Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 1 | /* |
| 2 | * security/tomoyo/gc.c |
| 3 | * |
Tetsuo Handa | 0f2a55d | 2011-07-14 14:46:51 +0900 | [diff] [blame] | 4 | * Copyright (C) 2005-2011 NTT DATA CORPORATION |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 5 | */ |
| 6 | |
| 7 | #include "common.h" |
| 8 | #include <linux/kthread.h> |
Tejun Heo | 5a0e3ad | 2010-03-24 17:04:11 +0900 | [diff] [blame] | 9 | #include <linux/slab.h> |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 10 | |
Tetsuo Handa | a427fd1 | 2011-09-25 17:51:06 +0900 | [diff] [blame] | 11 | /** |
| 12 | * tomoyo_memory_free - Free memory for elements. |
| 13 | * |
| 14 | * @ptr: Pointer to allocated memory. |
| 15 | * |
| 16 | * Returns nothing. |
| 17 | * |
| 18 | * Caller holds tomoyo_policy_lock mutex. |
| 19 | */ |
| 20 | static inline void tomoyo_memory_free(void *ptr) |
| 21 | { |
| 22 | tomoyo_memory_used[TOMOYO_MEMORY_POLICY] -= ksize(ptr); |
| 23 | kfree(ptr); |
| 24 | } |
| 25 | |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 26 | /* The list for "struct tomoyo_io_buffer". */ |
| 27 | static LIST_HEAD(tomoyo_io_buffer_list); |
| 28 | /* Lock for protecting tomoyo_io_buffer_list. */ |
| 29 | static DEFINE_SPINLOCK(tomoyo_io_buffer_list_lock); |
| 30 | |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 31 | /** |
| 32 | * tomoyo_struct_used_by_io_buffer - Check whether the list element is used by /sys/kernel/security/tomoyo/ users or not. |
| 33 | * |
| 34 | * @element: Pointer to "struct list_head". |
| 35 | * |
| 36 | * Returns true if @element is used by /sys/kernel/security/tomoyo/ users, |
| 37 | * false otherwise. |
| 38 | */ |
| 39 | static bool tomoyo_struct_used_by_io_buffer(const struct list_head *element) |
| 40 | { |
| 41 | struct tomoyo_io_buffer *head; |
| 42 | bool in_use = false; |
| 43 | |
| 44 | spin_lock(&tomoyo_io_buffer_list_lock); |
| 45 | list_for_each_entry(head, &tomoyo_io_buffer_list, list) { |
| 46 | head->users++; |
| 47 | spin_unlock(&tomoyo_io_buffer_list_lock); |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 48 | mutex_lock(&head->io_sem); |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 49 | if (head->r.domain == element || head->r.group == element || |
| 50 | head->r.acl == element || &head->w.domain->list == element) |
| 51 | in_use = true; |
| 52 | mutex_unlock(&head->io_sem); |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 53 | spin_lock(&tomoyo_io_buffer_list_lock); |
| 54 | head->users--; |
| 55 | if (in_use) |
| 56 | break; |
| 57 | } |
| 58 | spin_unlock(&tomoyo_io_buffer_list_lock); |
| 59 | return in_use; |
| 60 | } |
| 61 | |
| 62 | /** |
| 63 | * tomoyo_name_used_by_io_buffer - Check whether the string is used by /sys/kernel/security/tomoyo/ users or not. |
| 64 | * |
| 65 | * @string: String to check. |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 66 | * |
| 67 | * Returns true if @string is used by /sys/kernel/security/tomoyo/ users, |
| 68 | * false otherwise. |
| 69 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 70 | static bool tomoyo_name_used_by_io_buffer(const char *string) |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 71 | { |
| 72 | struct tomoyo_io_buffer *head; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 73 | const size_t size = strlen(string) + 1; |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 74 | bool in_use = false; |
| 75 | |
| 76 | spin_lock(&tomoyo_io_buffer_list_lock); |
| 77 | list_for_each_entry(head, &tomoyo_io_buffer_list, list) { |
| 78 | int i; |
| 79 | head->users++; |
| 80 | spin_unlock(&tomoyo_io_buffer_list_lock); |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 81 | mutex_lock(&head->io_sem); |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 82 | for (i = 0; i < TOMOYO_MAX_IO_READ_QUEUE; i++) { |
| 83 | const char *w = head->r.w[i]; |
| 84 | if (w < string || w > string + size) |
| 85 | continue; |
| 86 | in_use = true; |
| 87 | break; |
| 88 | } |
| 89 | mutex_unlock(&head->io_sem); |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 90 | spin_lock(&tomoyo_io_buffer_list_lock); |
