172 |
if (is_add) { |
if (is_add) { |
173 |
if ((ptr = domain->first_acl_ptr) == NULL) goto first_entry; |
if ((ptr = domain->first_acl_ptr) == NULL) goto first_entry; |
174 |
while (1) { |
while (1) { |
175 |
struct capability_acl_record *new_ptr; |
struct capability_acl_record *new_ptr = (struct capability_acl_record *) ptr; |
176 |
if (ptr->type == TYPE_CAPABILITY_ACL && ptr->u.w == hash && ptr->cond == condition) { |
if (ptr->type == TYPE_CAPABILITY_ACL && new_ptr->capability == hash && ptr->cond == condition) { |
177 |
ptr->is_deleted = 0; |
ptr->is_deleted = 0; |
178 |
/* Found. Nothing to do. */ |
/* Found. Nothing to do. */ |
179 |
error = 0; |
error = 0; |
188 |
/* Not found. Append it to the tail. */ |
/* Not found. Append it to the tail. */ |
189 |
if ((new_ptr = alloc_element(sizeof(*new_ptr))) == NULL) break; |
if ((new_ptr = alloc_element(sizeof(*new_ptr))) == NULL) break; |
190 |
new_ptr->head.type = TYPE_CAPABILITY_ACL; |
new_ptr->head.type = TYPE_CAPABILITY_ACL; |
191 |
new_ptr->head.u.w = hash; |
new_ptr->capability = hash; |
192 |
new_ptr->head.cond = condition; |
new_ptr->head.cond = condition; |
193 |
error = AddDomainACL(ptr, domain, (struct acl_info *) new_ptr); |
error = AddDomainACL(ptr, domain, (struct acl_info *) new_ptr); |
194 |
break; |
break; |
196 |
} else { |
} else { |
197 |
error = -ENOENT; |
error = -ENOENT; |
198 |
for (ptr = domain->first_acl_ptr; ptr; ptr = ptr->next) { |
for (ptr = domain->first_acl_ptr; ptr; ptr = ptr->next) { |
199 |
if (ptr->type != TYPE_CAPABILITY_ACL || ptr->is_deleted || ptr->u.w != hash || ptr->cond != condition) continue; |
struct capability_acl_record *ptr2 = (struct capability_acl_record *) ptr; |
200 |
|
if (ptr->type != TYPE_CAPABILITY_ACL || ptr->is_deleted || ptr2->capability != hash || ptr->cond != condition) continue; |
201 |
error = DelDomainACL(ptr); |
error = DelDomainACL(ptr); |
202 |
break; |
break; |
203 |
} |
} |
214 |
const u16 hash = capability; |
const u16 hash = capability; |
215 |
if (!CheckCapabilityFlags(capability)) return 0; |
if (!CheckCapabilityFlags(capability)) return 0; |
216 |
for (ptr = domain->first_acl_ptr; ptr; ptr = ptr->next) { |
for (ptr = domain->first_acl_ptr; ptr; ptr = ptr->next) { |
217 |
if (ptr->type != TYPE_CAPABILITY_ACL || ptr->is_deleted || ptr->u.w != hash || CheckCondition(ptr->cond, NULL)) continue; |
struct capability_acl_record *ptr2 = (struct capability_acl_record *) ptr; |
218 |
|
if (ptr->type != TYPE_CAPABILITY_ACL || ptr->is_deleted || ptr2->capability != hash || CheckCondition(ptr->cond, NULL)) continue; |
219 |
AuditCapabilityLog(capability, 1); |
AuditCapabilityLog(capability, 1); |
220 |
return 0; |
return 0; |
221 |
} |
} |