オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.7.x/ccs-patch/security/ccsecurity/util.c

Diff of /trunk/1.7.x/ccs-patch/security/ccsecurity/util.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 621 by kumaneko, Sat Oct 27 08:11:13 2007 UTC revision 652 by kumaneko, Mon Nov 5 07:48:31 2007 UTC
# Line 544  EXPORT_SYMBOL(CheckCCSAccept); Line 544  EXPORT_SYMBOL(CheckCCSAccept);
544    
545  static struct profile *FindOrAssignNewProfile(const unsigned int profile)  static struct profile *FindOrAssignNewProfile(const unsigned int profile)
546  {  {
547          static DECLARE_MUTEX(profile_lock);          static DEFINE_MUTEX(profile_lock);
548          struct profile *ptr = NULL;          struct profile *ptr = NULL;
549          down(&profile_lock);          mutex_lock(&profile_lock);
550          if (profile < MAX_PROFILES && (ptr = profile_ptr[profile]) == NULL) {          if (profile < MAX_PROFILES && (ptr = profile_ptr[profile]) == NULL) {
551                  if ((ptr = alloc_element(sizeof(*ptr))) != NULL) {                  if ((ptr = alloc_element(sizeof(*ptr))) != NULL) {
552                          int i;                          int i;
# Line 555  static struct profile *FindOrAssignNewPr Line 555  static struct profile *FindOrAssignNewPr
555                          profile_ptr[profile] = ptr;                          profile_ptr[profile] = ptr;
556                  }                  }
557          }          }
558          up(&profile_lock);          mutex_unlock(&profile_lock);
559          return ptr;          return ptr;
560  }  }
561    
# Line 665  static struct policy_manager_entry *poli Line 665  static struct policy_manager_entry *poli
665  static int AddManagerEntry(const char *manager, const bool is_delete)  static int AddManagerEntry(const char *manager, const bool is_delete)
666  {  {
667          struct policy_manager_entry *new_entry, *ptr;          struct policy_manager_entry *new_entry, *ptr;
668          static DECLARE_MUTEX(lock);          static DEFINE_MUTEX(lock);
669          const struct path_info *saved_manager;          const struct path_info *saved_manager;
670          int error = -ENOMEM;          int error = -ENOMEM;
671          bool is_domain = 0;          bool is_domain = 0;
# Line 677  static int AddManagerEntry(const char *m Line 677  static int AddManagerEntry(const char *m
677                  if (!IsCorrectPath(manager, 1, -1, -1, __FUNCTION__)) return -EINVAL;                  if (!IsCorrectPath(manager, 1, -1, -1, __FUNCTION__)) return -EINVAL;
678          }          }
679          if ((saved_manager = SaveName(manager)) == NULL) return -ENOMEM;          if ((saved_manager = SaveName(manager)) == NULL) return -ENOMEM;
680          down(&lock);          mutex_lock(&lock);
681          for (ptr = policy_manager_list; ptr; ptr = ptr->next) {          for (ptr = policy_manager_list; ptr; ptr = ptr->next) {
682                  if (ptr->manager == saved_manager) {                  if (ptr->manager == saved_manager) {
683                          ptr->is_deleted = is_delete;                          ptr->is_deleted = is_delete;
# Line 700  static int AddManagerEntry(const char *m Line 700  static int AddManagerEntry(const char *m
700          }          }
701          error = 0;          error = 0;
702   out:   out:
703          up(&lock);          mutex_unlock(&lock);
704          if (!error) UpdateCounter(CCS_UPDATES_COUNTER_MANAGER);          if (!error) UpdateCounter(CCS_UPDATES_COUNTER_MANAGER);
705          return error;          return error;
706  }  }
# Line 1229  void CCS_LoadPolicy(const char *filename Line 1229  void CCS_LoadPolicy(const char *filename
1229                  }                  }
