| 5 |
* |
* |
| 6 |
* Copyright (C) 2005-2008 NTT DATA CORPORATION |
* Copyright (C) 2005-2008 NTT DATA CORPORATION |
| 7 |
* |
* |
| 8 |
* Version: 1.6.5-pre 2008/10/07 |
* Version: 1.6.5-pre 2008/10/20 |
| 9 |
* |
* |
| 10 |
* This file is applicable to both 2.4.30 and 2.6.11 and later. |
* This file is applicable to both 2.4.30 and 2.6.11 and later. |
| 11 |
* See README.ccs for ChangeLog. |
* See README.ccs for ChangeLog. |
| 1056 |
static struct profile *ccs_find_or_assign_new_profile(const unsigned int |
static struct profile *ccs_find_or_assign_new_profile(const unsigned int |
| 1057 |
profile) |
profile) |
| 1058 |
{ |
{ |
| 1059 |
static DEFINE_MUTEX(profile_lock); |
static DEFINE_MUTEX(lock); |
| 1060 |
struct profile *ptr = NULL; |
struct profile *ptr = NULL; |
| 1061 |
mutex_lock(&profile_lock); |
mutex_lock(&lock); |
| 1062 |
if (profile < MAX_PROFILES) { |
if (profile < MAX_PROFILES) { |
| 1063 |
ptr = profile_ptr[profile]; |
ptr = profile_ptr[profile]; |
| 1064 |
if (ptr) |
if (ptr) |
| 1078 |
} |
} |
| 1079 |
} |
} |
| 1080 |
ok: |
ok: |
| 1081 |
mutex_unlock(&profile_lock); |
mutex_unlock(&lock); |
| 1082 |
return ptr; |
return ptr; |
| 1083 |
} |
} |
| 1084 |
|
|
| 2114 |
*/ |
*/ |
| 2115 |
static int write_pid(struct ccs_io_buffer *head) |
static int write_pid(struct ccs_io_buffer *head) |
| 2116 |
{ |
{ |
|
head->read_step = (int) simple_strtoul(head->write_buf, NULL, 10); |
|
| 2117 |
head->read_eof = false; |
head->read_eof = false; |
| 2118 |
return 0; |
return 0; |
| 2119 |
} |
} |
| 2120 |
|
|
| 2121 |
/** |
/** |
| 2122 |
* read_pid - Get domainname of the specified PID. |
* read_pid - Read information of a process. |
| 2123 |
* |
* |
| 2124 |
* @head: Pointer to "struct ccs_io_buffer". |
* @head: Pointer to "struct ccs_io_buffer". |
| 2125 |
* |
* |
| 2126 |
* Returns the domainname which the specified PID is in on success, |
* Returns the domainname which the specified PID is in or |
| 2127 |
|
* process information of the specified PID on success, |
| 2128 |
* empty string otherwise. |
* empty string otherwise. |
|
* The PID is specified by write_pid() so that the user can obtain |
|
|
* using read()/write() interface rather than sysctl() interface. |
|
| 2129 |
*/ |
*/ |
| 2130 |
static int read_pid(struct ccs_io_buffer *head) |
static int read_pid(struct ccs_io_buffer *head) |
| 2131 |
{ |
{ |
| 2132 |
if (head->read_avail == 0 && !head->read_eof) { |
/* Accessing write_buf is safe because head->io_sem is held. */ |
| 2133 |
const int pid = head->read_step; |
char *buf = head->write_buf; |
| 2134 |
struct task_struct *p; |
bool task_info = false; |
| 2135 |
struct domain_info *domain = NULL; |
unsigned int pid; |
| 2136 |
/***** CRITICAL SECTION START *****/ |
struct task_struct *p; |
| 2137 |
read_lock(&tasklist_lock); |
struct domain_info *domain = NULL; |
| 2138 |
p = find_task_by_pid(pid); |
u32 tomoyo_flags = 0; |
| 2139 |
if (p) |
if (head->read_avail || head->read_eof) |
| 2140 |
domain = p->domain_info; |
goto done; |
| 2141 |
read_unlock(&tasklist_lock); |
head->read_eof = true; |
