TOMOYO: Use array of "struct list_head".

author Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>

Thu, 17 Jun 2010 07:53:24 +0000 (16:53 +0900)

committer James Morris <jmorris@namei.org>

Mon, 2 Aug 2010 05:34:40 +0000 (15:34 +1000)
author Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Thu, 17 Jun 2010 07:53:24 +0000 (16:53 +0900)
committer James Morris <jmorris@namei.org>
Mon, 2 Aug 2010 05:34:40 +0000 (15:34 +1000)
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c

index 9eeb19e..cb1aaf1 100644 (file)
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -434,38 +434,6 @@ static void tomoyo_read_profile(struct tomoyo_io_buffer *head)
                 head->read_eof = true;
  }
  
                 head->read_eof = true;
  }
  
-/*
- * tomoyo_policy_manager_list is used for holding list of domainnames or
- * programs which are permitted to modify configuration via
- * /sys/kernel/security/tomoyo/ interface.
- *
- * An entry is added by
- *
- * # echo '<kernel> /sbin/mingetty /bin/login /bin/bash' > \
- *                                        /sys/kernel/security/tomoyo/manager
- *  (if you want to specify by a domainname)
- *
- *  or
- *
- * # echo '/usr/sbin/tomoyo-editpolicy' > /sys/kernel/security/tomoyo/manager
- *  (if you want to specify by a program's location)
- *
- * and is deleted by
- *
- * # echo 'delete <kernel> /sbin/mingetty /bin/login /bin/bash' > \
- *                                        /sys/kernel/security/tomoyo/manager
- *
- *  or
- *
- * # echo 'delete /usr/sbin/tomoyo-editpolicy' > \
- *                                        /sys/kernel/security/tomoyo/manager
- *
- * and all entries are retrieved by
- *
- * # cat /sys/kernel/security/tomoyo/manager
- */
-LIST_HEAD(tomoyo_policy_manager_list);
-
  static bool tomoyo_same_manager_entry(const struct tomoyo_acl_head *a,
                                       const struct tomoyo_acl_head *b)
  {
  static bool tomoyo_same_manager_entry(const struct tomoyo_acl_head *a,
                                       const struct tomoyo_acl_head *b)
  {
@@ -503,7 +471,7 @@ static int tomoyo_update_manager_entry(const char *manager,
         if (!e.manager)
                 return -ENOMEM;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
         if (!e.manager)
                 return -ENOMEM;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-                                    &tomoyo_policy_manager_list,
+                                    &tomoyo_policy_list[TOMOYO_ID_MANAGER],
                                      tomoyo_same_manager_entry);
         tomoyo_put_name(e.manager);
         return error;
                                      tomoyo_same_manager_entry);
         tomoyo_put_name(e.manager);
         return error;
@@ -545,7 +513,7 @@ static void tomoyo_read_manager_policy(struct tomoyo_io_buffer *head)
         if (head->read_eof)
                 return;
         list_for_each_cookie(pos, head->read_var2,
         if (head->read_eof)
                 return;
         list_for_each_cookie(pos, head->read_var2,
-                            &tomoyo_policy_manager_list) {
+                            &tomoyo_policy_list[TOMOYO_ID_MANAGER]) {
                 struct tomoyo_policy_manager_entry *ptr;
                 ptr = list_entry(pos, struct tomoyo_policy_manager_entry,
                                  head.list);
                 struct tomoyo_policy_manager_entry *ptr;
                 ptr = list_entry(pos, struct tomoyo_policy_manager_entry,
                                  head.list);
@@ -578,7 +546,8 @@ static bool tomoyo_policy_manager(void)
                 return true;
         if (!tomoyo_manage_by_non_root && (task->cred->uid || task->cred->euid))
                 return false;
                 return true;
         if (!tomoyo_manage_by_non_root && (task->cred->uid || task->cred->euid))
                 return false;
-       list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, head.list) {
+       list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_MANAGER],
+                               head.list) {
                 if (!ptr->head.is_deleted && ptr->is_domain
                     && !tomoyo_pathcmp(domainname, ptr->manager)) {
                         found = true;
                 if (!ptr->head.is_deleted && ptr->is_domain
                     && !tomoyo_pathcmp(domainname, ptr->manager)) {
                         found = true;
@@ -590,7 +559,8 @@ static bool tomoyo_policy_manager(void)
         exe = tomoyo_get_exe();
         if (!exe)
                 return false;
         exe = tomoyo_get_exe();
         if (!exe)
                 return false;
-       list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, head.list) {
+       list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_MANAGER],
+                               head.list) {
                 if (!ptr->head.is_deleted && !ptr->is_domain
                     && !strcmp(exe, ptr->manager->name)) {
                         found = true;
                 if (!ptr->head.is_deleted && !ptr->is_domain
                     && !strcmp(exe, ptr->manager->name)) {
                         found = true;
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h

index 9f289e4..451dc3c 100644 (file)
--- a/security/tomoyo/common.h
+++ b/security/tomoyo/common.h
@@ -46,6 +46,30 @@ enum tomoyo_mode_index {
         TOMOYO_CONFIG_USE_DEFAULT = 255
  };
  
         TOMOYO_CONFIG_USE_DEFAULT = 255
  };
  
+enum tomoyo_policy_id {
+       TOMOYO_ID_GROUP,
+       TOMOYO_ID_PATH_GROUP,
+       TOMOYO_ID_NUMBER_GROUP,
+       TOMOYO_ID_DOMAIN_INITIALIZER,
+       TOMOYO_ID_DOMAIN_KEEPER,
+       TOMOYO_ID_AGGREGATOR,
+       TOMOYO_ID_ALIAS,
+       TOMOYO_ID_GLOBALLY_READABLE,
+       TOMOYO_ID_PATTERN,
+       TOMOYO_ID_NO_REWRITE,
+       TOMOYO_ID_MANAGER,
+       TOMOYO_ID_NAME,
+       TOMOYO_ID_ACL,
+       TOMOYO_ID_DOMAIN,
+       TOMOYO_MAX_POLICY
+};
+
+enum tomoyo_group_id {
+       TOMOYO_PATH_GROUP,
+       TOMOYO_NUMBER_GROUP,
+       TOMOYO_MAX_GROUP
+};
+
  /* Keywords for ACLs. */
  #define TOMOYO_KEYWORD_AGGREGATOR                "aggregator "
  #define TOMOYO_KEYWORD_ALIAS                     "alias "
  /* Keywords for ACLs. */
  #define TOMOYO_KEYWORD_AGGREGATOR                "aggregator "
  #define TOMOYO_KEYWORD_ALIAS                     "alias "
@@ -570,7 +594,7 @@ struct tomoyo_globally_readable_file_entry {
  
