Use shorter name in order to make it easier to fix 80 columns limit.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
struct tomoyo_policy_manager_entry e = { };
int error;
- if (tomoyo_is_domain_def(manager)) {
- if (!tomoyo_is_correct_domain(manager))
+ if (tomoyo_domain_def(manager)) {
+ if (!tomoyo_correct_domain(manager))
return -EINVAL;
e.is_domain = true;
} else {
- if (!tomoyo_is_correct_path(manager))
+ if (!tomoyo_correct_path(manager))
return -EINVAL;
}
e.manager = tomoyo_get_name(manager);
}
/**
- * tomoyo_is_policy_manager - Check whether the current process is a policy manager.
+ * tomoyo_policy_manager - Check whether the current process is a policy manager.
*
* Returns true if the current process is permitted to modify policy
* via /sys/kernel/security/tomoyo/ interface.
*
* Caller holds tomoyo_read_lock().
*/
-static bool tomoyo_is_policy_manager(void)
+static bool tomoyo_policy_manager(void)
{
struct tomoyo_policy_manager_entry *ptr;
const char *exe;
}
/**
- * tomoyo_is_select_one - Parse select command.
+ * tomoyo_select_one - Parse select command.
*
* @head: Pointer to "struct tomoyo_io_buffer".
* @data: String to parse.
*
* Caller holds tomoyo_read_lock().
*/
-static bool tomoyo_is_select_one(struct tomoyo_io_buffer *head,
+static bool tomoyo_select_one(struct tomoyo_io_buffer *head,
const char *data)
{
unsigned int pid;
read_unlock(&tasklist_lock);
rcu_read_unlock();
} else if (!strncmp(data, "domain=", 7)) {
- if (tomoyo_is_domain_def(data + 7))
+ if (tomoyo_domain_def(data + 7))
domain = tomoyo_find_domain(data + 7);
} else
return false;
is_delete = true;
else if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_SELECT))
is_select = true;
- if (is_select && tomoyo_is_select_one(head, data))
+ if (is_select && tomoyo_select_one(head, data))
return 0;
/* Don't allow updating policies by non manager programs. */
- if (!tomoyo_is_policy_manager())
+ if (!tomoyo_policy_manager())
return -EPERM;
- if (tomoyo_is_domain_def(data)) {
+ if (tomoyo_domain_def(data)) {
domain = NULL;
if (is_delete)
tomoyo_delete_domain(data);
}
/**
- * tomoyo_print_path_number3_acl - Print a path_number3 ACL entry.
+ * tomoyo_print_mkdev_acl - Print a mkdev ACL entry.
*
* @head: Pointer to "struct tomoyo_io_buffer".
- * @ptr: Pointer to "struct tomoyo_path_number3_acl".
+ * @ptr: Pointer to "struct tomoyo_mkdev_acl".
*
* Returns true on success, false otherwise.
*/
-static bool tomoyo_print_path_number3_acl(struct tomoyo_io_buffer *head,
- struct tomoyo_path_number3_acl *ptr)
+static bool tomoyo_print_mkdev_acl(struct tomoyo_io_buffer *head,
+ struct tomoyo_mkdev_acl *ptr)
{
int pos;
u8 bit;
const u16 perm = ptr->perm;
- for (bit = head->read_bit; bit < TOMOYO_MAX_PATH_NUMBER3_OPERATION;
+ for (bit = head->read_bit; bit < TOMOYO_MAX_MKDEV_OPERATION;
bit++) {
if (!(perm & (1 << bit)))
continue;
pos = head->read_avail;
if (!tomoyo_io_printf(head, "allow_%s",
- tomoyo_path_number32keyword(bit)) ||
+ tomoyo_mkdev2keyword(bit)) ||
!tomoyo_print_name_union(head, &ptr->name) ||
!tomoyo_print_number_union(head, &ptr->mode) ||
!tomoyo_print_number_union(head, &ptr->major) ||
head);
return tomoyo_print_path_number_acl(head, acl);
}
- if (acl_type == TOMOYO_TYPE_PATH_NUMBER3_ACL) {
- struct tomoyo_path_number3_acl *acl
- = container_of(ptr, struct tomoyo_path_number3_acl,
+ if (acl_type == TOMOYO_TYPE_MKDEV_ACL) {
+ struct tomoyo_mkdev_acl *acl
+ = container_of(ptr, struct tomoyo_mkdev_acl,
head);
- return tomoyo_print_path_number3_acl(head, acl);
+ return tomoyo_print_mkdev_acl(head, acl);
}
if (acl_type == TOMOYO_TYPE_MOUNT_ACL) {
struct tomoyo_mount_acl *acl
/* Don't allow updating policies by non manager programs. */
if (head->write != tomoyo_write_pid &&
head->write != tomoyo_write_domain_policy &&
- !tomoyo_is_policy_manager())
+ !tomoyo_policy_manager())
return -EPERM;
