オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.6.x/ccs-patch/fs/tomoyo_network.c

Diff of /trunk/1.6.x/ccs-patch/fs/tomoyo_network.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 596 by kumaneko, Thu Oct 18 12:40:26 2007 UTC revision 621 by kumaneko, Sat Oct 27 08:11:13 2007 UTC
# Line 24  extern struct semaphore domain_acl_lock; Line 24  extern struct semaphore domain_acl_lock;
24    
25  /*************************  AUDIT FUNCTIONS  *************************/  /*************************  AUDIT FUNCTIONS  *************************/
26    
27  static int AuditNetworkLog(const u8 is_ipv6, const char *operation, const u32 *address, const u16 port, const u8 is_granted)  static int AuditNetworkLog(const bool is_ipv6, const char *operation, const u32 *address, const u16 port, const bool is_granted)
28  {  {
29          char *buf;          char *buf;
30          int len = 256;          int len = 256;
# Line 45  static int AuditNetworkLog(const u8 is_i Line 45  static int AuditNetworkLog(const u8 is_i
45    
46  static struct address_group_entry *group_list = NULL;  static struct address_group_entry *group_list = NULL;
47    
48  static int AddAddressGroupEntry(const char *group_name, const u8 is_ipv6, const u16 *min_address, const u16 *max_address, const u8 is_delete)  static int AddAddressGroupEntry(const char *group_name, const bool is_ipv6, const u16 *min_address, const u16 *max_address, const bool is_delete)
49  {  {
50          static DECLARE_MUTEX(lock);          static DECLARE_MUTEX(lock);
51          struct address_group_entry *new_group, *group;          struct address_group_entry *new_group, *group;
# Line 106  static int AddAddressGroupEntry(const ch Line 106  static int AddAddressGroupEntry(const ch
106          return error;          return error;
107  }  }
108    
109  int AddAddressGroupPolicy(char *data, const u8 is_delete)  int AddAddressGroupPolicy(char *data, const bool is_delete)
110  {  {
111          int count, is_ipv6;          int count, is_ipv6;
112          u16 min_address[8], max_address[8];          u16 min_address[8], max_address[8];
# Line 156  static struct address_group_entry *FindO Line 156  static struct address_group_entry *FindO
156          return NULL;          return NULL;
157  }  }
158    
159  static int AddressMatchesToGroup(const u8 is_ipv6, const u32 *address, const struct address_group_entry *group)  static int AddressMatchesToGroup(const bool is_ipv6, const u32 *address, const struct address_group_entry *group)
160  {  {
161          struct address_group_member *member;          struct address_group_member *member;
162          const u32 ip = ntohl(*address);          const u32 ip = ntohl(*address);
# Line 252  const char *network2keyword(const unsign Line 252  const char *network2keyword(const unsign
252          return keyword;          return keyword;
253  }  }
254    
255  static int AddNetworkEntry(const u8 operation, const u8 record_type, const struct address_group_entry *group, const u32 *min_address, const u32 *max_address, const u16 min_port, const u16 max_port, struct domain_info *domain, const struct condition_list *condition, const u8 is_delete)  static int AddNetworkEntry(const u8 operation, const u8 record_type, const struct address_group_entry *group, const u32 *min_address, const u32 *max_address, const u16 min_port, const u16 max_port, struct domain_info *domain, const struct condition_list *condition, const bool is_delete)
256  {  {
257          struct acl_info *ptr;          struct acl_info *ptr;
258          int error = -ENOMEM;          int error = -ENOMEM;
# Line 332  static int AddNetworkEntry(const u8 oper Line 332  static int AddNetworkEntry(const u8 oper
332          return error;          return error;
333  }  }
334    
335  static int CheckNetworkEntry(const u8 is_ipv6, const int operation, const u32 *address, const u16 port)  static int CheckNetworkEntry(const bool is_ipv6, const int operation, const u32 *address, const u16 port)
336  {  {
337          struct domain_info * const domain = current->domain_info;          struct domain_info * const domain = current->domain_info;
338          struct acl_info *ptr;          struct acl_info *ptr;
339          const char *keyword = network2keyword(operation);          const char *keyword = network2keyword(operation);
340          const u8 is_enforce = CheckCCSEnforce(CCS_TOMOYO_MAC_FOR_NETWORK);          const bool is_enforce = CheckCCSEnforce(CCS_TOMOYO_MAC_FOR_NETWORK);
341          const u32 ip = ntohl(*address); /* using host byte order to allow u32 comparison than memcmp().*/          const u32 ip = ntohl(*address); /* using host byte order to allow u32 comparison than memcmp().*/
342          if (!CheckCCSFlags(CCS_TOMOYO_MAC_FOR_NETWORK)) return 0;          if (!CheckCCSFlags(CCS_TOMOYO_MAC_FOR_NETWORK)) return 0;
343          for (ptr = domain->first_acl_ptr; ptr; ptr = ptr->next) {          for (ptr = domain->first_acl_ptr; ptr; ptr = ptr->next) {
# Line 377  static int CheckNetworkEntry(const u8 is Line 377  static int CheckNetworkEntry(const u8 is
377          return 0;          return 0;
378  }  }
379    
380  int AddNetworkPolicy(char *data, struct domain_info *domain, const struct condition_list *condition, const u8 is_delete)  int AddNetworkPolicy(char *data, struct domain_info *domain, const struct condition_list *condition, const bool is_delete)
381  {  {
382          u8 sock_type, operation, record_type;          u8 sock_type, operation, record_type;
383          u16 min_address[8], max_address[8];          u16 min_address[8], max_address[8];
Legend:
Removed from v.596  
changed lines
  Added in v.621
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