717 |
if (!e.manager) |
if (!e.manager) |
718 |
return error; |
return error; |
719 |
error = ccs_update_policy(&e.head, sizeof(e), is_delete, |
error = ccs_update_policy(&e.head, sizeof(e), is_delete, |
720 |
CCS_ID_MANAGER, ccs_same_manager_entry); |
&ccs_policy_list[CCS_ID_MANAGER], |
721 |
|
ccs_same_manager_entry); |
722 |
ccs_put_name(e.manager); |
ccs_put_name(e.manager); |
723 |
return error; |
return error; |
724 |
} |
} |
1263 |
&& (perm & (1 << CCS_TYPE_READ_WRITE))) |
&& (perm & (1 << CCS_TYPE_READ_WRITE))) |
1264 |
continue; |
continue; |
1265 |
pos = head->read_avail; |
pos = head->read_avail; |
1266 |
if (!ccs_io_printf(head, "allow_%s", ccs_path2keyword(bit)) || |
if (!ccs_io_printf(head, "allow_%s", ccs_path_keyword[bit]) || |
1267 |
!ccs_print_name_union(head, &ptr->name) || |
!ccs_print_name_union(head, &ptr->name) || |
1268 |
!ccs_print_condition(head, ptr->head.cond)) { |
!ccs_print_condition(head, ptr->head.cond)) { |
1269 |
head->read_bit = bit; |
head->read_bit = bit; |
1276 |
} |
} |
1277 |
|
|
1278 |
/** |
/** |
1279 |
* ccs_print_path_number3_acl - Print a path_number3 ACL entry. |
* ccs_print_mkdev_acl - Print a mkdev ACL entry. |
1280 |
* |
* |
1281 |
* @head: Pointer to "struct ccs_io_buffer". |
* @head: Pointer to "struct ccs_io_buffer". |
1282 |
* @ptr: Pointer to "struct ccs_path_number3_acl". |
* @ptr: Pointer to "struct ccs_mkdev_acl". |
1283 |
* |
* |
1284 |
* Returns true on success, false otherwise. |
* Returns true on success, false otherwise. |
1285 |
*/ |
*/ |
1286 |
static bool ccs_print_path_number3_acl(struct ccs_io_buffer *head, |
static bool ccs_print_mkdev_acl(struct ccs_io_buffer *head, |
1287 |
struct ccs_path_number3_acl *ptr) |
struct ccs_mkdev_acl *ptr) |
1288 |
{ |
{ |
1289 |
int pos; |
int pos; |
1290 |
u8 bit; |
u8 bit; |
1291 |
const u16 perm = ptr->perm; |
const u16 perm = ptr->perm; |
1292 |
for (bit = head->read_bit; bit < CCS_MAX_PATH_NUMBER3_OPERATION; |
for (bit = head->read_bit; bit < CCS_MAX_MKDEV_OPERATION; |
1293 |
bit++) { |
bit++) { |
1294 |
if (!(perm & (1 << bit))) |
if (!(perm & (1 << bit))) |
1295 |
continue; |
continue; |
1296 |
pos = head->read_avail; |
pos = head->read_avail; |
1297 |
if (!ccs_io_printf(head, "allow_%s", |
if (!ccs_io_printf(head, "allow_%s", ccs_mkdev_keyword[bit]) || |
|
ccs_path_number32keyword(bit)) || |
|
1298 |
!ccs_print_name_union(head, &ptr->name) || |
!ccs_print_name_union(head, &ptr->name) || |
1299 |
!ccs_print_number_union(head, &ptr->mode) || |
!ccs_print_number_union(head, &ptr->mode) || |
1300 |
!ccs_print_number_union(head, &ptr->major) || |
!ccs_print_number_union(head, &ptr->major) || |
1327 |
if (!(perm & (1 << bit))) |
if (!(perm & (1 << bit))) |
1328 |
continue; |
continue; |
1329 |
pos = head->read_avail; |
pos = head->read_avail; |
1330 |
if (!ccs_io_printf(head, "allow_%s", |
if (!ccs_io_printf(head, "allow_%s", ccs_path2_keyword[bit]) || |
|
