| 3 |
* |
* |
| 4 |
* Copyright (C) 2005-2010 NTT DATA CORPORATION |
* Copyright (C) 2005-2010 NTT DATA CORPORATION |
| 5 |
* |
* |
| 6 |
* Version: 1.8.0-pre 2010/09/01 |
* Version: 1.8.0-pre 2010/10/05 |
| 7 |
* |
* |
| 8 |
* This file is applicable to both 2.4.30 and 2.6.11 and later. |
* This file is applicable to both 2.4.30 and 2.6.11 and later. |
| 9 |
* See README.ccs for ChangeLog. |
* See README.ccs for ChangeLog. |
| 459 |
if (in_repetition) |
if (in_repetition) |
| 460 |
goto out; |
goto out; |
| 461 |
return true; |
return true; |
| 462 |
out: |
out: |
| 463 |
return false; |
return false; |
| 464 |
} |
} |
| 465 |
|
|
| 516 |
domainname = cp + 1; |
domainname = cp + 1; |
| 517 |
} |
} |
| 518 |
return ccs_correct_path(domainname); |
return ccs_correct_path(domainname); |
| 519 |
out: |
out: |
| 520 |
return false; |
return false; |
| 521 |
} |
} |
| 522 |
|
|
| 547 |
struct ccs_path_info name; |
struct ccs_path_info name; |
| 548 |
name.name = domainname; |
name.name = domainname; |
| 549 |
ccs_fill_path_info(&name); |
ccs_fill_path_info(&name); |
| 550 |
list_for_each_entry_rcu(domain, &ccs_domain_list, list) { |
list_for_each_entry_srcu(domain, &ccs_domain_list, list, &ccs_ss) { |
| 551 |
if (!domain->is_deleted && |
if (!domain->is_deleted && |
| 552 |
!ccs_pathcmp(&name, domain->domainname)) |
!ccs_pathcmp(&name, domain->domainname)) |
| 553 |
return domain; |
return domain; |
| 808 |
(*(p + 1) == '*' || *(p + 1) == '@')) |
(*(p + 1) == '*' || *(p + 1) == '@')) |
| 809 |
p += 2; |
p += 2; |
| 810 |
return !*f && !*p; |
return !*f && !*p; |
| 811 |
recursive: |
recursive: |
| 812 |
/* |
/* |
| 813 |
* The "\{" pattern is permitted only after '/' character. |
* The "\{" pattern is permitted only after '/' character. |
| 814 |
* This guarantees that below "*(p - 1)" is safe. |
* This guarantees that below "*(p - 1)" is safe. |
| 925 |
u8 ccs_get_config(const u8 profile, const u8 index) |
u8 ccs_get_config(const u8 profile, const u8 index) |
| 926 |
{ |
{ |
| 927 |
u8 config; |
u8 config; |
| 928 |
const struct ccs_profile *p; |
const struct ccs_profile *p; |
| 929 |
if (!ccs_policy_loaded) |
if (!ccs_policy_loaded) |
| 930 |
return CCS_CONFIG_DISABLED; |
return CCS_CONFIG_DISABLED; |
| 931 |
p = ccs_profile(profile); |
p = ccs_profile(profile); |
| 971 |
} |
} |
| 972 |
|
|
| 973 |
/** |
/** |
|
* ccs_last_word - Get last component of a domainname. |
|
|
* |
|
|
* @name: Domainname to check. |
|
|
* |
|
|
* Returns the last word of @name. |
|
|
*/ |
|
|
const char *ccs_last_word(const char *name) |
|
|
{ |
|
|
const char *cp = strrchr(name, ' '); |
|
|
if (cp) |
|
|
return cp + 1; |
|
|
return name; |
|
|
} |
|
|
|
|
|
/** |
|
|
* ccs_warn_log - Print warning or error message on console. |
|
|
* |
|
|
* @r: Pointer to "struct ccs_request_info". |
|
|
* @fmt: The printf()'s format string, followed by parameters. |
|
|
*/ |
|
|
void ccs_warn_log(struct ccs_request_info *r, const char *fmt, ...) |
|
|
{ |
|
|
va_list args; |
|
|
char *buffer; |
|
|
char *cp; |
|
|
const struct ccs_domain_info * const domain = ccs_current_domain(); |
|
|
switch (r->mode) { |
|
|
case CCS_CONFIG_ENFORCING: |
|
|
if (!ccs_preference.enforcing_verbose) |
|
|
return; |
|
|
break; |
|
|
case CCS_CONFIG_PERMISSIVE: |
|
|
if (!ccs_preference.permissive_verbose) |
|
|
return; |
|
|
break; |
|
|
case CCS_CONFIG_LEARNING: |
|
|
if (!ccs_preference.learning_verbose) |
|
|
return; |
|
|
break; |
|
|
} |
|
|
buffer = kmalloc(4096, CCS_GFP_FLAGS); |
|
|
if (!buffer) |
|
|
return; |
|
|
va_start(args, fmt); |
|
|
vsnprintf(buffer, 4095, fmt, args); |
|
|
va_end(args); |
|
|
buffer[4095] = '\0'; |
|
|
cp = strchr(buffer, '\n'); |
|
|
if (cp) |
|
|
*cp = '\0'; |
|
|
printk(KERN_WARNING "%s: Access %s denied for %s\n", |
|
|
r->mode == CCS_CONFIG_ENFORCING ? "ERROR" : "WARNING", buffer, |
|
|
ccs_last_word(domain->domainname->name)); |
|
|
kfree(buffer); |
|
|
} |
|
|
|
|
|
/** |
|
| 974 |
* ccs_domain_quota_ok - Check for domain's quota. |
* ccs_domain_quota_ok - Check for domain's quota. |
| 975 |
* |
* |
| 976 |
* @r: Pointer to "struct ccs_request_info". |
* @r: Pointer to "struct ccs_request_info". |
| 988 |
return false; |
return false; |
| 989 |
if (!domain) |
if (!domain) |
| 990 |
return true; |
return true; |
| 991 |
list_for_each_entry_rcu(ptr, &domain->acl_info_list[0], list) { |
list_for_each_entry_srcu(ptr, &domain->acl_info_list[0], list, |
| 992 |
|
&ccs_ss) { |
| 993 |
u16 perm; |
u16 perm; |
| 994 |
u8 i; |
u8 i; |
| 995 |
if (ptr->is_deleted) |
if (ptr->is_deleted) |
| 1026 |
if (perm & (1 << i)) |
if (perm & (1 << i)) |
| 1027 |
count++; |
count++; |
| 1028 |
} |
} |
| 1029 |
if (count < ccs_preference.learning_max_entry) |
if (count < ccs_profile(r->profile)->pref[CCS_PREF_MAX_LEARNING_ENTRY]) |
| 1030 |
return true; |
return true; |
| 1031 |
if (!domain->flags[CCS_DIF_QUOTA_WARNED]) { |
if (!domain->flags[CCS_DIF_QUOTA_WARNED]) { |
| 1032 |
domain->flags[CCS_DIF_QUOTA_WARNED] = true; |
domain->flags[CCS_DIF_QUOTA_WARNED] = true; |
TOMOYO
Parent Directory
Revision Log
Patch