_pattern(&rn,
923 ptr->original_name)) 929 ptr->original_name))
924 continue; 930 continue;
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c
index b826058c72e9..09436d11f298 100644
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -277,10 +277,11 @@ static int tomoyo_update_globally_readable_entry(const char *filename,
277 return -ENOMEM; 277 return -ENOMEM;
278 if (mutex_lock_interruptible(&tomoyo_policy_lock)) 278 if (mutex_lock_interruptible(&tomoyo_policy_lock))
279 goto out; 279 goto out;
280 list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) { 280 list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list,
281 head.list) {
281 if (ptr->filename != e.filename) 282 if (ptr->filename != e.filename)
282 continue; 283 continue;
283 ptr->is_deleted = is_delete; 284 ptr->head.is_deleted = is_delete;
284 error = 0; 285 error = 0;
285 break; 286 break;
286 } 287 }
@@ -288,7 +289,7 @@ static int tomoyo_update_globally_readable_entry(const char *filename,
288 struct tomoyo_globally_readable_file_entry *entry = 289 struct tomoyo_globally_readable_file_entry *entry =
289 tomoyo_commit_ok(&e, sizeof(e)); 290 tomoyo_commit_ok(&e, sizeof(e));
290 if (entry) { 291 if (entry) {
291 list_add_tail_rcu(&entry->list, 292 list_add_tail_rcu(&entry->head.list,
292 &tomoyo_globally_readable_list); 293 &tomoyo_globally_readable_list);
293 error = 0; 294 error = 0;
294 } 295 }
@@ -314,8 +315,9 @@ static bool tomoyo_is_globally_readable_file(const struct tomoyo_path_info *
314 struct tomoyo_globally_readable_file_entry *ptr; 315 struct tomoyo_globally_readable_file_entry *ptr;
315 bool found = false; 316 bool found = false;
316 317
317 list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, list) { 318 list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list,
318 if (!ptr->is_deleted && 319 head.list) {
320 if (!ptr->head.is_deleted &&
319 tomoyo_path_matches_pattern(filename, ptr->filename)) { 321 tomoyo_path_matches_pattern(filename, ptr->filename)) {
320 found = true; 322 found = true;
321 break; 323 break;
@@ -358,8 +360,8 @@ bool tomoyo_read_globally_readable_policy(struct tomoyo_io_buffer *head)
358 struct tomoyo_globally_readable_file_entry *ptr; 360 struct tomoyo_globally_readable_file_entry *ptr;
359 ptr = list_entry(pos, 361 ptr = list_entry(pos,
360 struct tomoyo_globally_readable_file_entry, 362 struct tomoyo_globally_readable_file_entry,
361 list); 363 head.list);
362 if (ptr->is_deleted) 364 if (ptr->head.is_deleted)
363 continue; 365 continue;
364 done = tomoyo_io_printf(head, TOMOYO_KEYWORD_ALLOW_READ "%s\n", 366 done = tomoyo_io_printf(head, TOMOYO_KEYWORD_ALLOW_READ "%s\n",
365 ptr->filename->name); 367 ptr->filename->name);
@@ -424,10 +426,10 @@ static int tomoyo_update_file_pattern_entry(const char *pattern,
424 return error; 426 return error;
425 if (mutex_lock_interruptible(&tomoyo_policy_lock)) 427 if (mutex_lock_interruptible(&tomoyo_policy_lock))
426 goto out; 428 goto out;
427 list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) { 429 list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, head.list) {
428 if (e.pattern != ptr->pattern) 430 if (e.pattern != ptr->pattern)
