[TOMOYO #16 04/25] TOMOYO: Add header file.

From: Tetsuo Handa
Date: Sun Oct 04 2009 - 08:54:30 EST


This patch contains structure/prototype/variable declarations for TOMOYO.

Signed-off-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
---
security/tomoyo/internal.h | 1317 +++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 1317 insertions(+)

--- /dev/null
+++ security-testing-2.6/security/tomoyo/internal.h
@@ -0,0 +1,1317 @@
+/*
+ * security/tomoyo/internal.h
+ *
+ * Copyright (C) 2005-2009 NTT DATA CORPORATION
+ */
+
+#ifndef _SECURITY_TOMOYO_INTERNAL_H
+#define _SECURITY_TOMOYO_INTERNAL_H
+
+#include <linux/security.h>
+#include <linux/poll.h>
+extern asmlinkage long sys_getpid(void);
+extern asmlinkage long sys_getppid(void);
+extern spinlock_t vfsmount_lock;
+
+/* Index numbers for Access Controls. */
+enum tomoyo_acl_entry_type_index {
+ TOMOYO_TYPE_PATH_ACL,
+ TOMOYO_TYPE_PATH2_ACL,
+ TOMOYO_TYPE_PATH_NUMBER_ACL,
+ TOMOYO_TYPE_PATH_NUMBER3_ACL,
+ TOMOYO_TYPE_ENV_ACL,
+ TOMOYO_TYPE_CAPABILITY_ACL,
+ TOMOYO_TYPE_IP_NETWORK_ACL,
+ TOMOYO_TYPE_MOUNT_ACL,
+ TOMOYO_TYPE_EXECUTE_HANDLER,
+ TOMOYO_TYPE_DENIED_EXECUTE_HANDLER
+};
+
+/* Index numbers for Capability Controls. */
+enum tomoyo_capability_acl_index {
+ /* socket(PF_INET or PF_INET6, SOCK_STREAM, *) */
+ TOMOYO_INET_STREAM_SOCKET_CREATE,
+ /* listen() for PF_INET or PF_INET6, SOCK_STREAM */
+ TOMOYO_INET_STREAM_SOCKET_LISTEN,
+ /* connect() for PF_INET or PF_INET6, SOCK_STREAM */
+ TOMOYO_INET_STREAM_SOCKET_CONNECT,
+ /* socket(PF_INET or PF_INET6, SOCK_DGRAM, *) */
+ TOMOYO_USE_INET_DGRAM_SOCKET,
+ /* socket(PF_INET or PF_INET6, SOCK_RAW, *) */
+ TOMOYO_USE_INET_RAW_SOCKET,
+ /* socket(PF_ROUTE, *, *) */
+ TOMOYO_USE_ROUTE_SOCKET,
+ /* socket(PF_PACKET, *, *) */
+ TOMOYO_USE_PACKET_SOCKET,
+ /* sys_mount() */
+ TOMOYO_SYS_MOUNT,
+ /* sys_umount() */
+ TOMOYO_SYS_UMOUNT,
+ /* sys_chroot() */
+ TOMOYO_SYS_CHROOT,
+ /* sys_mknod(S_IFIFO) */
+ TOMOYO_CREATE_FIFO,
+ /* sys_mknod(S_IFBLK) */
+ TOMOYO_CREATE_BLOCK_DEV,
+ /* sys_mknod(S_IFCHR) */
+ TOMOYO_CREATE_CHAR_DEV,
+ /* sys_mknod(S_IFSOCK) */
+ TOMOYO_CREATE_UNIX_SOCKET,
+ /* sys_link() */
+ TOMOYO_SYS_LINK,
+ /* sys_symlink() */
+ TOMOYO_SYS_SYMLINK,
+ /* sys_rename() */
+ TOMOYO_SYS_RENAME,
+ /* sys_unlink() */
+ TOMOYO_SYS_UNLINK,
+ /* sys_chmod(), sys_fchmod() */
+ TOMOYO_SYS_CHMOD,
+ /* sys_chown(), sys_fchown(), sys_lchown() */
+ TOMOYO_SYS_CHOWN,
+ /* sys_ioctl(), compat_sys_ioctl() */
+ TOMOYO_SYS_IOCTL,
+ /* sys_pivot_root() */
+ TOMOYO_SYS_PIVOT_ROOT,
+ TOMOYO_MAX_CAPABILITY_INDEX
+};
+
+/*
+ * TOMOYO_TYPE_READ_WRITE is special. TOMOYO_TYPE_READ_WRITE is automatically
+ * set if both TOMOYO_TYPE_READ and TOMOYO_TYPE_WRITE are set. Both
+ * TOMOYO_TYPE_READ and TOMOYO_TYPE_WRITE are automatically set if
+ * TOMOYO_TYPE_READ_WRITE is set.
+ * TOMOYO_TYPE_READ_WRITE is automatically cleared if either TOMOYO_TYPE_READ
+ * or TOMOYO_TYPE_WRITE is cleared. Both TOMOYO_TYPE_READ and TOMOYO_TYPE_WRITE
+ * are automatically cleared if TOMOYO_TYPE_READ_WRITE is cleared.
