Lines Matching refs:head
213 static bool tomoyo_flush(struct tomoyo_io_buffer *head) in tomoyo_flush() argument
215 while (head->r.w_pos) { in tomoyo_flush()
216 const char *w = head->r.w[0]; in tomoyo_flush()
220 if (len > head->read_user_buf_avail) in tomoyo_flush()
221 len = head->read_user_buf_avail; in tomoyo_flush()
224 if (copy_to_user(head->read_user_buf, w, len)) in tomoyo_flush()
226 head->read_user_buf_avail -= len; in tomoyo_flush()
227 head->read_user_buf += len; in tomoyo_flush()
230 head->r.w[0] = w; in tomoyo_flush()
234 if (head->poll) { in tomoyo_flush()
235 if (!head->read_user_buf_avail || in tomoyo_flush()
236 copy_to_user(head->read_user_buf, "", 1)) in tomoyo_flush()
238 head->read_user_buf_avail--; in tomoyo_flush()
239 head->read_user_buf++; in tomoyo_flush()
241 head->r.w_pos--; in tomoyo_flush()
242 for (len = 0; len < head->r.w_pos; len++) in tomoyo_flush()
243 head->r.w[len] = head->r.w[len + 1]; in tomoyo_flush()
245 head->r.avail = 0; in tomoyo_flush()
259 static void tomoyo_set_string(struct tomoyo_io_buffer *head, const char *string) in tomoyo_set_string() argument
261 if (head->r.w_pos < TOMOYO_MAX_IO_READ_QUEUE) { in tomoyo_set_string()
262 head->r.w[head->r.w_pos++] = string; in tomoyo_set_string()
263 tomoyo_flush(head); in tomoyo_set_string()
268 static void tomoyo_io_printf(struct tomoyo_io_buffer *head, const char *fmt,
277 static void tomoyo_io_printf(struct tomoyo_io_buffer *head, const char *fmt, in tomoyo_io_printf() argument
282 size_t pos = head->r.avail; in tomoyo_io_printf()
283 int size = head->readbuf_size - pos; in tomoyo_io_printf()
288 len = vsnprintf(head->read_buf + pos, size, fmt, args) + 1; in tomoyo_io_printf()
290 if (pos + len >= head->readbuf_size) { in tomoyo_io_printf()
294 head->r.avail += len; in tomoyo_io_printf()
295 tomoyo_set_string(head, head->read_buf + pos); in tomoyo_io_printf()
305 static void tomoyo_set_space(struct tomoyo_io_buffer *head) in tomoyo_set_space() argument
307 tomoyo_set_string(head, " "); in tomoyo_set_space()
317 static bool tomoyo_set_lf(struct tomoyo_io_buffer *head) in tomoyo_set_lf() argument
319 tomoyo_set_string(head, "\n"); in tomoyo_set_lf()
320 return !head->r.w_pos; in tomoyo_set_lf()
330 static void tomoyo_set_slash(struct tomoyo_io_buffer *head) in tomoyo_set_slash() argument
332 tomoyo_set_string(head, "/"); in tomoyo_set_slash()
369 static void tomoyo_print_namespace(struct tomoyo_io_buffer *head) in tomoyo_print_namespace() argument
373 tomoyo_set_string(head, in tomoyo_print_namespace()
374 container_of(head->r.ns, in tomoyo_print_namespace()
377 tomoyo_set_space(head); in tomoyo_print_namespace()
386 static void tomoyo_print_name_union(struct tomoyo_io_buffer *head, in tomoyo_print_name_union() argument
389 tomoyo_set_space(head); in tomoyo_print_name_union()
391 tomoyo_set_string(head, "@"); in tomoyo_print_name_union()
392 tomoyo_set_string(head, ptr->group->group_name->name); in tomoyo_print_name_union()
394 tomoyo_set_string(head, ptr->filename->name); in tomoyo_print_name_union()
406 static void tomoyo_print_name_union_quoted(struct tomoyo_io_buffer *head, in tomoyo_print_name_union_quoted() argument
410 tomoyo_set_string(head, "@"); in tomoyo_print_name_union_quoted()
411 tomoyo_set_string(head, ptr->group->group_name->name); in tomoyo_print_name_union_quoted()
413 tomoyo_set_string(head, "\""); in tomoyo_print_name_union_quoted()
414 tomoyo_set_string(head, ptr->filename->name); in tomoyo_print_name_union_quoted()
415 tomoyo_set_string(head, "\""); in tomoyo_print_name_union_quoted()
428 (struct tomoyo_io_buffer *head, const struct tomoyo_number_union *ptr) in tomoyo_print_number_union_nospace() argument
431 tomoyo_set_string(head, "@"); in tomoyo_print_number_union_nospace()
432 tomoyo_set_string(head, ptr->group->group_name->name); in tomoyo_print_number_union_nospace()
463 tomoyo_io_printf(head, "%s", buffer); in tomoyo_print_number_union_nospace()
475 static void tomoyo_print_number_union(struct tomoyo_io_buffer *head, in tomoyo_print_number_union() argument
478 tomoyo_set_space(head); in tomoyo_print_number_union()
479 tomoyo_print_number_union_nospace(head, ptr); in tomoyo_print_number_union()