429 continue; 431 continue;
430 ptr->is_deleted = is_delete; 432 ptr->head.is_deleted = is_delete;
431 error = 0; 433 error = 0;
432 break; 434 break;
433 } 435 }
@@ -435,7 +437,8 @@ static int tomoyo_update_file_pattern_entry(const char *pattern,
435 struct tomoyo_pattern_entry *entry = 437 struct tomoyo_pattern_entry *entry =
436 tomoyo_commit_ok(&e, sizeof(e)); 438 tomoyo_commit_ok(&e, sizeof(e));
437 if (entry) { 439 if (entry) {
438 list_add_tail_rcu(&entry->list, &tomoyo_pattern_list); 440 list_add_tail_rcu(&entry->head.list,
441 &tomoyo_pattern_list);
439 error = 0; 442 error = 0;
440 } 443 }
441 } 444 }
@@ -459,8 +462,8 @@ const char *tomoyo_file_pattern(const struct tomoyo_path_info *filename)
459 struct tomoyo_pattern_entry *ptr; 462 struct tomoyo_pattern_entry *ptr;
460 const struct tomoyo_path_info *pattern = NULL; 463 const struct tomoyo_path_info *pattern = NULL;
461 464
462 list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) { 465 list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, head.list) {
463 if (ptr->is_deleted) 466 if (ptr->head.is_deleted)
464 continue; 467 continue;
465 if (!tomoyo_path_matches_pattern(filename, ptr->pattern)) 468 if (!tomoyo_path_matches_pattern(filename, ptr->pattern))
466 continue; 469 continue;
@@ -508,8 +511,8 @@ bool tomoyo_read_file_pattern(struct tomoyo_io_buffer *head)
508 511
509 list_for_each_cookie(pos, head->read_var2, &tomoyo_pattern_list) { 512 list_for_each_cookie(pos, head->read_var2, &tomoyo_pattern_list) {
510 struct tomoyo_pattern_entry *ptr; 513 struct tomoyo_pattern_entry *ptr;
511 ptr = list_entry(pos, struct tomoyo_pattern_entry, list); 514 ptr = list_entry(pos, struct tomoyo_pattern_entry, head.list);
512 if (ptr->is_deleted) 515 if (ptr->head.is_deleted)
513 continue; 516 continue;
514 done = tomoyo_io_printf(head, TOMOYO_KEYWORD_FILE_PATTERN 517 done = tomoyo_io_printf(head, TOMOYO_KEYWORD_FILE_PATTERN
515 "%s\n", ptr->pattern->name); 518 "%s\n", ptr->pattern->name);
@@ -574,10 +577,10 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern,
574 return error; 577 return error;
575 if (mutex_lock_interruptible(&tomoyo_policy_lock)) 578 if (mutex_lock_interruptible(&tomoyo_policy_lock))
576 goto out; 579 goto out;
577 list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) { 580 list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, head.list) {
578 if (ptr->pattern != e.pattern) 581 if (ptr->pattern != e.pattern)
579 continue; 582 continue;
580 ptr->is_deleted = is_delete; 583 ptr->head.is_deleted = is_delete;
581 error = 0; 584 error = 0;
582 break; 585 break;
583 } 586 }
@@ -585,7 +588,7 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern,
585 struct tomoyo_no_rewrite_entry *entry = 588 struct tomoyo_no_rewrite_entry *entry =
586 tomoyo_commit_ok(&e, sizeof(e)); 589 tomoyo_commit_ok(&e, sizeof(e));
587 if (entry) { 590 if (entry) {
588 list_add_tail_rcu(&entry->list, 591 list_add_tail_rcu(&entry->head.list,
589 &tomoyo_no_rewrite_list); 592 &tomoyo_no_rewrite_list);
590 error = 0; 593 error = 0;
591 } 594 }
@@ -611,8 +614,8 @@ static bool tomoyo_is_no_rewrite_file(const struct tomoyo_path_info *filename)
