TOMOYO: Split file access control functions by type of parameters.
Check numeric parameters for operations that deal them
(e.g. chmod/chown/ioctl).
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c
index 6a48197..7810018 100644
--- a/security/tomoyo/gc.c
+++ b/security/tomoyo/gc.c
@@ -106,6 +106,24 @@
tomoyo_put_name_union(&entry->name2);
}
break;
+ case TOMOYO_TYPE_PATH_NUMBER_ACL:
+ {
+ struct tomoyo_path_number_acl *entry
+ = container_of(acl, typeof(*entry), head);
+ tomoyo_put_name_union(&entry->name);
+ tomoyo_put_number_union(&entry->number);
+ }
+ break;
+ case TOMOYO_TYPE_PATH_NUMBER3_ACL:
+ {
+ struct tomoyo_path_number3_acl *entry
+ = container_of(acl, typeof(*entry), head);
+ tomoyo_put_name_union(&entry->name);
+ tomoyo_put_number_union(&entry->mode);
+ tomoyo_put_number_union(&entry->major);
+ tomoyo_put_number_union(&entry->minor);
+ }
+ break;
default:
printk(KERN_WARNING "Unknown type\n");
break;
@@ -268,10 +286,7 @@
case TOMOYO_TYPE_PATH_ACL:
if (container_of(acl,
struct tomoyo_path_acl,
- head)->perm ||
- container_of(acl,
- struct tomoyo_path_acl,
- head)->perm_high)
+ head)->perm)
continue;
break;
case TOMOYO_TYPE_PATH2_ACL:
@@ -280,6 +295,18 @@
head)->perm)
continue;
break;
+ case TOMOYO_TYPE_PATH_NUMBER_ACL:
+ if (container_of(acl,
+ struct tomoyo_path_number_acl,
+ head)->perm)
+ continue;
+ break;
+ case TOMOYO_TYPE_PATH_NUMBER3_ACL:
+ if (container_of(acl,
+ struct tomoyo_path_number3_acl,
+ head)->perm)
+ continue;
+ break;
default:
continue;
}