| 91 | head->users--; |
| 92 | if (in_use) |
| 93 | break; |
| 94 | } |
| 95 | spin_unlock(&tomoyo_io_buffer_list_lock); |
| 96 | return in_use; |
| 97 | } |
| 98 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 99 | /** |
| 100 | * tomoyo_del_transition_control - Delete members in "struct tomoyo_transition_control". |
| 101 | * |
| 102 | * @element: Pointer to "struct list_head". |
| 103 | * |
| 104 | * Returns nothing. |
| 105 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 106 | static inline void tomoyo_del_transition_control(struct list_head *element) |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 107 | { |
Tetsuo Handa | 5448ec4 | 2010-06-21 11:14:39 +0900 | [diff] [blame] | 108 | struct tomoyo_transition_control *ptr = |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 109 | container_of(element, typeof(*ptr), head.list); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 110 | tomoyo_put_name(ptr->domainname); |
| 111 | tomoyo_put_name(ptr->program); |
| 112 | } |
| 113 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 114 | /** |
| 115 | * tomoyo_del_aggregator - Delete members in "struct tomoyo_aggregator". |
| 116 | * |
| 117 | * @element: Pointer to "struct list_head". |
| 118 | * |
| 119 | * Returns nothing. |
| 120 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 121 | static inline void tomoyo_del_aggregator(struct list_head *element) |
Tetsuo Handa | 1084307 | 2010-06-03 20:38:03 +0900 | [diff] [blame] | 122 | { |
Tetsuo Handa | e2bf690 | 2010-06-25 11:16:00 +0900 | [diff] [blame] | 123 | struct tomoyo_aggregator *ptr = |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 124 | container_of(element, typeof(*ptr), head.list); |
Tetsuo Handa | 1084307 | 2010-06-03 20:38:03 +0900 | [diff] [blame] | 125 | tomoyo_put_name(ptr->original_name); |
| 126 | tomoyo_put_name(ptr->aggregated_name); |
| 127 | } |
| 128 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 129 | /** |
| 130 | * tomoyo_del_manager - Delete members in "struct tomoyo_manager". |
| 131 | * |
| 132 | * @element: Pointer to "struct list_head". |
| 133 | * |
| 134 | * Returns nothing. |
| 135 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 136 | static inline void tomoyo_del_manager(struct list_head *element) |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 137 | { |
Tetsuo Handa | e2bf690 | 2010-06-25 11:16:00 +0900 | [diff] [blame] | 138 | struct tomoyo_manager *ptr = |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 139 | container_of(element, typeof(*ptr), head.list); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 140 | tomoyo_put_name(ptr->manager); |
| 141 | } |
| 142 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 143 | /** |
| 144 | * tomoyo_del_acl - Delete members in "struct tomoyo_acl_info". |
| 145 | * |
| 146 | * @element: Pointer to "struct list_head". |
| 147 | * |
| 148 | * Returns nothing. |
| 149 | */ |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 150 | static void tomoyo_del_acl(struct list_head *element) |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 151 | { |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 152 | struct tomoyo_acl_info *acl = |
| 153 | container_of(element, typeof(*acl), list); |
Tetsuo Handa | 2066a36 | 2011-07-08 13:21:37 +0900 | [diff] [blame] | 154 | tomoyo_put_condition(acl->cond); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 155 | switch (acl->type) { |
Tetsuo Handa | 7ef6123 | 2010-02-16 08:03:30 +0900 | [diff] [blame] | 156 | case TOMOYO_TYPE_PATH_ACL: |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 157 | { |
Tetsuo Handa | 7ef6123 | 2010-02-16 08:03:30 +0900 | [diff] [blame] | 158 | struct tomoyo_path_acl *entry |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 159 | = container_of(acl, typeof(*entry), head); |
Tetsuo Handa | 7762fbf | 2010-05-10 17:30:26 +0900 | [diff] [blame] | 160 | tomoyo_put_name_union(&entry->name); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 161 | } |
| 162 | break; |
Tetsuo Handa | 7ef6123 | 2010-02-16 08:03:30 +0900 | [diff] [blame] | 163 | case TOMOYO_TYPE_PATH2_ACL: |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 164 | { |