  /*
   * tomoyo_pattern_entry is a structure which is used for holding
  
  /*
   * tomoyo_pattern_entry is a structure which is used for holding
- * "tomoyo_pattern_list" entries.
+ * "file_pattern" entries.
   * It has following fields.
   *
   *  (1) "head" is "struct tomoyo_acl_head".
   * It has following fields.
   *
   *  (1) "head" is "struct tomoyo_acl_head".
@@ -950,16 +974,8 @@ extern struct srcu_struct tomoyo_ss;
  /* The list for "struct tomoyo_domain_info". */
  extern struct list_head tomoyo_domain_list;
  
  /* The list for "struct tomoyo_domain_info". */
  extern struct list_head tomoyo_domain_list;
  
-extern struct list_head tomoyo_path_group_list;
-extern struct list_head tomoyo_number_group_list;
-extern struct list_head tomoyo_domain_initializer_list;
-extern struct list_head tomoyo_domain_keeper_list;
-extern struct list_head tomoyo_aggregator_list;
-extern struct list_head tomoyo_alias_list;
-extern struct list_head tomoyo_globally_readable_list;
-extern struct list_head tomoyo_pattern_list;
-extern struct list_head tomoyo_no_rewrite_list;
-extern struct list_head tomoyo_policy_manager_list;
+extern struct list_head tomoyo_policy_list[TOMOYO_MAX_POLICY];
+extern struct list_head tomoyo_group_list[TOMOYO_MAX_GROUP];
  extern struct list_head tomoyo_name_list[TOMOYO_MAX_HASH];
  
  /* Lock for protecting policy. */
  extern struct list_head tomoyo_name_list[TOMOYO_MAX_HASH];
  
  /* Lock for protecting policy. */
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c

index 1a12297..3575b0e 100644 (file)
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -127,46 +127,12 @@ void tomoyo_check_acl(struct tomoyo_request_info *r,
         r->granted = false;
  }
  
         r->granted = false;
  }
  
-/*
- * tomoyo_domain_list is used for holding list of domains.
- * The ->acl_info_list of "struct tomoyo_domain_info" is used for holding
- * permissions (e.g. "allow_read /lib/libc-2.5.so") given to each domain.
- *
- * An entry is added by
- *
- * # ( echo "<kernel>"; echo "allow_execute /sbin/init" ) > \
- *                                  /sys/kernel/security/tomoyo/domain_policy
- *
- * and is deleted by
- *
- * # ( echo "<kernel>"; echo "delete allow_execute /sbin/init" ) > \
- *                                  /sys/kernel/security/tomoyo/domain_policy
- *
- * and all entries are retrieved by
- *
- * # cat /sys/kernel/security/tomoyo/domain_policy
- *
- * A domain is added by
- *
- * # echo "<kernel>" > /sys/kernel/security/tomoyo/domain_policy
- *
- * and is deleted by
- *
- * # echo "delete <kernel>" > /sys/kernel/security/tomoyo/domain_policy
- *
- * and all domains are retrieved by
- *
- * # grep '^<kernel>' /sys/kernel/security/tomoyo/domain_policy
- *
- * Normally, a domainname is monotonically getting longer because a domainname
- * which the process will belong to if an execve() operation succeeds is
- * defined as a concatenation of "current domainname" + "pathname passed to
- * execve()".
- * See tomoyo_domain_initializer_list and tomoyo_domain_keeper_list for
- * exceptions.
- */
+/* The list for "struct tomoyo_domain_info". */
  LIST_HEAD(tomoyo_domain_list);
  
  LIST_HEAD(tomoyo_domain_list);
  
+struct list_head tomoyo_policy_list[TOMOYO_MAX_POLICY];
+struct list_head tomoyo_group_list[TOMOYO_MAX_GROUP];
+
  /**
   * tomoyo_get_last_name - Get last component of a domainname.
   *
  /**
   * tomoyo_get_last_name - Get last component of a domainname.
   *
@@ -184,44 +150,6 @@ const char *tomoyo_get_last_name(const struct tomoyo_domain_info *domain)
         return cp0;
  }
  
         return cp0;
  }
  
-/*
- * tomoyo_domain_initializer_list is used for holding list of programs which
- * triggers reinitialization of domainname. Normally, a domainname is
- * monotonically getting longer. But sometimes, we restart daemon programs.
- * It would be convenient for us that "a daemon started upon system boot" and
- * "the daemon restarted from console" belong to the same domain. Thus, TOMOYO
- * provides a way to shorten domainnames.
- *
- * An entry is added by
- *
- * # echo 'initialize_domain /usr/sbin/httpd' > \
- *                               /sys/kernel/security/tomoyo/exception_policy
- *
- * and is deleted by
- *
- * # echo 'delete initialize_domain /usr/sbin/httpd' > \
- *                               /sys/kernel/security/tomoyo/exception_policy
- *
- * and all entries are retrieved by
- *
- * # grep ^initialize_domain /sys/kernel/security/tomoyo/exception_policy
- *
- * In the example above, /usr/sbin/httpd will belong to
- * "<kernel> /usr/sbin/httpd" domain.
- *
- * You may specify a domainname using "from" keyword.
- * "initialize_domain /usr/sbin/httpd from <kernel> /etc/rc.d/init.d/httpd"
- * will cause "/usr/sbin/httpd" executed from "<kernel> /etc/rc.d/init.d/httpd"
- * domain to belong to "<kernel> /usr/sbin/httpd" domain.
- *
- * You may add "no_" prefix to "initialize_domain".
- * "initialize_domain /usr/sbin/httpd" and
- * "no_initialize_domain /usr/sbin/httpd from <kernel> /etc/rc.d/init.d/httpd"
- * will cause "/usr/sbin/httpd" to belong to "<kernel> /usr/sbin/httpd" domain
- * unless executed from "<kernel> /etc/rc.d/init.d/httpd" domain.
- */
-LIST_HEAD(tomoyo_domain_initializer_list);
-
  static bool tomoyo_same_domain_initializer_entry(const struct tomoyo_acl_head *
                                                  a,
                                                  const struct tomoyo_acl_head *
  static bool tomoyo_same_domain_initializer_entry(const struct tomoyo_acl_head *
                                                  a,
                                                  const struct tomoyo_acl_head *
@@ -272,7 +200,8 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname,
         if (!e.program)
                 goto out;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
         if (!e.program)
                 goto out;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-                                    &tomoyo_domain_initializer_list,
+                                    &tomoyo_policy_list
+                                    [TOMOYO_ID_DOMAIN_INITIALIZER],
                                      tomoyo_same_domain_initializer_entry);
   out:
         tomoyo_put_name(e.domainname);
                                      tomoyo_same_domain_initializer_entry);
   out:
         tomoyo_put_name(e.domainname);
@@ -294,8 +223,8 @@ bool tomoyo_read_domain_initializer_policy(struct tomoyo_io_buffer *head)
         struct list_head *pos;
         bool done = true;
  
         struct list_head *pos;
         bool done = true;
  