+ */
+
+enum tomoyo_path_acl_index {
+ TOMOYO_TYPE_READ_WRITE,
+ TOMOYO_TYPE_EXECUTE,
+ TOMOYO_TYPE_READ,
+ TOMOYO_TYPE_WRITE,
+ TOMOYO_TYPE_UNLINK,
+ TOMOYO_TYPE_RMDIR,
+ TOMOYO_TYPE_TRUNCATE,
+ TOMOYO_TYPE_SYMLINK,
+ TOMOYO_TYPE_REWRITE,
+ TOMOYO_TYPE_CHROOT,
+ TOMOYO_TYPE_UMOUNT,
+ TOMOYO_MAX_PATH_OPERATION
+};
+
+enum tomoyo_path_number3_acl_index {
+ TOMOYO_TYPE_MKBLOCK,
+ TOMOYO_TYPE_MKCHAR,
+ TOMOYO_MAX_PATH_NUMBER3_OPERATION
+};
+
+enum tomoyo_path2_acl_index {
+ TOMOYO_TYPE_LINK,
+ TOMOYO_TYPE_RENAME,
+ TOMOYO_TYPE_PIVOT_ROOT,
+ TOMOYO_MAX_PATH2_OPERATION
+};
+
+enum tomoyo_path_number_acl_index {
+ TOMOYO_TYPE_CREATE,
+ TOMOYO_TYPE_MKDIR,
+ TOMOYO_TYPE_MKFIFO,
+ TOMOYO_TYPE_MKSOCK,
+ TOMOYO_TYPE_IOCTL,
+ TOMOYO_TYPE_CHMOD,
+ TOMOYO_TYPE_CHOWN,
+ TOMOYO_TYPE_CHGRP,
+ TOMOYO_MAX_PATH_NUMBER_OPERATION
+};
+
+enum tomoyo_network_acl_index {
+ /* UDP's bind() operation. */
+ TOMOYO_NETWORK_UDP_BIND,
+ /* UDP's connect()/send()/recv() operation. */
+ TOMOYO_NETWORK_UDP_CONNECT,
+ /* TCP's bind() operation. */
+ TOMOYO_NETWORK_TCP_BIND,
+ /* TCP's listen() operation. */
+ TOMOYO_NETWORK_TCP_LISTEN,
+ /* TCP's connect() operation. */
+ TOMOYO_NETWORK_TCP_CONNECT,
+ /* TCP's accept() operation. */
+ TOMOYO_NETWORK_TCP_ACCEPT,
+ /* IP's bind() operation. */
+ TOMOYO_NETWORK_RAW_BIND,
+ /* IP's connect()/send()/recv() operation. */
+ TOMOYO_NETWORK_RAW_CONNECT,
+ TOMOYO_MAX_NETWORK_OPERATION
+};
+
+enum tomoyo_ip_address_type {
+ TOMOYO_IP_ADDRESS_TYPE_ADDRESS_GROUP,
+ TOMOYO_IP_ADDRESS_TYPE_IPv4,
+ TOMOYO_IP_ADDRESS_TYPE_IPv6
+};
+
+/* Indexes for /sys/kernel/security/tomoyo/ interfaces. */
+enum tomoyo_proc_interface_index {
+ TOMOYO_DOMAINPOLICY,
+ TOMOYO_EXCEPTIONPOLICY,
+ TOMOYO_DOMAIN_STATUS,
+ TOMOYO_PROCESS_STATUS,
+ TOMOYO_MEMINFO,
+ TOMOYO_GRANTLOG,
+ TOMOYO_REJECTLOG,
+ TOMOYO_SELFDOMAIN,
+ TOMOYO_VERSION,
+ TOMOYO_PROFILE,
+ TOMOYO_QUERY,
+ TOMOYO_MANAGER,
+ TOMOYO_EXECUTE_HANDLER
+};
+
+enum tomoyo_mac_index {
+ TOMOYO_MAC_FILE_EXECUTE,
+ TOMOYO_MAC_FILE_OPEN,
+ TOMOYO_MAC_FILE_CREATE,
+ TOMOYO_MAC_FILE_UNLINK,
+ TOMOYO_MAC_FILE_MKDIR,
+ TOMOYO_MAC_FILE_RMDIR,
+ TOMOYO_MAC_FILE_MKFIFO,
+ TOMOYO_MAC_FILE_MKSOCK,
+ TOMOYO_MAC_FILE_TRUNCATE,
+ TOMOYO_MAC_FILE_SYMLINK,
+ TOMOYO_MAC_FILE_REWRITE,
+ TOMOYO_MAC_FILE_MKBLOCK,
+ TOMOYO_MAC_FILE_MKCHAR,
+ TOMOYO_MAC_FILE_LINK,
+ TOMOYO_MAC_FILE_RENAME,
+ TOMOYO_MAC_FILE_CHMOD,
+ TOMOYO_MAC_FILE_CHOWN,
+ TOMOYO_MAC_FILE_CHGRP,
+ TOMOYO_MAC_FILE_IOCTL,
+ TOMOYO_MAC_FILE_CHROOT,
+ TOMOYO_MAC_FILE_MOUNT,
+ TOMOYO_MAC_FILE_UMOUNT,
+ TOMOYO_MAC_FILE_PIVOT_ROOT,
+ TOMOYO_MAC_NETWORK_UDP_BIND,
+ TOMOYO_MAC_NETWORK_UDP_CONNECT,
+ TOMOYO_MAC_NETWORK_TCP_BIND,
