829 |
if (0) { |
if (0) { |
830 |
#ifdef CONFIG_TOMOYO_MAC_FOR_FILE |
#ifdef CONFIG_TOMOYO_MAC_FOR_FILE |
831 |
} else if (acl_type == TYPE_FILE_ACL) { |
} else if (acl_type == TYPE_FILE_ACL) { |
832 |
const unsigned char b = ptr->u.b[1]; |
struct file_acl_record *ptr2 = (struct file_acl_record *) ptr; |
833 |
if (io_printf(head, "%d %s%s", ptr->u.b[0], b ? "@" : "", b ? ((struct file_acl_record *) ptr)->u.group->group_name->name : ((struct file_acl_record *) ptr)->u.filename->name) |
const unsigned char b = ptr2->u_is_group; |
834 |
|| DumpCondition(head, ptr->cond)) { |
if (io_printf(head, "%d %s%s", ptr2->perm, |
835 |
|
b ? "@" : "", |
836 |
|
b ? ptr2->u.group->group_name->name : ptr2->u.filename->name) |
837 |
|
|| DumpCondition(head, ptr->cond)) { |
838 |
head->read_avail = pos; break; |
head->read_avail = pos; break; |
839 |
} |
} |
840 |
#endif |
#endif |
841 |
#ifdef CONFIG_TOMOYO_MAC_FOR_ARGV0 |
#ifdef CONFIG_TOMOYO_MAC_FOR_ARGV0 |
842 |
} else if (acl_type == TYPE_ARGV0_ACL) { |
} else if (acl_type == TYPE_ARGV0_ACL) { |
843 |
if (io_printf(head, KEYWORD_ALLOW_ARGV0 "%s %s", ((struct argv0_acl_record *) ptr)->filename->name, ((struct argv0_acl_record *) ptr)->argv0->name) || |
struct argv0_acl_record *ptr2 = (struct argv0_acl_record *) ptr; |
844 |
DumpCondition(head, ptr->cond)) { |
if (io_printf(head, KEYWORD_ALLOW_ARGV0 "%s %s", |
845 |
|
ptr2->filename->name, ptr2->argv0->name) || |
846 |
|
DumpCondition(head, ptr->cond)) { |
847 |
head->read_avail = pos; break; |
head->read_avail = pos; break; |
848 |
} |
} |
849 |
#endif |
#endif |
850 |
#ifdef CONFIG_TOMOYO_MAC_FOR_CAPABILITY |
#ifdef CONFIG_TOMOYO_MAC_FOR_CAPABILITY |
851 |
} else if (acl_type == TYPE_CAPABILITY_ACL) { |
} else if (acl_type == TYPE_CAPABILITY_ACL) { |
852 |
if (io_printf(head, KEYWORD_ALLOW_CAPABILITY "%s", capability2keyword(ptr->u.w)) || |
struct capability_acl_record *ptr2 = (struct capability_acl_record *) ptr; |
853 |
DumpCondition(head, ptr->cond)) { |
if (io_printf(head, KEYWORD_ALLOW_CAPABILITY "%s", capability2keyword(ptr2->capability)) || |
854 |
|
DumpCondition(head, ptr->cond)) { |
855 |
head->read_avail = pos; break; |
head->read_avail = pos; break; |
856 |
} |
} |
857 |
#endif |
#endif |
858 |
#ifdef CONFIG_TOMOYO_MAC_FOR_NETWORK |
#ifdef CONFIG_TOMOYO_MAC_FOR_NETWORK |
859 |
} else if (acl_type == TYPE_IP_NETWORK_ACL) { |
} else if (acl_type == TYPE_IP_NETWORK_ACL) { |
860 |
if (io_printf(head, KEYWORD_ALLOW_NETWORK "%s ", network2keyword(ptr->u.b[0]))) break; |
struct ip_network_acl_record *ptr2 = (struct ip_network_acl_record *) ptr; |
861 |
switch (ptr->u.b[1]) { |
if (io_printf(head, KEYWORD_ALLOW_NETWORK "%s ", network2keyword(ptr2->operation_type))) break; |