Tetsuo Handa | 7ef6123 | 2010-02-16 08:03:30 +0900 | [diff] [blame] | 165 | struct tomoyo_path2_acl *entry |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 166 | = container_of(acl, typeof(*entry), head); |
Tetsuo Handa | 7762fbf | 2010-05-10 17:30:26 +0900 | [diff] [blame] | 167 | tomoyo_put_name_union(&entry->name1); |
| 168 | tomoyo_put_name_union(&entry->name2); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 169 | } |
| 170 | break; |
Tetsuo Handa | a1f9bb6 | 2010-05-17 10:09:15 +0900 | [diff] [blame] | 171 | case TOMOYO_TYPE_PATH_NUMBER_ACL: |
| 172 | { |
| 173 | struct tomoyo_path_number_acl *entry |
| 174 | = container_of(acl, typeof(*entry), head); |
| 175 | tomoyo_put_name_union(&entry->name); |
| 176 | tomoyo_put_number_union(&entry->number); |
| 177 | } |
| 178 | break; |
Tetsuo Handa | 7509315 | 2010-06-16 16:23:55 +0900 | [diff] [blame] | 179 | case TOMOYO_TYPE_MKDEV_ACL: |
Tetsuo Handa | a1f9bb6 | 2010-05-17 10:09:15 +0900 | [diff] [blame] | 180 | { |
Tetsuo Handa | 7509315 | 2010-06-16 16:23:55 +0900 | [diff] [blame] | 181 | struct tomoyo_mkdev_acl *entry |
Tetsuo Handa | a1f9bb6 | 2010-05-17 10:09:15 +0900 | [diff] [blame] | 182 | = container_of(acl, typeof(*entry), head); |
| 183 | tomoyo_put_name_union(&entry->name); |
| 184 | tomoyo_put_number_union(&entry->mode); |
| 185 | tomoyo_put_number_union(&entry->major); |
| 186 | tomoyo_put_number_union(&entry->minor); |
| 187 | } |
| 188 | break; |
Tetsuo Handa | 2106ccd | 2010-05-17 10:10:31 +0900 | [diff] [blame] | 189 | case TOMOYO_TYPE_MOUNT_ACL: |
| 190 | { |
| 191 | struct tomoyo_mount_acl *entry |
| 192 | = container_of(acl, typeof(*entry), head); |
| 193 | tomoyo_put_name_union(&entry->dev_name); |
| 194 | tomoyo_put_name_union(&entry->dir_name); |
| 195 | tomoyo_put_name_union(&entry->fs_type); |
| 196 | tomoyo_put_number_union(&entry->flags); |
| 197 | } |
| 198 | break; |
Tetsuo Handa | d58e0da | 2011-09-10 15:22:48 +0900 | [diff] [blame] | 199 | case TOMOYO_TYPE_ENV_ACL: |
| 200 | { |
| 201 | struct tomoyo_env_acl *entry = |
| 202 | container_of(acl, typeof(*entry), head); |
| 203 | |
| 204 | tomoyo_put_name(entry->env); |
| 205 | } |
| 206 | break; |
Tetsuo Handa | 059d84d | 2011-09-10 15:23:54 +0900 | [diff] [blame] | 207 | case TOMOYO_TYPE_INET_ACL: |
| 208 | { |
| 209 | struct tomoyo_inet_acl *entry = |
| 210 | container_of(acl, typeof(*entry), head); |
| 211 | |
| 212 | tomoyo_put_group(entry->address.group); |
| 213 | tomoyo_put_number_union(&entry->port); |
| 214 | } |
| 215 | break; |
| 216 | case TOMOYO_TYPE_UNIX_ACL: |
| 217 | { |
| 218 | struct tomoyo_unix_acl *entry = |
| 219 | container_of(acl, typeof(*entry), head); |
| 220 | |
| 221 | tomoyo_put_name_union(&entry->name); |
| 222 | } |
| 223 | break; |
Tetsuo Handa | 545a726 | 2011-10-11 14:06:41 +0900 | [diff] [blame] | 224 | case TOMOYO_TYPE_MANUAL_TASK_ACL: |
| 225 | { |
| 226 | struct tomoyo_task_acl *entry = |
| 227 | container_of(acl, typeof(*entry), head); |
| 228 | tomoyo_put_name(entry->domainname); |
| 229 | } |
| 230 | break; |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 231 | } |
| 232 | } |
| 233 | |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 234 | /** |
| 235 | * tomoyo_del_domain - Delete members in "struct tomoyo_domain_info". |
| 236 | * |
| 237 | * @element: Pointer to "struct list_head". |
| 238 | * |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 239 | * Returns nothing. |
Tetsuo Handa | a427fd1 | 2011-09-25 17:51:06 +0900 | [diff] [blame] | 240 | * |
| 241 | * Caller holds tomoyo_policy_lock mutex. |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 242 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 243 | static inline void tomoyo_del_domain(struct list_head *element) |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 244 | { |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 245 | struct tomoyo_domain_info *domain = |
| 246 | container_of(element, typeof(*domain), list); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 247 | struct tomoyo_acl_info *acl; |
| 248 | struct tomoyo_acl_info *tmp; |