+ TOMOYO_MAC_NETWORK_TCP_LISTEN,
+ TOMOYO_MAC_NETWORK_TCP_CONNECT,
+ TOMOYO_MAC_NETWORK_TCP_ACCEPT,
+ TOMOYO_MAC_NETWORK_RAW_BIND,
+ TOMOYO_MAC_NETWORK_RAW_CONNECT,
+ TOMOYO_MAC_ENVIRON,
+ TOMOYO_MAX_MAC_INDEX
+};
+
+enum tomoyo_mac_category_index {
+ TOMOYO_MAC_CATEGORY_FILE,
+ TOMOYO_MAC_CATEGORY_NETWORK,
+ TOMOYO_MAC_CATEGORY_MISC,
+ TOMOYO_MAC_CATEGORY_CAPABILITY,
+ TOMOYO_MAX_MAC_CATEGORY_INDEX
+};
+
+enum tomoyo_conditions_index {
+ TOMOYO_TASK_UID, /* current_uid() */
+ TOMOYO_TASK_EUID, /* current_euid() */
+ TOMOYO_TASK_SUID, /* current_suid() */
+ TOMOYO_TASK_FSUID, /* current_fsuid() */
+ TOMOYO_TASK_GID, /* current_gid() */
+ TOMOYO_TASK_EGID, /* current_egid() */
+ TOMOYO_TASK_SGID, /* current_sgid() */
+ TOMOYO_TASK_FSGID, /* current_fsgid() */
+ TOMOYO_TASK_PID, /* sys_getpid() */
+ TOMOYO_TASK_PPID, /* sys_getppid() */
+ TOMOYO_EXEC_ARGC, /* "struct linux_binprm *"->argc */
+ TOMOYO_EXEC_ENVC, /* "struct linux_binprm *"->envc */
+ TOMOYO_TASK_STATE_0, /* (u8) (current->tomoyo_flags >> 24) */
+ TOMOYO_TASK_STATE_1, /* (u8) (current->tomoyo_flags >> 16) */
+ TOMOYO_TASK_STATE_2, /* (u8) (task->tomoyo_flags >> 8) */
+ TOMOYO_TYPE_IS_SOCKET, /* S_IFSOCK */
+ TOMOYO_TYPE_IS_SYMLINK, /* S_IFLNK */
+ TOMOYO_TYPE_IS_FILE, /* S_IFREG */
+ TOMOYO_TYPE_IS_BLOCK_DEV, /* S_IFBLK */
+ TOMOYO_TYPE_IS_DIRECTORY, /* S_IFDIR */
+ TOMOYO_TYPE_IS_CHAR_DEV, /* S_IFCHR */
+ TOMOYO_TYPE_IS_FIFO, /* S_IFIFO */
+ TOMOYO_MODE_SETUID, /* S_ISUID */
+ TOMOYO_MODE_SETGID, /* S_ISGID */
+ TOMOYO_MODE_STICKY, /* S_ISVTX */
+ TOMOYO_MODE_OWNER_READ, /* S_IRUSR */
+ TOMOYO_MODE_OWNER_WRITE, /* S_IWUSR */
+ TOMOYO_MODE_OWNER_EXECUTE, /* S_IXUSR */
+ TOMOYO_MODE_GROUP_READ, /* S_IRGRP */
+ TOMOYO_MODE_GROUP_WRITE, /* S_IWGRP */
+ TOMOYO_MODE_GROUP_EXECUTE, /* S_IXGRP */
+ TOMOYO_MODE_OTHERS_READ, /* S_IROTH */
+ TOMOYO_MODE_OTHERS_WRITE, /* S_IWOTH */
+ TOMOYO_MODE_OTHERS_EXECUTE, /* S_IXOTH */
+ TOMOYO_TASK_TYPE, /* ((u8) task->tomoyo_flags) &
+ TOMOYO_TASK_IS_EXECUTE_HANDLER */
+ TOMOYO_TASK_EXECUTE_HANDLER, /* TOMOYO_TASK_IS_EXECUTE_HANDLER */
+ TOMOYO_EXEC_REALPATH,
+ TOMOYO_SYMLINK_TARGET,
+ TOMOYO_PATH1_UID,
+ TOMOYO_PATH1_GID,
+ TOMOYO_PATH1_INO,
+ TOMOYO_PATH1_MAJOR,
+ TOMOYO_PATH1_MINOR,
+ TOMOYO_PATH1_PERM,
+ TOMOYO_PATH1_TYPE,
+ TOMOYO_PATH1_DEV_MAJOR,
+ TOMOYO_PATH1_DEV_MINOR,
+ TOMOYO_PATH2_UID,
+ TOMOYO_PATH2_GID,
+ TOMOYO_PATH2_INO,
+ TOMOYO_PATH2_MAJOR,
+ TOMOYO_PATH2_MINOR,
+ TOMOYO_PATH2_PERM,
+ TOMOYO_PATH2_TYPE,
+ TOMOYO_PATH2_DEV_MAJOR,
+ TOMOYO_PATH2_DEV_MINOR,
+ TOMOYO_PATH1_PARENT_UID,
+ TOMOYO_PATH1_PARENT_GID,
+ TOMOYO_PATH1_PARENT_INO,
+ TOMOYO_PATH1_PARENT_PERM,
+ TOMOYO_PATH2_PARENT_UID,
+ TOMOYO_PATH2_PARENT_GID,
+ TOMOYO_PATH2_PARENT_INO,
+ TOMOYO_PATH2_PARENT_PERM,
+ TOMOYO_MAX_CONDITION_KEYWORD,
+ TOMOYO_NUMBER_UNION,
+ TOMOYO_NAME_UNION,
+ TOMOYO_ARGV_ENTRY,
+ TOMOYO_ENVP_ENTRY
+};
+
+/* Keywords for ACLs. */
+#define TOMOYO_KEYWORD_ADDRESS_GROUP "address_group "
+#define TOMOYO_KEYWORD_AGGREGATOR "aggregator "
+#define TOMOYO_KEYWORD_ALLOW_CAPABILITY "allow_capability "
+#define TOMOYO_KEYWORD_ALLOW_ENV "allow_env "
+#define TOMOYO_KEYWORD_ALLOW_IOCTL "allow_ioctl "
+#define TOMOYO_KEYWORD_ALLOW_CHMOD "allow_chmod "
+#define TOMOYO_KEYWORD_ALLOW_CHOWN "allow_chown "
+#define TOMOYO_KEYWORD_ALLOW_CHGRP "allow_chgrp "
+#define TOMOYO_KEYWORD_ALLOW_MOUNT "allow_mount "
+#define TOMOYO_KEYWORD_ALLOW_NETWORK "allow_network "
+#define TOMOYO_KEYWORD_ALLOW_READ "allow_read "
+#define TOMOYO_KEYWORD_DELETE "delete "
+#define TOMOYO_KEYWORD_DENY_REWRITE "deny_rewrite "
+#define TOMOYO_KEYWORD_FILE_PATTERN "file_pattern "
+#define TOMOYO_KEYWORD_INITIALIZE_DOMAIN "initialize_domain "
+#define TOMOYO_KEYWORD_KEEP_DOMAIN "keep_domain "
+#define TOMOYO_KEYWORD_NO_INITIALIZE_DOMAIN "no_initialize_domain "
+#define TOMOYO_KEYWORD_NO_KEEP_DOMAIN "no_keep_domain "
+#define TOMOYO_KEYWORD_PATH_GROUP "path_group "
+#define TOMOYO_KEYWORD_NUMBER_GROUP "number_group "
+#define TOMOYO_KEYWORD_SELECT "select "
+#define TOMOYO_KEYWORD_USE_PROFILE "use_profile "
+#define TOMOYO_KEYWORD_IGNORE_GLOBAL_ALLOW_READ "ignore_global_allow_read"
+#define TOMOYO_KEYWORD_IGNORE_GLOBAL_ALLOW_ENV "ignore_global_allow_env"
+#define TOMOYO_KEYWORD_EXECUTE_HANDLER "execute_handler"
+#define TOMOYO_KEYWORD_DENIED_EXECUTE_HANDLER "denied_execute_handler"
+
+/* A domain definition starts with <kernel>. */
+#define ROOT_NAME "<kernel>"
+#define ROOT_NAME_LEN (sizeof(ROOT_NAME) - 1)
+
+/* Value type definition. */
+#define TOMOYO_VALUE_TYPE_INVALID 0
+#define TOMOYO_VALUE_TYPE_DECIMAL 1
+#define TOMOYO_VALUE_TYPE_OCTAL 2
+#define TOMOYO_VALUE_TYPE_HEXADECIMAL 3
+
+#define TOMOYO_EXEC_TMPSIZE 4096
+
+/* Profile number is an integer between 0 and 255. */
+#define TOMOYO_MAX_PROFILES 256
+
+#define TOMOYO_CONFIG_DISABLED 0
+#define TOMOYO_CONFIG_LEARNING 1
+#define TOMOYO_CONFIG_PERMISSIVE 2
+#define TOMOYO_CONFIG_ENFORCING 3
+#define TOMOYO_CONFIG_WANT_REJECT_LOG 64
+#define TOMOYO_CONFIG_WANT_GRANT_LOG 128
+#define TOMOYO_CONFIG_USE_DEFAULT 255
+
+#define TOMOYO_TASK_IS_IN_EXECVE 16
+#define TOMOYO_DONT_SLEEP_ON_ENFORCE_ERROR 32
+#define TOMOYO_TASK_IS_EXECUTE_HANDLER 64
+#define TOMOYO_TASK_IS_POLICY_MANAGER 128
+/* Highest 24 bits are reserved for task.state[] conditions. */
+
+/**
+ * list_for_each_cookie - iterate over a list with cookie.
