#include <linux/kthread.h>
#include <linux/slab.h>
-enum tomoyo_policy_id {
- TOMOYO_ID_PATH_GROUP,
- TOMOYO_ID_PATH_GROUP_MEMBER,
- TOMOYO_ID_NUMBER_GROUP,
- TOMOYO_ID_NUMBER_GROUP_MEMBER,
- TOMOYO_ID_DOMAIN_INITIALIZER,
- TOMOYO_ID_DOMAIN_KEEPER,
- TOMOYO_ID_AGGREGATOR,
- TOMOYO_ID_ALIAS,
- TOMOYO_ID_GLOBALLY_READABLE,
- TOMOYO_ID_PATTERN,
- TOMOYO_ID_NO_REWRITE,
- TOMOYO_ID_MANAGER,
- TOMOYO_ID_NAME,
- TOMOYO_ID_ACL,
- TOMOYO_ID_DOMAIN,
- TOMOYO_MAX_POLICY
-};
-
struct tomoyo_gc_entry {
struct list_head list;
int type;
tomoyo_put_name(ptr->pattern);
}
-static void tomoyo_del_domain_initializer(struct list_head *element)
-{
- struct tomoyo_domain_initializer_entry *ptr =
- container_of(element, typeof(*ptr), head.list);
- tomoyo_put_name(ptr->domainname);
- tomoyo_put_name(ptr->program);
-}
-
-static void tomoyo_del_domain_keeper(struct list_head *element)
+static void tomoyo_del_transition_control(struct list_head *element)
{
- struct tomoyo_domain_keeper_entry *ptr =
+ struct tomoyo_transition_control *ptr =
container_of(element, typeof(*ptr), head.list);
tomoyo_put_name(ptr->domainname);
tomoyo_put_name(ptr->program);
tomoyo_put_name(ptr->aggregated_name);
}
-static void tomoyo_del_alias(struct list_head *element)
-{
- struct tomoyo_alias_entry *ptr =
- container_of(element, typeof(*ptr), head.list);
- tomoyo_put_name(ptr->original_name);
- tomoyo_put_name(ptr->aliased_name);
-}
-
static void tomoyo_del_manager(struct list_head *element)
{
struct tomoyo_policy_manager_entry *ptr =
container_of(element, typeof(*ptr), list);
}
-static void tomoyo_del_path_group_member(struct list_head *element)
+static void tomoyo_del_path_group(struct list_head *element)
{
- struct tomoyo_path_group_member *member =
+ struct tomoyo_path_group *member =
container_of(element, typeof(*member), head.list);
tomoyo_put_name(member->member_name);
}
-static void tomoyo_del_path_group(struct list_head *element)
+static void tomoyo_del_group(struct list_head *element)
{
- struct tomoyo_path_group *group =
+ struct tomoyo_group *group =
container_of(element, typeof(*group), list);
tomoyo_put_name(group->group_name);
}
-static void tomoyo_del_number_group_member(struct list_head *element)
-{
- struct tomoyo_number_group_member *member =
- container_of(element, typeof(*member), head.list);
-}
-
static void tomoyo_del_number_group(struct list_head *element)
{
- struct tomoyo_number_group *group =
- container_of(element, typeof(*group), list);
- tomoyo_put_name(group->group_name);
+ struct tomoyo_number_group *member =
+ container_of(element, typeof(*member), head.list);
}
-static struct list_head *tomoyo_policy_list[TOMOYO_MAX_POLICY] = {
- [TOMOYO_ID_GLOBALLY_READABLE] = &tomoyo_globally_readable_list,
- [TOMOYO_ID_PATTERN] = &tomoyo_pattern_list,
- [TOMOYO_ID_NO_REWRITE] = &tomoyo_no_rewrite_list,