674 static int tomoyo_write_profile(struct tomoyo_io_buffer *head) in tomoyo_write_profile() argument
676 char *data = head->write_buf; in tomoyo_write_profile()
681 if (sscanf(data, "PROFILE_VERSION=%u", &head->w.ns->profile_version) in tomoyo_write_profile()
688 profile = tomoyo_assign_profile(head->w.ns, i); in tomoyo_write_profile()
729 static void tomoyo_print_config(struct tomoyo_io_buffer *head, const u8 config) in tomoyo_print_config() argument
731 tomoyo_io_printf(head, "={ mode=%s grant_log=%s reject_log=%s }\n", in tomoyo_print_config()
744 static void tomoyo_read_profile(struct tomoyo_io_buffer *head) in tomoyo_read_profile() argument
748 container_of(head->r.ns, typeof(*ns), namespace_list); in tomoyo_read_profile()
751 if (head->r.eof) in tomoyo_read_profile()
754 index = head->r.index; in tomoyo_read_profile()
756 switch (head->r.step) { in tomoyo_read_profile()
758 tomoyo_print_namespace(head); in tomoyo_read_profile()
759 tomoyo_io_printf(head, "PROFILE_VERSION=%u\n", in tomoyo_read_profile()
761 head->r.step++; in tomoyo_read_profile()
764 for ( ; head->r.index < TOMOYO_MAX_PROFILES; in tomoyo_read_profile()
765 head->r.index++) in tomoyo_read_profile()
766 if (ns->profile_ptr[head->r.index]) in tomoyo_read_profile()
768 if (head->r.index == TOMOYO_MAX_PROFILES) { in tomoyo_read_profile()
769 head->r.eof = true; in tomoyo_read_profile()
772 head->r.step++; in tomoyo_read_profile()
780 tomoyo_print_namespace(head); in tomoyo_read_profile()
781 tomoyo_io_printf(head, "%u-COMMENT=", index); in tomoyo_read_profile()
782 tomoyo_set_string(head, comment ? comment->name : ""); in tomoyo_read_profile()
783 tomoyo_set_lf(head); in tomoyo_read_profile()
784 tomoyo_print_namespace(head); in tomoyo_read_profile()
785 tomoyo_io_printf(head, "%u-PREFERENCE={ ", index); in tomoyo_read_profile()
787 tomoyo_io_printf(head, "%s=%u ", in tomoyo_read_profile()
790 tomoyo_set_string(head, "}\n"); in tomoyo_read_profile()
791 head->r.step++; in tomoyo_read_profile()
796 tomoyo_print_namespace(head); in tomoyo_read_profile()
797 tomoyo_io_printf(head, "%u-%s", index, "CONFIG"); in tomoyo_read_profile()
798 tomoyo_print_config(head, profile->default_config); in tomoyo_read_profile()
799 head->r.bit = 0; in tomoyo_read_profile()
800 head->r.step++; in tomoyo_read_profile()
804 for ( ; head->r.bit < TOMOYO_MAX_MAC_INDEX in tomoyo_read_profile()
805 + TOMOYO_MAX_MAC_CATEGORY_INDEX; head->r.bit++) { in tomoyo_read_profile()
806 const u8 i = head->r.bit; in tomoyo_read_profile()
811 tomoyo_print_namespace(head); in tomoyo_read_profile()
813 tomoyo_io_printf(head, "%u-CONFIG::%s::%s", in tomoyo_read_profile()
819 tomoyo_io_printf(head, "%u-CONFIG::%s", index, in tomoyo_read_profile()
821 tomoyo_print_config(head, config); in tomoyo_read_profile()
822 head->r.bit++; in tomoyo_read_profile()
825 if (head->r.bit == TOMOYO_MAX_MAC_INDEX in tomoyo_read_profile()
827 head->r.index++; in tomoyo_read_profile()
828 head->r.step = 1; in tomoyo_read_profile()
832 if (tomoyo_flush(head)) in tomoyo_read_profile()
847 return container_of(a, struct tomoyo_manager, head)->manager == in tomoyo_same_manager()
848 container_of(b, struct tomoyo_manager, head)->manager; in tomoyo_same_manager()
877 error = tomoyo_update_policy(&e.head, sizeof(e), ¶m, in tomoyo_update_manager_entry()
893 static int tomoyo_write_manager(struct tomoyo_io_buffer *head) in tomoyo_write_manager() argument
895 char *data = head->write_buf; in tomoyo_write_manager()
898 tomoyo_manage_by_non_root = !head->w.is_delete; in tomoyo_write_manager()
901 return tomoyo_update_manager_entry(data, head->w.is_delete); in tomoyo_write_manager()
911 static void tomoyo_read_manager(struct tomoyo_io_buffer *head) in tomoyo_read_manager() argument
913 if (head->r.eof) in tomoyo_read_manager()
915 list_for_each_cookie(head->r.acl, &tomoyo_kernel_namespace.policy_list[TOMOYO_ID_MANAGER]) { in tomoyo_read_manager()
917 list_entry(head->r.acl, typeof(*ptr), head.list); in tomoyo_read_manager()
919 if (ptr->head.is_deleted) in tomoyo_read_manager()
921 if (!tomoyo_flush(head)) in tomoyo_read_manager()
923 tomoyo_set_string(head, ptr->manager->name); in tomoyo_read_manager()
924 tomoyo_set_lf(head); in tomoyo_read_manager()
926 head->r.eof = true; in tomoyo_read_manager()
954 list_for_each_entry_rcu(ptr, &tomoyo_kernel_namespace.policy_list[TOMOYO_ID_MANAGER], head.list, in tomoyo_manager()
956 if (!ptr->head.is_deleted && in tomoyo_manager()
990 static bool tomoyo_select_domain(struct tomoyo_io_buffer *head, in tomoyo_select_domain() argument
1019 head->w.domain = domain; in tomoyo_select_domain()
1021 if (!head->read_buf) in tomoyo_select_domain()
1023 memset(&head->r, 0, sizeof(head->r)); in tomoyo_select_domain()
1024 head->r.print_this_domain_only = true; in tomoyo_select_domain()
1026 head->r.domain = &domain->list; in tomoyo_select_domain()
1028 head->r.eof = true; in tomoyo_select_domain()
1029 tomoyo_io_printf(head, "# select %s\n", data); in tomoyo_select_domain()
1031 tomoyo_io_printf(head, "# This is a deleted domain.\n"); in tomoyo_select_domain()
1046 const struct tomoyo_task_acl *p1 = container_of(a, typeof(*p1), head); in tomoyo_same_task_acl()
1047 const struct tomoyo_task_acl *p2 = container_of(b, typeof(*p2), head); in tomoyo_same_task_acl()
1067 .head.type = TOMOYO_TYPE_MANUAL_TASK_ACL, in tomoyo_write_task()
1072 error = tomoyo_update_domain(&e.head, sizeof(e), param, in tomoyo_write_task()
1172 static int tomoyo_write_domain(struct tomoyo_io_buffer *head) in tomoyo_write_domain() argument
1174 char *data = head->write_buf; in tomoyo_write_domain()
1176 struct tomoyo_domain_info *domain = head->w.domain; in tomoyo_write_domain()
1177 const bool is_delete = head->w.is_delete; in tomoyo_write_domain()
1191 head->w.domain = domain; in tomoyo_write_domain()
1232 static bool tomoyo_print_condition(struct tomoyo_io_buffer *head, in tomoyo_print_condition() argument
1235 switch (head->r.cond_step) { in tomoyo_print_condition()
1237 head->r.cond_index = 0; in tomoyo_print_condition()
1238 head->r.cond_step++; in tomoyo_print_condition()
1240 tomoyo_set_space(head); in tomoyo_print_condition()
1241 tomoyo_set_string(head, cond->transit->name); in tomoyo_print_condition()
1260 for (skip = 0; skip < head->r.cond_index; skip++) { in tomoyo_print_condition()
1285 while (head->r.cond_index < condc) { in tomoyo_print_condition()
1290 if (!tomoyo_flush(head)) in tomoyo_print_condition()
1293 head->r.cond_index++; in tomoyo_print_condition()
1294 tomoyo_set_space(head); in tomoyo_print_condition()
1297 tomoyo_io_printf(head, in tomoyo_print_condition()
1300 tomoyo_set_string(head, in tomoyo_print_condition()
1302 tomoyo_set_string(head, "\""); in tomoyo_print_condition()
1306 tomoyo_set_string(head, in tomoyo_print_condition()
1308 tomoyo_set_string(head, in tomoyo_print_condition()
1310 tomoyo_io_printf(head, "\"]%s=", envp->is_not ? "!" : ""); in tomoyo_print_condition()
1312 tomoyo_set_string(head, "\""); in tomoyo_print_condition()
1313 tomoyo_set_string(head, envp->value->name); in tomoyo_print_condition()
1314 tomoyo_set_string(head, "\""); in tomoyo_print_condition()
1316 tomoyo_set_string(head, in tomoyo_print_condition()
1323 (head, numbers_p++); in tomoyo_print_condition()
1326 tomoyo_set_string(head, in tomoyo_print_condition()
1330 tomoyo_set_string(head, match ? "=" : "!="); in tomoyo_print_condition()
1334 (head, names_p++); in tomoyo_print_condition()
1338 (head, numbers_p++); in tomoyo_print_condition()
1341 tomoyo_set_string(head, in tomoyo_print_condition()
1347 head->r.cond_step++; in tomoyo_print_condition()
1350 if (!tomoyo_flush(head)) in tomoyo_print_condition()
1352 head->r.cond_step++; in tomoyo_print_condition()
1356 tomoyo_io_printf(head, " grant_log=%s", in tomoyo_print_condition()
1359 tomoyo_set_lf(head); in tomoyo_print_condition()
1373 static void tomoyo_set_group(struct tomoyo_io_buffer *head, in tomoyo_set_group() argument
1376 if (head->type == TOMOYO_EXCEPTIONPOLICY) { in tomoyo_set_group()
1377 tomoyo_print_namespace(head); in tomoyo_set_group()
1378 tomoyo_io_printf(head, "acl_group %u ", in tomoyo_set_group()
1379 head->r.acl_group_index); in tomoyo_set_group()
1381 tomoyo_set_string(head, category); in tomoyo_set_group()
1392 static bool tomoyo_print_entry(struct tomoyo_io_buffer *head, in tomoyo_print_entry() argument
1399 if (head->r.print_cond_part) in tomoyo_print_entry()
1403 if (!tomoyo_flush(head)) in tomoyo_print_entry()
1407 container_of(acl, typeof(*ptr), head); in tomoyo_print_entry()
1413 if (head->r.print_transition_related_only && in tomoyo_print_entry()
1417 tomoyo_set_group(head, "file "); in tomoyo_print_entry()
1420 tomoyo_set_slash(head); in tomoyo_print_entry()
1422 tomoyo_set_string(head, tomoyo_path_keyword[bit]); in tomoyo_print_entry()
1426 tomoyo_print_name_union(head, &ptr->name); in tomoyo_print_entry()
1429 container_of(acl, typeof(*ptr), head); in tomoyo_print_entry()
1431 tomoyo_set_group(head, "task "); in tomoyo_print_entry()
1432 tomoyo_set_string(head, "manual_domain_transition "); in tomoyo_print_entry()
1433 tomoyo_set_string(head, ptr->domainname->name); in tomoyo_print_entry()
1434 } else if (head->r.print_transition_related_only) { in tomoyo_print_entry()
1438 container_of(acl, typeof(*ptr), head); in tomoyo_print_entry()
1445 tomoyo_set_group(head, "file "); in tomoyo_print_entry()
1448 tomoyo_set_slash(head); in tomoyo_print_entry()
1450 tomoyo_set_string(head, tomoyo_mac_keywords in tomoyo_print_entry()
1455 tomoyo_print_name_union(head, &ptr->name1); in tomoyo_print_entry()
1456 tomoyo_print_name_union(head, &ptr->name2); in tomoyo_print_entry()
1459 container_of(acl, typeof(*ptr), head); in tomoyo_print_entry()
1466 tomoyo_set_group(head, "file "); in tomoyo_print_entry()
1469 tomoyo_set_slash(head); in tomoyo_print_entry()
1471 tomoyo_set_string(head, tomoyo_mac_keywords in tomoyo_print_entry()
1476 tomoyo_print_name_union(head, &ptr->name); in tomoyo_print_entry()
1477 tomoyo_print_number_union(head, &ptr->number); in tomoyo_print_entry()
1480 container_of(acl, typeof(*ptr), head); in tomoyo_print_entry()
1487 tomoyo_set_group(head, "file "); in tomoyo_print_entry()
1490 tomoyo_set_slash(head); in tomoyo_print_entry()
1492 tomoyo_set_string(head, tomoyo_mac_keywords in tomoyo_print_entry()
1497 tomoyo_print_name_union(head, &ptr->name); in tomoyo_print_entry()
1498 tomoyo_print_number_union(head, &ptr->mode); in tomoyo_print_entry()
1499 tomoyo_print_number_union(head, &ptr->major); in tomoyo_print_entry()
1500 tomoyo_print_number_union(head, &ptr->minor); in tomoyo_print_entry()
1503 container_of(acl, typeof(*ptr), head); in tomoyo_print_entry()
1510 tomoyo_set_group(head, "network inet "); in tomoyo_print_entry()
1511 tomoyo_set_string(head, tomoyo_proto_keyword in tomoyo_print_entry()
1513 tomoyo_set_space(head); in tomoyo_print_entry()
1516 tomoyo_set_slash(head); in tomoyo_print_entry()
1518 tomoyo_set_string(head, tomoyo_socket_keyword[bit]); in tomoyo_print_entry()
1522 tomoyo_set_space(head); in tomoyo_print_entry()
1524 tomoyo_set_string(head, "@"); in tomoyo_print_entry()
1525 tomoyo_set_string(head, ptr->address.group->group_name in tomoyo_print_entry()
1531 tomoyo_io_printf(head, "%s", buf); in tomoyo_print_entry()
1533 tomoyo_print_number_union(head, &ptr->port); in tomoyo_print_entry()
1536 container_of(acl, typeof(*ptr), head); in tomoyo_print_entry()
1543 tomoyo_set_group(head, "network unix "); in tomoyo_print_entry()
1544 tomoyo_set_string(head, tomoyo_proto_keyword in tomoyo_print_entry()
1546 tomoyo_set_space(head); in tomoyo_print_entry()
1549 tomoyo_set_slash(head); in tomoyo_print_entry()
1551 tomoyo_set_string(head, tomoyo_socket_keyword[bit]); in tomoyo_print_entry()
1555 tomoyo_print_name_union(head, &ptr->name); in tomoyo_print_entry()
1558 container_of(acl, typeof(*ptr), head); in tomoyo_print_entry()
1560 tomoyo_set_group(head, "file mount"); in tomoyo_print_entry()
1561 tomoyo_print_name_union(head, &ptr->dev_name); in tomoyo_print_entry()
1562 tomoyo_print_name_union(head, &ptr->dir_name); in tomoyo_print_entry()
1563 tomoyo_print_name_union(head, &ptr->fs_type); in tomoyo_print_entry()
1564 tomoyo_print_number_union(head, &ptr->flags); in tomoyo_print_entry()
1567 container_of(acl, typeof(*ptr), head); in tomoyo_print_entry()
1569 tomoyo_set_group(head, "misc env "); in tomoyo_print_entry()
1570 tomoyo_set_string(head, ptr->env->name); in tomoyo_print_entry()
1573 head->r.print_cond_part = true; in tomoyo_print_entry()
1574 head->r.cond_step = 0; in tomoyo_print_entry()
1575 if (!tomoyo_flush(head)) in tomoyo_print_entry()
1578 if (!tomoyo_print_condition(head, acl->cond)) in tomoyo_print_entry()
1580 head->r.print_cond_part = false; in tomoyo_print_entry()
1582 tomoyo_set_lf(head); in tomoyo_print_entry()
1597 static bool tomoyo_read_domain2(struct tomoyo_io_buffer *head, in tomoyo_read_domain2() argument
1600 list_for_each_cookie(head->r.acl, list) { in tomoyo_read_domain2()
1602 list_entry(head->r.acl, typeof(*ptr), list); in tomoyo_read_domain2()
1604 if (!tomoyo_print_entry(head, ptr)) in tomoyo_read_domain2()
1607 head->r.acl = NULL; in tomoyo_read_domain2()
1618 static void tomoyo_read_domain(struct tomoyo_io_buffer *head) in tomoyo_read_domain() argument
1620 if (head->r.eof) in tomoyo_read_domain()
1622 list_for_each_cookie(head->r.domain, &tomoyo_domain_list) { in tomoyo_read_domain()
1624 list_entry(head->r.domain, typeof(*domain), list); in tomoyo_read_domain()
1627 switch (head->r.step) { in tomoyo_read_domain()
1630 !head->r.print_this_domain_only) in tomoyo_read_domain()
1633 tomoyo_set_string(head, domain->domainname->name); in tomoyo_read_domain()
1634 tomoyo_set_lf(head); in tomoyo_read_domain()
1635 tomoyo_io_printf(head, "use_profile %u\n", in tomoyo_read_domain()
1639 tomoyo_set_string(head, tomoyo_dif[i]); in tomoyo_read_domain()
1640 head->r.index = 0; in tomoyo_read_domain()
1641 head->r.step++; in tomoyo_read_domain()
1644 while (head->r.index < TOMOYO_MAX_ACL_GROUPS) { in tomoyo_read_domain()
1645 i = head->r.index++; in tomoyo_read_domain()
1648 tomoyo_io_printf(head, "use_group %u\n", i); in tomoyo_read_domain()
1649 if (!tomoyo_flush(head)) in tomoyo_read_domain()
1652 head->r.index = 0; in tomoyo_read_domain()
1653 head->r.step++; in tomoyo_read_domain()
1654 tomoyo_set_lf(head); in tomoyo_read_domain()
1657 if (!tomoyo_read_domain2(head, &domain->acl_info_list)) in tomoyo_read_domain()
1659 head->r.step++; in tomoyo_read_domain()
1660 if (!tomoyo_set_lf(head)) in tomoyo_read_domain()
1664 head->r.step = 0; in tomoyo_read_domain()
1665 if (head->r.print_this_domain_only) in tomoyo_read_domain()
1670 head->r.eof = true; in tomoyo_read_domain()
1680 static int tomoyo_write_pid(struct tomoyo_io_buffer *head) in tomoyo_write_pid() argument
1682 head->r.eof = false; in tomoyo_write_pid()
1696 static void tomoyo_read_pid(struct tomoyo_io_buffer *head) in tomoyo_read_pid() argument
1698 char *buf = head->write_buf; in tomoyo_read_pid()
1706 head->r.eof = true; in tomoyo_read_pid()
1709 if (head->r.w_pos || head->r.eof) in tomoyo_read_pid()
1711 head->r.eof = true; in tomoyo_read_pid()
1726 tomoyo_io_printf(head, "%u %u ", pid, domain->profile); in tomoyo_read_pid()
1727 tomoyo_set_string(head, domain->domainname->name); in tomoyo_read_pid()
1756 static int tomoyo_write_exception(struct tomoyo_io_buffer *head) in tomoyo_write_exception() argument
1758 const bool is_delete = head->w.is_delete; in tomoyo_write_exception()
1760 .ns = head->w.ns, in tomoyo_write_exception()
1762 .data = head->write_buf, in tomoyo_write_exception()
1781 (head->w.ns, &head->w.ns->acl_group[group], in tomoyo_write_exception()
1797 static bool tomoyo_read_group(struct tomoyo_io_buffer *head, const int idx) in tomoyo_read_group() argument
1800 container_of(head->r.ns, typeof(*ns), namespace_list); in tomoyo_read_group()
1803 list_for_each_cookie(head->r.group, list) { in tomoyo_read_group()
1805 list_entry(head->r.group, typeof(*group), head.list); in tomoyo_read_group()
1807 list_for_each_cookie(head->r.acl, &group->member_list) { in tomoyo_read_group()
1809 list_entry(head->r.acl, typeof(*ptr), list); in tomoyo_read_group()
1813 if (!tomoyo_flush(head)) in tomoyo_read_group()
1815 tomoyo_print_namespace(head); in tomoyo_read_group()
1816 tomoyo_set_string(head, tomoyo_group_name[idx]); in tomoyo_read_group()
1817 tomoyo_set_string(head, group->group_name->name); in tomoyo_read_group()
1819 tomoyo_set_space(head); in tomoyo_read_group()
1820 tomoyo_set_string(head, container_of in tomoyo_read_group()
1822 head)->member_name->name); in tomoyo_read_group()
1824 tomoyo_print_number_union(head, &container_of in tomoyo_read_group()
1827 head)->number); in tomoyo_read_group()
1832 head); in tomoyo_read_group()
1836 tomoyo_io_printf(head, " %s", buffer); in tomoyo_read_group()
1838 tomoyo_set_lf(head); in tomoyo_read_group()
1840 head->r.acl = NULL; in tomoyo_read_group()
1842 head->r.group = NULL; in tomoyo_read_group()
1856 static bool tomoyo_read_policy(struct tomoyo_io_buffer *head, const int idx) in tomoyo_read_policy() argument
1859 container_of(head->r.ns, typeof(*ns), namespace_list); in tomoyo_read_policy()
1862 list_for_each_cookie(head->r.acl, list) { in tomoyo_read_policy()
1864 container_of(head->r.acl, typeof(*acl), list); in tomoyo_read_policy()
1867 if (!tomoyo_flush(head)) in tomoyo_read_policy()
1873 container_of(acl, typeof(*ptr), head); in tomoyo_read_policy()
1875 tomoyo_print_namespace(head); in tomoyo_read_policy()
1876 tomoyo_set_string(head, tomoyo_transition_type in tomoyo_read_policy()
1878 tomoyo_set_string(head, ptr->program ? in tomoyo_read_policy()
1880 tomoyo_set_string(head, " from "); in tomoyo_read_policy()
1881 tomoyo_set_string(head, ptr->domainname ? in tomoyo_read_policy()
1889 container_of(acl, typeof(*ptr), head); in tomoyo_read_policy()
1891 tomoyo_print_namespace(head); in tomoyo_read_policy()
1892 tomoyo_set_string(head, "aggregator "); in tomoyo_read_policy()
1893 tomoyo_set_string(head, in tomoyo_read_policy()
1895 tomoyo_set_space(head); in tomoyo_read_policy()
1896 tomoyo_set_string(head, in tomoyo_read_policy()
1903 tomoyo_set_lf(head); in tomoyo_read_policy()
1905 head->r.acl = NULL; in tomoyo_read_policy()
1916 static void tomoyo_read_exception(struct tomoyo_io_buffer *head) in tomoyo_read_exception() argument
1919 container_of(head->r.ns, typeof(*ns), namespace_list); in tomoyo_read_exception()
1921 if (head->r.eof) in tomoyo_read_exception()
1923 while (head->r.step < TOMOYO_MAX_POLICY && in tomoyo_read_exception()
1924 tomoyo_read_policy(head, head->r.step)) in tomoyo_read_exception()
1925 head->r.step++; in tomoyo_read_exception()
1926 if (head->r.step < TOMOYO_MAX_POLICY) in tomoyo_read_exception()
1928 while (head->r.step < TOMOYO_MAX_POLICY + TOMOYO_MAX_GROUP && in tomoyo_read_exception()
1929 tomoyo_read_group(head, head->r.step - TOMOYO_MAX_POLICY)) in tomoyo_read_exception()
1930 head->r.step++; in tomoyo_read_exception()
1931 if (head->r.step < TOMOYO_MAX_POLICY + TOMOYO_MAX_GROUP) in tomoyo_read_exception()
1933 while (head->r.step < TOMOYO_MAX_POLICY + TOMOYO_MAX_GROUP in tomoyo_read_exception()
1935 head->r.acl_group_index = head->r.step - TOMOYO_MAX_POLICY in tomoyo_read_exception()
1937 if (!tomoyo_read_domain2(head, &ns->acl_group in tomoyo_read_exception()
1938 [head->r.acl_group_index])) in tomoyo_read_exception()
1940 head->r.step++; in tomoyo_read_exception()
1942 head->r.eof = true; in tomoyo_read_exception()
2202 static void tomoyo_read_query(struct tomoyo_io_buffer *head) in tomoyo_read_query() argument
2209 if (head->r.w_pos) in tomoyo_read_query()
2211 kfree(head->read_buf); in tomoyo_read_query()
2212 head->read_buf = NULL; in tomoyo_read_query()
2217 if (pos++ != head->r.query_index) in tomoyo_read_query()
2224 head->r.query_index = 0; in tomoyo_read_query()
2235 if (pos++ != head->r.query_index) in tomoyo_read_query()
2248 head->read_buf = buf; in tomoyo_read_query()
2249 head->r.w[head->r.w_pos++] = buf; in tomoyo_read_query()
2250 head->r.query_index++; in tomoyo_read_query()
2263 static int tomoyo_write_answer(struct tomoyo_io_buffer *head) in tomoyo_write_answer() argument
2265 char *data = head->write_buf; in tomoyo_write_answer()
2302 static void tomoyo_read_version(struct tomoyo_io_buffer *head) in tomoyo_read_version() argument
2304 if (!head->r.eof) { in tomoyo_read_version()
2305 tomoyo_io_printf(head, "2.6.0"); in tomoyo_read_version()
2306 head->r.eof = true; in tomoyo_read_version()
2350 static void tomoyo_read_stat(struct tomoyo_io_buffer *head) in tomoyo_read_stat() argument
2355 if (head->r.eof) in tomoyo_read_stat()
2358 tomoyo_io_printf(head, "Policy %-30s %10u", in tomoyo_read_stat()