-       list_for_each_cookie(pos, head->read_var2,
-                            &tomoyo_domain_initializer_list) {
+       list_for_each_cookie(pos, head->read_var2, &tomoyo_policy_list
+                            [TOMOYO_ID_DOMAIN_INITIALIZER]) {
                 const char *no;
                 const char *from = "";
                 const char *domain = "";
                 const char *no;
                 const char *from = "";
                 const char *domain = "";
@@ -366,8 +295,8 @@ static bool tomoyo_domain_initializer(const struct tomoyo_path_info *
         struct tomoyo_domain_initializer_entry *ptr;
         bool flag = false;
  
         struct tomoyo_domain_initializer_entry *ptr;
         bool flag = false;
  
-       list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list,
-                               head.list) {
+       list_for_each_entry_rcu(ptr, &tomoyo_policy_list
+                               [TOMOYO_ID_DOMAIN_INITIALIZER], head.list) {
                 if (ptr->head.is_deleted)
                         continue;
                 if (ptr->domainname) {
                 if (ptr->head.is_deleted)
                         continue;
                 if (ptr->domainname) {
@@ -390,46 +319,6 @@ static bool tomoyo_domain_initializer(const struct tomoyo_path_info *
         return flag;
  }
  
         return flag;
  }
  
-/*
- * tomoyo_domain_keeper_list is used for holding list of domainnames which
- * suppresses domain transition. Normally, a domainname is monotonically
- * getting longer. But sometimes, we want to suppress domain transition.
- * It would be convenient for us that programs executed from a login session
- * belong to the same domain. Thus, TOMOYO provides a way to suppress domain
- * transition.
- *
- * An entry is added by
- *
- * # echo 'keep_domain <kernel> /usr/sbin/sshd /bin/bash' > \
- *                              /sys/kernel/security/tomoyo/exception_policy
- *
- * and is deleted by
- *
- * # echo 'delete keep_domain <kernel> /usr/sbin/sshd /bin/bash' > \
- *                              /sys/kernel/security/tomoyo/exception_policy
- *
- * and all entries are retrieved by
- *
- * # grep ^keep_domain /sys/kernel/security/tomoyo/exception_policy
- *
- * In the example above, any process which belongs to
- * "<kernel> /usr/sbin/sshd /bin/bash" domain will remain in that domain,
- * unless explicitly specified by "initialize_domain" or "no_keep_domain".
- *
- * You may specify a program using "from" keyword.
- * "keep_domain /bin/pwd from <kernel> /usr/sbin/sshd /bin/bash"
- * will cause "/bin/pwd" executed from "<kernel> /usr/sbin/sshd /bin/bash"
- * domain to remain in "<kernel> /usr/sbin/sshd /bin/bash" domain.
- *
- * You may add "no_" prefix to "keep_domain".
- * "keep_domain <kernel> /usr/sbin/sshd /bin/bash" and
- * "no_keep_domain /usr/bin/passwd from <kernel> /usr/sbin/sshd /bin/bash" will
- * cause "/usr/bin/passwd" to belong to
- * "<kernel> /usr/sbin/sshd /bin/bash /usr/bin/passwd" domain, unless
- * explicitly specified by "initialize_domain".
- */
-LIST_HEAD(tomoyo_domain_keeper_list);
-
  static bool tomoyo_same_domain_keeper_entry(const struct tomoyo_acl_head *a,
                                             const struct tomoyo_acl_head *b)
  {
  static bool tomoyo_same_domain_keeper_entry(const struct tomoyo_acl_head *a,
                                             const struct tomoyo_acl_head *b)
  {
@@ -478,7 +367,8 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname,
         if (!e.domainname)
                 goto out;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
         if (!e.domainname)
                 goto out;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-                                    &tomoyo_domain_keeper_list,
+                                    &tomoyo_policy_list
+                                    [TOMOYO_ID_DOMAIN_KEEPER],
                                      tomoyo_same_domain_keeper_entry);
   out:
         tomoyo_put_name(e.domainname);
                                      tomoyo_same_domain_keeper_entry);
   out:
         tomoyo_put_name(e.domainname);
@@ -523,7 +413,7 @@ bool tomoyo_read_domain_keeper_policy(struct tomoyo_io_buffer *head)
         bool done = true;
  
         list_for_each_cookie(pos, head->read_var2,
         bool done = true;
  
         list_for_each_cookie(pos, head->read_var2,
-                            &tomoyo_domain_keeper_list) {
+                            &tomoyo_policy_list[TOMOYO_ID_DOMAIN_KEEPER]) {
                 struct tomoyo_domain_keeper_entry *ptr;
                 const char *no;
                 const char *from = "";
                 struct tomoyo_domain_keeper_entry *ptr;
                 const char *no;
                 const char *from = "";
@@ -567,7 +457,9 @@ static bool tomoyo_domain_keeper(const struct tomoyo_path_info *domainname,
         struct tomoyo_domain_keeper_entry *ptr;
         bool flag = false;
  
         struct tomoyo_domain_keeper_entry *ptr;
         bool flag = false;
  
