| 117 |
static DEFINE_MUTEX(lock); |
static DEFINE_MUTEX(lock); |
| 118 |
const struct path_info *saved_program, *saved_domainname = NULL; |
const struct path_info *saved_program, *saved_domainname = NULL; |
| 119 |
int error = -ENOMEM; |
int error = -ENOMEM; |
| 120 |
bool is_last_name = 0; |
bool is_last_name = false; |
| 121 |
if (!IsCorrectPath(program, 1, -1, -1, __FUNCTION__)) return -EINVAL; /* No patterns allowed. */ |
if (!IsCorrectPath(program, 1, -1, -1, __FUNCTION__)) return -EINVAL; /* No patterns allowed. */ |
| 122 |
if (domainname) { |
if (domainname) { |
| 123 |
if (!IsDomainDef(domainname) && IsCorrectPath(domainname, 1, -1, -1, __FUNCTION__)) { |
if (!IsDomainDef(domainname) && IsCorrectPath(domainname, 1, -1, -1, __FUNCTION__)) { |
| 124 |
is_last_name = 1; |
is_last_name = true; |
| 125 |
} else if (!IsCorrectDomain(domainname, __FUNCTION__)) { |
} else if (!IsCorrectDomain(domainname, __FUNCTION__)) { |
| 126 |
return -EINVAL; |
return -EINVAL; |
| 127 |
} |
} |
| 182 |
static bool IsDomainInitializer(const struct path_info *domainname, const struct path_info *program, const struct path_info *last_name) |
static bool IsDomainInitializer(const struct path_info *domainname, const struct path_info *program, const struct path_info *last_name) |
| 183 |
{ |
{ |
| 184 |
struct domain_initializer_entry *ptr; |
struct domain_initializer_entry *ptr; |
| 185 |
bool flag = 0; |
bool flag = false; |
| 186 |
list1_for_each_entry(ptr, &domain_initializer_list, list) { |
list1_for_each_entry(ptr, &domain_initializer_list, list) { |
| 187 |
if (ptr->is_deleted) continue; |
if (ptr->is_deleted) continue; |
| 188 |
if (ptr->domainname) { |
if (ptr->domainname) { |
| 193 |
} |
} |
| 194 |
} |
} |
| 195 |
if (pathcmp(ptr->program, program)) continue; |
if (pathcmp(ptr->program, program)) continue; |
| 196 |
if (ptr->is_not) return 0; |
if (ptr->is_not) return false; |
| 197 |
flag = 1; |
flag = true; |
| 198 |
} |
} |
| 199 |
return flag; |
return flag; |
| 200 |
} |
} |
| 209 |
const struct path_info *saved_domainname, *saved_program = NULL; |
const struct path_info *saved_domainname, *saved_program = NULL; |
| 210 |
static DEFINE_MUTEX(lock); |
static DEFINE_MUTEX(lock); |
| 211 |
int error = -ENOMEM; |
int error = -ENOMEM; |
| 212 |
bool is_last_name = 0; |
bool is_last_name = false; |
| 213 |
if (!IsDomainDef(domainname) && IsCorrectPath(domainname, 1, -1, -1, __FUNCTION__)) { |
if (!IsDomainDef(domainname) && IsCorrectPath(domainname, 1, -1, -1, __FUNCTION__)) { |
| 214 |
is_last_name = 1; |
is_last_name = true; |
| 215 |
} else if (!IsCorrectDomain(domainname, __FUNCTION__)) { |
} else if (!IsCorrectDomain(domainname, __FUNCTION__)) { |
| 216 |
return -EINVAL; |
return -EINVAL; |
| 217 |
} |
} |
| 274 |
static bool IsDomainKeeper(const struct path_info *domainname, const struct path_info *program, const struct path_info *last_name) |
static bool IsDomainKeeper(const struct path_info *domainname, const struct path_info *program, const struct path_info *last_name) |
| 275 |
{ |
{ |
| 276 |
struct domain_keeper_entry *ptr; |
struct domain_keeper_entry *ptr; |
| 277 |
bool flag = 0; |
bool flag = false; |
| 278 |
list1_for_each_entry(ptr, &domain_keeper_list, list) { |
list1_for_each_entry(ptr, &domain_keeper_list, list) { |
| 279 |
if (ptr->is_deleted) continue; |
if (ptr->is_deleted) continue; |
| 280 |
if (!ptr->is_last_name) { |
if (!ptr->is_last_name) { |
| 283 |
if (pathcmp(ptr->domainname, last_name)) continue; |
if (pathcmp(ptr->domainname, last_name)) continue; |
| 284 |
} |
} |
| 285 |
if (ptr->program && pathcmp(ptr->program, program)) continue; |
if (ptr->program && pathcmp(ptr->program, program)) continue; |
| 286 |
if (ptr->is_not) return 0; |
if (ptr->is_not) return false; |
| 287 |
flag = 1; |
flag = true; |
| 288 |
} |
} |
| 289 |
return flag; |
return flag; |
| 290 |
} |
} |
| 492 |
struct acl_info *ptr; |
struct acl_info *ptr; |
| 493 |
bool flag; |
bool flag; |
| 494 |
if (!domain->is_deleted || domain->domainname != saved_domainname) continue; |
if (!domain->is_deleted || domain->domainname != saved_domainname) continue; |
| 495 |
flag = 0; |
flag = false; |
| 496 |
/***** CRITICAL SECTION START *****/ |
/***** CRITICAL SECTION START *****/ |
| 497 |
read_lock(&tasklist_lock); |
read_lock(&tasklist_lock); |
| 498 |
for_each_process(p) { |
for_each_process(p) { |
| 499 |
if (p->domain_info == domain) { flag = 1; break; } |
if (p->domain_info == domain) { flag = true; break; } |
| 500 |
} |
} |
| 501 |
read_unlock(&tasklist_lock); |
read_unlock(&tasklist_lock); |
| 502 |
/***** CRITICAL SECTION END *****/ |
/***** CRITICAL SECTION END *****/ |
| 509 |
} |
} |
| 510 |
domain->flags = 0; |
domain->flags = 0; |
| 511 |
domain->profile = profile; |
domain->profile = profile; |
| 512 |
domain->quota_warned = 0; |
domain->quota_warned = false; |
| 513 |
mb(); /* Avoid out-of-order execution. */ |
mb(); /* Avoid out-of-order execution. */ |
| 514 |
domain->is_deleted = 0; |
domain->is_deleted = 0; |
| 515 |
goto out; |
goto out; |
| 618 |
/* |
/* |
| 619 |
* Built-in initializers. This is needed because policies are not loaded until starting /sbin/init . |
* Built-in initializers. This is needed because policies are not loaded until starting /sbin/init . |
| 620 |
*/ |
*/ |
| 621 |
static bool first = 1; |
static bool first = true; |
| 622 |
if (first) { |
if (first) { |
| 623 |
AddDomainInitializerEntry(NULL, "/sbin/hotplug", 0, 0); |
AddDomainInitializerEntry(NULL, "/sbin/hotplug", 0, 0); |
| 624 |
AddDomainInitializerEntry(NULL, "/sbin/modprobe", 0, 0); |
AddDomainInitializerEntry(NULL, "/sbin/modprobe", 0, 0); |
| 625 |
first = 0; |
first = false; |
| 626 |
} |
} |
| 627 |
} |
} |
| 628 |
|
|
TOMOYO
Parent Directory
Revision Log
Patch