if (mutex_lock_interruptible(&head->io_sem))
return -EINTR;
TOMOYO_TYPE_PATH_ACL,
TOMOYO_TYPE_PATH2_ACL,
TOMOYO_TYPE_PATH_NUMBER_ACL,
- TOMOYO_TYPE_PATH_NUMBER3_ACL,
+ TOMOYO_TYPE_MKDEV_ACL,
TOMOYO_TYPE_MOUNT_ACL,
};
#define TOMOYO_RW_MASK ((1 << TOMOYO_TYPE_READ) | (1 << TOMOYO_TYPE_WRITE))
-enum tomoyo_path_number3_acl_index {
+enum tomoyo_mkdev_acl_index {
TOMOYO_TYPE_MKBLOCK,
TOMOYO_TYPE_MKCHAR,
- TOMOYO_MAX_PATH_NUMBER3_OPERATION
+ TOMOYO_MAX_MKDEV_OPERATION
};
enum tomoyo_path2_acl_index {
*
* Packing "struct tomoyo_acl_info" allows
* "struct tomoyo_path_acl" to embed "u16" and "struct tomoyo_path2_acl"
- * "struct tomoyo_path_number_acl" "struct tomoyo_path_number3_acl" to embed
+ * "struct tomoyo_path_number_acl" "struct tomoyo_mkdev_acl" to embed
* "u8" without enlarging their structure size.
*/
struct tomoyo_acl_info {
};
/*
- * tomoyo_path_number3_acl is a structure which is used for holding an
+ * tomoyo_mkdev_acl is a structure which is used for holding an
* entry with one pathname and three numbers operation.
* It has following fields.
*
* Directives held by this structure are "allow_mkchar", "allow_mkblock".
*
*/
-struct tomoyo_path_number3_acl {
- struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH_NUMBER3_ACL */
+struct tomoyo_mkdev_acl {
+ struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_MKDEV_ACL */
u8 perm;
struct tomoyo_name_union name;
struct tomoyo_number_union mode;
bool tomoyo_io_printf(struct tomoyo_io_buffer *head, const char *fmt, ...)
__attribute__ ((format(printf, 2, 3)));
/* Check whether the domainname is correct. */
-bool tomoyo_is_correct_domain(const unsigned char *domainname);
+bool tomoyo_correct_domain(const unsigned char *domainname);
/* Check whether the token is correct. */
-bool tomoyo_is_correct_path(const char *filename);
-bool tomoyo_is_correct_word(const char *string);
+bool tomoyo_correct_path(const char *filename);
+bool tomoyo_correct_word(const char *string);
/* Check whether the token can be a domainname. */
-bool tomoyo_is_domain_def(const unsigned char *buffer);
+bool tomoyo_domain_def(const unsigned char *buffer);
bool tomoyo_parse_name_union(const char *filename,
struct tomoyo_name_union *ptr);
/* Check whether the given filename matches the given path_group. */
/* Convert double path operation to operation name. */
const char *tomoyo_path22keyword(const u8 operation);
const char *tomoyo_path_number2keyword(const u8 operation);
-const char *tomoyo_path_number32keyword(const u8 operation);
+const char *tomoyo_mkdev2keyword(const u8 operation);
/* Get the last component of the given domainname. */
const char *tomoyo_get_last_name(const struct tomoyo_domain_info *domain);
/* Convert single path operation to operation name. */
struct path *path, const int flag);
int tomoyo_path_number_perm(const u8 operation, struct path *path,
unsigned long number);
-int tomoyo_path_number3_perm(const u8 operation, struct path *path,
- const unsigned int mode, unsigned int dev);
+int tomoyo_mkdev_perm(const u8 operation, struct path *path,
+ const unsigned int mode, unsigned int dev);
int tomoyo_path_perm(const u8 operation, struct path *path);
int tomoyo_path2_perm(const u8 operation, struct path *path1,
struct path *path2);
}
/**
- * tomoyo_is_valid - Check whether the character is a valid char.
+ * tomoyo_valid - Check whether the character is a valid char.
*
* @c: The character to check.
*
* Returns true if @c is a valid character, false otherwise.
*/
-static inline bool tomoyo_is_valid(const unsigned char c)
+static inline bool tomoyo_valid(const unsigned char c)
{
return c > ' ' && c < 127;
}
/**
- * tomoyo_is_invalid - Check whether the character is an invalid char.
+ * tomoyo_invalid - Check whether the character is an invalid char.
*
* @c: The character to check.
*
* Returns true if @c is an invalid character, false otherwise.