-       list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, head.list) {
+       list_for_each_entry_rcu(ptr,
+                               &tomoyo_policy_list[TOMOYO_ID_DOMAIN_KEEPER],
+                               head.list) {
                 if (ptr->head.is_deleted)
                         continue;
                 if (!ptr->is_last_name) {
                 if (ptr->head.is_deleted)
                         continue;
                 if (!ptr->is_last_name) {
@@ -588,35 +480,6 @@ static bool tomoyo_domain_keeper(const struct tomoyo_path_info *domainname,
         return flag;
  }
  
         return flag;
  }
  
-/*
- * tomoyo_aggregator_list is used for holding list of rewrite table for
- * execve() request. Some programs provides similar functionality. This keyword
- * allows users to aggregate such programs.
- *
- * Entries are added by
- *
- * # echo 'aggregator /usr/bin/vi /./editor' > \
- *                            /sys/kernel/security/tomoyo/exception_policy
- * # echo 'aggregator /usr/bin/emacs /./editor' > \
- *                            /sys/kernel/security/tomoyo/exception_policy
- *
- * and are deleted by
- *
- * # echo 'delete aggregator /usr/bin/vi /./editor' > \
- *                            /sys/kernel/security/tomoyo/exception_policy
- * # echo 'delete aggregator /usr/bin/emacs /./editor' > \
- *                            /sys/kernel/security/tomoyo/exception_policy
- *
- * and all entries are retrieved by
- *
- * # grep ^aggregator /sys/kernel/security/tomoyo/exception_policy
- *
- * In the example above, if /usr/bin/vi or /usr/bin/emacs are executed,
- * permission is checked for /./editor and domainname which the current process
- * will belong to after execve() succeeds is calculated using /./editor .
- */
-LIST_HEAD(tomoyo_aggregator_list);
-
  static bool tomoyo_same_aggregator_entry(const struct tomoyo_acl_head *a,
                                          const struct tomoyo_acl_head *b)
  {
  static bool tomoyo_same_aggregator_entry(const struct tomoyo_acl_head *a,
                                          const struct tomoyo_acl_head *b)
  {
@@ -655,7 +518,7 @@ static int tomoyo_update_aggregator_entry(const char *original_name,
             e.aggregated_name->is_patterned) /* No patterns allowed. */
                 goto out;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
             e.aggregated_name->is_patterned) /* No patterns allowed. */
                 goto out;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-                                    &tomoyo_aggregator_list,
+                                    &tomoyo_policy_list[TOMOYO_ID_AGGREGATOR],
                                      tomoyo_same_aggregator_entry);
   out:
         tomoyo_put_name(e.original_name);
                                      tomoyo_same_aggregator_entry);
   out:
         tomoyo_put_name(e.original_name);
@@ -677,7 +540,8 @@ bool tomoyo_read_aggregator_policy(struct tomoyo_io_buffer *head)
         struct list_head *pos;
         bool done = true;
  
         struct list_head *pos;
         bool done = true;
  
-       list_for_each_cookie(pos, head->read_var2, &tomoyo_aggregator_list) {
+       list_for_each_cookie(pos, head->read_var2,
+                            &tomoyo_policy_list[TOMOYO_ID_AGGREGATOR]) {
                 struct tomoyo_aggregator_entry *ptr;
  
                 ptr = list_entry(pos, struct tomoyo_aggregator_entry,
                 struct tomoyo_aggregator_entry *ptr;
  
                 ptr = list_entry(pos, struct tomoyo_aggregator_entry,
@@ -713,38 +577,6 @@ int tomoyo_write_aggregator_policy(char *data, const bool is_delete)
         return tomoyo_update_aggregator_entry(data, cp, is_delete);
  }
  
         return tomoyo_update_aggregator_entry(data, cp, is_delete);
  }
  
-/*
- * tomoyo_alias_list is used for holding list of symlink's pathnames which are
- * allowed to be passed to an execve() request. Normally, the domainname which
- * the current process will belong to after execve() succeeds is calculated
- * using dereferenced pathnames. But some programs behave differently depending
- * on the name passed to argv[0]. For busybox, calculating domainname using
- * dereferenced pathnames will cause all programs in the busybox to belong to
- * the same domain. Thus, TOMOYO provides a way to allow use of symlink's
- * pathname for checking execve()'s permission and calculating domainname which
- * the current process will belong to after execve() succeeds.
- *
- * An entry is added by
- *
- * # echo 'alias /bin/busybox /bin/cat' > \
- *                            /sys/kernel/security/tomoyo/exception_policy
- *
- * and is deleted by
- *
- * # echo 'delete alias /bin/busybox /bin/cat' > \
- *                            /sys/kernel/security/tomoyo/exception_policy
- *
- * and all entries are retrieved by
- *
- * # grep ^alias /sys/kernel/security/tomoyo/exception_policy
- *
- * In the example above, if /bin/cat is a symlink to /bin/busybox and execution
- * of /bin/cat is requested, permission is checked for /bin/cat rather than
- * /bin/busybox and domainname which the current process will belong to after
- * execve() succeeds is calculated using /bin/cat rather than /bin/busybox .
- */
-LIST_HEAD(tomoyo_alias_list);
-
  static bool tomoyo_same_alias_entry(const struct tomoyo_acl_head *a,
                                     const struct tomoyo_acl_head *b)
  {
  static bool tomoyo_same_alias_entry(const struct tomoyo_acl_head *a,
                                     const struct tomoyo_acl_head *b)
  {
@@ -783,7 +615,7 @@ static int tomoyo_update_alias_entry(const char *original_name,
             e.original_name->is_patterned || e.aliased_name->is_patterned)
                 goto out; /* No patterns allowed. */
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
             e.original_name->is_patterned || e.aliased_name->is_patterned)
                 goto out; /* No patterns allowed. */
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-                                    &tomoyo_alias_list,
+                                    &tomoyo_policy_list[TOMOYO_ID_ALIAS],
                                      tomoyo_same_alias_entry);
   out:
         tomoyo_put_name(e.original_name);
                                      tomoyo_same_alias_entry);
   out:
         tomoyo_put_name(e.original_name);
@@ -805,7 +637,8 @@ bool tomoyo_read_alias_policy(struct tomoyo_io_buffer *head)
         struct list_head *pos;
         bool done = true;
  
         struct list_head *pos;
         bool done = true;
  