+ * @pos: the &struct list_head to use as a loop cursor.
+ * @cookie: the &struct list_head to use as a cookie.
+ * @head: the head for your list.
+ *
+ * Same with list_for_each_rcu() except that this primitive uses @cookie
+ * so that we can continue iteration.
+ * @cookie must be NULL when iteration starts, and @cookie will become
+ * NULL when iteration finishes.
+ */
+#define list_for_each_cookie(pos, cookie, head) \
+ for (({ if (!cookie) \
+ cookie = head; }), \
+ pos = rcu_dereference((cookie)->next); \
+ prefetch(pos->next), pos != (head) || ((cookie) = NULL); \
+ (cookie) = pos, pos = rcu_dereference(pos->next))
+
+struct tomoyo_name_union {
+ const struct tomoyo_path_info *filename;
+ struct tomoyo_path_group *group;
+ u8 is_group;
+};
+
+struct tomoyo_number_union {
+ unsigned long values[2];
+ struct tomoyo_number_group *group;
+ u8 min_type;
+ u8 max_type;
+ u8 is_group;
+};
+
+/* Structure for "path_group" directive. */
+struct tomoyo_path_group {
+ struct list_head list;
+ const struct tomoyo_path_info *group_name;
+ struct list_head member_list;
+ atomic_t users;
+};
+
+/* Structure for "number_group" directive. */
+struct tomoyo_number_group {
+ struct list_head list;
+ const struct tomoyo_path_info *group_name;
+ struct list_head member_list;
+ atomic_t users;
+};
+
+/* Structure for "address_group" directive. */
+struct tomoyo_address_group {
+ struct list_head list;
+ const struct tomoyo_path_info *group_name;
+ struct list_head member_list;
+ atomic_t users;
+};
+
+/* Structure for "path_group" directive. */
+struct tomoyo_path_group_member {
+ struct list_head list;
+ bool is_deleted;
+ const struct tomoyo_path_info *member_name;
+};
+
+/* Structure for "number_group" directive. */
+struct tomoyo_number_group_member {
+ struct list_head list;
+ bool is_deleted;
+ struct tomoyo_number_union number;
+};
+
+/* Structure for "address_group" directive. */
+struct tomoyo_address_group_member {
+ struct list_head list;
+ bool is_deleted;
+ bool is_ipv6;
+ union {
+ u32 ipv4; /* Host byte order */
+ const struct in6_addr *ipv6; /* Network byte order */
+ } min, max;
+};
+
+
+/* Subset of "struct stat". */
+struct tomoyo_mini_stat {
+ uid_t uid;
+ gid_t gid;
+ ino_t ino;
+ mode_t mode;
+ dev_t dev;
+ dev_t rdev;
+};
+
+/* Structure for dumping argv[] and envp[] of "struct linux_binprm". */
+struct tomoyo_page_dump {
+ struct page *page; /* Previously dumped page. */
+ char *data; /* Contents of "page". Size is PAGE_SIZE. */
+};
+
+/* Structure for attribute checks in addition to pathname checks. */
+struct tomoyo_obj_info {
+ bool validate_done;
+ bool path1_valid;
+ bool path1_parent_valid;
+ bool path2_valid;
+ bool path2_parent_valid;
+ struct path path1;
+ struct path path2;
+ struct tomoyo_mini_stat path1_stat;
+ /* I don't handle path2_stat for rename operation. */
+ struct tomoyo_mini_stat path2_stat;
+ struct tomoyo_mini_stat path1_parent_stat;
+ struct tomoyo_mini_stat path2_parent_stat;
+ struct tomoyo_path_info *symlink_target;
+ unsigned int dev;
+};
+
+struct tomoyo_condition_element {
+ /*
+ * Left hand operand. A "struct tomoyo_argv_entry" for
+ * TOMOYO_ARGV_ENTRY, a "struct tomoyo_envp_entry" for
+ * TOMOYO_ENVP_ENTRY is attached to the tail of the array of this
+ * struct.
+ */
+ u8 left;
+ /*
+ * Right hand operand. A "struct tomoyo_number_union" for
+ * TOMOYO_NUMBER_UNION, a "struct tomoyo_name_union" for
+ * TOMOYO_NAME_UNION is attached to the tail of the array of this
+ * struct.