| 249 | /* |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 250 | * Since this domain is referenced from neither |
| 251 | * "struct tomoyo_io_buffer" nor "struct cred"->security, we can delete |
| 252 | * elements without checking for is_deleted flag. |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 253 | */ |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 254 | list_for_each_entry_safe(acl, tmp, &domain->acl_info_list, list) { |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 255 | tomoyo_del_acl(&acl->list); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 256 | tomoyo_memory_free(acl); |
| 257 | } |
| 258 | tomoyo_put_name(domain->domainname); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 259 | } |
| 260 | |
Tetsuo Handa | 2066a36 | 2011-07-08 13:21:37 +0900 | [diff] [blame] | 261 | /** |
| 262 | * tomoyo_del_condition - Delete members in "struct tomoyo_condition". |
| 263 | * |
| 264 | * @element: Pointer to "struct list_head". |
| 265 | * |
| 266 | * Returns nothing. |
| 267 | */ |
| 268 | void tomoyo_del_condition(struct list_head *element) |
| 269 | { |
| 270 | struct tomoyo_condition *cond = container_of(element, typeof(*cond), |
| 271 | head.list); |
| 272 | const u16 condc = cond->condc; |
| 273 | const u16 numbers_count = cond->numbers_count; |
Tetsuo Handa | 2ca9bf4 | 2011-07-08 13:23:44 +0900 | [diff] [blame] | 274 | const u16 names_count = cond->names_count; |
Tetsuo Handa | 5b63685 | 2011-07-08 13:24:54 +0900 | [diff] [blame] | 275 | const u16 argc = cond->argc; |
| 276 | const u16 envc = cond->envc; |
Tetsuo Handa | 2066a36 | 2011-07-08 13:21:37 +0900 | [diff] [blame] | 277 | unsigned int i; |
| 278 | const struct tomoyo_condition_element *condp |
| 279 | = (const struct tomoyo_condition_element *) (cond + 1); |
| 280 | struct tomoyo_number_union *numbers_p |
| 281 | = (struct tomoyo_number_union *) (condp + condc); |
Tetsuo Handa | 2ca9bf4 | 2011-07-08 13:23:44 +0900 | [diff] [blame] | 282 | struct tomoyo_name_union *names_p |
| 283 | = (struct tomoyo_name_union *) (numbers_p + numbers_count); |
Tetsuo Handa | 5b63685 | 2011-07-08 13:24:54 +0900 | [diff] [blame] | 284 | const struct tomoyo_argv *argv |
| 285 | = (const struct tomoyo_argv *) (names_p + names_count); |
| 286 | const struct tomoyo_envp *envp |
| 287 | = (const struct tomoyo_envp *) (argv + argc); |
Tetsuo Handa | 2066a36 | 2011-07-08 13:21:37 +0900 | [diff] [blame] | 288 | for (i = 0; i < numbers_count; i++) |
| 289 | tomoyo_put_number_union(numbers_p++); |
Tetsuo Handa | 2ca9bf4 | 2011-07-08 13:23:44 +0900 | [diff] [blame] | 290 | for (i = 0; i < names_count; i++) |
| 291 | tomoyo_put_name_union(names_p++); |
Tetsuo Handa | 5b63685 | 2011-07-08 13:24:54 +0900 | [diff] [blame] | 292 | for (i = 0; i < argc; argv++, i++) |
| 293 | tomoyo_put_name(argv->value); |
| 294 | for (i = 0; i < envc; envp++, i++) { |
| 295 | tomoyo_put_name(envp->name); |
| 296 | tomoyo_put_name(envp->value); |
| 297 | } |
Tetsuo Handa | 2066a36 | 2011-07-08 13:21:37 +0900 | [diff] [blame] | 298 | } |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 299 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 300 | /** |
| 301 | * tomoyo_del_name - Delete members in "struct tomoyo_name". |
| 302 | * |
| 303 | * @element: Pointer to "struct list_head". |
| 304 | * |
| 305 | * Returns nothing. |
| 306 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 307 | static inline void tomoyo_del_name(struct list_head *element) |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 308 | { |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 309 | /* Nothing to do. */ |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 310 | } |
| 311 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 312 | /** |
| 313 | * tomoyo_del_path_group - Delete members in "struct tomoyo_path_group". |
| 314 | * |
| 315 | * @element: Pointer to "struct list_head". |
| 316 | * |
| 317 | * Returns nothing. |
| 318 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 319 | static inline void tomoyo_del_path_group(struct list_head *element) |
Tetsuo Handa | 7762fbf | 2010-05-10 17:30:26 +0900 | [diff] [blame] | 320 | { |