-       list_for_each_cookie(pos, head->read_var2, &tomoyo_alias_list) {
+       list_for_each_cookie(pos, head->read_var2,
+                            &tomoyo_policy_list[TOMOYO_ID_ALIAS]) {
                 struct tomoyo_alias_entry *ptr;
  
                 ptr = list_entry(pos, struct tomoyo_alias_entry, head.list);
                 struct tomoyo_alias_entry *ptr;
  
                 ptr = list_entry(pos, struct tomoyo_alias_entry, head.list);
@@ -946,7 +779,9 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
         if (tomoyo_pathcmp(&rn, &sn)) {
                 struct tomoyo_alias_entry *ptr;
                 /* Is this program allowed to be called via symbolic links? */
         if (tomoyo_pathcmp(&rn, &sn)) {
                 struct tomoyo_alias_entry *ptr;
                 /* Is this program allowed to be called via symbolic links? */
-               list_for_each_entry_rcu(ptr, &tomoyo_alias_list, head.list) {
+               list_for_each_entry_rcu(ptr,
+                                       &tomoyo_policy_list[TOMOYO_ID_ALIAS],
+                                       head.list) {
                         if (ptr->head.is_deleted ||
                             tomoyo_pathcmp(&rn, ptr->original_name) ||
                             tomoyo_pathcmp(&sn, ptr->aliased_name))
                         if (ptr->head.is_deleted ||
                             tomoyo_pathcmp(&rn, ptr->original_name) ||
                             tomoyo_pathcmp(&sn, ptr->aliased_name))
@@ -962,8 +797,8 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
         /* Check 'aggregator' directive. */
         {
                 struct tomoyo_aggregator_entry *ptr;
         /* Check 'aggregator' directive. */
         {
                 struct tomoyo_aggregator_entry *ptr;
-               list_for_each_entry_rcu(ptr, &tomoyo_aggregator_list,
-                                       head.list) {
+               list_for_each_entry_rcu(ptr, &tomoyo_policy_list
+                                       [TOMOYO_ID_AGGREGATOR], head.list) {
                         if (ptr->head.is_deleted ||
                             !tomoyo_path_matches_pattern(&rn,
                                                          ptr->original_name))
                         if (ptr->head.is_deleted ||
                             !tomoyo_path_matches_pattern(&rn,
                                                          ptr->original_name))
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c

index 6c2ba69..df3b203 100644 (file)
--- a/security/tomoyo/file.c
+++ b/security/tomoyo/file.c
@@ -265,33 +265,6 @@ static int tomoyo_audit_path_number_log(struct tomoyo_request_info *r)
                                  tomoyo_file_pattern(filename), buffer);
  }
  
                                  tomoyo_file_pattern(filename), buffer);
  }
  
-/*
- * tomoyo_globally_readable_list is used for holding list of pathnames which
- * are by default allowed to be open()ed for reading by any process.
- *
- * An entry is added by
- *
- * # echo 'allow_read /lib/libc-2.5.so' > \
- *                               /sys/kernel/security/tomoyo/exception_policy
- *
- * and is deleted by
- *
- * # echo 'delete allow_read /lib/libc-2.5.so' > \
- *                               /sys/kernel/security/tomoyo/exception_policy
- *
- * and all entries are retrieved by
- *
- * # grep ^allow_read /sys/kernel/security/tomoyo/exception_policy
- *
- * In the example above, any process is allowed to
- * open("/lib/libc-2.5.so", O_RDONLY).
- * One exception is, if the domain which current process belongs to is marked
- * as "ignore_global_allow_read", current process can't do so unless explicitly
- * given "allow_read /lib/libc-2.5.so" to the domain which current process
- * belongs to.
- */
-LIST_HEAD(tomoyo_globally_readable_list);
-
  static bool tomoyo_same_globally_readable(const struct tomoyo_acl_head *a,
                                           const struct tomoyo_acl_head *b)
  {
  static bool tomoyo_same_globally_readable(const struct tomoyo_acl_head *a,
                                           const struct tomoyo_acl_head *b)
  {
@@ -323,7 +296,8 @@ static int tomoyo_update_globally_readable_entry(const char *filename,
         if (!e.filename)
                 return -ENOMEM;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
         if (!e.filename)
                 return -ENOMEM;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-                                    &tomoyo_globally_readable_list,
+                                    &tomoyo_policy_list
+                                    [TOMOYO_ID_GLOBALLY_READABLE],
                                      tomoyo_same_globally_readable);
         tomoyo_put_name(e.filename);
         return error;
                                      tomoyo_same_globally_readable);
         tomoyo_put_name(e.filename);
         return error;
@@ -344,8 +318,8 @@ static bool tomoyo_globally_readable_file(const struct tomoyo_path_info *
         struct tomoyo_globally_readable_file_entry *ptr;
         bool found = false;
  
         struct tomoyo_globally_readable_file_entry *ptr;
         bool found = false;
  
-       list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list,
-                               head.list) {
+       list_for_each_entry_rcu(ptr, &tomoyo_policy_list
+                               [TOMOYO_ID_GLOBALLY_READABLE], head.list) {
                 if (!ptr->head.is_deleted &&
                     tomoyo_path_matches_pattern(filename, ptr->filename)) {
                         found = true;
                 if (!ptr->head.is_deleted &&
                     tomoyo_path_matches_pattern(filename, ptr->filename)) {
                         found = true;
@@ -385,7 +359,7 @@ bool tomoyo_read_globally_readable_policy(struct tomoyo_io_buffer *head)
         bool done = true;
  
         list_for_each_cookie(pos, head->read_var2,
         bool done = true;
  
         list_for_each_cookie(pos, head->read_var2,
-                            &tomoyo_globally_readable_list) {
+                            &tomoyo_policy_list[TOMOYO_ID_GLOBALLY_READABLE]) {
                 struct tomoyo_globally_readable_file_entry *ptr;
                 ptr = list_entry(pos,
                                  struct tomoyo_globally_readable_file_entry,
                 struct tomoyo_globally_readable_file_entry *ptr;
                 ptr = list_entry(pos,
                                  struct tomoyo_globally_readable_file_entry,
@@ -400,37 +374,6 @@ bool tomoyo_read_globally_readable_policy(struct tomoyo_io_buffer *head)
         return done;
  }
  
