3 |
* |
* |
4 |
* Copyright (C) 2005-2010 NTT DATA CORPORATION |
* Copyright (C) 2005-2010 NTT DATA CORPORATION |
5 |
* |
* |
6 |
* Version: 1.8.0-pre 2010/09/01 |
* Version: 1.8.0-pre 2010/10/05 |
7 |
* |
* |
8 |
* This file is applicable to both 2.4.30 and 2.6.11 and later. |
* This file is applicable to both 2.4.30 and 2.6.11 and later. |
9 |
* See README.ccs for ChangeLog. |
* See README.ccs for ChangeLog. |
459 |
if (in_repetition) |
if (in_repetition) |
460 |
goto out; |
goto out; |
461 |
return true; |
return true; |
462 |
out: |
out: |
463 |
return false; |
return false; |
464 |
} |
} |
465 |
|
|
516 |
domainname = cp + 1; |
domainname = cp + 1; |
517 |
} |
} |
518 |
return ccs_correct_path(domainname); |
return ccs_correct_path(domainname); |
519 |
out: |
out: |
520 |
return false; |
return false; |
521 |
} |
} |
522 |
|
|
547 |
struct ccs_path_info name; |
struct ccs_path_info name; |
548 |
name.name = domainname; |
name.name = domainname; |
549 |
ccs_fill_path_info(&name); |
ccs_fill_path_info(&name); |
550 |
list_for_each_entry_rcu(domain, &ccs_domain_list, list) { |
list_for_each_entry_srcu(domain, &ccs_domain_list, list, &ccs_ss) { |
551 |
if (!domain->is_deleted && |
if (!domain->is_deleted && |
552 |
!ccs_pathcmp(&name, domain->domainname)) |
!ccs_pathcmp(&name, domain->domainname)) |
553 |
return domain; |
return domain; |
808 |
(*(p + 1) == '*' || *(p + 1) == '@')) |
(*(p + 1) == '*' || *(p + 1) == '@')) |
809 |
p += 2; |
p += 2; |
810 |
return !*f && !*p; |
return !*f && !*p; |
811 |
recursive: |
recursive: |
812 |
/* |
/* |
813 |
* The "\{" pattern is permitted only after '/' character. |
* The "\{" pattern is permitted only after '/' character. |
814 |
* This guarantees that below "*(p - 1)" is safe. |
* This guarantees that below "*(p - 1)" is safe. |
925 |
u8 ccs_get_config(const u8 profile, const u8 index) |
u8 ccs_get_config(const u8 profile, const u8 index) |
926 |
{ |
{ |
927 |
u8 config; |
u8 config; |
928 |
const struct ccs_profile *p; |
const struct ccs_profile *p; |
929 |
if (!ccs_policy_loaded) |
if (!ccs_policy_loaded) |
930 |
return CCS_CONFIG_DISABLED; |
return CCS_CONFIG_DISABLED; |
931 |
p = ccs_profile(profile); |
p = ccs_profile(profile); |
971 |
} |
} |
972 |
|
|
973 |
/** |
/** |
|
* ccs_last_word - Get last component of a domainname. |
|
|
* |
|
|
* @name: Domainname to check. |
|
|
* |
|
|
* Returns the last word of @name. |
|
|
*/ |
|
|
const char *ccs_last_word(const char *name) |
|
|
{ |
|
|
const char *cp = strrchr(name, ' '); |
|
|
if (cp) |
|
|
return cp + 1; |
|
|
return name; |
|
|
} |
|
|
|
|
|
/** |
|
|
* ccs_warn_log - Print warning or error message on console. |
|
|
* |
|
|
* @r: Pointer to "struct ccs_request_info". |
|
|
* @fmt: The printf()'s format string, followed by parameters. |
|
|
*/ |
|
|
void ccs_warn_log(struct ccs_request_info *r, const char *fmt, ...) |
|
|
{ |
|
|
va_list args; |
|
|
char *buffer; |
|
|
char *cp; |
|
|
const struct ccs_domain_info * const domain = ccs_current_domain(); |
|
|
switch (r->mode) { |
|
|
case CCS_CONFIG_ENFORCING: |
|
|
if (!ccs_preference.enforcing_verbose) |
|
|
return; |
|
|
break; |
|
|
case CCS_CONFIG_PERMISSIVE: |
|
|
if (!ccs_preference.permissive_verbose) |
|
|
return; |
|
|
break; |
|
|
case CCS_CONFIG_LEARNING: |
|
|
if (!ccs_preference.learning_verbose) |
|
|
return; |
|
|
break; |
|
|
} |
|
|
buffer = kmalloc(4096, CCS_GFP_FLAGS); |
|
|
if (!buffer) |
|
|
return; |
|
|
va_start(args, fmt); |
|
|
vsnprintf(buffer, 4095, fmt, args); |
|
|
va_end(args); |
|
|
buffer[4095] = '\0'; |
|
|
cp = strchr(buffer, '\n'); |
|
|
if (cp) |
|
|
*cp = '\0'; |
|
|
printk(KERN_WARNING "%s: Access %s denied for %s\n", |
|
|
r->mode == CCS_CONFIG_ENFORCING ? "ERROR" : "WARNING", buffer, |
|
|
ccs_last_word(domain->domainname->name)); |
|
|
kfree(buffer); |
|
|
} |
|
|
|
|
|
/** |
|
974 |
* ccs_domain_quota_ok - Check for domain's quota. |
* ccs_domain_quota_ok - Check for domain's quota. |
975 |
* |
* |
976 |
* @r: Pointer to "struct ccs_request_info". |
* @r: Pointer to "struct ccs_request_info". |
988 |
return false; |
return false; |
989 |
if (!domain) |
if (!domain) |
990 |
return true; |
return true; |
991 |
list_for_each_entry_rcu(ptr, &domain->acl_info_list[0], list) { |
list_for_each_entry_srcu(ptr, &domain->acl_info_list[0], list, |
992 |
|
&ccs_ss) { |
993 |
u16 perm; |
u16 perm; |
994 |
u8 i; |
u8 i; |
995 |
if (ptr->is_deleted) |
if (ptr->is_deleted) |
1026 |
if (perm & (1 << i)) |
if (perm & (1 << i)) |
1027 |
count++; |
count++; |
1028 |
} |
} |
1029 |
if (count < ccs_preference.learning_max_entry) |
if (count < ccs_profile(r->profile)->pref[CCS_PREF_MAX_LEARNING_ENTRY]) |
1030 |
return true; |
return true; |
1031 |
if (!domain->flags[CCS_DIF_QUOTA_WARNED]) { |
if (!domain->flags[CCS_DIF_QUOTA_WARNED]) { |
1032 |
domain->flags[CCS_DIF_QUOTA_WARNED] = true; |
domain->flags[CCS_DIF_QUOTA_WARNED] = true; |