Tetsuo Handa | a98aa4d | 2010-06-17 16:52:29 +0900 | [diff] [blame] | 321 | struct tomoyo_path_group *member = |
Tetsuo Handa | e79acf0 | 2010-06-16 16:31:50 +0900 | [diff] [blame] | 322 | container_of(element, typeof(*member), head.list); |
Tetsuo Handa | 7762fbf | 2010-05-10 17:30:26 +0900 | [diff] [blame] | 323 | tomoyo_put_name(member->member_name); |
| 324 | } |
| 325 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 326 | /** |
| 327 | * tomoyo_del_group - Delete "struct tomoyo_group". |
| 328 | * |
| 329 | * @element: Pointer to "struct list_head". |
| 330 | * |
| 331 | * Returns nothing. |
| 332 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 333 | static inline void tomoyo_del_group(struct list_head *element) |
Tetsuo Handa | 7762fbf | 2010-05-10 17:30:26 +0900 | [diff] [blame] | 334 | { |
Tetsuo Handa | a98aa4d | 2010-06-17 16:52:29 +0900 | [diff] [blame] | 335 | struct tomoyo_group *group = |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 336 | container_of(element, typeof(*group), head.list); |
Tetsuo Handa | 7762fbf | 2010-05-10 17:30:26 +0900 | [diff] [blame] | 337 | tomoyo_put_name(group->group_name); |
| 338 | } |
| 339 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 340 | /** |
Tetsuo Handa | 059d84d | 2011-09-10 15:23:54 +0900 | [diff] [blame] | 341 | * tomoyo_del_address_group - Delete members in "struct tomoyo_address_group". |
| 342 | * |
| 343 | * @element: Pointer to "struct list_head". |
| 344 | * |
| 345 | * Returns nothing. |
| 346 | */ |
| 347 | static inline void tomoyo_del_address_group(struct list_head *element) |
| 348 | { |
| 349 | /* Nothing to do. */ |
| 350 | } |
| 351 | |
| 352 | /** |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 353 | * tomoyo_del_number_group - Delete members in "struct tomoyo_number_group". |
| 354 | * |
| 355 | * @element: Pointer to "struct list_head". |
| 356 | * |
| 357 | * Returns nothing. |
| 358 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 359 | static inline void tomoyo_del_number_group(struct list_head *element) |
Tetsuo Handa | 4c3e9e2 | 2010-05-17 10:06:58 +0900 | [diff] [blame] | 360 | { |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 361 | /* Nothing to do. */ |
| 362 | } |
| 363 | |
| 364 | /** |
| 365 | * tomoyo_try_to_gc - Try to kfree() an entry. |
| 366 | * |
| 367 | * @type: One of values in "enum tomoyo_policy_id". |
| 368 | * @element: Pointer to "struct list_head". |
| 369 | * |
| 370 | * Returns nothing. |
| 371 | * |
| 372 | * Caller holds tomoyo_policy_lock mutex. |
| 373 | */ |
| 374 | static void tomoyo_try_to_gc(const enum tomoyo_policy_id type, |
| 375 | struct list_head *element) |
| 376 | { |
| 377 | /* |
| 378 | * __list_del_entry() guarantees that the list element became no longer |
| 379 | * reachable from the list which the element was originally on (e.g. |
| 380 | * tomoyo_domain_list). Also, synchronize_srcu() guarantees that the |
| 381 | * list element became no longer referenced by syscall users. |
| 382 | */ |
| 383 | __list_del_entry(element); |
| 384 | mutex_unlock(&tomoyo_policy_lock); |
| 385 | synchronize_srcu(&tomoyo_ss); |
| 386 | /* |
| 387 | * However, there are two users which may still be using the list |
| 388 | * element. We need to defer until both users forget this element. |
| 389 | * |
| 390 | * Don't kfree() until "struct tomoyo_io_buffer"->r.{domain,group,acl} |
| 391 | * and "struct tomoyo_io_buffer"->w.domain forget this element. |
| 392 | */ |
| 393 | if (tomoyo_struct_used_by_io_buffer(element)) |
| 394 | goto reinject; |
| 395 | switch (type) { |
| 396 | case TOMOYO_ID_TRANSITION_CONTROL: |
| 397 | tomoyo_del_transition_control(element); |
| 398 | break; |
| 399 | case TOMOYO_ID_MANAGER: |
| 400 | tomoyo_del_manager(element); |
| 401 | break; |
| 402 | case TOMOYO_ID_AGGREGATOR: |
| 403 | tomoyo_del_aggregator(element); |
| 404 | break; |
| 405 | case TOMOYO_ID_GROUP: |
| 406 | tomoyo_del_group(element); |
| 407 | break; |
| 408 | case TOMOYO_ID_PATH_GROUP: |
| 409 | tomoyo_del_path_group(element); |
| 410 | break; |
| 411 | case TOMOYO_ID_ADDRESS_GROUP: |