2365 tomoyo_io_printf(head, " (Last: %04u/%02u/%02u %02u:%02u:%02u)", in tomoyo_read_stat()
2369 tomoyo_set_lf(head); in tomoyo_read_stat()
2375 tomoyo_io_printf(head, "Memory used by %-22s %10u", in tomoyo_read_stat()
2379 tomoyo_io_printf(head, " (Quota: %10u)", used); in tomoyo_read_stat()
2380 tomoyo_set_lf(head); in tomoyo_read_stat()
2382 tomoyo_io_printf(head, "Total memory used: %10u\n", in tomoyo_read_stat()
2384 head->r.eof = true; in tomoyo_read_stat()
2394 static int tomoyo_write_stat(struct tomoyo_io_buffer *head) in tomoyo_write_stat() argument
2396 char *data = head->write_buf; in tomoyo_write_stat()
2416 struct tomoyo_io_buffer *head = kzalloc(sizeof(*head), GFP_NOFS); in tomoyo_open_control() local
2418 if (!head) in tomoyo_open_control()
2420 mutex_init(&head->io_sem); in tomoyo_open_control()
2421 head->type = type; in tomoyo_open_control()
2425 head->write = tomoyo_write_domain; in tomoyo_open_control()
2426 head->read = tomoyo_read_domain; in tomoyo_open_control()
2430 head->write = tomoyo_write_exception; in tomoyo_open_control()
2431 head->read = tomoyo_read_exception; in tomoyo_open_control()
2435 head->poll = tomoyo_poll_log; in tomoyo_open_control()
2436 head->read = tomoyo_read_log; in tomoyo_open_control()
2440 head->write = tomoyo_write_pid; in tomoyo_open_control()
2441 head->read = tomoyo_read_pid; in tomoyo_open_control()
2445 head->read = tomoyo_read_version; in tomoyo_open_control()
2446 head->readbuf_size = 128; in tomoyo_open_control()
2450 head->write = tomoyo_write_stat; in tomoyo_open_control()
2451 head->read = tomoyo_read_stat; in tomoyo_open_control()
2452 head->readbuf_size = 1024; in tomoyo_open_control()
2456 head->write = tomoyo_write_profile; in tomoyo_open_control()
2457 head->read = tomoyo_read_profile; in tomoyo_open_control()
2460 head->poll = tomoyo_poll_query; in tomoyo_open_control()
2461 head->write = tomoyo_write_answer; in tomoyo_open_control()
2462 head->read = tomoyo_read_query; in tomoyo_open_control()
2466 head->write = tomoyo_write_manager; in tomoyo_open_control()
2467 head->read = tomoyo_read_manager; in tomoyo_open_control()
2475 head->read = NULL; in tomoyo_open_control()
2476 head->poll = NULL; in tomoyo_open_control()
2477 } else if (!head->poll) { in tomoyo_open_control()
2479 if (!head->readbuf_size) in tomoyo_open_control()
2480 head->readbuf_size = 4096 * 2; in tomoyo_open_control()
2481 head->read_buf = kzalloc(head->readbuf_size, GFP_NOFS); in tomoyo_open_control()
2482 if (!head->read_buf) { in tomoyo_open_control()
2483 kfree(head); in tomoyo_open_control()
2492 head->write = NULL; in tomoyo_open_control()
2493 } else if (head->write) { in tomoyo_open_control()
2494 head->writebuf_size = 4096 * 2; in tomoyo_open_control()
2495 head->write_buf = kzalloc(head->writebuf_size, GFP_NOFS); in tomoyo_open_control()
2496 if (!head->write_buf) { in tomoyo_open_control()
2497 kfree(head->read_buf); in tomoyo_open_control()
2498 kfree(head); in tomoyo_open_control()
2510 file->private_data = head; in tomoyo_open_control()
2511 tomoyo_notify_gc(head, true); in tomoyo_open_control()
2526 struct tomoyo_io_buffer *head = file->private_data; in tomoyo_poll_control() local
2528 if (head->poll) in tomoyo_poll_control()
2529 return head->poll(file, wait) | EPOLLOUT | EPOLLWRNORM; in tomoyo_poll_control()
2540 static inline void tomoyo_set_namespace_cursor(struct tomoyo_io_buffer *head) in tomoyo_set_namespace_cursor() argument
2544 if (head->type != TOMOYO_EXCEPTIONPOLICY && in tomoyo_set_namespace_cursor()
2545 head->type != TOMOYO_PROFILE) in tomoyo_set_namespace_cursor()
2551 ns = head->r.ns; in tomoyo_set_namespace_cursor()
2552 if (!ns || (head->r.eof && ns->next != &tomoyo_namespace_list)) { in tomoyo_set_namespace_cursor()
2554 memset(&head->r, 0, sizeof(head->r)); in tomoyo_set_namespace_cursor()
2555 head->r.ns = ns ? ns->next : tomoyo_namespace_list.next; in tomoyo_set_namespace_cursor()
2566 static inline bool tomoyo_has_more_namespace(struct tomoyo_io_buffer *head) in tomoyo_has_more_namespace() argument
2568 return (head->type == TOMOYO_EXCEPTIONPOLICY || in tomoyo_has_more_namespace()