*/
-static inline bool tomoyo_is_invalid(const unsigned char c)
+static inline bool tomoyo_invalid(const unsigned char c)
{
return c && (c <= ' ' || c >= 127);
}
return task_cred_xxx(task, security);
}
-static inline bool tomoyo_is_same_acl_head(const struct tomoyo_acl_info *p1,
+static inline bool tomoyo_same_acl_head(const struct tomoyo_acl_info *p1,
const struct tomoyo_acl_info *p2)
{
return p1->type == p2->type;
}
-static inline bool tomoyo_is_same_name_union
+static inline bool tomoyo_same_name_union
(const struct tomoyo_name_union *p1, const struct tomoyo_name_union *p2)
{
return p1->filename == p2->filename && p1->group == p2->group &&
p1->is_group == p2->is_group;
}
-static inline bool tomoyo_is_same_number_union
+static inline bool tomoyo_same_number_union
(const struct tomoyo_number_union *p1, const struct tomoyo_number_union *p2)
{
return p1->values[0] == p2->values[0] && p1->values[1] == p2->values[1]
struct tomoyo_domain_initializer_entry e = { .is_not = is_not };
int error = is_delete ? -ENOENT : -ENOMEM;
- if (!tomoyo_is_correct_path(program))
+ if (!tomoyo_correct_path(program))
return -EINVAL;
if (domainname) {
- if (!tomoyo_is_domain_def(domainname) &&
- tomoyo_is_correct_path(domainname))
+ if (!tomoyo_domain_def(domainname) &&
+ tomoyo_correct_path(domainname))
e.is_last_name = true;
- else if (!tomoyo_is_correct_domain(domainname))
+ else if (!tomoyo_correct_domain(domainname))
return -EINVAL;
e.domainname = tomoyo_get_name(domainname);
if (!e.domainname)
}
/**
- * tomoyo_is_domain_initializer - Check whether the given program causes domainname reinitialization.
+ * tomoyo_domain_initializer - Check whether the given program causes domainname reinitialization.
*
* @domainname: The name of domain.
* @program: The name of program.
*
* Caller holds tomoyo_read_lock().
*/
-static bool tomoyo_is_domain_initializer(const struct tomoyo_path_info *
+static bool tomoyo_domain_initializer(const struct tomoyo_path_info *
domainname,
const struct tomoyo_path_info *program,
const struct tomoyo_path_info *
struct tomoyo_domain_keeper_entry e = { .is_not = is_not };
int error = is_delete ? -ENOENT : -ENOMEM;
- if (!tomoyo_is_domain_def(domainname) &&
- tomoyo_is_correct_path(domainname))
+ if (!tomoyo_domain_def(domainname) &&
+ tomoyo_correct_path(domainname))
e.is_last_name = true;
- else if (!tomoyo_is_correct_domain(domainname))
+ else if (!tomoyo_correct_domain(domainname))
return -EINVAL;
if (program) {
- if (!tomoyo_is_correct_path(program))
+ if (!tomoyo_correct_path(program))
return -EINVAL;
e.program = tomoyo_get_name(program);
if (!e.program)
}
/**
- * tomoyo_is_domain_keeper - Check whether the given program causes domain transition suppression.
+ * tomoyo_domain_keeper - Check whether the given program causes domain transition suppression.
*
* @domainname: The name of domain.
* @program: The name of program.
*
* Caller holds tomoyo_read_lock().
*/
-static bool tomoyo_is_domain_keeper(const struct tomoyo_path_info *domainname,
+static bool tomoyo_domain_keeper(const struct tomoyo_path_info *domainname,
const struct tomoyo_path_info *program,
const struct tomoyo_path_info *last_name)
{
struct tomoyo_aggregator_entry e = { };
int error = is_delete ? -ENOENT : -ENOMEM;
- if (!tomoyo_is_correct_path(original_name) ||
- !tomoyo_is_correct_path(aggregated_name))
+ if (!tomoyo_correct_path(original_name) ||
+ !tomoyo_correct_path(aggregated_name))
return -EINVAL;
e.original_name = tomoyo_get_name(original_name);
e.aggregated_name = tomoyo_get_name(aggregated_name);
struct tomoyo_alias_entry e = { };
int error = is_delete ? -ENOENT : -ENOMEM;
- if (!tomoyo_is_correct_path(original_name) ||
- !tomoyo_is_correct_path(aliased_name))
+ if (!tomoyo_correct_path(original_name) ||
+ !tomoyo_correct_path(aliased_name))
return -EINVAL;
e.original_name = tomoyo_get_name(original_name);
e.aliased_name = tomoyo_get_name(aliased_name);
const struct tomoyo_path_info *saved_domainname;
bool found = false;
- if (!tomoyo_is_correct_domain(domainname))
+ if (!tomoyo_correct_domain(domainname))
return NULL;
saved_domainname = tomoyo_get_name(domainname);
if (!saved_domainname)
if (retval < 0)
goto out;
- if (tomoyo_is_domain_initializer(old_domain->domainname, &rn, &ln)) {
+ if (tomoyo_domain_initializer(old_domain->domainname, &rn, &ln)) {
/* Transit to the child of tomoyo_kernel_domain domain. */
snprintf(tmp, TOMOYO_EXEC_TMPSIZE - 1,
TOMOYO_ROOT_NAME " " "%s", rn.name);
* initializers because they might start before /sbin/init.