862 |
|
switch (ptr2->record_type) { |
863 |
case IP_RECORD_TYPE_ADDRESS_GROUP: |
case IP_RECORD_TYPE_ADDRESS_GROUP: |
864 |
if (io_printf(head, "@%s", ((struct ip_network_acl_record *) ptr)->u.group->group_name->name)) goto print_ip_record_out; |
if (io_printf(head, "@%s", ptr2->u.group->group_name->name)) goto print_ip_record_out; |
865 |
break; |
break; |
866 |
case IP_RECORD_TYPE_IPv4: |
case IP_RECORD_TYPE_IPv4: |
867 |
{ |
{ |
868 |
const u32 min_address = ((struct ip_network_acl_record *) ptr)->u.ipv4.min, max_address = ((struct ip_network_acl_record *) ptr)->u.ipv4.max; |
const u32 min_address = ptr2->u.ipv4.min, max_address = ptr2->u.ipv4.max; |
869 |
if (io_printf(head, "%u.%u.%u.%u", HIPQUAD(min_address))) goto print_ip_record_out; |
if (io_printf(head, "%u.%u.%u.%u", HIPQUAD(min_address))) goto print_ip_record_out; |
870 |
if (min_address != max_address && io_printf(head, "-%u.%u.%u.%u", HIPQUAD(max_address))) goto print_ip_record_out; |
if (min_address != max_address && io_printf(head, "-%u.%u.%u.%u", HIPQUAD(max_address))) goto print_ip_record_out; |
871 |
} |
} |
873 |
case IP_RECORD_TYPE_IPv6: |
case IP_RECORD_TYPE_IPv6: |
874 |
{ |
{ |
875 |
char buf[64]; |
char buf[64]; |
876 |
const u16 *min_address = ((struct ip_network_acl_record *) ptr)->u.ipv6.min, *max_address = ((struct ip_network_acl_record *) ptr)->u.ipv6.max; |
const u16 *min_address = ptr2->u.ipv6.min, *max_address = ptr2->u.ipv6.max; |
877 |
print_ipv6(buf, sizeof(buf), min_address); |
print_ipv6(buf, sizeof(buf), min_address); |
878 |
if (io_printf(head, "%s", buf)) goto print_ip_record_out; |
if (io_printf(head, "%s", buf)) goto print_ip_record_out; |
879 |
if (memcmp(min_address, max_address, 16)) { |
if (memcmp(min_address, max_address, 16)) { |
884 |
break; |
break; |
885 |
} |
} |
886 |
{ |
{ |
887 |
const u16 min_port = ((struct ip_network_acl_record *) ptr)->min_port, max_port = ((struct ip_network_acl_record *) ptr)->max_port; |
const u16 min_port = ptr2->min_port, max_port = ptr2->max_port; |
888 |
if (io_printf(head, " %u", min_port)) goto print_ip_record_out; |
if (io_printf(head, " %u", min_port)) goto print_ip_record_out; |
889 |
if (min_port != max_port && io_printf(head, "-%u", max_port)) goto print_ip_record_out; |
if (min_port != max_port && io_printf(head, "-%u", max_port)) goto print_ip_record_out; |
890 |
} |
} |
895 |
#endif |
#endif |
896 |
#ifdef CONFIG_TOMOYO_MAC_FOR_SIGNAL |
#ifdef CONFIG_TOMOYO_MAC_FOR_SIGNAL |
897 |
} else if (acl_type == TYPE_SIGNAL_ACL) { |
} else if (acl_type == TYPE_SIGNAL_ACL) { |
898 |
if (io_printf(head, KEYWORD_ALLOW_SIGNAL "%u %s", ptr->u.w, ((struct signal_acl_record *) ptr)->domainname->name) || |