| 412 | tomoyo_del_address_group(element); |
| 413 | break; |
| 414 | case TOMOYO_ID_NUMBER_GROUP: |
| 415 | tomoyo_del_number_group(element); |
| 416 | break; |
| 417 | case TOMOYO_ID_CONDITION: |
| 418 | tomoyo_del_condition(element); |
| 419 | break; |
| 420 | case TOMOYO_ID_NAME: |
| 421 | /* |
| 422 | * Don't kfree() until all "struct tomoyo_io_buffer"->r.w[] |
| 423 | * forget this element. |
| 424 | */ |
| 425 | if (tomoyo_name_used_by_io_buffer |
| 426 | (container_of(element, typeof(struct tomoyo_name), |
| 427 | head.list)->entry.name)) |
| 428 | goto reinject; |
| 429 | tomoyo_del_name(element); |
| 430 | break; |
| 431 | case TOMOYO_ID_ACL: |
| 432 | tomoyo_del_acl(element); |
| 433 | break; |
| 434 | case TOMOYO_ID_DOMAIN: |
| 435 | /* |
| 436 | * Don't kfree() until all "struct cred"->security forget this |
| 437 | * element. |
| 438 | */ |
| 439 | if (atomic_read(&container_of |
| 440 | (element, typeof(struct tomoyo_domain_info), |
| 441 | list)->users)) |
| 442 | goto reinject; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 443 | break; |
| 444 | case TOMOYO_MAX_POLICY: |
| 445 | break; |
| 446 | } |
| 447 | mutex_lock(&tomoyo_policy_lock); |
Tetsuo Handa | a427fd1 | 2011-09-25 17:51:06 +0900 | [diff] [blame] | 448 | if (type == TOMOYO_ID_DOMAIN) |
| 449 | tomoyo_del_domain(element); |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 450 | tomoyo_memory_free(element); |
| 451 | return; |
| 452 | reinject: |
| 453 | /* |
| 454 | * We can safely reinject this element here bacause |
| 455 | * (1) Appending list elements and removing list elements are protected |
| 456 | * by tomoyo_policy_lock mutex. |
| 457 | * (2) Only this function removes list elements and this function is |
| 458 | * exclusively executed by tomoyo_gc_mutex mutex. |
| 459 | * are true. |
| 460 | */ |
| 461 | mutex_lock(&tomoyo_policy_lock); |
| 462 | list_add_rcu(element, element->prev); |
Tetsuo Handa | 4c3e9e2 | 2010-05-17 10:06:58 +0900 | [diff] [blame] | 463 | } |
| 464 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 465 | /** |
| 466 | * tomoyo_collect_member - Delete elements with "struct tomoyo_acl_head". |
| 467 | * |
| 468 | * @id: One of values in "enum tomoyo_policy_id". |
| 469 | * @member_list: Pointer to "struct list_head". |
| 470 | * |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 471 | * Returns nothing. |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 472 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 473 | static void tomoyo_collect_member(const enum tomoyo_policy_id id, |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 474 | struct list_head *member_list) |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 475 | { |
| 476 | struct tomoyo_acl_head *member; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 477 | struct tomoyo_acl_head *tmp; |
| 478 | list_for_each_entry_safe(member, tmp, member_list, list) { |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 479 | if (!member->is_deleted) |
| 480 | continue; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 481 | member->is_deleted = TOMOYO_GC_IN_PROGRESS; |
| 482 | tomoyo_try_to_gc(id, &member->list); |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 483 | } |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 484 | } |
| 485 | |
Tetsuo Handa | 3299714 | 2011-06-26 23:19:28 +0900 | [diff] [blame] | 486 | /** |
| 487 | * tomoyo_collect_acl - Delete elements in "struct tomoyo_domain_info". |
| 488 | * |
| 489 | * @list: Pointer to "struct list_head". |
| 490 | * |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 491 | * Returns nothing. |
Tetsuo Handa | 3299714 | 2011-06-26 23:19:28 +0900 | [diff] [blame] | 492 | */ |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 493 | static void tomoyo_collect_acl(struct list_head *list) |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 494 | { |
| 495 | struct tomoyo_acl_info *acl; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 496 | struct tomoyo_acl_info *tmp; |
| 497 | list_for_each_entry_safe(acl, tmp, list, list) { |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 498 | if (!acl->is_deleted) |