*/
domain = old_domain;
- } else if (tomoyo_is_domain_keeper(old_domain->domainname, &rn, &ln)) {
+ } else if (tomoyo_domain_keeper(old_domain->domainname, &rn, &ln)) {
/* Keep current domain. */
domain = old_domain;
} else {
};
/* Keyword array for operations with one pathname and three numbers. */
-static const char *tomoyo_path_number3_keyword
-[TOMOYO_MAX_PATH_NUMBER3_OPERATION] = {
+static const char *tomoyo_mkdev_keyword
+[TOMOYO_MAX_MKDEV_OPERATION] = {
[TOMOYO_TYPE_MKBLOCK] = "mkblock",
[TOMOYO_TYPE_MKCHAR] = "mkchar",
};
[TOMOYO_TYPE_UMOUNT] = TOMOYO_MAC_FILE_UMOUNT,
};
-static const u8 tomoyo_pnnn2mac[TOMOYO_MAX_PATH_NUMBER3_OPERATION] = {
+static const u8 tomoyo_pnnn2mac[TOMOYO_MAX_MKDEV_OPERATION] = {
[TOMOYO_TYPE_MKBLOCK] = TOMOYO_MAC_FILE_MKBLOCK,
[TOMOYO_TYPE_MKCHAR] = TOMOYO_MAC_FILE_MKCHAR,
};
}
/**
- * tomoyo_path_number32keyword - Get the name of path/number/number/number operations.
+ * tomoyo_mkdev2keyword - Get the name of path/number/number/number operations.
*
* @operation: Type of operation.
*
* Returns the name of path/number/number/number operation.
*/
-const char *tomoyo_path_number32keyword(const u8 operation)
+const char *tomoyo_mkdev2keyword(const u8 operation)
{
- return (operation < TOMOYO_MAX_PATH_NUMBER3_OPERATION)
- ? tomoyo_path_number3_keyword[operation] : NULL;
+ return (operation < TOMOYO_MAX_MKDEV_OPERATION)
+ ? tomoyo_mkdev_keyword[operation] : NULL;
}
/**
*/
static int tomoyo_audit_mkdev_log(struct tomoyo_request_info *r)
{
- const char *operation = tomoyo_path_number32keyword(r->param.mkdev.
+ const char *operation = tomoyo_mkdev2keyword(r->param.mkdev.
operation);
const struct tomoyo_path_info *filename = r->param.mkdev.filename;
const unsigned int major = r->param.mkdev.major;
struct tomoyo_globally_readable_file_entry e = { };
int error;
- if (!tomoyo_is_correct_word(filename))
+ if (!tomoyo_correct_word(filename))
return -EINVAL;
e.filename = tomoyo_get_name(filename);
if (!e.filename)
}
/**
- * tomoyo_is_globally_readable_file - Check if the file is unconditionnaly permitted to be open()ed for reading.
+ * tomoyo_globally_readable_file - Check if the file is unconditionnaly permitted to be open()ed for reading.
*
* @filename: The filename to check.
*
*
* Caller holds tomoyo_read_lock().
*/
-static bool tomoyo_is_globally_readable_file(const struct tomoyo_path_info *
+static bool tomoyo_globally_readable_file(const struct tomoyo_path_info *
filename)
{
struct tomoyo_globally_readable_file_entry *ptr;
struct tomoyo_pattern_entry e = { };
int error;
- if (!tomoyo_is_correct_word(pattern))
+ if (!tomoyo_correct_word(pattern))
return -EINVAL;
e.pattern = tomoyo_get_name(pattern);
if (!e.pattern)
struct tomoyo_no_rewrite_entry e = { };
int error;
- if (!tomoyo_is_correct_word(pattern))
+ if (!tomoyo_correct_word(pattern))
return -EINVAL;
e.pattern = tomoyo_get_name(pattern);
if (!e.pattern)
}
/**
- * tomoyo_is_no_rewrite_file - Check if the given pathname is not permitted to be rewrited.
+ * tomoyo_no_rewrite_file - Check if the given pathname is not permitted to be rewrited.
*
* @filename: Filename to check.
*
*
* Caller holds tomoyo_read_lock().
