kfree(ptr);
}
+/**
+ * tomoyo_get_group - Allocate memory for "struct tomoyo_path_group"/"struct tomoyo_number_group".
+ *
+ * @group_name: The name of address group.
+ * @idx: Index number.
+ *
+ * Returns pointer to "struct tomoyo_group" on success, NULL otherwise.
+ */
+struct tomoyo_group *tomoyo_get_group(const char *group_name, const u8 idx)
+{
+ struct tomoyo_group e = { };
+ struct tomoyo_group *group = NULL;
+ bool found = false;
+ if (!tomoyo_correct_word(group_name) || idx >= TOMOYO_MAX_GROUP)
+ return NULL;
+ e.group_name = tomoyo_get_name(group_name);
+ if (!e.group_name)
+ return NULL;
+ if (mutex_lock_interruptible(&tomoyo_policy_lock))
+ goto out;
+ list_for_each_entry(group, &tomoyo_group_list[idx], list) {
+ if (e.group_name != group->group_name)
+ continue;
+ atomic_inc(&group->users);
+ found = true;
+ break;
+ }
+ if (!found) {
+ struct tomoyo_group *entry = tomoyo_commit_ok(&e, sizeof(e));
+ if (entry) {
+ INIT_LIST_HEAD(&entry->member_list);
+ atomic_set(&entry->users, 1);
+ list_add_tail_rcu(&entry->list,
+ &tomoyo_group_list[idx]);
+ group = entry;
+ found = true;
+ }
+ }
+ mutex_unlock(&tomoyo_policy_lock);
+ out:
+ tomoyo_put_name(e.group_name);
+ return found ? group : NULL;
+}
+
/*
* tomoyo_name_list is used for holding string data used by TOMOYO.
* Since same string data is likely used for multiple times (e.g.
*/
const struct tomoyo_path_info *tomoyo_get_name(const char *name)
{
- struct tomoyo_name_entry *ptr;
+ struct tomoyo_name *ptr;
unsigned int hash;
int len;
int allocated_len;
{
int idx;
- BUILD_BUG_ON(TOMOYO_MAX_PATHNAME_LEN > PATH_MAX);
+ for (idx = 0; idx < TOMOYO_MAX_POLICY; idx++)
+ INIT_LIST_HEAD(&tomoyo_policy_list[idx]);
+ for (idx = 0; idx < TOMOYO_MAX_GROUP; idx++)
+ INIT_LIST_HEAD(&tomoyo_group_list[idx]);
for (idx = 0; idx < TOMOYO_MAX_HASH; idx++)
INIT_LIST_HEAD(&tomoyo_name_list[idx]);
INIT_LIST_HEAD(&tomoyo_kernel_domain.acl_info_list);
panic("Can't register tomoyo_kernel_domain");
{
/* Load built-in policy. */
- tomoyo_write_domain_initializer_policy("/sbin/hotplug",
- false, false);
- tomoyo_write_domain_initializer_policy("/sbin/modprobe",
- false, false);
+ tomoyo_write_transition_control("/sbin/hotplug", false,
+ TOMOYO_TRANSITION_CONTROL_INITIALIZE);
+ tomoyo_write_transition_control("/sbin/modprobe", false,
+ TOMOYO_TRANSITION_CONTROL_INITIALIZE);
}
tomoyo_read_unlock(idx);
}
*
* Returns memory usage.
*/
-int tomoyo_read_memory_counter(struct tomoyo_io_buffer *head)
+void tomoyo_read_memory_counter(struct tomoyo_io_buffer *head)
{
- if (!head->read_eof) {
+ if (!head->r.eof) {
const unsigned int policy
= atomic_read(&tomoyo_policy_memory_size);
const unsigned int query = tomoyo_query_memory_size;
tomoyo_io_printf(head, "Query lists: %10u%s\n", query,
buffer);
tomoyo_io_printf(head, "Total: %10u\n", policy + query);
- head->read_eof = true;
+ head->r.eof = true;
}
- return 0;
}
/**