diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-05-17 10:09:15 +0900 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-08-02 15:33:37 +1000 |
commit | a1f9bb6a375a8dbf7797ffbd6739c46b338a77f7 (patch) | |
tree | 44df8f05e6ad6bd7cf9ce398c99efbd7cff24c20 /security/tomoyo/gc.c | |
parent | cb0abe6a5b58499bd4bc1403f4987af9ead0642c (diff) | |
download | op-kernel-dev-a1f9bb6a375a8dbf7797ffbd6739c46b338a77f7.zip op-kernel-dev-a1f9bb6a375a8dbf7797ffbd6739c46b338a77f7.tar.gz |
TOMOYO: Split file access control functions by type of parameters.
Check numeric parameters for operations that deal them
(e.g. chmod/chown/ioctl).
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/gc.c')
-rw-r--r-- | security/tomoyo/gc.c | 35 |
1 files changed, 31 insertions, 4 deletions
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c index 6a48197..7810018 100644 --- a/security/tomoyo/gc.c +++ b/security/tomoyo/gc.c @@ -106,6 +106,24 @@ static void tomoyo_del_acl(struct tomoyo_acl_info *acl) tomoyo_put_name_union(&entry->name2); } break; + case TOMOYO_TYPE_PATH_NUMBER_ACL: + { + struct tomoyo_path_number_acl *entry + = container_of(acl, typeof(*entry), head); + tomoyo_put_name_union(&entry->name); + tomoyo_put_number_union(&entry->number); + } + break; + case TOMOYO_TYPE_PATH_NUMBER3_ACL: + { + struct tomoyo_path_number3_acl *entry + = container_of(acl, typeof(*entry), head); + tomoyo_put_name_union(&entry->name); + tomoyo_put_number_union(&entry->mode); + tomoyo_put_number_union(&entry->major); + tomoyo_put_number_union(&entry->minor); + } + break; default: printk(KERN_WARNING "Unknown type\n"); break; @@ -268,10 +286,7 @@ static void tomoyo_collect_entry(void) case TOMOYO_TYPE_PATH_ACL: if (container_of(acl, struct tomoyo_path_acl, - head)->perm || - container_of(acl, - struct tomoyo_path_acl, - head)->perm_high) + head)->perm) continue; break; case TOMOYO_TYPE_PATH2_ACL: @@ -280,6 +295,18 @@ static void tomoyo_collect_entry(void) head)->perm) continue; break; + case TOMOYO_TYPE_PATH_NUMBER_ACL: + if (container_of(acl, + struct tomoyo_path_number_acl, + head)->perm) + continue; + break; + case TOMOYO_TYPE_PATH_NUMBER3_ACL: + if (container_of(acl, + struct tomoyo_path_number3_acl, + head)->perm) + continue; + break; default: continue; } |