38 |
#ifdef CONFIG_TOMOYO |
#ifdef CONFIG_TOMOYO |
39 |
|
|
40 |
/* Domain creation lock. */ |
/* Domain creation lock. */ |
41 |
static DEFINE_MUTEX(new_domain_assign_lock); |
static DEFINE_MUTEX(domain_list_lock); |
42 |
|
|
43 |
/* Structure for "initialize_domain" and "no_initialize_domain" keyword. */ |
/* Structure for "initialize_domain" and "no_initialize_domain" keyword. */ |
44 |
struct domain_initializer_entry { |
struct domain_initializer_entry { |
88 |
void ccs_set_domain_flag(struct domain_info *domain, const bool is_delete, |
void ccs_set_domain_flag(struct domain_info *domain, const bool is_delete, |
89 |
const u8 flags) |
const u8 flags) |
90 |
{ |
{ |
91 |
mutex_lock(&new_domain_assign_lock); |
/* We need to serialize because this is bitfield operation. */ |
92 |
|
static DEFINE_SPINLOCK(lock); |
93 |
|
/***** CRITICAL SECTION START *****/ |
94 |
|
spin_lock(&lock); |
95 |
if (!is_delete) |
if (!is_delete) |
96 |
domain->flags |= flags; |
domain->flags |= flags; |
97 |
else |
else |
98 |
domain->flags &= ~flags; |
domain->flags &= ~flags; |
99 |
mutex_unlock(&new_domain_assign_lock); |
spin_unlock(&lock); |
100 |
|
/***** CRITICAL SECTION END *****/ |
101 |
} |
} |
102 |
|
|
103 |
/** |
/** |
721 |
struct path_info name; |
struct path_info name; |
722 |
name.name = domainname; |
name.name = domainname; |
723 |
ccs_fill_path_info(&name); |
ccs_fill_path_info(&name); |
724 |
mutex_lock(&new_domain_assign_lock); |
mutex_lock(&domain_list_lock); |
725 |
#ifdef DEBUG_DOMAIN_UNDELETE |
#ifdef DEBUG_DOMAIN_UNDELETE |
726 |
printk(KERN_DEBUG "ccs_delete_domain %s\n", domainname); |
printk(KERN_DEBUG "ccs_delete_domain %s\n", domainname); |
727 |
list1_for_each_entry(domain, &domain_list, list) { |
list1_for_each_entry(domain, &domain_list, list) { |
759 |
#endif |
#endif |
760 |
break; |
break; |
761 |
} |
} |
762 |
mutex_unlock(&new_domain_assign_lock); |
mutex_unlock(&domain_list_lock); |
763 |
return 0; |
return 0; |
764 |
} |
} |
765 |
|
|
777 |
struct path_info name; |
struct path_info name; |
778 |
name.name = domainname; |
name.name = domainname; |
779 |
ccs_fill_path_info(&name); |
ccs_fill_path_info(&name); |
780 |
mutex_lock(&new_domain_assign_lock); |
mutex_lock(&domain_list_lock); |
781 |
#ifdef DEBUG_DOMAIN_UNDELETE |
#ifdef DEBUG_DOMAIN_UNDELETE |
782 |
printk(KERN_DEBUG "ccs_undelete_domain %s\n", domainname); |
printk(KERN_DEBUG "ccs_undelete_domain %s\n", domainname); |
783 |
list1_for_each_entry(domain, &domain_list, list) { |
list1_for_each_entry(domain, &domain_list, list) { |
808 |
printk(KERN_DEBUG "%p was undeleted.\n", candidate_domain); |
printk(KERN_DEBUG "%p was undeleted.\n", candidate_domain); |
809 |
#endif |
#endif |
810 |
} |
} |
811 |
mutex_unlock(&new_domain_assign_lock); |
mutex_unlock(&domain_list_lock); |
812 |
return candidate_domain; |
return candidate_domain; |
813 |
} |
} |
814 |
|
|
825 |
{ |
{ |
826 |
struct domain_info *domain = NULL; |
struct domain_info *domain = NULL; |
827 |
const struct path_info *saved_domainname; |
const struct path_info *saved_domainname; |
828 |
mutex_lock(&new_domain_assign_lock); |
mutex_lock(&domain_list_lock); |
829 |
domain = ccs_find_domain(domainname); |
domain = ccs_find_domain(domainname); |
830 |
if (domain) |
if (domain) |
831 |
goto out; |
goto out; |
862 |
list1_for_each_entry(ptr, &domain->acl_info_list, list) { |
list1_for_each_entry(ptr, &domain->acl_info_list, list) { |
863 |
ptr->type |= ACL_DELETED; |
ptr->type |= ACL_DELETED; |
864 |
} |
} |
865 |
/* |
ccs_set_domain_flag(domain, true, domain->flags); |
|
* Don't use ccs_set_domain_flag() because |
|
|
* new_domain_assign_lock is held. |
|
|
*/ |
|
|
domain->flags = 0; |
|
866 |
domain->profile = profile; |
domain->profile = profile; |
867 |
domain->quota_warned = false; |
domain->quota_warned = false; |
868 |
mb(); /* Avoid out-of-order execution. */ |
mb(); /* Avoid out-of-order execution. */ |
878 |
list1_add_tail_mb(&domain->list, &domain_list); |
list1_add_tail_mb(&domain->list, &domain_list); |
879 |
} |
} |
880 |
out: |
out: |
881 |
mutex_unlock(&new_domain_assign_lock); |
mutex_unlock(&domain_list_lock); |
882 |
return domain; |
return domain; |
883 |
} |
} |
884 |
|
|