オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.8.x/ccs-patch/security/ccsecurity/policy_io.c

Diff of /trunk/1.8.x/ccs-patch/security/ccsecurity/policy_io.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 3079 by kumaneko, Fri Oct 2 06:23:24 2009 UTC revision 3131 by kumaneko, Tue Nov 3 03:51:07 2009 UTC
# Line 3  Line 3 
3   *   *
4   * Copyright (C) 2005-2009  NTT DATA CORPORATION   * Copyright (C) 2005-2009  NTT DATA CORPORATION
5   *   *
6   * Version: 1.7.0   2009/10/01   * Version: 1.7.1-pre   2009/11/03
7   *   *
8   * This file is applicable to both 2.4.30 and 2.6.11 and later.   * This file is applicable to both 2.4.30 and 2.6.11 and later.
9   * See README.ccs for ChangeLog.   * See README.ccs for ChangeLog.
# Line 36  static struct ccs_profile ccs_default_pr Line 36  static struct ccs_profile ccs_default_pr
36  /* Profile table. Memory is allocated as needed. */  /* Profile table. Memory is allocated as needed. */
37  static struct ccs_profile *ccs_profile_ptr[CCS_MAX_PROFILES];  static struct ccs_profile *ccs_profile_ptr[CCS_MAX_PROFILES];
38    
 /* Lock for protecting "struct ccs_profile"->comment  */  
 static DEFINE_SPINLOCK(ccs_profile_comment_lock);  
   
39  /* String table for functionality that takes 4 modes. */  /* String table for functionality that takes 4 modes. */
40  static const char *ccs_mode_4[4] = {  static const char *ccs_mode_4[4] = {
41          "disabled", "learning", "permissive", "enforcing"          "disabled", "learning", "permissive", "enforcing"
# Line 438  static int ccs_write_profile(struct ccs_ Line 435  static int ccs_write_profile(struct ccs_
435          if (profile == &ccs_default_profile)          if (profile == &ccs_default_profile)
436                  return -EINVAL;                  return -EINVAL;
437          if (!strcmp(data, "COMMENT")) {          if (!strcmp(data, "COMMENT")) {
438                  const struct ccs_path_info *new_comment = ccs_get_name(cp);                  const struct ccs_path_info *old_comment = profile->comment;
439                  const struct ccs_path_info *old_comment;                  profile->comment = ccs_get_name(cp);
                 /* Protect reader from ccs_put_name(). */  
                 spin_lock(&ccs_profile_comment_lock);  
                 old_comment = profile->comment;  
                 profile->comment = new_comment;  
                 spin_unlock(&ccs_profile_comment_lock);  
440                  ccs_put_name(old_comment);                  ccs_put_name(old_comment);
441                  return 0;                  return 0;
442          }          }
# Line 551  static void ccs_read_profile(struct ccs_ Line 543  static void ccs_read_profile(struct ccs_
543                  int i;                  int i;
544                  int pos;                  int pos;
545                  const struct ccs_profile *profile = ccs_profile_ptr[index];                  const struct ccs_profile *profile = ccs_profile_ptr[index];
546                    const struct ccs_path_info *comment;
547                  head->read_step = index;                  head->read_step = index;
548                  if (!profile)                  if (!profile)
549                          continue;                          continue;
550                  pos = head->read_avail;                  pos = head->read_avail;
551                  spin_lock(&ccs_profile_comment_lock);                  comment = profile->comment;
552                  done = ccs_io_printf(head, "%u-COMMENT=%s\n", index,                  done = ccs_io_printf(head, "%u-COMMENT=%s\n", index,
553                                       profile->comment ? profile->comment->name                                       comment ? comment->name : "");
                                      : "");  
                 spin_unlock(&ccs_profile_comment_lock);  
554                  if (!done)                  if (!done)
555                          goto out;                          goto out;
556                  config = profile->default_config;                  config = profile->default_config;
# Line 1202  static bool ccs_print_condition(struct c Line 1193  static bool ccs_print_condition(struct c
1193  }  }
1194    
1195  /**  /**
1196   * ccs_print_path_acl - Print a single path ACL entry.   * ccs_print_path_acl - Print a path ACL entry.
1197   *   *
1198   * @head: Pointer to "struct ccs_io_buffer".   * @head: Pointer to "struct ccs_io_buffer".
1199   * @ptr:  Pointer to "struct ccs_path_acl".   * @ptr:  Pointer to "struct ccs_path_acl".
# Line 1595  static bool ccs_print_entry(struct ccs_i Line 1586  static bool ccs_print_entry(struct ccs_i
1586          }          }
1587          if (acl_type == CCS_TYPE_PATH2_ACL) {          if (acl_type == CCS_TYPE_PATH2_ACL) {
1588                  struct ccs_path2_acl *acl                  struct ccs_path2_acl *acl
1589                          = container_of(ptr, struct ccs_path2_acl,                          = container_of(ptr, struct ccs_path2_acl, head);
                                        head);  
1590                  return ccs_print_path2_acl(head, acl, cond);                  return ccs_print_path2_acl(head, acl, cond);
1591          }          }
1592          if (acl_type == CCS_TYPE_PATH_NUMBER_ACL) {          if (acl_type == CCS_TYPE_PATH_NUMBER_ACL) {
1593                  struct ccs_path_number_acl *acl                  struct ccs_path_number_acl *acl
1594                          = container_of(ptr, struct ccs_path_number_acl,                          = container_of(ptr, struct ccs_path_number_acl, head);
                                        head);  
1595                  return ccs_print_path_number_acl(head, acl, cond);                  return ccs_print_path_number_acl(head, acl, cond);
1596          }          }
1597          if (acl_type == CCS_TYPE_ENV_ACL) {          if (acl_type == CCS_TYPE_ENV_ACL) {
# Line 1612  static bool ccs_print_entry(struct ccs_i Line 1601  static bool ccs_print_entry(struct ccs_i
1601          }          }
1602          if (acl_type == CCS_TYPE_CAPABILITY_ACL) {          if (acl_type == CCS_TYPE_CAPABILITY_ACL) {
1603                  struct ccs_capability_acl *acl                  struct ccs_capability_acl *acl
1604                          = container_of(ptr, struct ccs_capability_acl,                          = container_of(ptr, struct ccs_capability_acl, head);
                                        head);  
1605                  return ccs_print_capability_acl(head, acl, cond);                  return ccs_print_capability_acl(head, acl, cond);
1606          }          }
1607          if (acl_type == CCS_TYPE_IP_NETWORK_ACL) {          if (acl_type == CCS_TYPE_IP_NETWORK_ACL) {
1608                  struct ccs_ip_network_acl *acl                  struct ccs_ip_network_acl *acl
1609                          = container_of(ptr, struct ccs_ip_network_acl,                          = container_of(ptr, struct ccs_ip_network_acl, head);
                                        head);  
1610                  return ccs_print_network_acl(head, acl, cond);                  return ccs_print_network_acl(head, acl, cond);
1611          }          }
1612          if (acl_type == CCS_TYPE_SIGNAL_ACL) {          if (acl_type == CCS_TYPE_SIGNAL_ACL) {
# Line 2415  static void ccs_read_version(struct ccs_ Line 2402  static void ccs_read_version(struct ccs_
2402  {  {
2403          if (head->read_eof)          if (head->read_eof)
2404                  return;                  return;
2405          ccs_io_printf(head, "1.7.0");          ccs_io_printf(head, "1.7.1-pre");
2406          head->read_eof = true;          head->read_eof = true;
2407  }  }
2408    
Legend:
Removed from v.3079  
changed lines
  Added in v.3131
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