*/
-static bool tomoyo_is_no_rewrite_file(const struct tomoyo_path_info *filename)
+static bool tomoyo_no_rewrite_file(const struct tomoyo_path_info *filename)
{
struct tomoyo_no_rewrite_entry *ptr;
bool found = false;
static bool tomoyo_check_mkdev_acl(const struct tomoyo_request_info *r,
const struct tomoyo_acl_info *ptr)
{
- const struct tomoyo_path_number3_acl *acl =
+ const struct tomoyo_mkdev_acl *acl =
container_of(ptr, typeof(*acl), head);
return (acl->perm & (1 << r->param.mkdev.operation)) &&
tomoyo_compare_number_union(r->param.mkdev.mode,
{
const struct tomoyo_path_acl *p1 = container_of(a, typeof(*p1), head);
const struct tomoyo_path_acl *p2 = container_of(b, typeof(*p2), head);
- return tomoyo_is_same_acl_head(&p1->head, &p2->head) &&
- tomoyo_is_same_name_union(&p1->name, &p2->name);
+ return tomoyo_same_acl_head(&p1->head, &p2->head) &&
+ tomoyo_same_name_union(&p1->name, &p2->name);
}
static bool tomoyo_merge_path_acl(struct tomoyo_acl_info *a,
return error;
}
-static bool tomoyo_same_path_number3_acl(const struct tomoyo_acl_info *a,
+static bool tomoyo_same_mkdev_acl(const struct tomoyo_acl_info *a,
const struct tomoyo_acl_info *b)
{
- const struct tomoyo_path_number3_acl *p1 = container_of(a, typeof(*p1),
+ const struct tomoyo_mkdev_acl *p1 = container_of(a, typeof(*p1),
head);
- const struct tomoyo_path_number3_acl *p2 = container_of(b, typeof(*p2),
+ const struct tomoyo_mkdev_acl *p2 = container_of(b, typeof(*p2),
head);
- return tomoyo_is_same_acl_head(&p1->head, &p2->head)
- && tomoyo_is_same_name_union(&p1->name, &p2->name)
- && tomoyo_is_same_number_union(&p1->mode, &p2->mode)
- && tomoyo_is_same_number_union(&p1->major, &p2->major)
- && tomoyo_is_same_number_union(&p1->minor, &p2->minor);
+ return tomoyo_same_acl_head(&p1->head, &p2->head)
+ && tomoyo_same_name_union(&p1->name, &p2->name)
+ && tomoyo_same_number_union(&p1->mode, &p2->mode)
+ && tomoyo_same_number_union(&p1->major, &p2->major)
+ && tomoyo_same_number_union(&p1->minor, &p2->minor);
}
-static bool tomoyo_merge_path_number3_acl(struct tomoyo_acl_info *a,
+static bool tomoyo_merge_mkdev_acl(struct tomoyo_acl_info *a,
struct tomoyo_acl_info *b,
const bool is_delete)
{
- u8 *const a_perm = &container_of(a, struct tomoyo_path_number3_acl,
+ u8 *const a_perm = &container_of(a, struct tomoyo_mkdev_acl,
head)->perm;
u8 perm = *a_perm;
- const u8 b_perm = container_of(b, struct tomoyo_path_number3_acl, head)
+ const u8 b_perm = container_of(b, struct tomoyo_mkdev_acl, head)
->perm;
if (is_delete)
perm &= ~b_perm;
}
/**
- * tomoyo_update_path_number3_acl - Update "struct tomoyo_path_number3_acl" list.
+ * tomoyo_update_mkdev_acl - Update "struct tomoyo_mkdev_acl" list.
*
* @type: Type of operation.
* @filename: Filename.
*
* Caller holds tomoyo_read_lock().
