diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-06-17 16:53:24 +0900 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-08-02 15:34:40 +1000 |
commit | a230f9e7121cbcbfe23bd5a630abf6b53cece555 (patch) | |
tree | a81820f41d57ffd8704aaef4331f696030d7ba77 /security/tomoyo/common.c | |
parent | a98aa4debe2728abb3353e35fc5d110dcc0d7f0d (diff) | |
download | op-kernel-dev-a230f9e7121cbcbfe23bd5a630abf6b53cece555.zip op-kernel-dev-a230f9e7121cbcbfe23bd5a630abf6b53cece555.tar.gz |
TOMOYO: Use array of "struct list_head".
Assign list id and make the lists as array of "struct list_head".
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/common.c')
-rw-r--r-- | security/tomoyo/common.c | 42 |
1 files changed, 6 insertions, 36 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 9eeb19ec..cb1aaf1 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c @@ -434,38 +434,6 @@ static void tomoyo_read_profile(struct tomoyo_io_buffer *head) head->read_eof = true; } -/* - * tomoyo_policy_manager_list is used for holding list of domainnames or - * programs which are permitted to modify configuration via - * /sys/kernel/security/tomoyo/ interface. - * - * An entry is added by - * - * # echo '<kernel> /sbin/mingetty /bin/login /bin/bash' > \ - * /sys/kernel/security/tomoyo/manager - * (if you want to specify by a domainname) - * - * or - * - * # echo '/usr/sbin/tomoyo-editpolicy' > /sys/kernel/security/tomoyo/manager - * (if you want to specify by a program's location) - * - * and is deleted by - * - * # echo 'delete <kernel> /sbin/mingetty /bin/login /bin/bash' > \ - * /sys/kernel/security/tomoyo/manager - * - * or - * - * # echo 'delete /usr/sbin/tomoyo-editpolicy' > \ - * /sys/kernel/security/tomoyo/manager - * - * and all entries are retrieved by - * - * # cat /sys/kernel/security/tomoyo/manager - */ -LIST_HEAD(tomoyo_policy_manager_list); - static bool tomoyo_same_manager_entry(const struct tomoyo_acl_head *a, const struct tomoyo_acl_head *b) { @@ -503,7 +471,7 @@ static int tomoyo_update_manager_entry(const char *manager, if (!e.manager) return -ENOMEM; error = tomoyo_update_policy(&e.head, sizeof(e), is_delete, - &tomoyo_policy_manager_list, + &tomoyo_policy_list[TOMOYO_ID_MANAGER], tomoyo_same_manager_entry); tomoyo_put_name(e.manager); return error; @@ -545,7 +513,7 @@ static void tomoyo_read_manager_policy(struct tomoyo_io_buffer *head) if (head->read_eof) return; list_for_each_cookie(pos, head->read_var2, - &tomoyo_policy_manager_list) { + &tomoyo_policy_list[TOMOYO_ID_MANAGER]) { struct tomoyo_policy_manager_entry *ptr; ptr = list_entry(pos, struct tomoyo_policy_manager_entry, head.list); @@ -578,7 +546,8 @@ static bool tomoyo_policy_manager(void) return true; if (!tomoyo_manage_by_non_root && (task->cred->uid || task->cred->euid)) return false; - list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, head.list) { + list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_MANAGER], + head.list) { if (!ptr->head.is_deleted && ptr->is_domain && !tomoyo_pathcmp(domainname, ptr->manager)) { found = true; @@ -590,7 +559,8 @@ static bool tomoyo_policy_manager(void) exe = tomoyo_get_exe(); if (!exe) return false; - list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, head.list) { + list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_MANAGER], + head.list) { if (!ptr->head.is_deleted && !ptr->is_domain && !strcmp(exe, ptr->manager->name)) { found = true; |