+ */
+ u8 right;
+ /* Equation operator. true if equals or overlaps, false otherwise. */
+ bool equals;
+};
+
+/* Structure for " if " and "; set" part. */
+struct tomoyo_condition {
+ struct list_head list;
+ atomic_t users;
+ u32 size;
+ u16 condc;
+ u16 numbers_count;
+ u16 names_count;
+ u16 argc;
+ u16 envc;
+ u8 post_state[4];
+ /*
+ * struct tomoyo_condition_element condition[condc];
+ * struct tomoyo_number_union values[numbers_count];
+ * struct tomoyo_name_union names[names_count];
+ * struct tomoyo_argv_entry argv[argc];
+ * struct tomoyo_envp_entry envp[envc];
+ */
+};
+
+struct tomoyo_execve_entry;
+
+/* Structure for request info. */
+struct tomoyo_request_info {
+ struct tomoyo_domain_info *domain;
+ struct tomoyo_obj_info *obj;
+ struct tomoyo_execve_entry *ee;
+ struct tomoyo_condition *cond;
+ u8 retry;
+ u8 profile;
+ u8 mode;
+ u8 type;
+};
+
+/*
+ * tomoyo_path_info is a structure which is used for holding a string data
+ * used by TOMOYO.
+ * This structure has several fields for supporting pattern matching.
+ *
+ * (1) "name" is the '\0' terminated string data.
+ * (2) "hash" is full_name_hash(name, strlen(name)).
+ * This allows tomoyo_pathcmp() to compare by hash before actually compare
+ * using strcmp().
+ * (3) "const_len" is the length of the initial segment of "name" which
+ * consists entirely of non wildcard characters. In other words, the length
+ * which we can compare two strings using strncmp().
+ * (4) "is_dir" is a bool which is true if "name" ends with "/",
+ * false otherwise.
+ * TOMOYO distinguishes directory and non-directory. A directory ends with
+ * "/" and non-directory does not end with "/".
+ * (5) "is_patterned" is a bool which is true if "name" contains wildcard
+ * characters, false otherwise. This allows TOMOYO to use "hash" and
+ * strcmp() for string comparison if "is_patterned" is false.
+ */
+struct tomoyo_path_info {
+ const char *name;
+ u32 hash; /* = full_name_hash(name, strlen(name)) */
+ u16 const_len; /* = tomoyo_const_part_length(name) */
+ bool is_dir; /* = tomoyo_strendswith(name, "/") */
+ bool is_patterned; /* = const_len < strlen(name) */
+};
+
+/* Structure for execve() operation. */
+struct tomoyo_execve_entry {
+ struct tomoyo_request_info r;
+ struct tomoyo_obj_info obj;
+ struct linux_binprm *bprm;
+ struct tomoyo_domain_info *previous_domain;
+ int reader_idx;
+ /* For execute_handler */
+ const struct tomoyo_path_info *handler;
+ char *handler_path; /* = kstrdup(handler->name, GFP_KERNEL) */
+ /* For dumping argv[] and envp[]. */
+ struct tomoyo_page_dump dump;
+ /* For temporary use. */
+ char *tmp; /* Size is TOMOYO_EXEC_TMPSIZE bytes */
+ atomic_t cred_users;
+};
+
+/*
+ * tomoyo_acl_info is a structure which is used for holding
+ *
+ * (1) "list" which is linked to the ->acl_info_list of
+ * "struct tomoyo_domain_info"
+ * (2) "type" which tells type of the enrty.
+ * (3) "is_deleted" is a bool which is true if marked as deleted, false
+ * otherwise.
+ * (4) "cond" is condition part ("if" clause and "; set" clause).
+ *
+ * Packing "struct tomoyo_acl_info" allows users of this struct
+ * to embed "u16" or "u8" without enlarging their structure size.
+ */
+struct tomoyo_acl_info {
+ struct list_head list;
+ struct tomoyo_condition *cond;
+ bool is_deleted;
+ u8 type; /* = one of values in "enum tomoyo_acl_entry_type_index" */
+} __attribute__((__packed__));
+
+/*
+ * tomoyo_domain_info is a structure which is used for holding permissions
+ * (e.g. "allow_read /lib/libc-2.5.so") given to each domain.
+ * It has following fields.
+ *
+ * (1) "list" which is linked to tomoyo_domain_list .
+ * (2) "acl_info_list" which is linked to "struct tomoyo_acl_info".
+ * (3) "domainname" which holds the name of the domain.
+ * (4) "profile" which remembers profile number assigned to this domain.
+ * (5) "is_deleted" is a bool which is true if this domain is marked as
+ * "deleted", false otherwise.
+ * (6) "quota_warned" is a bool which is used for suppressing warning message
+ * when learning mode learned too much entries.
+ * (7) "ignore_global_allow_read" is a bool which is true if this domain
+ * ignores tomoyo_globally_readable_list, false otherwise.
+ * (8) "ignore_global_allow_env" is a bool which is true if this domain
+ * ignores tomoyo_globally_usable_env_list, false otherwise.
+ * (9) "domain_transition_failed" is a bool which is true if this domain
+ * has failed to transit domain.
+ *
+ * A domain's lifecycle is an analogy of files on / directory.
+ * Multiple domains with the same domainname cannot be created (as with
+ * creating files with the same filename fails with -EEXIST).
+ * If a process reached a domain, that process can reside in that domain after
+ * that domain is marked as "deleted" (as with a process can access an already
+ * open()ed file after that file was unlink()ed).
