From 1084307ca097745ed6e40a192329b133a49271ac Mon Sep 17 00:00:00 2001 From: Tetsuo Handa Date: Thu, 3 Jun 2010 20:38:03 +0900 Subject: TOMOYO: Add pathname aggregation support. This patch allows users to aggregate programs which provide similar functionality (e.g. /usr/bin/vi and /usr/bin/emacs ). Signed-off-by: Tetsuo Handa Signed-off-by: James Morris --- security/tomoyo/gc.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'security/tomoyo/gc.c') diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c index be2d3b935533..8a31f0c628b2 100644 --- a/security/tomoyo/gc.c +++ b/security/tomoyo/gc.c @@ -18,6 +18,7 @@ enum tomoyo_gc_id { TOMOYO_ID_NUMBER_GROUP_MEMBER, TOMOYO_ID_DOMAIN_INITIALIZER, TOMOYO_ID_DOMAIN_KEEPER, + TOMOYO_ID_AGGREGATOR, TOMOYO_ID_ALIAS, TOMOYO_ID_GLOBALLY_READABLE, TOMOYO_ID_PATTERN, @@ -77,6 +78,12 @@ static void tomoyo_del_domain_keeper(struct tomoyo_domain_keeper_entry *ptr) tomoyo_put_name(ptr->program); } +static void tomoyo_del_aggregator(struct tomoyo_aggregator_entry *ptr) +{ + tomoyo_put_name(ptr->original_name); + tomoyo_put_name(ptr->aggregated_name); +} + static void tomoyo_del_alias(struct tomoyo_alias_entry *ptr) { tomoyo_put_name(ptr->original_name); @@ -263,6 +270,17 @@ static void tomoyo_collect_entry(void) break; } } + { + struct tomoyo_aggregator_entry *ptr; + list_for_each_entry_rcu(ptr, &tomoyo_aggregator_list, list) { + if (!ptr->is_deleted) + continue; + if (tomoyo_add_to_gc(TOMOYO_ID_AGGREGATOR, ptr)) + list_del_rcu(&ptr->list); + else + break; + } + } { struct tomoyo_alias_entry *ptr; list_for_each_entry_rcu(ptr, &tomoyo_alias_list, list) { @@ -417,6 +435,9 @@ static void tomoyo_kfree_entry(void) case TOMOYO_ID_DOMAIN_KEEPER: tomoyo_del_domain_keeper(p->element); break; + case TOMOYO_ID_AGGREGATOR: + tomoyo_del_aggregator(p->element); + break; case TOMOYO_ID_ALIAS: tomoyo_del_alias(p->element); break; -- cgit v1.2.3