| 499 | continue; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 500 | acl->is_deleted = TOMOYO_GC_IN_PROGRESS; |
| 501 | tomoyo_try_to_gc(TOMOYO_ID_ACL, &acl->list); |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 502 | } |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 503 | } |
| 504 | |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 505 | /** |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 506 | * tomoyo_collect_entry - Try to kfree() deleted elements. |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 507 | * |
| 508 | * Returns nothing. |
| 509 | */ |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 510 | static void tomoyo_collect_entry(void) |
| 511 | { |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 512 | int i; |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 513 | enum tomoyo_policy_id id; |
| 514 | struct tomoyo_policy_namespace *ns; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 515 | mutex_lock(&tomoyo_policy_lock); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 516 | { |
| 517 | struct tomoyo_domain_info *domain; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 518 | struct tomoyo_domain_info *tmp; |
| 519 | list_for_each_entry_safe(domain, tmp, &tomoyo_domain_list, |
| 520 | list) { |
| 521 | tomoyo_collect_acl(&domain->acl_info_list); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 522 | if (!domain->is_deleted || atomic_read(&domain->users)) |
| 523 | continue; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 524 | tomoyo_try_to_gc(TOMOYO_ID_DOMAIN, &domain->list); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 525 | } |
| 526 | } |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 527 | list_for_each_entry(ns, &tomoyo_namespace_list, namespace_list) { |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 528 | for (id = 0; id < TOMOYO_MAX_POLICY; id++) |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 529 | tomoyo_collect_member(id, &ns->policy_list[id]); |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 530 | for (i = 0; i < TOMOYO_MAX_ACL_GROUPS; i++) |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 531 | tomoyo_collect_acl(&ns->acl_group[i]); |
| 532 | } |
| 533 | { |
| 534 | struct tomoyo_shared_acl_head *ptr; |
| 535 | struct tomoyo_shared_acl_head *tmp; |
| 536 | list_for_each_entry_safe(ptr, tmp, &tomoyo_condition_list, |
| 537 | list) { |
| 538 | if (atomic_read(&ptr->users) > 0) |
| 539 | continue; |
| 540 | atomic_set(&ptr->users, TOMOYO_GC_IN_PROGRESS); |
| 541 | tomoyo_try_to_gc(TOMOYO_ID_CONDITION, &ptr->list); |
| 542 | } |
| 543 | } |
| 544 | list_for_each_entry(ns, &tomoyo_namespace_list, namespace_list) { |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 545 | for (i = 0; i < TOMOYO_MAX_GROUP; i++) { |
| 546 | struct list_head *list = &ns->group_list[i]; |
| 547 | struct tomoyo_group *group; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 548 | struct tomoyo_group *tmp; |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 549 | switch (i) { |
| 550 | case 0: |
| 551 | id = TOMOYO_ID_PATH_GROUP; |
| 552 | break; |
Tetsuo Handa | 059d84d | 2011-09-10 15:23:54 +0900 | [diff] [blame] | 553 | case 1: |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 554 | id = TOMOYO_ID_NUMBER_GROUP; |
| 555 | break; |
Tetsuo Handa | 059d84d | 2011-09-10 15:23:54 +0900 | [diff] [blame] | 556 | default: |
| 557 | id = TOMOYO_ID_ADDRESS_GROUP; |
| 558 | break; |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 559 | } |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 560 | list_for_each_entry_safe(group, tmp, list, head.list) { |
| 561 | tomoyo_collect_member(id, &group->member_list); |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 562 | if (!list_empty(&group->member_list) || |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 563 | atomic_read(&group->head.users) > 0) |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 564 | continue; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 565 | atomic_set(&group->head.users, |
| 566 | TOMOYO_GC_IN_PROGRESS); |
