Commit cf6e9a64 authored by Tetsuo Handa's avatar Tetsuo Handa Committed by James Morris
Browse files

TOMOYO: Pass parameters via structure.



To make it possible to use callback function, pass parameters via
"struct tomoyo_request_info".
Signed-off-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 05336dee
...@@ -212,6 +212,39 @@ struct tomoyo_acl_head { ...@@ -212,6 +212,39 @@ struct tomoyo_acl_head {
*/ */
struct tomoyo_request_info { struct tomoyo_request_info {
struct tomoyo_domain_info *domain; struct tomoyo_domain_info *domain;
/* For holding parameters. */
union {
struct {
const struct tomoyo_path_info *filename;
u8 operation;
} path;
struct {
const struct tomoyo_path_info *filename1;
const struct tomoyo_path_info *filename2;
u8 operation;
} path2;
struct {
const struct tomoyo_path_info *filename;
unsigned int mode;
unsigned int major;
unsigned int minor;
u8 operation;
} mkdev;
struct {
const struct tomoyo_path_info *filename;
unsigned long number;
u8 operation;
} path_number;
struct {
const struct tomoyo_path_info *type;
const struct tomoyo_path_info *dir;
const struct tomoyo_path_info *dev;
unsigned long flags;
int need_dev;
} mount;
} param;
u8 param_type;
bool granted;
u8 retry; u8 retry;
u8 profile; u8 profile;
u8 mode; /* One of tomoyo_mode_index . */ u8 mode; /* One of tomoyo_mode_index . */
......
...@@ -973,6 +973,9 @@ int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation, ...@@ -973,6 +973,9 @@ int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation,
r->mode = tomoyo_get_mode(r->profile, r->type); r->mode = tomoyo_get_mode(r->profile, r->type);
if (r->mode == TOMOYO_CONFIG_DISABLED) if (r->mode == TOMOYO_CONFIG_DISABLED)
return 0; return 0;
r->param_type = TOMOYO_TYPE_PATH_ACL;
r->param.path.filename = filename;
r->param.path.operation = operation;
do { do {
error = tomoyo_path_acl(r, filename, 1 << operation); error = tomoyo_path_acl(r, filename, 1 << operation);
if (error && operation == TOMOYO_TYPE_READ && if (error && operation == TOMOYO_TYPE_READ &&
...@@ -1143,6 +1146,10 @@ static int tomoyo_path_number_perm2(struct tomoyo_request_info *r, ...@@ -1143,6 +1146,10 @@ static int tomoyo_path_number_perm2(struct tomoyo_request_info *r,
break; break;
} }
tomoyo_print_ulong(buffer, sizeof(buffer), number, radix); tomoyo_print_ulong(buffer, sizeof(buffer), number, radix);
r->param_type = TOMOYO_TYPE_PATH_NUMBER_ACL;
r->param.path_number.operation = type;
r->param.path_number.filename = filename;
r->param.path_number.number = number;
do { do {
error = tomoyo_path_number_acl(r, type, filename, number); error = tomoyo_path_number_acl(r, type, filename, number);
if (!error) if (!error)
...@@ -1369,8 +1376,15 @@ int tomoyo_path_number3_perm(const u8 operation, struct path *path, ...@@ -1369,8 +1376,15 @@ int tomoyo_path_number3_perm(const u8 operation, struct path *path,
idx = tomoyo_read_lock(); idx = tomoyo_read_lock();
error = -ENOMEM; error = -ENOMEM;
if (tomoyo_get_realpath(&buf, path)) { if (tomoyo_get_realpath(&buf, path)) {
dev = new_decode_dev(dev);
r.param_type = TOMOYO_TYPE_PATH_NUMBER3_ACL;
r.param.mkdev.filename = &buf;
r.param.mkdev.operation = operation;
r.param.mkdev.mode = mode;
r.param.mkdev.major = MAJOR(dev);
r.param.mkdev.minor = MINOR(dev);
error = tomoyo_path_number3_perm2(&r, operation, &buf, mode, error = tomoyo_path_number3_perm2(&r, operation, &buf, mode,
new_decode_dev(dev)); dev);
kfree(buf.name); kfree(buf.name);
} }
tomoyo_read_unlock(idx); tomoyo_read_unlock(idx);
...@@ -1421,6 +1435,10 @@ int tomoyo_path2_perm(const u8 operation, struct path *path1, ...@@ -1421,6 +1435,10 @@ int tomoyo_path2_perm(const u8 operation, struct path *path1,
tomoyo_add_slash(&buf2); tomoyo_add_slash(&buf2);
break; break;
} }
r.param_type = TOMOYO_TYPE_PATH2_ACL;
r.param.path2.operation = operation;
r.param.path2.filename1 = &buf1;
r.param.path2.filename2 = &buf2;
do { do {
error = tomoyo_path2_acl(&r, operation, &buf1, &buf2); error = tomoyo_path2_acl(&r, operation, &buf1, &buf2);
if (!error) if (!error)
......
...@@ -112,6 +112,12 @@ static int tomoyo_mount_acl2(struct tomoyo_request_info *r, char *dev_name, ...@@ -112,6 +112,12 @@ static int tomoyo_mount_acl2(struct tomoyo_request_info *r, char *dev_name,
} }
rdev.name = requested_dev_name; rdev.name = requested_dev_name;
tomoyo_fill_path_info(&rdev); tomoyo_fill_path_info(&rdev);
r->param_type = TOMOYO_TYPE_MOUNT_ACL;
r->param.mount.need_dev = need_dev;
r->param.mount.dev = &rdev;
r->param.mount.dir = &rdir;
r->param.mount.type = &rtype;
r->param.mount.flags = flags;
list_for_each_entry_rcu(ptr, &r->domain->acl_info_list, list) { list_for_each_entry_rcu(ptr, &r->domain->acl_info_list, list) {
struct tomoyo_mount_acl *acl; struct tomoyo_mount_acl *acl;
if (ptr->is_deleted || ptr->type != TOMOYO_TYPE_MOUNT_ACL) if (ptr->is_deleted || ptr->type != TOMOYO_TYPE_MOUNT_ACL)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment