オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.7.x/ccs-patch/security/ccsecurity/domain.c

Diff of /trunk/1.7.x/ccs-patch/security/ccsecurity/domain.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 2944 by kumaneko, Mon Aug 24 05:00:52 2009 UTC revision 2951 by kumaneko, Tue Aug 25 04:26:20 2009 UTC
# Line 144  bool ccs_read_domain_initializer_policy( Line 144  bool ccs_read_domain_initializer_policy(
144  {  {
145          struct list_head *pos;          struct list_head *pos;
146          bool done = true;          bool done = true;
         ccs_assert_read_lock();  
147          list_for_each_cookie(pos, head->read_var2,          list_for_each_cookie(pos, head->read_var2,
148                               &ccs_domain_initializer_list) {                               &ccs_domain_initializer_list) {
149                  const char *no;                  const char *no;
# Line 209  static bool ccs_is_domain_initializer(co Line 208  static bool ccs_is_domain_initializer(co
208  {  {
209          struct ccs_domain_initializer_entry *ptr;          struct ccs_domain_initializer_entry *ptr;
210          bool flag = false;          bool flag = false;
         ccs_assert_read_lock();  
211          list_for_each_entry_rcu(ptr, &ccs_domain_initializer_list, list) {          list_for_each_entry_rcu(ptr, &ccs_domain_initializer_list, list) {
212                  if (ptr->is_deleted)                  if (ptr->is_deleted)
213                          continue;                          continue;
# Line 327  bool ccs_read_domain_keeper_policy(struc Line 325  bool ccs_read_domain_keeper_policy(struc
325  {  {
326          struct list_head *pos;          struct list_head *pos;
327          bool done = true;          bool done = true;
         ccs_assert_read_lock();  
328          list_for_each_cookie(pos, head->read_var2,          list_for_each_cookie(pos, head->read_var2,
329                               &ccs_domain_keeper_list) {                               &ccs_domain_keeper_list) {
330                  struct ccs_domain_keeper_entry *ptr;                  struct ccs_domain_keeper_entry *ptr;
# Line 369  static bool ccs_is_domain_keeper(const s Line 366  static bool ccs_is_domain_keeper(const s
366  {  {
367          struct ccs_domain_keeper_entry *ptr;          struct ccs_domain_keeper_entry *ptr;
368          bool flag = false;          bool flag = false;
         ccs_assert_read_lock();  
369          list_for_each_entry_rcu(ptr, &ccs_domain_keeper_list, list) {          list_for_each_entry_rcu(ptr, &ccs_domain_keeper_list, list) {
370                  if (ptr->is_deleted)                  if (ptr->is_deleted)
371                          continue;                          continue;
# Line 455  bool ccs_read_aggregator_policy(struct c Line 451  bool ccs_read_aggregator_policy(struct c
451  {  {
452          struct list_head *pos;          struct list_head *pos;
453          bool done = true;          bool done = true;
         ccs_assert_read_lock();  
454          list_for_each_cookie(pos, head->read_var2, &ccs_aggregator_list) {          list_for_each_cookie(pos, head->read_var2, &ccs_aggregator_list) {
455                  struct ccs_aggregator_entry *ptr;                  struct ccs_aggregator_entry *ptr;
456                  ptr = list_entry(pos, struct ccs_aggregator_entry, list);                  ptr = list_entry(pos, struct ccs_aggregator_entry, list);
# Line 584  static int ccs_find_next_domain(struct c Line 579  static int ccs_find_next_domain(struct c
579          struct ccs_path_info ln; /* last name */          struct ccs_path_info ln; /* last name */
580          int retval;          int retval;
581          bool need_kfree = false;          bool need_kfree = false;
         ccs_assert_read_lock();  
582          ln.name = ccs_last_word(old_domain_name);          ln.name = ccs_last_word(old_domain_name);
583          ccs_fill_path_info(&ln);          ccs_fill_path_info(&ln);
584   retry:   retry:
# Line 1146  static bool ccs_find_execute_handler(str Line 1140  static bool ccs_find_execute_handler(str
1140          const struct ccs_domain_info *domain = ccs_current_domain();          const struct ccs_domain_info *domain = ccs_current_domain();
1141          struct ccs_acl_info *ptr;          struct ccs_acl_info *ptr;
1142          bool found = false;          bool found = false;
         ccs_assert_read_lock();  
1143          /*          /*
1144           * Don't use execute handler if the current process is           * Don't use execute handler if the current process is
1145           * marked as execute handler to avoid infinite execute handler loop.           * marked as execute handler to avoid infinite execute handler loop.
# Line 1297  void ccs_finish_execve(int retval) Line 1290  void ccs_finish_execve(int retval)
1290  {  {
1291          struct task_struct *task = current;          struct task_struct *task = current;
1292          struct ccs_execve_entry *ee = ccs_find_execve_entry();          struct ccs_execve_entry *ee = ccs_find_execve_entry();
         ccs_assert_read_lock();  
1293          task->ccs_flags &= ~CCS_CHECK_READ_FOR_OPEN_EXEC;          task->ccs_flags &= ~CCS_CHECK_READ_FOR_OPEN_EXEC;
1294          if (!ee)          if (!ee)
1295                  return;                  return;
Legend:
Removed from v.2944  
changed lines
  Added in v.2951
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