オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/branches/ccs-patch/security/ccsecurity/policy_io.c

Diff of /branches/ccs-patch/security/ccsecurity/policy_io.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 3534 by kumaneko, Thu Mar 25 06:16:09 2010 UTC revision 3535 by kumaneko, Thu Mar 25 08:53:03 2010 UTC
# Line 292  static struct ccs_profile *ccs_find_or_a Line 292  static struct ccs_profile *ccs_find_or_a
292  static void ccs_check_profile(void)  static void ccs_check_profile(void)
293  {  {
294          struct ccs_domain_info *domain;          struct ccs_domain_info *domain;
295            const int idx = ccs_read_lock();
296          ccs_policy_loaded = true;          ccs_policy_loaded = true;
297          list_for_each_entry_rcu(domain, &ccs_domain_list, list) {          list_for_each_entry_rcu(domain, &ccs_domain_list, list) {
298                  const u8 profile = domain->profile;                  const u8 profile = domain->profile;
# Line 300  static void ccs_check_profile(void) Line 301  static void ccs_check_profile(void)
301                  panic("Profile %u (used by '%s') not defined.\n",                  panic("Profile %u (used by '%s') not defined.\n",
302                        profile, domain->domainname->name);                        profile, domain->domainname->name);
303          }          }
304            ccs_read_unlock(idx);
305          if (ccs_profile_version != 20090903)          if (ccs_profile_version != 20090903)
306                  panic("Profile version %u is not supported.\n",                  panic("Profile version %u is not supported.\n",
307                        ccs_profile_version);                        ccs_profile_version);
# Line 2677  int ccs_write_control(struct file *file, Line 2679  int ccs_write_control(struct file *file,
2679                  return -ENOSYS;                  return -ENOSYS;
2680          if (!access_ok(VERIFY_READ, buffer, buffer_len))          if (!access_ok(VERIFY_READ, buffer, buffer_len))
2681                  return -EFAULT;                  return -EFAULT;
2682            if (mutex_lock_interruptible(&head->io_sem))
2683                    return -EINTR;
2684            idx = ccs_read_lock();
2685          /* Don't allow updating policies by non manager programs. */          /* Don't allow updating policies by non manager programs. */
2686          if (head->write != ccs_write_pid &&          if (head->write != ccs_write_pid &&
2687              head->write != ccs_write_domain_policy &&              head->write != ccs_write_domain_policy &&
2688              !ccs_is_policy_manager())              !ccs_is_policy_manager()) {
2689                    ccs_read_unlock(idx);
2690                  return -EPERM;                  return -EPERM;
2691          if (mutex_lock_interruptible(&head->io_sem))          }
                 return -EINTR;  
         idx = ccs_read_lock();  
2692          /* Read a line and dispatch it to the policy handler. */          /* Read a line and dispatch it to the policy handler. */
2693          while (avail_len > 0) {          while (avail_len > 0) {
2694                  char c;                  char c;
Legend:
Removed from v.3534  
changed lines
  Added in v.3535
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