+ */
+struct tomoyo_domain_info {
+ struct list_head list;
+ struct list_head acl_info_list;
+ /* Name of this domain. Never NULL. */
+ const struct tomoyo_path_info *domainname;
+ u8 profile; /* Profile number to use. */
+ bool is_deleted; /* Delete flag. */
+ bool quota_warned; /* Quota warnning flag. */
+ /* Ignore "allow_read" directive in exception policy. */
+ bool ignore_global_allow_read;
+ /* Ignore "allow_env" directive in exception policy. */
+ bool ignore_global_allow_env;
+ /*
+ * This domain was unable to create a new domain at
+ * tomoyo_find_next_domain() because the name of the domain to be
+ * created was too long or it could not allocate memory.
+ * More than one process continued execve() without domain transition.
+ */
+ bool domain_transition_failed;
+};
+
+/*
+ * tomoyo_globally_readable_file_entry is a structure which is used for holding
+ * "allow_read" entries.
+ * It has following fields.
+ *
+ * (1) "list" which is linked to tomoyo_globally_readable_list .
+ * (2) "filename" is a pathname which is allowed to open(O_RDONLY).
+ * (3) "is_deleted" is a bool which is true if marked as deleted, false
+ * otherwise.
+ */
+struct tomoyo_globally_readable_file_entry {
+ struct list_head list;
+ bool is_deleted;
+ const struct tomoyo_path_info *filename;
+};
+
+/*
+ * tomoyo_pattern_entry is a structure which is used for holding
+ * "tomoyo_pattern_list" entries.
+ * It has following fields.
+ *
+ * (1) "list" which is linked to tomoyo_pattern_list .
+ * (2) "pattern" is a pathname pattern which is used for converting pathnames
+ * to pathname patterns during learning mode.
+ * (3) "is_deleted" is a bool which is true if marked as deleted, false
+ * otherwise.
+ */
+struct tomoyo_pattern_entry {
+ struct list_head list;
+ bool is_deleted;
+ const struct tomoyo_path_info *pattern;
+};
+
+/*
+ * tomoyo_no_rewrite_entry is a structure which is used for holding
+ * "deny_rewrite" entries.
+ * It has following fields.
+ *
+ * (1) "list" which is linked to tomoyo_no_rewrite_list .
+ * (2) "pattern" is a pathname which is by default not permitted to modify
+ * already existing content.
+ * (3) "is_deleted" is a bool which is true if marked as deleted, false
+ * otherwise.
+ */
+struct tomoyo_no_rewrite_entry {
+ struct list_head list;
+ bool is_deleted;
+ const struct tomoyo_path_info *pattern;
+};
+
+/* Structure for "allow_env" keyword. */
+struct tomoyo_globally_usable_env_entry {
+ struct list_head list;
+ bool is_deleted;
+ const struct tomoyo_path_info *env;
+};
+
+/*
+ * tomoyo_domain_initializer_entry is a structure which is used for holding
+ * "initialize_domain" and "no_initialize_domain" entries.
+ * It has following fields.
+ *
+ * (1) "list" which is linked to tomoyo_domain_initializer_list .
+ * (2) "domainname" which is "a domainname" or "the last component of a
+ * domainname". This field is NULL if "from" clause is not specified.
+ * (3) "program" which is a program's pathname.
+ * (4) "is_deleted" is a bool which is true if marked as deleted, false
+ * otherwise.
+ * (5) "is_not" is a bool which is true if "no_initialize_domain", false
+ * otherwise.
+ * (6) "is_last_name" is a bool which is true if "domainname" is "the last
+ * component of a domainname", false otherwise.
+ */
+struct tomoyo_domain_initializer_entry {
+ struct list_head list;
+ bool is_deleted;
+ bool is_not; /* True if this entry is "no_initialize_domain". */
+ bool is_last_name; /* True if the domainname is tomoyo_last_word(). */
+ const struct tomoyo_path_info *domainname; /* This may be NULL */
+ const struct tomoyo_path_info *program;
+};
+
+/*
+ * tomoyo_domain_keeper_entry is a structure which is used for holding
+ * "keep_domain" and "no_keep_domain" entries.
+ * It has following fields.
+ *
+ * (1) "list" which is linked to tomoyo_domain_keeper_list .
+ * (2) "domainname" which is "a domainname" or "the last component of a
+ * domainname".
+ * (3) "program" which is a program's pathname.
+ * This field is NULL if "from" clause is not specified.
+ * (4) "is_deleted" is a bool which is true if marked as deleted, false
+ * otherwise.
+ * (5) "is_not" is a bool which is true if "no_initialize_domain", false
+ * otherwise.
+ * (6) "is_last_name" is a bool which is true if "domainname" is "the last
+ * component of a domainname", false otherwise.
