diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-06-03 20:38:03 +0900 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-08-02 15:33:42 +1000 |
commit | 1084307ca097745ed6e40a192329b133a49271ac (patch) | |
tree | f3b2e81705afb4ca3006ebb931aa0aad426ace02 /security/tomoyo/gc.c | |
parent | 3f629636320dfa65804779a3fc333f3147f3b064 (diff) |
TOMOYO: Add pathname aggregation support.
This patch allows users to aggregate programs which provide similar
functionality (e.g. /usr/bin/vi and /usr/bin/emacs ).
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/gc.c')
-rw-r--r-- | security/tomoyo/gc.c | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c index be2d3b935533..8a31f0c628b2 100644 --- a/security/tomoyo/gc.c +++ b/security/tomoyo/gc.c @@ -18,6 +18,7 @@ enum tomoyo_gc_id { TOMOYO_ID_NUMBER_GROUP_MEMBER, TOMOYO_ID_DOMAIN_INITIALIZER, TOMOYO_ID_DOMAIN_KEEPER, + TOMOYO_ID_AGGREGATOR, TOMOYO_ID_ALIAS, TOMOYO_ID_GLOBALLY_READABLE, TOMOYO_ID_PATTERN, @@ -77,6 +78,12 @@ static void tomoyo_del_domain_keeper(struct tomoyo_domain_keeper_entry *ptr) tomoyo_put_name(ptr->program); } +static void tomoyo_del_aggregator(struct tomoyo_aggregator_entry *ptr) +{ + tomoyo_put_name(ptr->original_name); + tomoyo_put_name(ptr->aggregated_name); +} + static void tomoyo_del_alias(struct tomoyo_alias_entry *ptr) { tomoyo_put_name(ptr->original_name); @@ -264,6 +271,17 @@ static void tomoyo_collect_entry(void) } } { + struct tomoyo_aggregator_entry *ptr; + list_for_each_entry_rcu(ptr, &tomoyo_aggregator_list, list) { + if (!ptr->is_deleted) + continue; + if (tomoyo_add_to_gc(TOMOYO_ID_AGGREGATOR, ptr)) + list_del_rcu(&ptr->list); + else + break; + } + } + { struct tomoyo_alias_entry *ptr; list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { if (!ptr->is_deleted) @@ -417,6 +435,9 @@ static void tomoyo_kfree_entry(void) case TOMOYO_ID_DOMAIN_KEEPER: tomoyo_del_domain_keeper(p->element); break; + case TOMOYO_ID_AGGREGATOR: + tomoyo_del_aggregator(p->element); + break; case TOMOYO_ID_ALIAS: tomoyo_del_alias(p->element); break; |