         return done;
  }
  
-/* tomoyo_pattern_list is used for holding list of pathnames which are used for
- * converting pathnames to pathname patterns during learning mode.
- *
- * An entry is added by
- *
- * # echo 'file_pattern /proc/\$/mounts' > \
- *                             /sys/kernel/security/tomoyo/exception_policy
- *
- * and is deleted by
- *
- * # echo 'delete file_pattern /proc/\$/mounts' > \
- *                             /sys/kernel/security/tomoyo/exception_policy
- *
- * and all entries are retrieved by
- *
- * # grep ^file_pattern /sys/kernel/security/tomoyo/exception_policy
- *
- * In the example above, if a process which belongs to a domain which is in
- * learning mode requested open("/proc/1/mounts", O_RDONLY),
- * "allow_read /proc/\$/mounts" is automatically added to the domain which that
- * process belongs to.
- *
- * It is not a desirable behavior that we have to use /proc/\$/ instead of
- * /proc/self/ when current process needs to access only current process's
- * information. As of now, LSM version of TOMOYO is using __d_path() for
- * calculating pathname. Non LSM version of TOMOYO is using its own function
- * which pretends as if /proc/self/ is not a symlink; so that we can forbid
- * current process from accessing other process's information.
- */
-LIST_HEAD(tomoyo_pattern_list);
-
  static bool tomoyo_same_pattern(const struct tomoyo_acl_head *a,
                                 const struct tomoyo_acl_head *b)
  {
  static bool tomoyo_same_pattern(const struct tomoyo_acl_head *a,
                                 const struct tomoyo_acl_head *b)
  {
@@ -460,7 +403,7 @@ static int tomoyo_update_file_pattern_entry(const char *pattern,
         if (!e.pattern)
                 return -ENOMEM;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
         if (!e.pattern)
                 return -ENOMEM;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-                                    &tomoyo_pattern_list,
+                                    &tomoyo_policy_list[TOMOYO_ID_PATTERN],
                                      tomoyo_same_pattern);
         tomoyo_put_name(e.pattern);
         return error;
                                      tomoyo_same_pattern);
         tomoyo_put_name(e.pattern);
         return error;
@@ -480,7 +423,8 @@ const char *tomoyo_file_pattern(const struct tomoyo_path_info *filename)
         struct tomoyo_pattern_entry *ptr;
         const struct tomoyo_path_info *pattern = NULL;
  
         struct tomoyo_pattern_entry *ptr;
         const struct tomoyo_path_info *pattern = NULL;
  
-       list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, head.list) {
+       list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_PATTERN],
+                               head.list) {
                 if (ptr->head.is_deleted)
                         continue;
                 if (!tomoyo_path_matches_pattern(filename, ptr->pattern))
                 if (ptr->head.is_deleted)
                         continue;
                 if (!tomoyo_path_matches_pattern(filename, ptr->pattern))
@@ -527,7 +471,8 @@ bool tomoyo_read_file_pattern(struct tomoyo_io_buffer *head)
         struct list_head *pos;
         bool done = true;
  
         struct list_head *pos;
         bool done = true;
  
-       list_for_each_cookie(pos, head->read_var2, &tomoyo_pattern_list) {
+       list_for_each_cookie(pos, head->read_var2,
+                            &tomoyo_policy_list[TOMOYO_ID_PATTERN]) {
                 struct tomoyo_pattern_entry *ptr;
                 ptr = list_entry(pos, struct tomoyo_pattern_entry, head.list);
                 if (ptr->head.is_deleted)
                 struct tomoyo_pattern_entry *ptr;
                 ptr = list_entry(pos, struct tomoyo_pattern_entry, head.list);
                 if (ptr->head.is_deleted)
@@ -540,37 +485,6 @@ bool tomoyo_read_file_pattern(struct tomoyo_io_buffer *head)
         return done;
  }
  
         return done;
  }
  
-/*
- * tomoyo_no_rewrite_list is used for holding list of pathnames which are by
- * default forbidden to modify already written content of a file.
- *
- * An entry is added by
- *
- * # echo 'deny_rewrite /var/log/messages' > \
- *                              /sys/kernel/security/tomoyo/exception_policy
- *
- * and is deleted by
- *
- * # echo 'delete deny_rewrite /var/log/messages' > \
- *                              /sys/kernel/security/tomoyo/exception_policy
- *
- * and all entries are retrieved by
- *
- * # grep ^deny_rewrite /sys/kernel/security/tomoyo/exception_policy
- *
- * In the example above, if a process requested to rewrite /var/log/messages ,
- * the process can't rewrite unless the domain which that process belongs to
- * has "allow_rewrite /var/log/messages" entry.
- *
- * It is not a desirable behavior that we have to add "\040(deleted)" suffix
- * when we want to allow rewriting already unlink()ed file. As of now,
- * LSM version of TOMOYO is using __d_path() for calculating pathname.
- * Non LSM version of TOMOYO is using its own function which doesn't append
- * " (deleted)" suffix if the file is already unlink()ed; so that we don't
- * need to worry whether the file is already unlink()ed or not.
- */
-LIST_HEAD(tomoyo_no_rewrite_list);
-
  static bool tomoyo_same_no_rewrite(const struct tomoyo_acl_head *a,
                                    const struct tomoyo_acl_head *b)
  {
  static bool tomoyo_same_no_rewrite(const struct tomoyo_acl_head *a,
                                    const struct tomoyo_acl_head *b)
  {
@@ -601,7 +515,7 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern,
         if (!e.pattern)
                 return -ENOMEM;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
         if (!e.pattern)
                 return -ENOMEM;
         error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-                                    &tomoyo_no_rewrite_list,
+                                    &tomoyo_policy_list[TOMOYO_ID_NO_REWRITE],
                                      tomoyo_same_no_rewrite);
         tomoyo_put_name(e.pattern);
         return error;
                                      tomoyo_same_no_rewrite);
         tomoyo_put_name(e.pattern);
         return error;
@@ -622,7 +536,8 @@ static bool tomoyo_no_rewrite_file(const struct tomoyo_path_info *filename)
         struct tomoyo_no_rewrite_entry *ptr;
         bool found = false;
  
         struct tomoyo_no_rewrite_entry *ptr;
         bool found = false;
  
-       list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, head.list) {
+       list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_NO_REWRITE],
+                               head.list) {
                 if (ptr->head.is_deleted)
                         continue;
                 if (!tomoyo_path_matches_pattern(filename, ptr->pattern))
                 if (ptr->head.is_deleted)
                         continue;
                 if (!tomoyo_path_matches_pattern(filename, ptr->pattern))
@@ -662,7 +577,8 @@ bool tomoyo_read_no_rewrite_policy(struct tomoyo_io_buffer *head)
         struct list_head *pos;
         bool done = true;
  
         struct list_head *pos;
         bool done = true;
  
-       list_for_each_cookie(pos, head->read_var2, &tomoyo_no_rewrite_list) {
+       list_for_each_cookie(pos, head->read_var2,
+                            &tomoyo_policy_list[TOMOYO_ID_NO_REWRITE]) {
                 struct tomoyo_no_rewrite_entry *ptr;
                 ptr = list_entry(pos, struct tomoyo_no_rewrite_entry,
                                  head.list);
                 struct tomoyo_no_rewrite_entry *ptr;
                 ptr = list_entry(pos, struct tomoyo_no_rewrite_entry,
                                  head.list);
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c

index 446d59f..414e18b 100644 (file)
--- a/security/tomoyo/gc.c
+++ b/security/tomoyo/gc.c
@@ -11,24 +11,6 @@
  #include <linux/kthread.h>
  #include <linux/slab.h>
  