*/
-static int tomoyo_update_path_number3_acl(const u8 type, const char *filename,
+static int tomoyo_update_mkdev_acl(const u8 type, const char *filename,
char *mode, char *major, char *minor,
struct tomoyo_domain_info * const
domain, const bool is_delete)
{
- struct tomoyo_path_number3_acl e = {
- .head.type = TOMOYO_TYPE_PATH_NUMBER3_ACL,
+ struct tomoyo_mkdev_acl e = {
+ .head.type = TOMOYO_TYPE_MKDEV_ACL,
.perm = 1 << type
};
int error = is_delete ? -ENOENT : -ENOMEM;
!tomoyo_parse_number_union(minor, &e.minor))
goto out;
error = tomoyo_update_domain(&e.head, sizeof(e), is_delete, domain,
- tomoyo_same_path_number3_acl,
- tomoyo_merge_path_number3_acl);
+ tomoyo_same_mkdev_acl,
+ tomoyo_merge_mkdev_acl);
out:
tomoyo_put_name_union(&e.name);
tomoyo_put_number_union(&e.mode);
{
const struct tomoyo_path2_acl *p1 = container_of(a, typeof(*p1), head);
const struct tomoyo_path2_acl *p2 = container_of(b, typeof(*p2), head);
- return tomoyo_is_same_acl_head(&p1->head, &p2->head)
- && tomoyo_is_same_name_union(&p1->name1, &p2->name1)
- && tomoyo_is_same_name_union(&p1->name2, &p2->name2);
+ return tomoyo_same_acl_head(&p1->head, &p2->head)
+ && tomoyo_same_name_union(&p1->name1, &p2->name1)
+ && tomoyo_same_name_union(&p1->name2, &p2->name2);
}
static bool tomoyo_merge_path2_acl(struct tomoyo_acl_info *a,
tomoyo_check_acl(r, tomoyo_check_path_acl);
if (!r->granted && operation == TOMOYO_TYPE_READ &&
!r->domain->ignore_global_allow_read &&
- tomoyo_is_globally_readable_file(filename))
+ tomoyo_globally_readable_file(filename))
r->granted = true;
error = tomoyo_audit_path_log(r);
/*
* specified by "deny_rewrite" keyword.
*/
if (!error && operation == TOMOYO_TYPE_TRUNCATE &&
- tomoyo_is_no_rewrite_file(filename)) {
+ tomoyo_no_rewrite_file(filename)) {
operation = TOMOYO_TYPE_REWRITE;
goto next;
}
head);
const struct tomoyo_path_number_acl *p2 = container_of(b, typeof(*p2),
head);
- return tomoyo_is_same_acl_head(&p1->head, &p2->head)
- && tomoyo_is_same_name_union(&p1->name, &p2->name)
- && tomoyo_is_same_number_union(&p1->number, &p2->number);
+ return tomoyo_same_acl_head(&p1->head, &p2->head)
+ && tomoyo_same_name_union(&p1->name, &p2->name)
+ && tomoyo_same_number_union(&p1->number, &p2->number);
}
static bool tomoyo_merge_path_number_acl(struct tomoyo_acl_info *a,
error = -ENOMEM;
goto out;
}
- if (tomoyo_is_no_rewrite_file(&buf))
+ if (tomoyo_no_rewrite_file(&buf))
error = tomoyo_path_permission(&r, TOMOYO_TYPE_REWRITE,
&buf);
}
goto out;
switch (operation) {
case TOMOYO_TYPE_REWRITE:
- if (!tomoyo_is_no_rewrite_file(&buf)) {
+ if (!tomoyo_no_rewrite_file(&buf)) {
error = 0;
goto out;
}
}
/**
- * tomoyo_path_number3_perm - Check permission for "mkblock" and "mkchar".
+ * tomoyo_mkdev_perm - Check permission for "mkblock" and "mkchar".
*
* @operation: Type of operation. (TOMOYO_TYPE_MKCHAR or TOMOYO_TYPE_MKBLOCK)
* @path: Pointer to "struct path".
*
* Returns 0 on success, negative value otherwise.
*/
-int tomoyo_path_number3_perm(const u8 operation, struct path *path,
+int tomoyo_mkdev_perm(const u8 operation, struct path *path,
const unsigned int mode, unsigned int dev)
{
struct tomoyo_request_info r;
error = -ENOMEM;
if (tomoyo_get_realpath(&buf, path)) {
dev = new_decode_dev(dev);
- r.param_type = TOMOYO_TYPE_PATH_NUMBER3_ACL;
+ r.param_type = TOMOYO_TYPE_MKDEV_ACL;
r.param.mkdev.filename = &buf;
r.param.mkdev.operation = operation;
r.param.mkdev.mode = mode;
}
if (!w[3][0] || !w[4][0])
goto out;
- for (type = 0; type < TOMOYO_MAX_PATH_NUMBER3_OPERATION; type++) {
- if (strcmp(w[0], tomoyo_path_number3_keyword[type]))
+ for (type = 0; type < TOMOYO_MAX_MKDEV_OPERATION; type++) {
+ if (strcmp(w[0], tomoyo_mkdev_keyword[type]))
continue;
- return tomoyo_update_path_number3_acl(type, w[1], w[2], w[3],
- w[4], domain, is_delete);
+ return tomoyo_update_mkdev_acl(type, w[1], w[2], w[3],
+ w[4], domain, is_delete);