2569 head->type == TOMOYO_PROFILE) && head->r.eof && in tomoyo_has_more_namespace()
2570 head->r.ns->next != &tomoyo_namespace_list; in tomoyo_has_more_namespace()
2582 ssize_t tomoyo_read_control(struct tomoyo_io_buffer *head, char __user *buffer, in tomoyo_read_control() argument
2588 if (!head->read) in tomoyo_read_control()
2590 if (mutex_lock_interruptible(&head->io_sem)) in tomoyo_read_control()
2592 head->read_user_buf = buffer; in tomoyo_read_control()
2593 head->read_user_buf_avail = buffer_len; in tomoyo_read_control()
2595 if (tomoyo_flush(head)) in tomoyo_read_control()
2598 tomoyo_set_namespace_cursor(head); in tomoyo_read_control()
2599 head->read(head); in tomoyo_read_control()
2600 } while (tomoyo_flush(head) && in tomoyo_read_control()
2601 tomoyo_has_more_namespace(head)); in tomoyo_read_control()
2603 len = head->read_user_buf - buffer; in tomoyo_read_control()
2604 mutex_unlock(&head->io_sem); in tomoyo_read_control()
2618 static int tomoyo_parse_policy(struct tomoyo_io_buffer *head, char *line) in tomoyo_parse_policy() argument
2621 head->w.is_delete = !strncmp(line, "delete ", 7); in tomoyo_parse_policy()
2622 if (head->w.is_delete) in tomoyo_parse_policy()
2625 if (head->type == TOMOYO_EXCEPTIONPOLICY || in tomoyo_parse_policy()
2626 head->type == TOMOYO_PROFILE) { in tomoyo_parse_policy()
2632 head->w.ns = tomoyo_assign_namespace(line); in tomoyo_parse_policy()
2635 head->w.ns = NULL; in tomoyo_parse_policy()
2637 head->w.ns = &tomoyo_kernel_namespace; in tomoyo_parse_policy()
2639 if (!head->w.ns) in tomoyo_parse_policy()
2643 return head->write(head); in tomoyo_parse_policy()
2655 ssize_t tomoyo_write_control(struct tomoyo_io_buffer *head, in tomoyo_write_control() argument
2660 char *cp0 = head->write_buf; in tomoyo_write_control()
2663 if (!head->write) in tomoyo_write_control()
2665 if (mutex_lock_interruptible(&head->io_sem)) in tomoyo_write_control()
2667 head->read_user_buf_avail = 0; in tomoyo_write_control()
2673 if (head->w.avail >= head->writebuf_size - 1) { in tomoyo_write_control()
2674 const int len = head->writebuf_size * 2; in tomoyo_write_control()
2681 memmove(cp, cp0, head->w.avail); in tomoyo_write_control()
2683 head->write_buf = cp; in tomoyo_write_control()
2685 head->writebuf_size = len; in tomoyo_write_control()
2693 cp0[head->w.avail++] = c; in tomoyo_write_control()
2696 cp0[head->w.avail - 1] = '\0'; in tomoyo_write_control()
2697 head->w.avail = 0; in tomoyo_write_control()
2700 head->w.ns = &tomoyo_kernel_namespace; in tomoyo_write_control()
2701 head->w.domain = NULL; in tomoyo_write_control()
2702 memset(&head->r, 0, sizeof(head->r)); in tomoyo_write_control()
2706 switch (head->type) { in tomoyo_write_control()
2711 if (tomoyo_select_domain(head, cp0)) in tomoyo_write_control()
2716 head->r.print_transition_related_only = true; in tomoyo_write_control()
2726 switch (tomoyo_parse_policy(head, cp0)) { in tomoyo_write_control()
2731 switch (head->type) { in tomoyo_write_control()
2747 mutex_unlock(&head->io_sem); in tomoyo_write_control()
2756 void tomoyo_close_control(struct tomoyo_io_buffer *head) in tomoyo_close_control() argument
2762 if (head->type == TOMOYO_QUERY && in tomoyo_close_control()
2765 tomoyo_notify_gc(head, false); in tomoyo_close_control()
2833 struct tomoyo_io_buffer head = { }; in tomoyo_load_builtin_policy() local
2839 head.type = TOMOYO_PROFILE; in tomoyo_load_builtin_policy()
2840 head.write = tomoyo_write_profile; in tomoyo_load_builtin_policy()
2844 head.type = TOMOYO_EXCEPTIONPOLICY; in tomoyo_load_builtin_policy()
2845 head.write = tomoyo_write_exception; in tomoyo_load_builtin_policy()
2849 head.type = TOMOYO_DOMAINPOLICY; in tomoyo_load_builtin_policy()
2850 head.write = tomoyo_write_domain; in tomoyo_load_builtin_policy()
2854 head.type = TOMOYO_MANAGER; in tomoyo_load_builtin_policy()
2855 head.write = tomoyo_write_manager; in tomoyo_load_builtin_policy()
2859 head.type = TOMOYO_STAT; in tomoyo_load_builtin_policy()
2860 head.write = tomoyo_write_stat; in tomoyo_load_builtin_policy()
2870 head.write_buf = start; in tomoyo_load_builtin_policy()
2871 tomoyo_parse_policy(&head, start); in tomoyo_load_builtin_policy()