| 2142 |
/***** CRITICAL SECTION END *****/ |
if (str_starts(&buf, "info ")) |
| 2143 |
if (domain) |
task_info = true; |
| 2144 |
ccs_io_printf(head, "%d %u %s", pid, domain->profile, |
pid = (unsigned int) simple_strtoul(buf, NULL, 10); |
| 2145 |
domain->domainname->name); |
/***** CRITICAL SECTION START *****/ |
| 2146 |
head->read_eof = true; |
read_lock(&tasklist_lock); |
| 2147 |
|
p = find_task_by_pid(pid); |
| 2148 |
|
if (p) { |
| 2149 |
|
domain = p->domain_info; |
| 2150 |
|
tomoyo_flags = p->tomoyo_flags; |
| 2151 |
} |
} |
| 2152 |
|
read_unlock(&tasklist_lock); |
| 2153 |
|
/***** CRITICAL SECTION END *****/ |
| 2154 |
|
if (!domain) |
| 2155 |
|
goto done; |
| 2156 |
|
if (!task_info) |
| 2157 |
|
ccs_io_printf(head, "%u %u %s", pid, domain->profile, |
| 2158 |
|
domain->domainname->name); |
| 2159 |
|
else |
| 2160 |
|
ccs_io_printf(head, "%u manager=%s execute_handler=%s " |
| 2161 |
|
"state[0]=%u state[1]=%u state[2]=%u", pid, |
| 2162 |
|
tomoyo_flags & CCS_TASK_IS_POLICY_MANAGER ? |
| 2163 |
|
"yes" : "no", |
| 2164 |
|
tomoyo_flags & TOMOYO_TASK_IS_EXECUTE_HANDLER ? |
| 2165 |
|
"yes" : "no", |
| 2166 |
|
(u8) (tomoyo_flags >> 24), |
| 2167 |
|
(u8) (tomoyo_flags >> 16), |
| 2168 |
|
(u8) (tomoyo_flags >> 8)); |
| 2169 |
|
done: |
| 2170 |
return 0; |
return 0; |
| 2171 |
} |
} |
| 2172 |
|
|
| 2514 |
} |
} |
| 2515 |
#endif |
#endif |
| 2516 |
#ifdef CONFIG_SAKURA |
#ifdef CONFIG_SAKURA |
| 2517 |
printk(KERN_INFO "SAKURA: 1.6.5-pre 2008/10/07\n"); |
printk(KERN_INFO "SAKURA: 1.6.5-pre 2008/10/20\n"); |
| 2518 |
#endif |
#endif |
| 2519 |
#ifdef CONFIG_TOMOYO |
#ifdef CONFIG_TOMOYO |
| 2520 |
printk(KERN_INFO "TOMOYO: 1.6.5-pre 2008/10/07\n"); |
printk(KERN_INFO "TOMOYO: 1.6.5-pre 2008/10/20\n"); |
| 2521 |
#endif |
#endif |
| 2522 |
printk(KERN_INFO "Mandatory Access Control activated.\n"); |
printk(KERN_INFO "Mandatory Access Control activated.\n"); |
| 2523 |
sbin_init_started = true; |
sbin_init_started = true; |
| 2537 |
/* Wait queue for query_list. */ |
/* Wait queue for query_list. */ |
| 2538 |
static DECLARE_WAIT_QUEUE_HEAD(query_wait); |
static DECLARE_WAIT_QUEUE_HEAD(query_wait); |
| 2539 |
|
|
| 2540 |
/* Lock for manipurating query_list. */ |
/* Lock for manipulating query_list. */ |
| 2541 |
static DEFINE_SPINLOCK(query_lock); |
static DEFINE_SPINLOCK(query_list_lock); |
| 2542 |
|
|
| 2543 |
/* Structure for query. */ |
/* Structure for query. */ |
| 2544 |
struct query_entry { |
struct query_entry { |
| 2607 |
goto out; |
goto out; |
| 2608 |
INIT_LIST_HEAD(&query_entry->list); |
INIT_LIST_HEAD(&query_entry->list); |
| 2609 |
/***** CRITICAL SECTION START *****/ |
/***** CRITICAL SECTION START *****/ |
| 2610 |
spin_lock(&query_lock); |
spin_lock(&query_list_lock); |
| 2611 |
query_entry->serial = serial++; |
query_entry->serial = serial++; |
| 2612 |
spin_unlock(&query_lock); |
spin_unlock(&query_list_lock); |
| 2613 |
/***** CRITICAL SECTION END *****/ |
/***** CRITICAL SECTION END *****/ |
| 2614 |
pos = snprintf(query_entry->query, len - 1, "Q%u-%hu\n%s", |
