Open-Source-Software-Entwicklung und Downloads

TOMOYO

Browse Subversion Repository

/[tomoyo]/trunk/1.6.x/ccs-patch/fs/tomoyo_capability.c

Diff of /trunk/1.6.x/ccs-patch/fs/tomoyo_capability.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 1052 by kumaneko, Mon Mar 24 03:50:04 2008 UTC revision 1054 by kumaneko, Mon Mar 24 09:38:11 2008 UTC
# Line 159  static int update_capability_acl(const u Line 159  static int update_capability_acl(const u
159   *   *
160   * @operation: Type of operation.   * @operation: Type of operation.
161   *   *
162   * Returns 0 on success, negative value otherwise.   * Returns true on success, false otherwise.
163   */   */
164  int ccs_capable(const u8 operation)  bool ccs_capable(const u8 operation)
165  {  {
166          struct domain_info * const domain = current->domain_info;          struct domain_info * const domain = current->domain_info;
167          struct acl_info *ptr;          struct acl_info *ptr;
# Line 170  int ccs_capable(const u8 operation) Line 170  int ccs_capable(const u8 operation)
170          const bool is_enforce = (mode == 3);          const bool is_enforce = (mode == 3);
171          bool found = false;          bool found = false;
172          if (!mode)          if (!mode)
173                  return 0;                  return true;
174          list1_for_each_entry(ptr, &domain->acl_info_list, list) {          list1_for_each_entry(ptr, &domain->acl_info_list, list) {
175                  struct capability_acl_record *acl;                  struct capability_acl_record *acl;
176                  if ((ptr->type & ~ACL_WITH_CONDITION) != TYPE_CAPABILITY_ACL)                  if ((ptr->type & ~ACL_WITH_CONDITION) != TYPE_CAPABILITY_ACL)
# Line 185  int ccs_capable(const u8 operation) Line 185  int ccs_capable(const u8 operation)
185          }          }
186          audit_capability_log(operation, found, profile, mode);          audit_capability_log(operation, found, profile, mode);
187          if (found)          if (found)
188                  return 0;                  return true;
189          if (ccs_verbose_mode())          if (ccs_verbose_mode())
190                  printk(KERN_WARNING "TOMOYO-%s: %s denied for %s\n",                  printk(KERN_WARNING "TOMOYO-%s: %s denied for %s\n",
191                         ccs_get_msg(is_enforce), cap_operation2name(operation),                         ccs_get_msg(is_enforce), cap_operation2name(operation),
192                         ccs_get_last_name(domain));                         ccs_get_last_name(domain));
193          if (is_enforce)          if (is_enforce)
194                  return ccs_check_supervisor("%s\n"                  return !ccs_check_supervisor("%s\n"
195                                              KEYWORD_ALLOW_CAPABILITY "%s\n",                                              KEYWORD_ALLOW_CAPABILITY "%s\n",
196                                              domain->domainname->name,                                              domain->domainname->name,
197                                              ccs_cap2keyword(operation));                                              ccs_cap2keyword(operation));
198          else if (mode == 1 && ccs_check_domain_quota(domain))          else if (mode == 1 && ccs_check_domain_quota(domain))
199                  update_capability_acl(operation, domain, NULL, false);                  update_capability_acl(operation, domain, NULL, false);
200          return 0;          return true;
201  }  }
202  /* I need to export this for net/unix/af_unix.c */  /* I need to export this for net/unix/af_unix.c */
203  EXPORT_SYMBOL(ccs_capable);  EXPORT_SYMBOL(ccs_capable);
Legend:
Removed from v.1052  
changed lines
  Added in v.1054
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
Über OSDN
Software suchen
Entwickeln Software
Hilfeseiten