diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-05-17 10:06:58 +0900 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-08-02 15:33:35 +1000 |
commit | 4c3e9e2ded48bcf696a45945ea7d25bb15b873fd (patch) | |
tree | 0be326f0f90b0279ae83594e9244c3739d348df1 /security/tomoyo/gc.c | |
parent | babcd37821fba57048b30151969d28303f2a8b6b (diff) | |
download | linux-next-4c3e9e2ded48bcf696a45945ea7d25bb15b873fd.tar.gz |
TOMOYO: Add numeric values grouping support.
This patch adds numeric values grouping support, which is useful for grouping
numeric values such as file's UID, DAC's mode, ioctl()'s cmd number.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/gc.c')
-rw-r--r-- | security/tomoyo/gc.c | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c index b9cc71b04314..6a48197f6ce5 100644 --- a/security/tomoyo/gc.c +++ b/security/tomoyo/gc.c @@ -14,6 +14,8 @@ enum tomoyo_gc_id { TOMOYO_ID_PATH_GROUP, TOMOYO_ID_PATH_GROUP_MEMBER, + TOMOYO_ID_NUMBER_GROUP, + TOMOYO_ID_NUMBER_GROUP_MEMBER, TOMOYO_ID_DOMAIN_INITIALIZER, TOMOYO_ID_DOMAIN_KEEPER, TOMOYO_ID_ALIAS, @@ -162,6 +164,16 @@ static void tomoyo_del_path_group(struct tomoyo_path_group *group) tomoyo_put_name(group->group_name); } +static void tomoyo_del_number_group_member(struct tomoyo_number_group_member + *member) +{ +} + +static void tomoyo_del_number_group(struct tomoyo_number_group *group) +{ + tomoyo_put_name(group->group_name); +} + static void tomoyo_collect_entry(void) { if (mutex_lock_interruptible(&tomoyo_policy_lock)) @@ -329,6 +341,29 @@ static void tomoyo_collect_entry(void) break; } } + { + struct tomoyo_number_group *group; + list_for_each_entry_rcu(group, &tomoyo_number_group_list, list) { + struct tomoyo_number_group_member *member; + list_for_each_entry_rcu(member, &group->member_list, + list) { + if (!member->is_deleted) + continue; + if (tomoyo_add_to_gc(TOMOYO_ID_NUMBER_GROUP_MEMBER, + member)) + list_del_rcu(&member->list); + else + break; + } + if (!list_empty(&group->member_list) || + atomic_read(&group->users)) + continue; + if (tomoyo_add_to_gc(TOMOYO_ID_NUMBER_GROUP, group)) + list_del_rcu(&group->list); + else + break; + } + } mutex_unlock(&tomoyo_policy_lock); } @@ -376,6 +411,12 @@ static void tomoyo_kfree_entry(void) case TOMOYO_ID_PATH_GROUP: tomoyo_del_path_group(p->element); break; + case TOMOYO_ID_NUMBER_GROUP_MEMBER: + tomoyo_del_number_group_member(p->element); + break; + case TOMOYO_ID_NUMBER_GROUP: + tomoyo_del_number_group(p->element); + break; default: printk(KERN_WARNING "Unknown type\n"); break; |