pos = snprintf(query_entry->query, len - 1, "Q%u-%hu\n%s", |
| 2615 |
query_entry->serial, r->retry, header); |
query_entry->serial, r->retry, header); |
| 2620 |
query_entry->query_len = strlen(query_entry->query) + 1; |
query_entry->query_len = strlen(query_entry->query) + 1; |
| 2621 |
va_end(args); |
va_end(args); |
| 2622 |
/***** CRITICAL SECTION START *****/ |
/***** CRITICAL SECTION START *****/ |
| 2623 |
spin_lock(&query_lock); |
spin_lock(&query_list_lock); |
| 2624 |
list_add_tail(&query_entry->list, &query_list); |
list_add_tail(&query_entry->list, &query_list); |
| 2625 |
spin_unlock(&query_lock); |
spin_unlock(&query_list_lock); |
| 2626 |
/***** CRITICAL SECTION END *****/ |
/***** CRITICAL SECTION END *****/ |
| 2627 |
ccs_update_counter(CCS_UPDATES_COUNTER_QUERY); |
ccs_update_counter(CCS_UPDATES_COUNTER_QUERY); |
| 2628 |
/* Give 10 seconds for supervisor's opinion. */ |
/* Give 10 seconds for supervisor's opinion. */ |
| 2636 |
} |
} |
| 2637 |
ccs_update_counter(CCS_UPDATES_COUNTER_QUERY); |
ccs_update_counter(CCS_UPDATES_COUNTER_QUERY); |
| 2638 |
/***** CRITICAL SECTION START *****/ |
/***** CRITICAL SECTION START *****/ |
| 2639 |
spin_lock(&query_lock); |
spin_lock(&query_list_lock); |
| 2640 |
list_del(&query_entry->list); |
list_del(&query_entry->list); |
| 2641 |
spin_unlock(&query_lock); |
spin_unlock(&query_list_lock); |
| 2642 |
/***** CRITICAL SECTION END *****/ |
/***** CRITICAL SECTION END *****/ |
| 2643 |
switch (query_entry->answer) { |
switch (query_entry->answer) { |
| 2644 |
case 3: /* Asked to retry by administrator. */ |
case 3: /* Asked to retry by administrator. */ |
| 2680 |
u8 i; |
u8 i; |
| 2681 |
for (i = 0; i < 2; i++) { |
for (i = 0; i < 2; i++) { |
| 2682 |
/***** CRITICAL SECTION START *****/ |
/***** CRITICAL SECTION START *****/ |
| 2683 |
spin_lock(&query_lock); |
spin_lock(&query_list_lock); |
| 2684 |
list_for_each(tmp, &query_list) { |
list_for_each(tmp, &query_list) { |
| 2685 |
struct query_entry *ptr |
struct query_entry *ptr |
| 2686 |
= list_entry(tmp, struct query_entry, list); |
= list_entry(tmp, struct query_entry, list); |
| 2689 |
found = true; |
found = true; |
| 2690 |
break; |
break; |
| 2691 |
} |
} |
| 2692 |
spin_unlock(&query_lock); |
spin_unlock(&query_list_lock); |
| 2693 |
/***** CRITICAL SECTION END *****/ |
/***** CRITICAL SECTION END *****/ |
| 2694 |
if (found) |
if (found) |
| 2695 |
return POLLIN | POLLRDNORM; |
return POLLIN | POLLRDNORM; |
| 2721 |
head->readbuf_size = 0; |
head->readbuf_size = 0; |
| 2722 |
} |
} |
| 2723 |
/***** CRITICAL SECTION START *****/ |
/***** CRITICAL SECTION START *****/ |
| 2724 |
spin_lock(&query_lock); |
spin_lock(&query_list_lock); |
| 2725 |
list_for_each(tmp, &query_list) { |
list_for_each(tmp, &query_list) { |
| 2726 |
struct query_entry *ptr |
struct query_entry *ptr |
| 2727 |
= list_entry(tmp, struct query_entry, list); |
= list_entry(tmp, struct query_entry, list); |
| 2732 |
len = ptr->query_len; |
len = ptr->query_len; |
| 2733 |
break; |
break; |
| 2734 |
} |
} |
| 2735 |
