commit a238cf5b89ed5285be8de56335665d023972f7d5
author Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Sun Jun 26 23:17:10 2011 +0900
committer James Morris <jmorris@namei.org> Wed Jun 29 09:31:20 2011 +1000
tree cd2594f5c80345b5f880a3ccd445d15fb6b7d6cd
parent 0df7e8b8f1c25c10820bdc679555f2fbfb897ca0

TOMOYO: Use struct for passing ACL line.

Use structure for passing ACL line, in preparation for supporting policy
namespace and conditional parameters.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>

security/tomoyo/memory.c

diff --git a/security/tomoyo/memory.c b/security/tomoyo/memory.c
index dfef0cb..839b8eb 100644
--- a/security/tomoyo/memory.c
+++ b/security/tomoyo/memory.c
@@ -93,15 +93,18 @@
 /**
  * tomoyo_get_group - Allocate memory for "struct tomoyo_path_group"/"struct tomoyo_number_group".
  *
- * @group_name: The name of address group.
- * @idx:        Index number.
+ * @param: Pointer to "struct tomoyo_acl_param".
+ * @idx:   Index number.
  *
  * Returns pointer to "struct tomoyo_group" on success, NULL otherwise.
  */
-struct tomoyo_group *tomoyo_get_group(const char *group_name, const u8 idx)
+struct tomoyo_group *tomoyo_get_group(struct tomoyo_acl_param *param,
+				      const u8 idx)
 {
 	struct tomoyo_group e = { };
 	struct tomoyo_group *group = NULL;
+	struct list_head *list;
+	const char *group_name = tomoyo_read_token(param);
 	bool found = false;
 	if (!tomoyo_correct_word(group_name) || idx >= TOMOYO_MAX_GROUP)
 		return NULL;
@@ -110,7 +113,8 @@
 		return NULL;
 	if (mutex_lock_interruptible(&tomoyo_policy_lock))
 		goto out;
-	list_for_each_entry(group, &tomoyo_group_list[idx], head.list) {
+	list = &tomoyo_group_list[idx];
+	list_for_each_entry(group, list, head.list) {
 		if (e.group_name != group->group_name)
 			continue;
 		atomic_inc(&group->head.users);
@@ -122,14 +126,13 @@
 		if (entry) {
 			INIT_LIST_HEAD(&entry->member_list);
 			atomic_set(&entry->head.users, 1);
-			list_add_tail_rcu(&entry->head.list,
-					  &tomoyo_group_list[idx]);
+			list_add_tail_rcu(&entry->head.list, list);
 			group = entry;
 			found = true;
 		}
 	}
 	mutex_unlock(&tomoyo_policy_lock);
- out:
+out:
 	tomoyo_put_name(e.group_name);
 	return found ? group : NULL;
 }
@@ -210,6 +213,8 @@
 	idx = tomoyo_read_lock();
 	if (tomoyo_find_domain(TOMOYO_ROOT_NAME) != &tomoyo_kernel_domain)
 		panic("Can't register tomoyo_kernel_domain");
+#if 0
+	/* Will be replaced with tomoyo_load_builtin_policy(). */
 	{
 		/* Load built-in policy. */
 		tomoyo_write_transition_control("/sbin/hotplug", false,
@@ -217,6 +222,7 @@
 		tomoyo_write_transition_control("/sbin/modprobe", false,
 					TOMOYO_TRANSITION_CONTROL_INITIALIZE);
 	}
+#endif
 	tomoyo_read_unlock(idx);
 }