117 |
static DEFINE_MUTEX(lock); |
static DEFINE_MUTEX(lock); |
118 |
const struct path_info *saved_program, *saved_domainname = NULL; |
const struct path_info *saved_program, *saved_domainname = NULL; |
119 |
int error = -ENOMEM; |
int error = -ENOMEM; |
120 |
bool is_last_name = 0; |
bool is_last_name = false; |
121 |
if (!IsCorrectPath(program, 1, -1, -1, __FUNCTION__)) return -EINVAL; /* No patterns allowed. */ |
if (!IsCorrectPath(program, 1, -1, -1, __FUNCTION__)) return -EINVAL; /* No patterns allowed. */ |
122 |
if (domainname) { |
if (domainname) { |
123 |
if (!IsDomainDef(domainname) && IsCorrectPath(domainname, 1, -1, -1, __FUNCTION__)) { |
if (!IsDomainDef(domainname) && IsCorrectPath(domainname, 1, -1, -1, __FUNCTION__)) { |
124 |
is_last_name = 1; |
is_last_name = true; |
125 |
} else if (!IsCorrectDomain(domainname, __FUNCTION__)) { |
} else if (!IsCorrectDomain(domainname, __FUNCTION__)) { |
126 |
return -EINVAL; |
return -EINVAL; |
127 |
} |
} |
182 |
static bool IsDomainInitializer(const struct path_info *domainname, const struct path_info *program, const struct path_info *last_name) |
static bool IsDomainInitializer(const struct path_info *domainname, const struct path_info *program, const struct path_info *last_name) |
183 |
{ |
{ |
184 |
struct domain_initializer_entry *ptr; |
struct domain_initializer_entry *ptr; |
185 |
bool flag = 0; |
bool flag = false; |
186 |
list1_for_each_entry(ptr, &domain_initializer_list, list) { |
list1_for_each_entry(ptr, &domain_initializer_list, list) { |
187 |
if (ptr->is_deleted) continue; |
if (ptr->is_deleted) continue; |
188 |
if (ptr->domainname) { |
if (ptr->domainname) { |
193 |
} |
} |
194 |
} |
} |
195 |
if (pathcmp(ptr->program, program)) continue; |
if (pathcmp(ptr->program, program)) continue; |
196 |
if (ptr->is_not) return 0; |
if (ptr->is_not) return false; |
197 |
flag = 1; |
flag = true; |
198 |
} |
} |
199 |
return flag; |
return flag; |
200 |
} |
} |
209 |
const struct path_info *saved_domainname, *saved_program = NULL; |
const struct path_info *saved_domainname, *saved_program = NULL; |
210 |
static DEFINE_MUTEX(lock); |
static DEFINE_MUTEX(lock); |
211 |
int error = -ENOMEM; |
int error = -ENOMEM; |
212 |
bool is_last_name = 0; |
bool is_last_name = false; |
213 |
if (!IsDomainDef(domainname) && IsCorrectPath(domainname, 1, -1, -1, __FUNCTION__)) { |
if (!IsDomainDef(domainname) && IsCorrectPath(domainname, 1, -1, -1, __FUNCTION__)) { |
214 |
is_last_name = 1; |
is_last_name = true; |
215 |
} else if (!IsCorrectDomain(domainname, __FUNCTION__)) { |
} else if (!IsCorrectDomain(domainname, __FUNCTION__)) { |
216 |
return -EINVAL; |
return -EINVAL; |
217 |
} |
} |
274 |
static bool IsDomainKeeper(const struct path_info *domainname, const struct path_info *program, const struct path_info *last_name) |
static bool IsDomainKeeper(const struct path_info *domainname, const struct path_info *program, const struct path_info *last_name) |
275 |
{ |
{ |
276 |
struct domain_keeper_entry *ptr; |
struct domain_keeper_entry *ptr; |
277 |
bool flag = 0; |
bool flag = false; |
278 |
list1_for_each_entry(ptr, &domain_keeper_list, list) { |
list1_for_each_entry(ptr, &domain_keeper_list, list) { |
279 |
if (ptr->is_deleted) continue; |
if (ptr->is_deleted) continue; |
280 |
if (!ptr->is_last_name) { |
if (!ptr->is_last_name) { |
283 |
if (pathcmp(ptr->domainname, last_name)) continue; |
if (pathcmp(ptr->domainname, last_name)) continue; |
284 |
} |
} |
285 |
if (ptr->program && pathcmp(ptr->program, program)) continue; |
if (ptr->program && pathcmp(ptr->program, program)) continue; |
286 |
if (ptr->is_not) return 0; |
if (ptr->is_not) return false; |
287 |
flag = 1; |
flag = true; |
288 |
} |
} |
289 |
return flag; |
return flag; |
290 |
} |
} |
492 |
struct acl_info *ptr; |
struct acl_info *ptr; |
493 |
bool flag; |
bool flag; |
494 |
if (!domain->is_deleted || domain->domainname != saved_domainname) continue; |
if (!domain->is_deleted || domain->domainname != saved_domainname) continue; |
495 |
flag = 0; |
flag = false; |
496 |
/***** CRITICAL SECTION START *****/ |
/***** CRITICAL SECTION START *****/ |
497 |
read_lock(&tasklist_lock); |
read_lock(&tasklist_lock); |
498 |
for_each_process(p) { |
for_each_process(p) { |
499 |
if (p->domain_info == domain) { flag = 1; break; } |
if (p->domain_info == domain) { flag = true; break; } |
500 |
} |
} |
501 |
read_unlock(&tasklist_lock); |
read_unlock(&tasklist_lock); |
502 |
/***** CRITICAL SECTION END *****/ |
/***** CRITICAL SECTION END *****/ |
509 |
} |
} |
510 |
domain->flags = 0; |
domain->flags = 0; |
511 |
domain->profile = profile; |
domain->profile = profile; |
512 |
domain->quota_warned = 0; |
domain->quota_warned = false; |
513 |
mb(); /* Avoid out-of-order execution. */ |
mb(); /* Avoid out-of-order execution. */ |
514 |
domain->is_deleted = 0; |
domain->is_deleted = 0; |
515 |
goto out; |
goto out; |
618 |
/* |
/* |
619 |
* Built-in initializers. This is needed because policies are not loaded until starting /sbin/init . |
* Built-in initializers. This is needed because policies are not loaded until starting /sbin/init . |
620 |
*/ |
*/ |
621 |
static bool first = 1; |
static bool first = true; |
622 |
if (first) { |
if (first) { |
623 |
AddDomainInitializerEntry(NULL, "/sbin/hotplug", 0, 0); |
AddDomainInitializerEntry(NULL, "/sbin/hotplug", 0, 0); |
624 |
AddDomainInitializerEntry(NULL, "/sbin/modprobe", 0, 0); |
AddDomainInitializerEntry(NULL, "/sbin/modprobe", 0, 0); |
625 |
first = 0; |
first = false; |
626 |
} |
} |
627 |
} |
} |
628 |
|
|