  #include <linux/kthread.h>
  #include <linux/slab.h>
  
-enum tomoyo_policy_id {
-       TOMOYO_ID_GROUP,
-       TOMOYO_ID_PATH_GROUP,
-       TOMOYO_ID_NUMBER_GROUP,
-       TOMOYO_ID_DOMAIN_INITIALIZER,
-       TOMOYO_ID_DOMAIN_KEEPER,
-       TOMOYO_ID_AGGREGATOR,
-       TOMOYO_ID_ALIAS,
-       TOMOYO_ID_GLOBALLY_READABLE,
-       TOMOYO_ID_PATTERN,
-       TOMOYO_ID_NO_REWRITE,
-       TOMOYO_ID_MANAGER,
-       TOMOYO_ID_NAME,
-       TOMOYO_ID_ACL,
-       TOMOYO_ID_DOMAIN,
-       TOMOYO_MAX_POLICY
-};
-
  struct tomoyo_gc_entry {
         struct list_head list;
         int type;
  struct tomoyo_gc_entry {
         struct list_head list;
         int type;
@@ -226,17 +208,6 @@ static void tomoyo_del_number_group(struct list_head *element)
                 container_of(element, typeof(*member), head.list);
  }
  
                 container_of(element, typeof(*member), head.list);
  }
  
-static struct list_head *tomoyo_policy_list[TOMOYO_MAX_POLICY] = {
-       [TOMOYO_ID_GLOBALLY_READABLE] = &tomoyo_globally_readable_list,
-       [TOMOYO_ID_PATTERN] = &tomoyo_pattern_list,
-       [TOMOYO_ID_NO_REWRITE] = &tomoyo_no_rewrite_list,
-       [TOMOYO_ID_DOMAIN_INITIALIZER] = &tomoyo_domain_initializer_list,
-       [TOMOYO_ID_DOMAIN_KEEPER] = &tomoyo_domain_keeper_list,
-       [TOMOYO_ID_AGGREGATOR] = &tomoyo_aggregator_list,
-       [TOMOYO_ID_ALIAS] = &tomoyo_alias_list,
-       [TOMOYO_ID_MANAGER] = &tomoyo_policy_manager_list,
-};
-
  static bool tomoyo_collect_member(struct list_head *member_list, int id)
  {
         struct tomoyo_acl_head *member;
  static bool tomoyo_collect_member(struct list_head *member_list, int id)
  {
         struct tomoyo_acl_head *member;
@@ -267,9 +238,8 @@ static void tomoyo_collect_entry(void)
         if (mutex_lock_interruptible(&tomoyo_policy_lock))
                 return;
         for (i = 0; i < TOMOYO_MAX_POLICY; i++) {
         if (mutex_lock_interruptible(&tomoyo_policy_lock))
                 return;
         for (i = 0; i < TOMOYO_MAX_POLICY; i++) {
-               if (tomoyo_policy_list[i])
-                       if (!tomoyo_collect_member(tomoyo_policy_list[i], i))
-                               goto unlock;
+               if (!tomoyo_collect_member(&tomoyo_policy_list[i], i))
+                       goto unlock;
         }
         {
                 struct tomoyo_domain_info *domain;
         }
         {
                 struct tomoyo_domain_info *domain;
@@ -298,7 +268,9 @@ static void tomoyo_collect_entry(void)
         }
         {
                 struct tomoyo_group *group;
         }
         {
                 struct tomoyo_group *group;
-               list_for_each_entry_rcu(group, &tomoyo_path_group_list, list) {
+               list_for_each_entry_rcu(group,
+                                       &tomoyo_group_list[TOMOYO_PATH_GROUP],
+                                       list) {
                         tomoyo_collect_member(&group->member_list,
                                               TOMOYO_ID_PATH_GROUP);
                         if (!list_empty(&group->member_list) ||
                         tomoyo_collect_member(&group->member_list,
                                               TOMOYO_ID_PATH_GROUP);
                         if (!list_empty(&group->member_list) ||
@@ -311,7 +283,8 @@ static void tomoyo_collect_entry(void)
         }
         {
                 struct tomoyo_group *group;
         }
         {
                 struct tomoyo_group *group;
-               list_for_each_entry_rcu(group, &tomoyo_number_group_list,
+               list_for_each_entry_rcu(group,
+                                       &tomoyo_group_list[TOMOYO_NUMBER_GROUP],
                                         list) {
                         tomoyo_collect_member(&group->member_list,
                                               TOMOYO_ID_NUMBER_GROUP);
                                         list) {
                         tomoyo_collect_member(&group->member_list,
                                               TOMOYO_ID_NUMBER_GROUP);
diff --git a/security/tomoyo/memory.c b/security/tomoyo/memory.c

index 8de5333..249835a 100644 (file)
--- a/security/tomoyo/memory.c
+++ b/security/tomoyo/memory.c
@@ -153,6 +153,10 @@ void __init tomoyo_mm_init(void)
  {
         int idx;
  
  {
         int idx;
  
+       for (idx = 0; idx < TOMOYO_MAX_POLICY; idx++)
+               INIT_LIST_HEAD(&tomoyo_policy_list[idx]);
+       for (idx = 0; idx < TOMOYO_MAX_GROUP; idx++)
+               INIT_LIST_HEAD(&tomoyo_group_list[idx]);
         for (idx = 0; idx < TOMOYO_MAX_HASH; idx++)
                 INIT_LIST_HEAD(&tomoyo_name_list[idx]);
         INIT_LIST_HEAD(&tomoyo_kernel_domain.acl_info_list);
         for (idx = 0; idx < TOMOYO_MAX_HASH; idx++)
                 INIT_LIST_HEAD(&tomoyo_name_list[idx]);
         INIT_LIST_HEAD(&tomoyo_kernel_domain.acl_info_list);
diff --git a/security/tomoyo/number_group.c b/security/tomoyo/number_group.c

index eca20d6..9969415 100644 (file)
--- a/security/tomoyo/number_group.c
+++ b/security/tomoyo/number_group.c
@@ -7,9 +7,6 @@
  #include <linux/slab.h>
  #include "common.h"
  