ccs_path22keyword(bit)) || |
|
1331 |
!ccs_print_name_union(head, &ptr->name1) || |
!ccs_print_name_union(head, &ptr->name1) || |
1332 |
!ccs_print_name_union(head, &ptr->name2) || |
!ccs_print_name_union(head, &ptr->name2) || |
1333 |
!ccs_print_condition(head, ptr->head.cond)) { |
!ccs_print_condition(head, ptr->head.cond)) { |
1360 |
continue; |
continue; |
1361 |
pos = head->read_avail; |
pos = head->read_avail; |
1362 |
if (!ccs_io_printf(head, "allow_%s", |
if (!ccs_io_printf(head, "allow_%s", |
1363 |
ccs_path_number2keyword(bit)) || |
ccs_path_number_keyword[bit]) || |
1364 |
!ccs_print_name_union(head, &ptr->name) || |
!ccs_print_name_union(head, &ptr->name) || |
1365 |
!ccs_print_number_union(head, &ptr->number) || |
!ccs_print_number_union(head, &ptr->number) || |
1366 |
!ccs_print_condition(head, ptr->head.cond)) { |
!ccs_print_condition(head, ptr->head.cond)) { |
1451 |
break; |
break; |
1452 |
} |
} |
1453 |
if (!ccs_io_printf(head, CCS_KEYWORD_ALLOW_NETWORK "%s %s%s", |
if (!ccs_io_printf(head, CCS_KEYWORD_ALLOW_NETWORK "%s %s%s", |
1454 |
ccs_net2keyword(bit), w[0], w[1]) || |
ccs_net_keyword[bit], w[0], w[1]) || |
1455 |
!ccs_print_number_union(head, &ptr->port) || |
!ccs_print_number_union(head, &ptr->port) || |
1456 |
!ccs_print_condition(head, ptr->head.cond)) |
!ccs_print_condition(head, ptr->head.cond)) |
1457 |
goto out; |
goto out; |
1561 |
} |
} |
1562 |
if (head->read_execute_only) |
if (head->read_execute_only) |
1563 |
return true; |
return true; |
1564 |
if (acl_type == CCS_TYPE_PATH_NUMBER3_ACL) { |
if (acl_type == CCS_TYPE_MKDEV_ACL) { |
1565 |
struct ccs_path_number3_acl *acl |
struct ccs_mkdev_acl *acl |
1566 |
= container_of(ptr, typeof(*acl), head); |
= container_of(ptr, typeof(*acl), head); |
1567 |
return ccs_print_path_number3_acl(head, acl); |
return ccs_print_mkdev_acl(head, acl); |
1568 |
} |
} |
1569 |
if (acl_type == CCS_TYPE_PATH2_ACL) { |
if (acl_type == CCS_TYPE_PATH2_ACL) { |
1570 |
struct ccs_path2_acl *acl |
struct ccs_path2_acl *acl |
1823 |
} |
} |
1824 |
|
|
1825 |
static const char *ccs_transition_type[CCS_MAX_TRANSITION_TYPE] = { |
static const char *ccs_transition_type[CCS_MAX_TRANSITION_TYPE] = { |
|
[CCS_TRANSITION_CONTROL_INITIALIZE] = CCS_KEYWORD_INITIALIZE_DOMAIN, |
|
1826 |
[CCS_TRANSITION_CONTROL_NO_INITIALIZE] |
[CCS_TRANSITION_CONTROL_NO_INITIALIZE] |
1827 |
= CCS_KEYWORD_NO_INITIALIZE_DOMAIN, |
= CCS_KEYWORD_NO_INITIALIZE_DOMAIN, |
1828 |
[CCS_TRANSITION_CONTROL_KEEP] = CCS_KEYWORD_KEEP_DOMAIN, |
[CCS_TRANSITION_CONTROL_INITIALIZE] = CCS_KEYWORD_INITIALIZE_DOMAIN, |
1829 |
[CCS_TRANSITION_CONTROL_NO_KEEP] = CCS_KEYWORD_NO_KEEP_DOMAIN |
[CCS_TRANSITION_CONTROL_NO_KEEP] = CCS_KEYWORD_NO_KEEP_DOMAIN, |
1830 |
|
[CCS_TRANSITION_CONTROL_KEEP] = CCS_KEYWORD_KEEP_DOMAIN |
1831 |
}; |
}; |
1832 |
|
|
1833 |
static const char *ccs_group_name[CCS_MAX_GROUP] = { |
static const char *ccs_group_name[CCS_MAX_GROUP] = { |