611 struct tomoyo_no_rewrite_entry *ptr; 614 struct tomoyo_no_rewrite_entry *ptr;
612 bool found = false; 615 bool found = false;
613 616
614 list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) { 617 list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, head.list) {
615 if (ptr->is_deleted) 618 if (ptr->head.is_deleted)
616 continue; 619 continue;
617 if (!tomoyo_path_matches_pattern(filename, ptr->pattern)) 620 if (!tomoyo_path_matches_pattern(filename, ptr->pattern))
618 continue; 621 continue;
@@ -653,8 +656,9 @@ bool tomoyo_read_no_rewrite_policy(struct tomoyo_io_buffer *head)
653 656
654 list_for_each_cookie(pos, head->read_var2, &tomoyo_no_rewrite_list) { 657 list_for_each_cookie(pos, head->read_var2, &tomoyo_no_rewrite_list) {
655 struct tomoyo_no_rewrite_entry *ptr; 658 struct tomoyo_no_rewrite_entry *ptr;
656 ptr = list_entry(pos, struct tomoyo_no_rewrite_entry, list); 659 ptr = list_entry(pos, struct tomoyo_no_rewrite_entry,
657 if (ptr->is_deleted) 660 head.list);
661 if (ptr->head.is_deleted)
658 continue; 662 continue;
659 done = tomoyo_io_printf(head, TOMOYO_KEYWORD_DENY_REWRITE 663 done = tomoyo_io_printf(head, TOMOYO_KEYWORD_DENY_REWRITE
660 "%s\n", ptr->pattern->name); 664 "%s\n", ptr->pattern->name);
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c
index aed7ddd0de84..2dd9665af260 100644
--- a/security/tomoyo/gc.c
+++ b/security/tomoyo/gc.c
@@ -216,33 +216,34 @@ static void tomoyo_collect_entry(void)
216 { 216 {
217 struct tomoyo_globally_readable_file_entry *ptr; 217 struct tomoyo_globally_readable_file_entry *ptr;
218 list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list, 218 list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list,
219 list) { 219 head.list) {
220 if (!ptr->is_deleted) 220 if (!ptr->head.is_deleted)
221 continue; 221 continue;
222 if (tomoyo_add_to_gc(TOMOYO_ID_GLOBALLY_READABLE, ptr)) 222 if (tomoyo_add_to_gc(TOMOYO_ID_GLOBALLY_READABLE, ptr))
223 list_del_rcu(&ptr->list); 223 list_del_rcu(&ptr->head.list);
224 else 224 else
225 break; 225 break;
226 } 226 }
227 } 227 }
228 { 228 {
229 struct tomoyo_pattern_entry *ptr; 229 struct tomoyo_pattern_entry *ptr;
230 list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, list) { 230 list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, head.list) {
231 if (!ptr->is_deleted) 231 if (!ptr->head.is_deleted)
232 continue; 232 continue;
233 if (tomoyo_add_to_gc(TOMOYO_ID_PATTERN, ptr)) 233 if (tomoyo_add_to_gc(TOMOYO_ID_PATTERN, ptr))
234 list_del_rcu(&ptr->list); 234 list_del_rcu(&ptr->head.list);
235 else 235 else
236 break; 236 break;
237 } 237 }
238 } 238 }
239 { 239 {
240 struct tomoyo_no_rewrite_entry *ptr; 240 struct tomoyo_no_rewrite_entry *ptr;
241 list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, list) { 241 list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list,
242 if (!ptr->is_deleted) 242 head.list) {
243 if (!ptr->head.is_deleted)
243 continue; 244 continue;
244 if (tomoyo_add_to_gc(TOMOYO_ID_NO_REWRITE, ptr)) 245 if (tomoyo_add_to_gc(TOMOYO_ID_NO_REWRITE, ptr))
245 list_del_rcu(&ptr->list); 246 list_del_rcu(&ptr->head.list);
246 else 247 else
247 break; 248 break;
248 } 249 }
