544 |
|
|
545 |
static struct profile *FindOrAssignNewProfile(const unsigned int profile) |
static struct profile *FindOrAssignNewProfile(const unsigned int profile) |
546 |
{ |
{ |
547 |
static DECLARE_MUTEX(profile_lock); |
static DEFINE_MUTEX(profile_lock); |
548 |
struct profile *ptr = NULL; |
struct profile *ptr = NULL; |
549 |
down(&profile_lock); |
mutex_lock(&profile_lock); |
550 |
if (profile < MAX_PROFILES && (ptr = profile_ptr[profile]) == NULL) { |
if (profile < MAX_PROFILES && (ptr = profile_ptr[profile]) == NULL) { |
551 |
if ((ptr = alloc_element(sizeof(*ptr))) != NULL) { |
if ((ptr = alloc_element(sizeof(*ptr))) != NULL) { |
552 |
int i; |
int i; |
555 |
profile_ptr[profile] = ptr; |
profile_ptr[profile] = ptr; |
556 |
} |
} |
557 |
} |
} |
558 |
up(&profile_lock); |
mutex_unlock(&profile_lock); |
559 |
return ptr; |
return ptr; |
560 |
} |
} |
561 |
|
|
665 |
static int AddManagerEntry(const char *manager, const bool is_delete) |
static int AddManagerEntry(const char *manager, const bool is_delete) |
666 |
{ |
{ |
667 |
struct policy_manager_entry *new_entry, *ptr; |
struct policy_manager_entry *new_entry, *ptr; |
668 |
static DECLARE_MUTEX(lock); |
static DEFINE_MUTEX(lock); |
669 |
const struct path_info *saved_manager; |
const struct path_info *saved_manager; |
670 |
int error = -ENOMEM; |
int error = -ENOMEM; |
671 |
bool is_domain = 0; |
bool is_domain = 0; |
677 |
if (!IsCorrectPath(manager, 1, -1, -1, __FUNCTION__)) return -EINVAL; |
if (!IsCorrectPath(manager, 1, -1, -1, __FUNCTION__)) return -EINVAL; |
678 |
} |
} |
679 |
if ((saved_manager = SaveName(manager)) == NULL) return -ENOMEM; |
if ((saved_manager = SaveName(manager)) == NULL) return -ENOMEM; |
680 |
down(&lock); |
mutex_lock(&lock); |
681 |
for (ptr = policy_manager_list; ptr; ptr = ptr->next) { |
for (ptr = policy_manager_list; ptr; ptr = ptr->next) { |
682 |
if (ptr->manager == saved_manager) { |
if (ptr->manager == saved_manager) { |
683 |
ptr->is_deleted = is_delete; |
ptr->is_deleted = is_delete; |
700 |
} |
} |
701 |
error = 0; |
error = 0; |
702 |
out: |
out: |
703 |
up(&lock); |
mutex_unlock(&lock); |
704 |
if (!error) UpdateCounter(CCS_UPDATES_COUNTER_MANAGER); |
if (!error) UpdateCounter(CCS_UPDATES_COUNTER_MANAGER); |
705 |
return error; |
return error; |
706 |
} |
} |
1229 |
} |
} |
1230 |
} |
} |
1231 |
#ifdef CONFIG_SAKURA |
#ifdef CONFIG_SAKURA |
1232 |
printk("SAKURA: 1.5.2-pre 2007/10/19\n"); |
printk("SAKURA: 1.5.2-pre 2007/11/05\n"); |
1233 |
#endif |
#endif |
1234 |
#ifdef CONFIG_TOMOYO |
#ifdef CONFIG_TOMOYO |
1235 |
printk("TOMOYO: 1.5.2-pre 2007/10/19\n"); |
printk("TOMOYO: 1.5.2-pre 2007/11/05\n"); |
1236 |
#endif |
#endif |
1237 |
//if (!profile_loaded) panic("No profiles loaded. Run policy loader using 'init=' option.\n"); |
//if (!profile_loaded) panic("No profiles loaded. Run policy loader using 'init=' option.\n"); |
1238 |
printk("Mandatory Access Control activated.\n"); |
printk("Mandatory Access Control activated.\n"); |
1501 |
{ |
{ |
1502 |
struct io_buffer *head = ccs_alloc(sizeof(*head)); |
struct io_buffer *head = ccs_alloc(sizeof(*head)); |
1503 |
if (!head) return -ENOMEM; |
if (!head) return -ENOMEM; |
1504 |
init_MUTEX(&head->read_sem); |
mutex_init(&head->read_sem); |
1505 |
init_MUTEX(&head->write_sem); |
mutex_init(&head->write_sem); |
1506 |
switch (type) { |
switch (type) { |
1507 |
#ifdef CONFIG_SAKURA |
#ifdef CONFIG_SAKURA |
1508 |
case CCS_SYSTEMPOLICY: |
case CCS_SYSTEMPOLICY: |
1611 |
struct io_buffer *head = file->private_data; |
struct io_buffer *head = file->private_data; |
1612 |
if (!head->read) return -ENOSYS; |
if (!head->read) return -ENOSYS; |
1613 |
if (!access_ok(VERIFY_WRITE, buffer, buffer_len)) return -EFAULT; |
if (!access_ok(VERIFY_WRITE, buffer, buffer_len)) return -EFAULT; |
1614 |
if (down_interruptible(&head->read_sem)) return -EINTR; |
if (mutex_lock_interruptible(&head->read_sem)) return -EINTR; |
1615 |
len = head->read(head); |
len = head->read(head); |
1616 |
if (len >= 0) len = CopyToUser(head, buffer, buffer_len); |
if (len >= 0) len = CopyToUser(head, buffer, buffer_len); |
1617 |
up(&head->read_sem); |
mutex_unlock(&head->read_sem); |
1618 |
return len; |
return len; |
1619 |
} |
} |
1620 |
|
|
1630 |
if (head->write != WritePID && !IsPolicyManager()) { |
if (head->write != WritePID && !IsPolicyManager()) { |
1631 |
return -EPERM; /* Forbid updating policies for non manager programs. */ |
return -EPERM; /* Forbid updating policies for non manager programs. */ |
1632 |
} |
} |
1633 |
if (down_interruptible(&head->write_sem)) return -EINTR; |
if (mutex_lock_interruptible(&head->write_sem)) return -EINTR; |
1634 |
while (avail_len > 0) { |
while (avail_len > 0) { |
1635 |
char c; |
char c; |
1636 |
if (head->write_avail >= head->writebuf_size - 1) { |
if (head->write_avail >= head->writebuf_size - 1) { |
1648 |
NormalizeLine(cp0); |
NormalizeLine(cp0); |
1649 |
head->write(head); |
head->write(head); |
1650 |
} |
} |
1651 |
up(&head->write_sem); |
mutex_unlock(&head->write_sem); |
1652 |
return error; |
return error; |
1653 |
} |
} |
1654 |
|
|