summaryrefslogtreecommitdiff
path: root/security/tomoyo/file.c
AgeCommit message (Collapse)Author
2010-02-11TOMOYO: Reduce lines by using common path for addition and deletion.Tetsuo Handa
Since the codes for adding an entry and removing an entry are similar, we can save some lines by using "if (is_delete) { ... } else { ... }" branches. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
2010-02-08TOMOYO: Extract bitfieldTetsuo Handa
Since list elements are rounded up to kmalloc() size rather than sizeof(int), saving one byte by using bitfields is no longer helpful. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
2010-01-27TOMOYO: Remove usage counter for temporary memory.Tetsuo Handa
TOMOYO was using own memory usage counter for detecting memory leak. But as kernel 2.6.31 introduced memory leak detection mechanism ( CONFIG_DEBUG_KMEMLEAK ), we no longer need to have own counter. We remove usage counter for memory used for permission checks, but we keep usage counter for memory used for policy so that we can apply quota. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
2010-01-18Merge branch 'master' into nextJames Morris
2010-01-11TOMOYO: Remove memory pool for list elements.Tetsuo Handa
Currently, TOMOYO allocates memory for list elements from memory pool allocated by kmalloc(PAGE_SIZE). But that makes it difficult to kfree() when garbage collector is added. Thus, remove memory pool and use kmalloc(sizeof()). Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
2010-01-11TOMOYO: Replace rw_semaphore by mutex.Tetsuo Handa
Since readers no longer use down_read(), writers no longer need to use rw_semaphore. Replace individual rw_semaphore by single mutex. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
2009-12-22Sanitize f_flags helpersAl Viro
* pull ACC_MODE to fs.h; we have several copies all over the place * nightmarish expression calculating f_mode by f_flags deserves a helper too (OPEN_FMODE(flags)) Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-12-15TOMOYO: Use RCU primitives for list operationTetsuo Handa
Replace list operation with RCU primitives and replace down_read()/up_read() with srcu_read_lock()/srcu_read_unlock(). Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
2009-12-09Merge branch 'master' into nextJames Morris
2009-12-08TOMOYO: Add rest of file operation restrictions.Tetsuo Handa
LSM hooks for chmod()/chown()/chroot() are now ready. This patch utilizes these hooks. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
2009-11-20security/tomoyo: Remove now unnecessary handling of security_sysctl.Eric W. Biederman
Now that sys_sysctl is an emulation on top of proc sys all sysctl operations look like normal filesystem operations and we don't need to use the special sysctl hook to authenticate them. Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
2009-06-09TOMOYO: Add description of lists and structures.Tetsuo Handa
This patch adds some descriptions of lists and structures. This patch contains no code changes. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
2009-06-04TOMOYO: Remove unused parameter.Tetsuo Handa
TOMOYO 2.2.0 does not check argv[] and envp[] upon execve(). We don't need to pass "struct tomoyo_page_buffer". Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
2009-06-03TOMOYO: Simplify policy reader.Tetsuo Handa
We can directly assign the result of tomoyo_io_printf() to done flag. Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp> Signed-off-by: James Morris <jmorris@namei.org>
2009-06-03TOMOYO: Remove redundant markers.Tetsuo Handa
Remove '/***** START/STOP *****/' markers. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
2009-04-14tomoyo: version bump to 2.2.0.Tetsuo Handa
Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp> Signed-off-by: James Morris <jmorris@namei.org>
2009-02-12File operation restriction part.Kentaro Takeda
This file controls file related operations of TOMOYO Linux. tomoyo/tomoyo.c calls the following six functions in this file. Each function handles the following access types. * tomoyo_check_file_perm sysctl()'s "read" and "write". * tomoyo_check_exec_perm "execute". * tomoyo_check_open_permission open(2) for "read" and "write". * tomoyo_check_1path_perm "create", "unlink", "mkdir", "rmdir", "mkfifo", "mksock", "mkblock", "mkchar", "truncate" and "symlink". * tomoyo_check_2path_perm "rename" and "unlink". * tomoyo_check_rewrite_permission "rewrite". ("rewrite" are operations which may lose already recorded data of a file, i.e. open(!O_APPEND) || open(O_TRUNC) || truncate() || ftruncate()) The functions which actually checks ACLs are the following three functions. Each function handles the following access types. ACL directive is expressed by "allow_<access type>". * tomoyo_check_file_acl Open() operation and execve() operation. ("read", "write", "read/write" and "execute") * tomoyo_check_single_write_acl Directory modification operations with 1 pathname. ("create", "unlink", "mkdir", "rmdir", "mkfifo", "mksock", "mkblock", "mkchar", "truncate", "symlink" and "rewrite") * tomoyo_check_double_write_acl Directory modification operations with 2 pathname. ("link" and "rename") Also, this file contains handlers of some utility directives for file related operations. * "allow_read": specifies globally (for all domains) readable files. * "path_group": specifies pathname macro. * "deny_rewrite": restricts rewrite operation. Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp> Signed-off-by: James Morris <jmorris@namei.org>