}
out:
return -EINVAL;
tomoyo_put_number_union(&entry->number);
}
break;
- case TOMOYO_TYPE_PATH_NUMBER3_ACL:
+ case TOMOYO_TYPE_MKDEV_ACL:
{
- struct tomoyo_path_number3_acl *entry
+ struct tomoyo_mkdev_acl *entry
= container_of(acl, typeof(*entry), head);
tomoyo_put_name_union(&entry->name);
tomoyo_put_number_union(&entry->mode);
{
const struct tomoyo_mount_acl *p1 = container_of(a, typeof(*p1), head);
const struct tomoyo_mount_acl *p2 = container_of(b, typeof(*p2), head);
- return tomoyo_is_same_acl_head(&p1->head, &p2->head) &&
- tomoyo_is_same_name_union(&p1->dev_name, &p2->dev_name) &&
- tomoyo_is_same_name_union(&p1->dir_name, &p2->dir_name) &&
- tomoyo_is_same_name_union(&p1->fs_type, &p2->fs_type) &&
- tomoyo_is_same_number_union(&p1->flags, &p2->flags);
+ return tomoyo_same_acl_head(&p1->head, &p2->head) &&
+ tomoyo_same_name_union(&p1->dev_name, &p2->dev_name) &&
+ tomoyo_same_name_union(&p1->dir_name, &p2->dir_name) &&
+ tomoyo_same_name_union(&p1->fs_type, &p2->fs_type) &&
+ tomoyo_same_number_union(&p1->flags, &p2->flags);
}
/**
struct tomoyo_number_group *group = NULL;
const struct tomoyo_path_info *saved_group_name;
int error = -ENOMEM;
- if (!tomoyo_is_correct_word(group_name))
+ if (!tomoyo_correct_word(group_name))
return NULL;
saved_group_name = tomoyo_get_name(group_name);
if (!saved_group_name)
struct tomoyo_path_group *group = NULL;
const struct tomoyo_path_info *saved_group_name;
int error = -ENOMEM;
- if (!tomoyo_is_correct_word(group_name))
+ if (!tomoyo_correct_word(group_name))
return NULL;
saved_group_name = tomoyo_get_name(group_name);
if (!saved_group_name)
default:
goto no_dev;
}
- return tomoyo_path_number3_perm(type, &path, perm, dev);
+ return tomoyo_mkdev_perm(type, &path, perm, dev);
no_dev:
switch (mode & S_IFMT) {
case S_IFIFO:
bool tomoyo_parse_name_union(const char *filename,
struct tomoyo_name_union *ptr)
{
- if (!tomoyo_is_correct_word(filename))
+ if (!tomoyo_correct_word(filename))
return false;
if (filename[0] == '@') {
ptr->group = tomoyo_get_path_group(filename + 1);
unsigned long v;
memset(num, 0, sizeof(*num));
if (data[0] == '@') {
- if (!tomoyo_is_correct_word(data))
+ if (!tomoyo_correct_word(data))
return false;
num->group = tomoyo_get_number_group(data + 1);
num->is_group = true;
}
/**
- * tomoyo_is_byte_range - Check whether the string is a \ooo style octal value.
+ * tomoyo_byte_range - Check whether the string is a \ooo style octal value.
*
* @str: Pointer to the string.
*
* TOMOYO uses \ooo style representation for 0x01 - 0x20 and 0x7F - 0xFF.
* This function verifies that \ooo is in valid range.
*/
-static inline bool tomoyo_is_byte_range(const char *str)
+static inline bool tomoyo_byte_range(const char *str)
{
return *str >= '0' && *str++ <= '3' &&
*str >= '0' && *str++ <= '7' &&
}
/**
- * tomoyo_is_alphabet_char - Check whether the character is an alphabet.
+ * tomoyo_alphabet_char - Check whether the character is an alphabet.
*
* @c: The character to check.
*
* Returns true if @c is an alphabet character, false otherwise.
*/
-static inline bool tomoyo_is_alphabet_char(const char c)
+static inline bool tomoyo_alphabet_char(const char c)
{
return (c >= 'A' && c <= 'Z') || (c >= 'a' && c <= 'z');
}
unsigned char *dp = buffer;
bool first = true;
- while (tomoyo_is_invalid(*sp))
+ while (tomoyo_invalid(*sp))
sp++;
while (*sp) {
if (!first)
*dp++ = ' ';
first = false;
- while (tomoyo_is_valid(*sp))
+ while (tomoyo_valid(*sp))
*dp++ = *sp++;
- while (tomoyo_is_invalid(*sp))
+ while (tomoyo_invalid(*sp))
sp++;
}
*dp = '\0';
}
/**
- * tomoyo_is_correct_word2 - Validate a string.
+ * tomoyo_correct_word2 - Validate a string.
*
* @string: The string to check. May be non-'\0'-terminated.
* @len: Length of @string.
* Check whether the given string follows the naming rules.
* Returns true if @string follows the naming rules, false otherwise.