struct signal_acl_record *ptr2 = (struct signal_acl_record *) ptr; |
899 |
DumpCondition(head, ptr->cond)) { |
if (io_printf(head, KEYWORD_ALLOW_SIGNAL "%u %s", ptr2->sig, ptr2->domainname->name) || |
900 |
|
DumpCondition(head, ptr->cond)) { |
901 |
head->read_avail = pos; break; |
head->read_avail = pos; break; |
902 |
} |
} |
903 |
#endif |
#endif |
906 |
const char *keyword = acltype2keyword(acl_type); |
const char *keyword = acltype2keyword(acl_type); |
907 |
if (keyword) { |
if (keyword) { |
908 |
if (acltype2paths(acl_type) == 2) { |
if (acltype2paths(acl_type) == 2) { |
909 |
const u8 b0 = ptr->u.b[0], b1 = ptr->u.b[1]; |
struct double_acl_record *ptr2 = (struct double_acl_record *) ptr; |
910 |
if (io_printf(head, "allow_%s %s%s %s%s", keyword, b0 ? "@" : "", b0 ? ((struct double_acl_record *) ptr)->u1.group1->group_name->name : ((struct double_acl_record *) ptr)->u1.filename1->name, b1 ? "@" : "", b1 ? ((struct double_acl_record *) ptr)->u2.group2->group_name->name : ((struct double_acl_record *) ptr)->u2.filename2->name) |
const u8 b0 = ptr2->u1_is_group, b1 = ptr2->u2_is_group; |
911 |
|| DumpCondition(head, ptr->cond)) { |
if (io_printf(head, "allow_%s %s%s %s%s", keyword, |
912 |
|
b0 ? "@" : "", b0 ? ptr2->u1.group1->group_name->name : ptr2->u1.filename1->name, |
913 |
|
b1 ? "@" : "", b1 ? ptr2->u2.group2->group_name->name : ptr2->u2.filename2->name) |
914 |
|
|| DumpCondition(head, ptr->cond)) { |
915 |
head->read_avail = pos; break; |
head->read_avail = pos; break; |
916 |
} |
} |
917 |
} else { |
} else { |
918 |
const u8 b = ptr->u.b[0]; |
struct single_acl_record *ptr2 = (struct single_acl_record *) ptr; |
919 |
if (io_printf(head, "allow_%s %s%s", keyword, b ? "@" : "", b ? ((struct single_acl_record *) ptr)->u.group->group_name->name : ((struct single_acl_record *) ptr)->u.filename->name) |
const u8 b = ptr2->u_is_group; |
920 |
|| DumpCondition(head, ptr->cond)) { |
if (io_printf(head, "allow_%s %s%s", keyword, |
921 |
|
b ? "@" : "", b ? ptr2->u.group->group_name->name : ptr2->u.filename->name) |
922 |
|
|| DumpCondition(head, ptr->cond)) { |
923 |
head->read_avail = pos; break; |
head->read_avail = pos; break; |
924 |
} |
} |
925 |
} |
} |
1220 |
path_release(&nd); |
path_release(&nd); |
1221 |
} |
} |
1222 |
#ifdef CONFIG_SAKURA |
#ifdef CONFIG_SAKURA |
1223 |
printk("SAKURA: 1.5.0-pre 2007/08/06\n"); |
printk("SAKURA: 1.5.0-pre 2007/08/08\n"); |
1224 |
#endif |
#endif |
1225 |
#ifdef CONFIG_TOMOYO |
#ifdef CONFIG_TOMOYO |
1226 |
printk("TOMOYO: 1.5.0-pre 2007/08/06\n"); |
printk("TOMOYO: 1.5.0-pre 2007/08/08\n"); |
1227 |
#endif |
#endif |
1228 |
if (!profile_loaded) { |
if (!profile_loaded) { |
1229 |
char *argv[2], *envp[3]; |
char *argv[2], *envp[3]; |