| 941 |
/** |
/** |
| 942 |
* ccs_find_next_domain - Find a domain. |
* ccs_find_next_domain - Find a domain. |
| 943 |
* |
* |
| 944 |
* @ee: Pointer to "struct ccs_request_info". |
* @ee: Pointer to "struct ccs_execve_entry". |
| 945 |
* |
* |
| 946 |
* Returns 0 on success, negative value otherwise. |
* Returns 0 on success, negative value otherwise. |
| 947 |
*/ |
*/ |
| 952 |
struct domain_info *domain = NULL; |
struct domain_info *domain = NULL; |
| 953 |
const char *old_domain_name = r->domain->domainname->name; |
const char *old_domain_name = r->domain->domainname->name; |
| 954 |
struct linux_binprm *bprm = ee->bprm; |
struct linux_binprm *bprm = ee->bprm; |
|
const char *original_name = bprm->filename; |
|
| 955 |
const u8 mode = r->mode; |
const u8 mode = r->mode; |
| 956 |
const bool is_enforce = (mode == 3); |
const bool is_enforce = (mode == 3); |
| 957 |
const u32 tomoyo_flags = current->tomoyo_flags; |
const u32 tomoyo_flags = current->tomoyo_flags; |
| 981 |
retry: |
retry: |
| 982 |
current->tomoyo_flags = tomoyo_flags; |
current->tomoyo_flags = tomoyo_flags; |
| 983 |
r->cond = NULL; |
r->cond = NULL; |
| 984 |
/* Get ccs_realpath of program and symbolic link. */ |
/* Get realpath of program and symbolic link. */ |
| 985 |
retval = -ENOENT; /* I hope ccs_realpath() won't fail with -ENOMEM. */ |
retval = ccs_realpath_both(bprm->filename, ee); |
| 986 |
if (!ccs_realpath_both(original_name, ee)) |
if (retval < 0) |
| 987 |
goto out; |
goto out; |
| 988 |
|
|
| 989 |
rn.name = ee->program_path; |
rn.name = ee->program_path; |
| 1206 |
/** |
/** |
| 1207 |
* ccs_unescape - Unescape escaped string. |
* ccs_unescape - Unescape escaped string. |
| 1208 |
* |
* |
| 1209 |
* @dest: String to ccs_unescape. |
* @dest: String to unescape. |
| 1210 |
* |
* |
| 1211 |
* Returns nothing. |
* Returns nothing. |
| 1212 |
*/ |
*/ |
| 1386 |
/** |
/** |
| 1387 |
* ccs_try_alt_exec - Try to start execute handler. |
* ccs_try_alt_exec - Try to start execute handler. |
| 1388 |
* |
* |
| 1389 |
* @ee: Pointer to "struct ccs_execve_entry". |
* @ee: Pointer to "struct ccs_execve_entry". |
| 1390 |
* |
* |
| 1391 |
* Returns 0 on success, negative value otherwise. |
* Returns 0 on success, negative value otherwise. |
| 1392 |
*/ |
*/ |
| 1469 |
|
|
| 1470 |
/* Set argv[4] */ |
/* Set argv[4] */ |
| 1471 |
{ |
{ |
| 1472 |
retval = copy_strings_kernel(1, (char **) &bprm->filename, |
retval = copy_strings_kernel(1, &bprm->filename, bprm); |
|
bprm); |
|
| 1473 |
if (retval < 0) |
if (retval < 0) |
| 1474 |
goto out; |
goto out; |
| 1475 |
bprm->argc++; |
bprm->argc++; |
| 1564 |
retval = prepare_binprm(bprm); |
retval = prepare_binprm(bprm); |
| 1565 |
if (retval < 0) |
if (retval < 0) |
| 1566 |
goto out; |
goto out; |
| 1567 |
/* |
{ |
| 1568 |
* Backup ee->propgram_path for ccs_find_next_domain(). |
/* Backup ee->program_path for ccs_find_next_domain(). */ |
| 1569 |
* ee->program_path will be overwritten by ccs_find_next_domain(). |
const int len = strlen(ee->program_path) + 1; |
| 1570 |
* But ee->tmp won't be overwritten by ccs_find_next_domain() |
char *cp = kmalloc(len, GFP_KERNEL); |
| 1571 |
* because ee->handler != NULL. |
if (!cp) { |
| 1572 |
*/ |
retval = -ENOMEM; |
| 1573 |
strncpy(ee->tmp, ee->program_path, CCS_EXEC_TMPSIZE - 1); |
goto out; |
| 1574 |
task->tomoyo_flags |= CCS_DONT_SLEEP_ON_ENFORCE_ERROR; |
} |
| 1575 |
retval = ccs_find_next_domain(ee); |
memmove(cp, ee->program_path, len); |
| 1576 |
task->tomoyo_flags &= ~CCS_DONT_SLEEP_ON_ENFORCE_ERROR; |
task->tomoyo_flags |= CCS_DONT_SLEEP_ON_ENFORCE_ERROR; |
| 1577 |
/* |
retval = ccs_find_next_domain(ee); |
| 1578 |
* Restore ee->program_path for search_binary_handler(). |
task->tomoyo_flags &= ~CCS_DONT_SLEEP_ON_ENFORCE_ERROR; |
| 1579 |
*/ |
/* Restore ee->program_path for search_binary_handler(). */ |
| 1580 |
strncpy(ee->program_path, ee->tmp, CCS_MAX_PATHNAME_LEN - 1); |
memmove(ee->program_path, cp, len); |
| 1581 |
|
kfree(cp); |
| 1582 |
|
} |
| 1583 |
out: |
out: |
| 1584 |
return retval; |
return retval; |
| 1585 |
} |
} |
| 1590 |
* @ee: Pointer to "struct ccs_execve_entry". |
* @ee: Pointer to "struct ccs_execve_entry". |
| 1591 |
* @type: Type of execute handler. |
* @type: Type of execute handler. |
| 1592 |
* |
* |
| 1593 |
* Returns bool if found, false otherwise. |
* Returns true if found, false otherwise. |
| 1594 |
*/ |
*/ |
| 1595 |
static bool ccs_find_execute_handler(struct ccs_execve_entry *ee, |
static bool ccs_find_execute_handler(struct ccs_execve_entry *ee, |
| 1596 |
const u8 type) |
const u8 type) |
TOMOYO
Parent Directory
Revision Log
Patch