spin_unlock(&query_lock); |
spin_unlock(&query_list_lock); |
| 2736 |
/***** CRITICAL SECTION END *****/ |
/***** CRITICAL SECTION END *****/ |
| 2737 |
if (!len) { |
if (!len) { |
| 2738 |
head->read_step = 0; |
head->read_step = 0; |
| 2743 |
return 0; |
return 0; |
| 2744 |
pos = 0; |
pos = 0; |
| 2745 |
/***** CRITICAL SECTION START *****/ |
/***** CRITICAL SECTION START *****/ |
| 2746 |
spin_lock(&query_lock); |
spin_lock(&query_list_lock); |
| 2747 |
list_for_each(tmp, &query_list) { |
list_for_each(tmp, &query_list) { |
| 2748 |
struct query_entry *ptr |
struct query_entry *ptr |
| 2749 |
= list_entry(tmp, struct query_entry, list); |
= list_entry(tmp, struct query_entry, list); |
| 2759 |
memmove(buf, ptr->query, len); |
memmove(buf, ptr->query, len); |
| 2760 |
break; |
break; |
| 2761 |
} |
} |
| 2762 |
spin_unlock(&query_lock); |
spin_unlock(&query_list_lock); |
| 2763 |
/***** CRITICAL SECTION END *****/ |
/***** CRITICAL SECTION END *****/ |
| 2764 |
if (buf[0]) { |
if (buf[0]) { |
| 2765 |
head->read_avail = len; |
head->read_avail = len; |
| 2786 |
unsigned int serial; |
unsigned int serial; |
| 2787 |
unsigned int answer; |
unsigned int answer; |
| 2788 |
/***** CRITICAL SECTION START *****/ |
/***** CRITICAL SECTION START *****/ |
| 2789 |
spin_lock(&query_lock); |
spin_lock(&query_list_lock); |
| 2790 |
list_for_each(tmp, &query_list) { |
list_for_each(tmp, &query_list) { |
| 2791 |
struct query_entry *ptr |
struct query_entry *ptr |
| 2792 |
= list_entry(tmp, struct query_entry, list); |
= list_entry(tmp, struct query_entry, list); |
| 2793 |
ptr->timer = 0; |
ptr->timer = 0; |
| 2794 |
} |
} |
| 2795 |
spin_unlock(&query_lock); |
spin_unlock(&query_list_lock); |
| 2796 |
/***** CRITICAL SECTION END *****/ |
/***** CRITICAL SECTION END *****/ |
| 2797 |
if (sscanf(data, "A%u=%u", &serial, &answer) != 2) |
if (sscanf(data, "A%u=%u", &serial, &answer) != 2) |
| 2798 |
return -EINVAL; |
return -EINVAL; |
| 2799 |
/***** CRITICAL SECTION START *****/ |
/***** CRITICAL SECTION START *****/ |
| 2800 |
spin_lock(&query_lock); |
spin_lock(&query_list_lock); |
| 2801 |
list_for_each(tmp, &query_list) { |
list_for_each(tmp, &query_list) { |
| 2802 |
struct query_entry *ptr |
struct query_entry *ptr |
| 2803 |
= list_entry(tmp, struct query_entry, list); |
= list_entry(tmp, struct query_entry, list); |
| 2807 |
ptr->answer = answer; |
ptr->answer = answer; |
| 2808 |
break; |
break; |
| 2809 |
} |
} |
| 2810 |
spin_unlock(&query_lock); |
spin_unlock(&query_list_lock); |
| 2811 |
/***** CRITICAL SECTION END *****/ |
/***** CRITICAL SECTION END *****/ |
| 2812 |
return 0; |
return 0; |
| 2813 |
} |
} |
| 2884 |
static int read_version(struct ccs_io_buffer *head) |
static int read_version(struct ccs_io_buffer *head) |
| 2885 |
{ |
{ |
| 2886 |
if (!head->read_eof) { |
if (!head->read_eof) { |
| 2887 |
ccs_io_printf(head, "1.6.4"); |
ccs_io_printf(head, "1.6.5-pre"); |
| 2888 |
head->read_eof = true; |
head->read_eof = true; |
| 2889 |
} |
} |
| 2890 |
return 0; |
return 0; |
TOMOYO
Parent Directory
Revision Log
Patch