| 567 | tomoyo_try_to_gc(TOMOYO_ID_GROUP, |
| 568 | &group->head.list); |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 569 | } |
| 570 | } |
| 571 | } |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 572 | for (i = 0; i < TOMOYO_MAX_HASH; i++) { |
| 573 | struct list_head *list = &tomoyo_name_list[i]; |
Tetsuo Handa | bd03a3e | 2011-06-26 23:19:52 +0900 | [diff] [blame] | 574 | struct tomoyo_shared_acl_head *ptr; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 575 | struct tomoyo_shared_acl_head *tmp; |
| 576 | list_for_each_entry_safe(ptr, tmp, list, list) { |
| 577 | if (atomic_read(&ptr->users) > 0) |
Tetsuo Handa | d2f8b23 | 2010-06-15 10:10:37 +0900 | [diff] [blame] | 578 | continue; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 579 | atomic_set(&ptr->users, TOMOYO_GC_IN_PROGRESS); |
| 580 | tomoyo_try_to_gc(TOMOYO_ID_NAME, &ptr->list); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 581 | } |
| 582 | } |
Tetsuo Handa | 2928238 | 2010-05-06 00:18:15 +0900 | [diff] [blame] | 583 | mutex_unlock(&tomoyo_policy_lock); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 584 | } |
| 585 | |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 586 | /** |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 587 | * tomoyo_gc_thread - Garbage collector thread function. |
| 588 | * |
| 589 | * @unused: Unused. |
| 590 | * |
Tetsuo Handa | 0df7e8b | 2011-06-26 23:16:36 +0900 | [diff] [blame] | 591 | * Returns 0. |
| 592 | */ |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 593 | static int tomoyo_gc_thread(void *unused) |
| 594 | { |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 595 | /* Garbage collector thread is exclusive. */ |
| 596 | static DEFINE_MUTEX(tomoyo_gc_mutex); |
| 597 | if (!mutex_trylock(&tomoyo_gc_mutex)) |
| 598 | goto out; |
Tetsuo Handa | f9732ea | 2011-09-25 17:50:23 +0900 | [diff] [blame] | 599 | tomoyo_collect_entry(); |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 600 | { |
| 601 | struct tomoyo_io_buffer *head; |
| 602 | struct tomoyo_io_buffer *tmp; |
| 603 | |
| 604 | spin_lock(&tomoyo_io_buffer_list_lock); |
| 605 | list_for_each_entry_safe(head, tmp, &tomoyo_io_buffer_list, |
| 606 | list) { |
| 607 | if (head->users) |
| 608 | continue; |
| 609 | list_del(&head->list); |
| 610 | kfree(head->read_buf); |
| 611 | kfree(head->write_buf); |
| 612 | kfree(head); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 613 | } |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 614 | spin_unlock(&tomoyo_io_buffer_list_lock); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 615 | } |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 616 | mutex_unlock(&tomoyo_gc_mutex); |
| 617 | out: |
| 618 | /* This acts as do_exit(0). */ |
| 619 | return 0; |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 620 | } |
| 621 | |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 622 | /** |
| 623 | * tomoyo_notify_gc - Register/unregister /sys/kernel/security/tomoyo/ users. |
| 624 | * |
| 625 | * @head: Pointer to "struct tomoyo_io_buffer". |
| 626 | * @is_register: True if register, false if unregister. |
| 627 | * |
| 628 | * Returns nothing. |
| 629 | */ |
| 630 | void tomoyo_notify_gc(struct tomoyo_io_buffer *head, const bool is_register) |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 631 | { |
Tetsuo Handa | 2e503bb | 2011-06-26 23:20:55 +0900 | [diff] [blame] | 632 | bool is_write = false; |
| 633 | |
| 634 | spin_lock(&tomoyo_io_buffer_list_lock); |
| 635 | if (is_register) { |
| 636 | head->users = 1; |
| 637 | list_add(&head->list, &tomoyo_io_buffer_list); |
| 638 | } else { |
| 639 | is_write = head->write_buf != NULL; |
| 640 | if (!--head->users) { |
| 641 | list_del(&head->list); |
| 642 | kfree(head->read_buf); |
| 643 | kfree(head->write_buf); |
| 644 | kfree(head); |
| 645 | } |
| 646 | } |
| 647 | spin_unlock(&tomoyo_io_buffer_list_lock); |
Mike Danese | 40d2737 | 2016-05-19 21:37:53 -0700 | [diff] [blame] | 648 | if (is_write) |
| 649 | kthread_run(tomoyo_gc_thread, NULL, "GC for TOMOYO"); |
Tetsuo Handa | 847b173 | 2010-02-11 09:43:54 +0900 | [diff] [blame] | 650 | } |