#include <linux/slab.h>
#include "common.h"
-/* The list for "struct tomoyo_number_group". */
-LIST_HEAD(tomoyo_number_group_list);
-
/**
- * tomoyo_get_number_group - Allocate memory for "struct tomoyo_number_group".
+ * tomoyo_get_group - Allocate memory for "struct tomoyo_number_group".
*
* @group_name: The name of number group.
*
* Returns pointer to "struct tomoyo_number_group" on success,
* NULL otherwise.
*/
-struct tomoyo_number_group *tomoyo_get_number_group(const char *group_name)
+struct tomoyo_group *tomoyo_get_number_group(const char *group_name)
{
- struct tomoyo_number_group *entry = NULL;
- struct tomoyo_number_group *group = NULL;
+ struct tomoyo_group *entry = NULL;
+ struct tomoyo_group *group = NULL;
const struct tomoyo_path_info *saved_group_name;
int error = -ENOMEM;
- if (!tomoyo_is_correct_word(group_name))
+ if (!tomoyo_correct_word(group_name))
return NULL;
saved_group_name = tomoyo_get_name(group_name);
if (!saved_group_name)
entry = kzalloc(sizeof(*entry), GFP_NOFS);
if (mutex_lock_interruptible(&tomoyo_policy_lock))
goto out;
- list_for_each_entry_rcu(group, &tomoyo_number_group_list, list) {
+ list_for_each_entry_rcu(group, &tomoyo_group_list[TOMOYO_NUMBER_GROUP],
+ list) {
if (saved_group_name != group->group_name)
continue;
atomic_inc(&group->users);
entry->group_name = saved_group_name;
saved_group_name = NULL;
atomic_set(&entry->users, 1);
- list_add_tail_rcu(&entry->list, &tomoyo_number_group_list);
+ list_add_tail_rcu(&entry->list,
+ &tomoyo_group_list[TOMOYO_NUMBER_GROUP]);
group = entry;
entry = NULL;
error = 0;
return !error ? group : NULL;
}
+static bool tomoyo_same_number_group(const struct tomoyo_acl_head *a,
+ const struct tomoyo_acl_head *b)
+{
+ return !memcmp(&container_of(a, struct tomoyo_number_group,
+ head)->number,
+ &container_of(b, struct tomoyo_number_group,
+ head)->number,
+ sizeof(container_of(a,
+ struct tomoyo_number_group,
+ head)->number));
+}
+
/**
* tomoyo_write_number_group_policy - Write "struct tomoyo_number_group" list.
*
*/
int tomoyo_write_number_group_policy(char *data, const bool is_delete)
{
- struct tomoyo_number_group *group;
- struct tomoyo_number_group_member e = { };
- struct tomoyo_number_group_member *member;
- int error = is_delete ? -ENOENT : -ENOMEM;
+ struct tomoyo_group *group;
+ struct tomoyo_number_group e = { };
+ int error;
char *w[2];
if (!tomoyo_tokenize(data, w, sizeof(w)))
return -EINVAL;
- if (!tomoyo_parse_number_union(w[1], &e.number))
- return -EINVAL;
- if (e.number.is_group || e.number.values[0] > e.number.values[1]) {
- tomoyo_put_number_union(&e.number);
+ if (w[1][0] == '@' || !tomoyo_parse_number_union(w[1], &e.number) ||
+ e.number.values[0] > e.number.values[1])
return -EINVAL;
- }
group = tomoyo_get_number_group(w[0]);
if (!group)
return -ENOMEM;
- if (mutex_lock_interruptible(&tomoyo_policy_lock))
- goto out;
- list_for_each_entry_rcu(member, &group->member_list, head.list) {
- if (memcmp(&member->number, &e.number, sizeof(e.number)))
- continue;
- member->head.is_deleted = is_delete;
- error = 0;
- break;
- }
- if (!is_delete && error) {
- struct tomoyo_number_group_member *entry =
- tomoyo_commit_ok(&e, sizeof(e));
- if (entry) {
- list_add_tail_rcu(&entry->head.list,
- &group->member_list);
- error = 0;
- }
- }
- mutex_unlock(&tomoyo_policy_lock);
- out:
- tomoyo_put_number_group(group);
+ error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
+ &group->member_list,
+ tomoyo_same_number_group);
+ tomoyo_put_group(group);
return error;
}
{
struct list_head *gpos;
struct list_head *mpos;
- list_for_each_cookie(gpos, head->read_var1, &tomoyo_number_group_list) {
- struct tomoyo_number_group *group;
+ list_for_each_cookie(gpos, head->read_var1,
+ &tomoyo_group_list[TOMOYO_NUMBER_GROUP]) {
+ struct tomoyo_group *group;
const char *name;
- group = list_entry(gpos, struct tomoyo_number_group, list);
+ group = list_entry(gpos, struct tomoyo_group, list);
name = group->group_name->name;
list_for_each_cookie(mpos, head->read_var2,
&group->member_list) {
int pos;
- const struct tomoyo_number_group_member *member
+ const struct tomoyo_number_group *member
= list_entry(mpos,
- struct tomoyo_number_group_member,
+ struct tomoyo_number_group,
head.list);
if (member->head.is_deleted)
continue;
*/
bool tomoyo_number_matches_group(const unsigned long min,
const unsigned long max,
- const struct tomoyo_number_group *group)
+ const struct tomoyo_group *group)
{
- struct tomoyo_number_group_member *member;
+ struct tomoyo_number_group *member;
bool matched = false;
list_for_each_entry_rcu(member, &group->member_list, head.list) {
if (member->head.is_deleted)
git.openpandora.org / pandora-kernel.git / blobdiff