1230          }          }
1231  #ifdef CONFIG_SAKURA  #ifdef CONFIG_SAKURA
1232          printk("SAKURA: 1.5.2-pre   2007/10/19\n");          printk("SAKURA: 1.5.2-pre   2007/11/05\n");
1233  #endif  #endif
1234  #ifdef CONFIG_TOMOYO  #ifdef CONFIG_TOMOYO
1235          printk("TOMOYO: 1.5.2-pre   2007/10/19\n");          printk("TOMOYO: 1.5.2-pre   2007/11/05\n");
1236  #endif  #endif
1237          //if (!profile_loaded) panic("No profiles loaded. Run policy loader using 'init=' option.\n");          //if (!profile_loaded) panic("No profiles loaded. Run policy loader using 'init=' option.\n");
1238          printk("Mandatory Access Control activated.\n");          printk("Mandatory Access Control activated.\n");
# Line 1501  int CCS_OpenControl(const int type, stru Line 1501  int CCS_OpenControl(const int type, stru
1501  {  {
1502          struct io_buffer *head = ccs_alloc(sizeof(*head));          struct io_buffer *head = ccs_alloc(sizeof(*head));
1503          if (!head) return -ENOMEM;          if (!head) return -ENOMEM;
1504          init_MUTEX(&head->read_sem);          mutex_init(&head->read_sem);
1505          init_MUTEX(&head->write_sem);          mutex_init(&head->write_sem);
1506          switch (type) {          switch (type) {
1507  #ifdef CONFIG_SAKURA  #ifdef CONFIG_SAKURA
1508          case CCS_SYSTEMPOLICY:          case CCS_SYSTEMPOLICY:
# Line 1611  int CCS_ReadControl(struct file *file, c Line 1611  int CCS_ReadControl(struct file *file, c
1611          struct io_buffer *head = file->private_data;          struct io_buffer *head = file->private_data;
1612          if (!head->read) return -ENOSYS;          if (!head->read) return -ENOSYS;
1613          if (!access_ok(VERIFY_WRITE, buffer, buffer_len)) return -EFAULT;          if (!access_ok(VERIFY_WRITE, buffer, buffer_len)) return -EFAULT;
1614          if (down_interruptible(&head->read_sem)) return -EINTR;          if (mutex_lock_interruptible(&head->read_sem)) return -EINTR;
1615          len = head->read(head);          len = head->read(head);
1616          if (len >= 0) len = CopyToUser(head, buffer, buffer_len);          if (len >= 0) len = CopyToUser(head, buffer, buffer_len);
1617          up(&head->read_sem);          mutex_unlock(&head->read_sem);
1618          return len;          return len;
1619  }  }
1620    
# Line 1630  int CCS_WriteControl(struct file *file, Line 1630  int CCS_WriteControl(struct file *file,
1630          if (head->write != WritePID && !IsPolicyManager()) {          if (head->write != WritePID && !IsPolicyManager()) {
1631                  return -EPERM; /* Forbid updating policies for non manager programs. */                  return -EPERM; /* Forbid updating policies for non manager programs. */
1632          }          }
1633          if (down_interruptible(&head->write_sem)) return -EINTR;          if (mutex_lock_interruptible(&head->write_sem)) return -EINTR;
1634          while (avail_len > 0) {          while (avail_len > 0) {
1635                  char c;                  char c;
1636                  if (head->write_avail >= head->writebuf_size - 1) {                  if (head->write_avail >= head->writebuf_size - 1) {
# Line 1648  int CCS_WriteControl(struct file *file, Line 1648  int CCS_WriteControl(struct file *file,
1648                  NormalizeLine(cp0);                  NormalizeLine(cp0);
1649                  head->write(head);                  head->write(head);
1650          }          }
1651          up(&head->write_sem);          mutex_unlock(&head->write_sem);
1652          return error;          return error;
1653  }  }
1654    
Legend:
Removed from v.621  
changed lines
  Added in v.652
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