Diff of /trunk/1.7.x/ccs-patch/security/ccsecurity/util.c

TOMOYO

 Subversion リポジトリの参照



/[tomoyo]/trunk/1.7.x/ccs-patch/security/ccsecurity/util.c




Diff of /trunk/1.7.x/ccs-patch/security/ccsecurity/util.c



 Parent Directory

|  Revision Log



|  Patch














revision 1507 by kumaneko,
Tue Sep  2 06:45:13 2008 UTC




revision 1561 by kumaneko,
Tue Sep  9 04:29:07 2008 UTC






#

Line 5 



Line 5 













5
  *
  *

















6
  * Copyright (C) 2005-2008  NTT DATA CORPORATION
  * Copyright (C) 2005-2008  NTT DATA CORPORATION

















7
  *
  *















8


  * Version: 1.6.4   2008/09/03


  * Version: 1.6.5-pre   2008/09/09















9
  *
  *

















10
  * This file is applicable to both 2.4.30 and 2.6.11 and later.
  * This file is applicable to both 2.4.30 and 2.6.11 and later.

















11
  * See README.ccs for ChangeLog.
  * See README.ccs for ChangeLog.











#

Line 2411 
 void ccs_load_policy(const char *filenam


Line 2411 
 void ccs_load_policy(const char *filenam












2411
         }
         }

















2412
 #endif
 #endif

















2413
 #ifdef CONFIG_SAKURA
 #ifdef CONFIG_SAKURA















2414


         printk(KERN_INFO "SAKURA: 1.6.4   2008/09/03\n");


         printk(KERN_INFO "SAKURA: 1.6.5-pre   2008/09/09\n");















2415
 #endif
 #endif

















2416
 #ifdef CONFIG_TOMOYO
 #ifdef CONFIG_TOMOYO















2417


         printk(KERN_INFO "TOMOYO: 1.6.4   2008/09/03\n");


         printk(KERN_INFO "TOMOYO: 1.6.5-pre   2008/09/09\n");















2418
 #endif
 #endif

















2419
         printk(KERN_INFO "Mandatory Access Control activated.\n");
         printk(KERN_INFO "Mandatory Access Control activated.\n");

















2420
         sbin_init_started = true;
         sbin_init_started = true;











#

Line 2460 
 static atomic_t queryd_watcher = ATOMIC_


Line 2460 
 static atomic_t queryd_watcher = ATOMIC_












2460
  * @fmt:  The printf()'s format string, followed by parameters.
  * @fmt:  The printf()'s format string, followed by parameters.

















2461
  *
  *

















2462
  * Returns 0 if the supervisor decided to permit the access request which
  * Returns 0 if the supervisor decided to permit the access request which















2463


  * violated the policy in enforcing mode, -EPERM otherwise.


  * violated the policy in enforcing mode, 1 if the supervisor decided to













2464


 


  * retry the access request which violated the policy in enforcing mode,













2465


 


  * -EPERM otherwise.















2466
  */
  */

















2467
 int ccs_check_supervisor(struct linux_binprm *bprm, const char *fmt, ...)
 int ccs_check_supervisor(struct linux_binprm *bprm, const char *fmt, ...)

















2468
 {
 {











#

Line 2534 
 int ccs_check_supervisor(struct linux_bi


Line 2536 
 int ccs_check_supervisor(struct linux_bi












2536
         spin_unlock(&query_lock);
         spin_unlock(&query_lock);

















2537
         /***** CRITICAL SECTION END *****/
         /***** CRITICAL SECTION END *****/

















2538
         switch (query_entry->answer) {
         switch (query_entry->answer) {












2539
 
         case 2: /* Asked to retry by administrator. */







2540
 
                 error = 1;







2541
 
                 break;












2542
         case 1:
         case 1:

















2543
                 /* Granted by administrator. */
                 /* Granted by administrator. */

















2544
                 error = 0;
                 error = 0;





























Legend:



Removed from v.1507
 


changed lines


 
Added in v.1561













Back to OSDN">Back to OSDN
ViewVC Help


Powered by ViewVC 1.1.26
 /[tomoyo]/trunk/1.7.x/ccs-patch/security/ccsecurity/util.c
-revision 1507 by kumaneko,
Tue Sep  2 06:45:13 2008 UTC
+revision 1561 by kumaneko,
Tue Sep  9 04:29:07 2008 UTC
 Line 5
   *
   * Copyright (C) 2005-2008  NTT DATA CORPORATION
   *
-  * Version: 1.6.4   2008/09/03
+  * Version: 1.6.5-pre   2008/09/09
   *
   * This file is applicable to both 2.4.30 and 2.6.11 and later.
   * See README.ccs for ChangeLog.
 Line 2411 
 void ccs_load_policy(const char *filenam
          }
  #endif
  #ifdef CONFIG_SAKURA
-         printk(KERN_INFO "SAKURA: 1.6.4   2008/09/03\n");
+         printk(KERN_INFO "SAKURA: 1.6.5-pre   2008/09/09\n");
  #endif
  #ifdef CONFIG_TOMOYO
-         printk(KERN_INFO "TOMOYO: 1.6.4   2008/09/03\n");
+         printk(KERN_INFO "TOMOYO: 1.6.5-pre   2008/09/09\n");
  #endif
          printk(KERN_INFO "Mandatory Access Control activated.\n");
          sbin_init_started = true;
 Line 2460 
 static atomic_t queryd_watcher = ATOMIC_
   * @fmt:  The printf()'s format string, followed by parameters.
   *
   * Returns 0 if the supervisor decided to permit the access request which
-  * violated the policy in enforcing mode, -EPERM otherwise.
+  * violated the policy in enforcing mode, 1 if the supervisor decided to
+  * retry the access request which violated the policy in enforcing mode,
+  * -EPERM otherwise.
   */
  int ccs_check_supervisor(struct linux_binprm *bprm, const char *fmt, ...)
  {
-Line 2534 
 int ccs_check_supervisor(struct linux_bi
+Line 2536 
 int ccs_check_supervisor(struct linux_bi
          spin_unlock(&query_lock);
          /***** CRITICAL SECTION END *****/
          switch (query_entry->answer) {
+         case 2: /* Asked to retry by administrator. */
+                 error = 1;
+                 break;
          case 1:
                  /* Granted by administrator. */
                  error = 0;
 Legend:



Removed from v.1507
 


changed lines


 
Added in v.1561
 Legend:



Removed from v.1507
 


changed lines


 
Added in v.1561
-Removed from v.1507
+Added in v.1561
-Back to OSDN">Back to OSDN
+ViewVC Help
 Powered by ViewVC 1.1.26

オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照