*/
-static bool tomoyo_is_correct_word2(const char *string, size_t len)
+static bool tomoyo_correct_word2(const char *string, size_t len)
{
const char *const start = string;
bool in_repetition = false;
if (d < '0' || d > '7' || e < '0' || e > '7')
break;
c = tomoyo_make_byte(c, d, e);
- if (tomoyo_is_invalid(c))
+ if (tomoyo_invalid(c))
continue; /* pattern is not \000 */
}
goto out;
} else if (in_repetition && c == '/') {
goto out;
- } else if (tomoyo_is_invalid(c)) {
+ } else if (tomoyo_invalid(c)) {
goto out;
}
}
}
/**
- * tomoyo_is_correct_word - Validate a string.
+ * tomoyo_correct_word - Validate a string.
*
* @string: The string to check.
*
* Check whether the given string follows the naming rules.
* Returns true if @string follows the naming rules, false otherwise.
*/
-bool tomoyo_is_correct_word(const char *string)
+bool tomoyo_correct_word(const char *string)
{
- return tomoyo_is_correct_word2(string, strlen(string));
+ return tomoyo_correct_word2(string, strlen(string));
}
/**
- * tomoyo_is_correct_path - Validate a pathname.
+ * tomoyo_correct_path - Validate a pathname.
*
* @filename: The pathname to check.
*
* Check whether the given pathname follows the naming rules.
* Returns true if @filename follows the naming rules, false otherwise.
*/
-bool tomoyo_is_correct_path(const char *filename)
+bool tomoyo_correct_path(const char *filename)
{
- return *filename == '/' && tomoyo_is_correct_word(filename);
+ return *filename == '/' && tomoyo_correct_word(filename);
}
/**
- * tomoyo_is_correct_domain - Check whether the given domainname follows the naming rules.
+ * tomoyo_correct_domain - Check whether the given domainname follows the naming rules.
*
* @domainname: The domainname to check.
*
* Returns true if @domainname follows the naming rules, false otherwise.
*/
-bool tomoyo_is_correct_domain(const unsigned char *domainname)
+bool tomoyo_correct_domain(const unsigned char *domainname)
{
if (!domainname || strncmp(domainname, TOMOYO_ROOT_NAME,
TOMOYO_ROOT_NAME_LEN))
if (!cp)
break;
if (*domainname != '/' ||
- !tomoyo_is_correct_word2(domainname, cp - domainname - 1))
+ !tomoyo_correct_word2(domainname, cp - domainname - 1))
goto out;
domainname = cp + 1;
}
- return tomoyo_is_correct_path(domainname);
+ return tomoyo_correct_path(domainname);
out:
return false;
}
/**
- * tomoyo_is_domain_def - Check whether the given token can be a domainname.
+ * tomoyo_domain_def - Check whether the given token can be a domainname.
*
* @buffer: The token to check.
*
* Returns true if @buffer possibly be a domainname, false otherwise.
*/
-bool tomoyo_is_domain_def(const unsigned char *buffer)
+bool tomoyo_domain_def(const unsigned char *buffer)
{
return !strncmp(buffer, TOMOYO_ROOT_NAME, TOMOYO_ROOT_NAME_LEN);
}
} else if (c == '\\') {
if (filename[1] == '\\')
filename++;
- else if (tomoyo_is_byte_range(filename + 1))
+ else if (tomoyo_byte_range(filename + 1))
filename += 3;
else
return false;
return false;
break;
case 'a':
- if (!tomoyo_is_alphabet_char(c))
+ if (!tomoyo_alphabet_char(c))
return false;
break;
case '0':
case '1':
case '2':
case '3':
- if (c == '\\' && tomoyo_is_byte_range(filename + 1)
+ if (c == '\\' && tomoyo_byte_range(filename + 1)
&& strncmp(filename + 1, pattern, 3) == 0) {
filename += 3;
pattern += 2;
continue;
if (filename[i + 1] == '\\')
i++;
- else if (tomoyo_is_byte_range(filename + i + 1))
+ else if (tomoyo_byte_range(filename + i + 1))
i += 3;
else
break; /* Bad pattern. */
while (isxdigit(filename[j]))
j++;
} else if (c == 'A') {
- while (tomoyo_is_alphabet_char(filename[j]))
+ while (tomoyo_alphabet_char(filename[j]))
j++;
}
for (i = 1; i <= j; i++) {
if (perm & (1 << i))
count++;
break;
- case TOMOYO_TYPE_PATH_NUMBER3_ACL:
- perm = container_of(ptr, struct tomoyo_path_number3_acl,
+ case TOMOYO_TYPE_MKDEV_ACL:
+ perm = container_of(ptr, struct tomoyo_mkdev_acl,
head)->perm;
- for (i = 0; i < TOMOYO_MAX_PATH_NUMBER3_OPERATION; i++)
+ for (i = 0; i < TOMOYO_MAX_MKDEV_OPERATION; i++)
if (perm & (1 << i))
count++;
break;