@@ -250,44 +251,46 @@ static void tomoyo_collect_entry(void)
250 { 251 {
251 struct tomoyo_domain_initializer_entry *ptr; 252 struct tomoyo_domain_initializer_entry *ptr;
252 list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, 253 list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list,
253 list) { 254 head.list) {
254 if (!ptr->is_deleted) 255 if (!ptr->head.is_deleted)
255 continue; 256 continue;
256 if (tomoyo_add_to_gc(TOMOYO_ID_DOMAIN_INITIALIZER, ptr)) 257 if (tomoyo_add_to_gc(TOMOYO_ID_DOMAIN_INITIALIZER, ptr))
257 list_del_rcu(&ptr->list); 258 list_del_rcu(&ptr->head.list);
258 else 259 else
259 break; 260 break;
260 } 261 }
261 } 262 }
262 { 263 {
263 struct tomoyo_domain_keeper_entry *ptr; 264 struct tomoyo_domain_keeper_entry *ptr;
264 list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { 265 list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list,
265 if (!ptr->is_deleted) 266 head.list) {
267 if (!ptr->head.is_deleted)
266 continue; 268 continue;
267 if (tomoyo_add_to_gc(TOMOYO_ID_DOMAIN_KEEPER, ptr)) 269 if (tomoyo_add_to_gc(TOMOYO_ID_DOMAIN_KEEPER, ptr))
268 list_del_rcu(&ptr->list); 270 list_del_rcu(&ptr->head.list);
269 else 271 else
270 break; 272 break;
271 } 273 }
272 } 274 }
273 { 275 {
274 struct tomoyo_aggregator_entry *ptr; 276 struct tomoyo_aggregator_entry *ptr;
275 list_for_each_entry_rcu(ptr, &tomoyo_aggregator_list, list) { 277 list_for_each_entry_rcu(ptr, &tomoyo_aggregator_list,
276 if (!ptr->is_deleted) 278 head.list) {
279 if (!ptr->head.is_deleted)
277 continue; 280 continue;
278 if (tomoyo_add_to_gc(TOMOYO_ID_AGGREGATOR, ptr)) 281 if (tomoyo_add_to_gc(TOMOYO_ID_AGGREGATOR, ptr))
279 list_del_rcu(&ptr->list); 282 list_del_rcu(&ptr->head.list);
280 else 283 else
281 break; 284 break;
282 } 285 }
283 } 286 }
284 { 287 {
285 struct tomoyo_alias_entry *ptr; 288 struct tomoyo_alias_entry *ptr;
286 list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { 289 list_for_each_entry_rcu(ptr, &tomoyo_alias_list, head.list) {
287 if (!ptr->is_deleted) 290 if (!ptr->head.is_deleted)
288 continue; 291 continue;
289 if (tomoyo_add_to_gc(TOMOYO_ID_ALIAS, ptr)) 292 if (tomoyo_add_to_gc(TOMOYO_ID_ALIAS, ptr))
290 list_del_rcu(&ptr->list); 293 list_del_rcu(&ptr->head.list);
291 else 294 else
292 break; 295 break;
293 } 296 }
@@ -295,11 +298,11 @@ static void tomoyo_collect_entry(void)
295 { 298 {
296 struct tomoyo_policy_manager_entry *ptr; 299 struct tomoyo_policy_manager_entry *ptr;
297 list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, 300 list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list,
298 list) { 301 head.list) {
299 if (!ptr->is_deleted) 302 if (!ptr->head.is_deleted)
300 continue; 303 continue;
301 if (tomoyo_add_to_gc(TOMOYO_ID_MANAGER, ptr)) 304 if (tomoyo_add_to_gc(TOMOYO_ID_MANAGER, ptr))
302 list_del_rcu(&ptr->list); 305 list_del_rcu(&ptr->head.list);
303 else 306 else
304 break; 307 break;
305 } 308 }
@@ -352,12 +355,12 @@ static void tomoyo_collect_entry(void)
352 list_for_each_entry_rcu(group, &tomoyo_path_group_list, list) { 355 list_for_each_entry_rcu(group, &tomoyo_path_group_list, list) {
353 struct tomoyo_path_group_member *member; 356 struct tomoyo_path_group_member *member;