  #include <linux/slab.h>
  #include "common.h"
  
-/* The list for "struct tomoyo_number_group". */
-LIST_HEAD(tomoyo_number_group_list);
-
  /**
   * tomoyo_get_group - Allocate memory for "struct tomoyo_number_group".
   *
  /**
   * tomoyo_get_group - Allocate memory for "struct tomoyo_number_group".
   *
@@ -32,7 +29,8 @@ struct tomoyo_group *tomoyo_get_number_group(const char *group_name)
         entry = kzalloc(sizeof(*entry), GFP_NOFS);
         if (mutex_lock_interruptible(&tomoyo_policy_lock))
                 goto out;
         entry = kzalloc(sizeof(*entry), GFP_NOFS);
         if (mutex_lock_interruptible(&tomoyo_policy_lock))
                 goto out;
-       list_for_each_entry_rcu(group, &tomoyo_number_group_list, list) {
+       list_for_each_entry_rcu(group, &tomoyo_group_list[TOMOYO_NUMBER_GROUP],
+                               list) {
                 if (saved_group_name != group->group_name)
                         continue;
                 atomic_inc(&group->users);
                 if (saved_group_name != group->group_name)
                         continue;
                 atomic_inc(&group->users);
@@ -44,7 +42,8 @@ struct tomoyo_group *tomoyo_get_number_group(const char *group_name)
                 entry->group_name = saved_group_name;
                 saved_group_name = NULL;
                 atomic_set(&entry->users, 1);
                 entry->group_name = saved_group_name;
                 saved_group_name = NULL;
                 atomic_set(&entry->users, 1);
-               list_add_tail_rcu(&entry->list, &tomoyo_number_group_list);
+               list_add_tail_rcu(&entry->list,
+                                 &tomoyo_group_list[TOMOYO_NUMBER_GROUP]);
                 group = entry;
                 entry = NULL;
                 error = 0;
                 group = entry;
                 entry = NULL;
                 error = 0;
@@ -110,7 +109,8 @@ bool tomoyo_read_number_group_policy(struct tomoyo_io_buffer *head)
  {
         struct list_head *gpos;
         struct list_head *mpos;
  {
         struct list_head *gpos;
         struct list_head *mpos;
-       list_for_each_cookie(gpos, head->read_var1, &tomoyo_number_group_list) {
+       list_for_each_cookie(gpos, head->read_var1,
+                            &tomoyo_group_list[TOMOYO_NUMBER_GROUP]) {
                 struct tomoyo_group *group;
                 const char *name;
                 group = list_entry(gpos, struct tomoyo_group, list);
                 struct tomoyo_group *group;
                 const char *name;
                 group = list_entry(gpos, struct tomoyo_group, list);
diff --git a/security/tomoyo/path_group.c b/security/tomoyo/path_group.c

index bce2524..44e8a5b 100644 (file)
--- a/security/tomoyo/path_group.c
+++ b/security/tomoyo/path_group.c
@@ -6,8 +6,6 @@
  
  #include <linux/slab.h>
  #include "common.h"
  
  #include <linux/slab.h>
  #include "common.h"
-/* The list for "struct tomoyo_path_group". */
-LIST_HEAD(tomoyo_path_group_list);
  
  /**
   * tomoyo_get_group - Allocate memory for "struct tomoyo_path_group".
  
  /**
   * tomoyo_get_group - Allocate memory for "struct tomoyo_path_group".
@@ -30,7 +28,8 @@ struct tomoyo_group *tomoyo_get_path_group(const char *group_name)
         entry = kzalloc(sizeof(*entry), GFP_NOFS);
         if (mutex_lock_interruptible(&tomoyo_policy_lock))
                 goto out;
         entry = kzalloc(sizeof(*entry), GFP_NOFS);
         if (mutex_lock_interruptible(&tomoyo_policy_lock))
                 goto out;
-       list_for_each_entry_rcu(group, &tomoyo_path_group_list, list) {
+       list_for_each_entry_rcu(group, &tomoyo_group_list[TOMOYO_PATH_GROUP],
+                               list) {
                 if (saved_group_name != group->group_name)
                         continue;
                 atomic_inc(&group->users);
                 if (saved_group_name != group->group_name)
                         continue;
                 atomic_inc(&group->users);
@@ -42,7 +41,8 @@ struct tomoyo_group *tomoyo_get_path_group(const char *group_name)
                 entry->group_name = saved_group_name;
                 saved_group_name = NULL;
                 atomic_set(&entry->users, 1);
                 entry->group_name = saved_group_name;
                 saved_group_name = NULL;
                 atomic_set(&entry->users, 1);
-               list_add_tail_rcu(&entry->list, &tomoyo_path_group_list);
+               list_add_tail_rcu(&entry->list,
+                                 &tomoyo_group_list[TOMOYO_PATH_GROUP]);
                 group = entry;
                 entry = NULL;
                 error = 0;
                 group = entry;
                 entry = NULL;
                 error = 0;
@@ -107,7 +107,8 @@ bool tomoyo_read_path_group_policy(struct tomoyo_io_buffer *head)
  {
         struct list_head *gpos;
         struct list_head *mpos;
  {
         struct list_head *gpos;
         struct list_head *mpos;
-       list_for_each_cookie(gpos, head->read_var1, &tomoyo_path_group_list) {
+       list_for_each_cookie(gpos, head->read_var1,
+                            &tomoyo_group_list[TOMOYO_PATH_GROUP]) {
                 struct tomoyo_group *group;
                 group = list_entry(gpos, struct tomoyo_group, list);
                 list_for_each_cookie(mpos, head->read_var2,
                 struct tomoyo_group *group;
                 group = list_entry(gpos, struct tomoyo_group, list);
                 list_for_each_cookie(mpos, head->read_var2,
author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
	Thu, 17 Jun 2010 07:53:24 +0000 (16:53 +0900)
committer	James Morris <jmorris@namei.org>
	Mon, 2 Aug 2010 05:34:40 +0000 (15:34 +1000)
security/tomoyo/common.c		patch \| blob \| history
security/tomoyo/common.h		patch \| blob \| history
security/tomoyo/domain.c		patch \| blob \| history
security/tomoyo/file.c		patch \| blob \| history
security/tomoyo/gc.c		patch \| blob \| history
security/tomoyo/memory.c		patch \| blob \| history
security/tomoyo/number_group.c		patch \| blob \| history
security/tomoyo/path_group.c		patch \| blob \| history