Re: [TOMOYO 14/15] Conditional permission support.

From: Pavel Machek
Date: Sat Aug 25 2007 - 07:57:29 EST

Next message: Rusty Russell: "Re: [PATCH] Fix preemptible lazy mode bug"
Previous message: David Rodriguez: "Problem with CFS V20 and Suspend2/tuxonice"
In reply to: Kentaro Takeda: "[TOMOYO 14/15] Conditional permission support."
Next in thread: Toshiharu Harada: "Re: [TOMOYO 14/15] Conditional permission support."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> This patch allows administrators use conditional permission.
> TOMOYO Linux supports conditional permission based on
> process's UID,GID etc. and/or requested pathname's UID/GID.
>
> Signed-off-by: Kentaro Takeda <takedakn@xxxxxxxxxxxxx>
> Signed-off-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>

> + * Since the trailing spaces are removed by tmy_normalize_line(),
> + * the last "\040if\040" sequence corresponds to condition part.
> + */
> +char *tmy_find_condition_part(char *data)
> +{
> + char *cp = strstr(data, " if ");
> + if (cp) {
> + char *cp2;
> + while ((cp2 = strstr(cp + 3, " if ")) != NULL)
> + cp = cp2;
> + *cp++ = '\0';
> + }
> + return cp;
> +}
...

> + unsigned long left_min = 0;
> + unsigned long left_max = 0;
> + unsigned long right_min = 0;
> + unsigned long right_max = 0;
> + if (strncmp(condition, "if ", 3))
> + return NULL;
> + condition += 3;
> + start = condition;
> + while (*condition) {
> + if (*condition == ' ')
> + condition++;
> + for (left = 0; left < MAX_KEYWORD; left++) {
> + if (strncmp(condition, cc_keyword[left].keyword,
> + cc_keyword[left].keyword_len))
> + continue;
> + condition += cc_keyword[left].keyword_len;
> + break;
> + }
> + if (left == MAX_KEYWORD) {
> + if (!tmy_parse_ulong(&left_min, &condition))
> + goto out;
> + counter++; /* body */
> + if (*condition != '-')
> + goto not_range1;
> + condition++;
> + if (!tmy_parse_ulong(&left_max, &condition)
> + || left_min > left_max)
> + goto out;
> + counter++; /* body */
> +not_range1: ;
> + }
> + if (strncmp(condition, "!=", 2) == 0)
> + condition += 2;
> + else if (*condition == '=')
> + condition++;
> + else
> + goto out;
> + counter++; /* header */
> + for (right = 0; right < MAX_KEYWORD; right++) {
> + if (strncmp(condition, cc_keyword[right].keyword,
> + cc_keyword[right].keyword_len))
> + continue;
> + condition += cc_keyword[right].keyword_len;
> + break;
> + }

What is that? Language parser in kernel?

Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rusty Russell: "Re: [PATCH] Fix preemptible lazy mode bug"
Previous message: David Rodriguez: "Problem with CFS V20 and Suspend2/tuxonice"
In reply to: Kentaro Takeda: "[TOMOYO 14/15] Conditional permission support."
Next in thread: Toshiharu Harada: "Re: [TOMOYO 14/15] Conditional permission support."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]