354 list_for_each_entry_rcu(member, &group->member_list, 357 list_for_each_entry_rcu(member, &group->member_list,
355 list) { 358 head.list) {
356 if (!member->is_deleted) 359 if (!member->head.is_deleted)
357 continue; 360 continue;
358 if (tomoyo_add_to_gc(TOMOYO_ID_PATH_GROUP_MEMBER, 361 if (tomoyo_add_to_gc(TOMOYO_ID_PATH_GROUP_MEMBER,
359 member)) 362 member))
360 list_del_rcu(&member->list); 363 list_del_rcu(&member->head.list);
361 else 364 else
362 break; 365 break;
363 } 366 }
@@ -375,12 +378,12 @@ static void tomoyo_collect_entry(void)
375 list_for_each_entry_rcu(group, &tomoyo_number_group_list, list) { 378 list_for_each_entry_rcu(group, &tomoyo_number_group_list, list) {
376 struct tomoyo_number_group_member *member; 379 struct tomoyo_number_group_member *member;
377 list_for_each_entry_rcu(member, &group->member_list, 380 list_for_each_entry_rcu(member, &group->member_list,
378 list) { 381 head.list) {
379 if (!member->is_deleted) 382 if (!member->head.is_deleted)
380 continue; 383 continue;
381 if (tomoyo_add_to_gc(TOMOYO_ID_NUMBER_GROUP_MEMBER, 384 if (tomoyo_add_to_gc(TOMOYO_ID_NUMBER_GROUP_MEMBER,
382 member)) 385 member))
383 list_del_rcu(&member->list); 386 list_del_rcu(&member->head.list);
384 else 387 else
385 break; 388 break;
386 } 389 }
diff --git a/security/tomoyo/number_group.c b/security/tomoyo/number_group.c
index 8d6ef8f006ff..afc5b6972129 100644
--- a/security/tomoyo/number_group.c
+++ b/security/tomoyo/number_group.c
@@ -84,10 +84,10 @@ int tomoyo_write_number_group_policy(char *data, const bool is_delete)
84 return -ENOMEM; 84 return -ENOMEM;
85 if (mutex_lock_interruptible(&tomoyo_policy_lock)) 85 if (mutex_lock_interruptible(&tomoyo_policy_lock))
86 goto out; 86 goto out;
87 list_for_each_entry_rcu(member, &group->member_list, list) { 87 list_for_each_entry_rcu(member, &group->member_list, head.list) {
88 if (memcmp(&member->number, &e.number, sizeof(e.number))) 88 if (memcmp(&member->number, &e.number, sizeof(e.number)))
89 continue; 89 continue;
90 member->is_deleted = is_delete; 90 member->head.is_deleted = is_delete;
91 error = 0; 91 error = 0;
92 break; 92 break;
93 } 93 }
@@ -95,7 +95,8 @@ int tomoyo_write_number_group_policy(char *data, const bool is_delete)
95 struct tomoyo_number_group_member *entry = 95 struct tomoyo_number_group_member *entry =
96 tomoyo_commit_ok(&e, sizeof(e)); 96 tomoyo_commit_ok(&e, sizeof(e));
97 if (entry) { 97 if (entry) {
98 list_add_tail_rcu(&entry->list, &group->member_list); 98 list_add_tail_rcu(&entry->head.list,
99 &group->member_list);
99 error = 0; 100 error = 0;
100 } 101 }
101 } 102 }
@@ -129,8 +130,8 @@ bool tomoyo_read_number_group_policy(struct tomoyo_io_buffer *head)
129 const struct tomoyo_number_group_member *member 130 const struct tomoyo_number_group_member *member
130 = list_entry(mpos, 131 = list_entry(mpos,
131 struct tomoyo_number_group_member, 132 struct tomoyo_number_group_member,
132 list); 133 head.list);
133 if (member->is_deleted) 134 if (member->head.is_deleted)
134 continue; 135 continue;
135 pos = head->read_avail; 136 pos = head->read_avail;
136 if (!tomoyo_io_printf(head, TOMOYO_KEYWORD_NUMBER_GROUP 137 if (!tomoyo_io_printf(head, TOMOYO_KEYWORD_NUMBER_GROUP