- [TOMOYO_ID_DOMAIN_INITIALIZER] = &tomoyo_domain_initializer_list,
- [TOMOYO_ID_DOMAIN_KEEPER] = &tomoyo_domain_keeper_list,
- [TOMOYO_ID_AGGREGATOR] = &tomoyo_aggregator_list,
- [TOMOYO_ID_ALIAS] = &tomoyo_alias_list,
- [TOMOYO_ID_MANAGER] = &tomoyo_policy_manager_list,
-};
-
static bool tomoyo_collect_member(struct list_head *member_list, int id)
{
struct tomoyo_acl_head *member;
if (mutex_lock_interruptible(&tomoyo_policy_lock))
return;
for (i = 0; i < TOMOYO_MAX_POLICY; i++) {
- if (tomoyo_policy_list[i])
- if (!tomoyo_collect_member(tomoyo_policy_list[i], i))
- goto unlock;
+ if (!tomoyo_collect_member(&tomoyo_policy_list[i], i))
+ goto unlock;
}
{
struct tomoyo_domain_info *domain;
goto unlock;
}
}
- {
- struct tomoyo_path_group *group;
- list_for_each_entry_rcu(group, &tomoyo_path_group_list, list) {
- tomoyo_collect_member(&group->member_list,
- TOMOYO_ID_PATH_GROUP_MEMBER);
- if (!list_empty(&group->member_list) ||
- atomic_read(&group->users))
- continue;
- if (!tomoyo_add_to_gc(TOMOYO_ID_PATH_GROUP,
- &group->list))
- goto unlock;
+ for (i = 0; i < TOMOYO_MAX_GROUP; i++) {
+ struct list_head *list = &tomoyo_group_list[i];
+ int id;
+ struct tomoyo_group *group;
+ switch (i) {
+ case 0:
+ id = TOMOYO_ID_PATH_GROUP;
+ break;
+ default:
+ id = TOMOYO_ID_NUMBER_GROUP;
+ break;
}
- }
- {
- struct tomoyo_number_group *group;
- list_for_each_entry_rcu(group, &tomoyo_number_group_list,
- list) {
- tomoyo_collect_member(&group->member_list,
- TOMOYO_ID_NUMBER_GROUP_MEMBER);
+ list_for_each_entry(group, list, list) {
+ if (!tomoyo_collect_member(&group->member_list, id))
+ goto unlock;
if (!list_empty(&group->member_list) ||
atomic_read(&group->users))
continue;
- if (!tomoyo_add_to_gc(TOMOYO_ID_NUMBER_GROUP,
- &group->list))
+ if (!tomoyo_add_to_gc(TOMOYO_ID_GROUP, &group->list))
goto unlock;
}
}
list_for_each_entry_safe(p, tmp, &tomoyo_gc_queue, list) {
struct list_head *element = p->element;
switch (p->type) {
- case TOMOYO_ID_DOMAIN_INITIALIZER:
- tomoyo_del_domain_initializer(element);
- break;
- case TOMOYO_ID_DOMAIN_KEEPER:
- tomoyo_del_domain_keeper(element);
+ case TOMOYO_ID_TRANSITION_CONTROL:
+ tomoyo_del_transition_control(element);
break;
case TOMOYO_ID_AGGREGATOR:
tomoyo_del_aggregator(element);
break;
- case TOMOYO_ID_ALIAS:
- tomoyo_del_alias(element);
- break;
case TOMOYO_ID_GLOBALLY_READABLE:
tomoyo_del_allow_read(element);
break;
if (!tomoyo_del_domain(element))
continue;
break;
- case TOMOYO_ID_PATH_GROUP_MEMBER:
- tomoyo_del_path_group_member(element);
- break;
case TOMOYO_ID_PATH_GROUP:
tomoyo_del_path_group(element);
break;
- case TOMOYO_ID_NUMBER_GROUP_MEMBER:
- tomoyo_del_number_group_member(element);
+ case TOMOYO_ID_GROUP:
+ tomoyo_del_group(element);
break;
case TOMOYO_ID_NUMBER_GROUP:
tomoyo_del_number_group(element);