@@ -162,8 +163,8 @@ bool tomoyo_number_matches_group(const unsigned long min,
162{ 163{
163 struct tomoyo_number_group_member *member; 164 struct tomoyo_number_group_member *member;
164 bool matched = false; 165 bool matched = false;
165 list_for_each_entry_rcu(member, &group->member_list, list) { 166 list_for_each_entry_rcu(member, &group->member_list, head.list) {
166 if (member->is_deleted) 167 if (member->head.is_deleted)
167 continue; 168 continue;
168 if (min > member->number.values[1] || 169 if (min > member->number.values[1] ||
169 max < member->number.values[0]) 170 max < member->number.values[0])
diff --git a/security/tomoyo/path_group.c b/security/tomoyo/path_group.c
index 07e4f782367b..7838f7681297 100644
--- a/security/tomoyo/path_group.c
+++ b/security/tomoyo/path_group.c
@@ -79,10 +79,10 @@ int tomoyo_write_path_group_policy(char *data, const bool is_delete)
79 goto out; 79 goto out;
80 if (mutex_lock_interruptible(&tomoyo_policy_lock)) 80 if (mutex_lock_interruptible(&tomoyo_policy_lock))
81 goto out; 81 goto out;
82 list_for_each_entry_rcu(member, &group->member_list, list) { 82 list_for_each_entry_rcu(member, &group->member_list, head.list) {
83 if (member->member_name != e.member_name) 83 if (member->member_name != e.member_name)
84 continue; 84 continue;
85 member->is_deleted = is_delete; 85 member->head.is_deleted = is_delete;
86 error = 0; 86 error = 0;
87 break; 87 break;
88 } 88 }
@@ -90,7 +90,8 @@ int tomoyo_write_path_group_policy(char *data, const bool is_delete)
90 struct tomoyo_path_group_member *entry = 90 struct tomoyo_path_group_member *entry =
91 tomoyo_commit_ok(&e, sizeof(e)); 91 tomoyo_commit_ok(&e, sizeof(e));
92 if (entry) { 92 if (entry) {
93 list_add_tail_rcu(&entry->list, &group->member_list); 93 list_add_tail_rcu(&entry->head.list,
94 &group->member_list);
94 error = 0; 95 error = 0;
95 } 96 }
96 } 97 }
@@ -122,8 +123,8 @@ bool tomoyo_read_path_group_policy(struct tomoyo_io_buffer *head)
122 struct tomoyo_path_group_member *member; 123 struct tomoyo_path_group_member *member;
123 member = list_entry(mpos, 124 member = list_entry(mpos,
124 struct tomoyo_path_group_member, 125 struct tomoyo_path_group_member,
125 list); 126 head.list);
126 if (member->is_deleted) 127 if (member->head.is_deleted)
127 continue; 128 continue;
128 if (!tomoyo_io_printf(head, TOMOYO_KEYWORD_PATH_GROUP 129 if (!tomoyo_io_printf(head, TOMOYO_KEYWORD_PATH_GROUP
129 "%s %s\n", 130 "%s %s\n",
@@ -150,8 +151,8 @@ bool tomoyo_path_matches_group(const struct tomoyo_path_info *pathname,
150{ 151{
151 struct tomoyo_path_group_member *member; 152 struct tomoyo_path_group_member *member;
152 bool matched = false; 153 bool matched = false;
153 list_for_each_entry_rcu(member, &group->member_list, list) { 154 list_for_each_entry_rcu(member, &group->member_list, head.list) {
154 if (member->is_deleted) 155 if (member->head.is_deleted)
155 continue; 156 continue;
156 if (!tomoyo_path_matches_pattern(pathname, 157 if (!tomoyo_path_matches_pattern(pathname,
157 member->member_name)) 158 member->member_name))
generated by cgit v1.2.2 (git 2.25.0) at 2024-09-21 00:24:15 -0400