+ */
+struct tomoyo_domain_keeper_entry {
+ struct list_head list;
+ bool is_deleted;
+ bool is_not; /* True if this entry is "no_keep_domain". */
+ bool is_last_name; /* True if the domainname is tomoyo_last_word(). */
+ const struct tomoyo_path_info *domainname;
+ const struct tomoyo_path_info *program; /* This may be NULL */
+};
+
+/* Structure for "aggregator" keyword. */
+struct tomoyo_aggregator_entry {
+ struct list_head list;
+ bool is_deleted;
+ const struct tomoyo_path_info *original_name;
+ const struct tomoyo_path_info *aggregated_name;
+};
+
+/* Structure for "allow_mount" keyword. */
+struct tomoyo_mount_acl {
+ struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_MOUNT_ACL */
+ struct tomoyo_name_union dev_name;
+ struct tomoyo_name_union dir_name;
+ struct tomoyo_name_union fs_type;
+ struct tomoyo_number_union flags;
+};
+
+/*
+ * tomoyo_policy_manager_entry is a structure which is used for holding list of
+ * domainnames or programs which are permitted to modify configuration via
+ * /sys/kernel/security/tomoyo/ interface.
+ * It has following fields.
+ *
+ * (1) "list" which is linked to tomoyo_policy_manager_list .
+ * (2) "manager" is a domainname or a program's pathname.
+ * (3) "is_domain" is a bool which is true if "manager" is a domainname, false
+ * otherwise.
+ * (4) "is_deleted" is a bool which is true if marked as deleted, false
+ * otherwise.
+ */
+struct tomoyo_policy_manager_entry {
+ struct list_head list;
+ bool is_deleted; /* True if this entry is deleted. */
+ bool is_domain; /* True if manager is a domainname. */
+ /* A path to program or a domainname. */
+ const struct tomoyo_path_info *manager;
+};
+
+/* Structure for argv[]. */
+struct tomoyo_argv_entry {
+ unsigned int index;
+ const struct tomoyo_path_info *value;
+ bool is_not;
+};
+
+/* Structure for envp[]. */
+struct tomoyo_envp_entry {
+ const struct tomoyo_path_info *name;
+ const struct tomoyo_path_info *value;
+ bool is_not;
+};
+
+/*
+ * Structure for "execute_handler" and "denied_execute_handler" directive.
+ * These directives can exist only one entry in a domain.
+ *
+ * If "execute_handler" directive exists and the current process is not
+ * an execute handler, all execve() requests are replaced by execve() requests
+ * of a program specified by "execute_handler" directive.
+ * If the current process is an execute handler,
+ * "execute_handler" and "denied_execute_handler" directives are ignored.
+ * The program specified by "execute_handler" validates execve() parameters
+ * and executes the original execve() requests if appropriate.
+ *
+ * "denied_execute_handler" directive is used only when execve() request was
+ * rejected in enforcing mode (i.e. MAC_FOR_FILE=enforcing).
+ * The program specified by "denied_execute_handler" does whatever it wants
+ * to do (e.g. silently terminate, change firewall settings,
+ * redirect the user to honey pot etc.).
+ */
+struct tomoyo_execute_handler_record {
+ struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_*EXECUTE_HANDLER */
+ /* Pointer to single pathname. */
+ const struct tomoyo_path_info *handler;
+};
+
+/*
+ * tomoyo_path_acl is a structure which is used for holding an entry with
+ * one pathname operation (e.g. open(), unlink()).
+ * It has following fields.
+ *
+ * (1) "head" which is a "struct tomoyo_acl_info".
+ * (2) "perm" which is a bitmask of permitted operations.
+ * (3) "name" is the pathname or pathname group.
+ *
+ * Directives held by this structure are "allow_read/write", "allow_execute",
+ * "allow_read", "allow_write", "allow_unlink", "allow_rmdir",
+ * "allow_truncate", "allow_symlink", "allow_rewrite", "allow_chroot" and
+ * "allow_unmount".
+ */
+struct tomoyo_path_acl {
+ struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH_ACL */
+ u16 perm;
+ struct tomoyo_name_union name;
+};
+
+/* Structure for "allow_mkblock" and "allow_mkchar" directive. */
+struct tomoyo_path_number3_acl {
+ struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH_NUMBER3_ACL */
+ u8 perm;
+ struct tomoyo_name_union name;
+ struct tomoyo_number_union mode;
+ struct tomoyo_number_union major;
+ struct tomoyo_number_union minor;
+};
+
+/*
+ * tomoyo_path2_acl is a structure which is used for holding an entry with
+ * two pathnames operation (i.e. link(), rename(), pivot_root()).
+ * It has following fields.
+ *
+ * (1) "head" which is a "struct tomoyo_acl_info".
+ * (2) "perm" which is a bitmask of permitted operations.
+ * (3) "filename1" is the source/old pathname.
+ * (4) "filename2" is the destination/new pathname.
+ *
+ * Directives held by this structure are "allow_rename", "allow_link" and
+ * "allow_pivot_root".
+ */
+struct tomoyo_path2_acl {
+ struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH2_ACL */
+ u8 perm;
+ struct tomoyo_name_union name1;
+ struct tomoyo_name_union name2;
+};
+
+/*
+ * Structure for "allow_create", "allow_mkdir", "allow_mkfifo", "allow_mksock",
+ * "allow_ioctl", "allow_chmod", "allow_chown" and "allow_chgrp" directive.
+ */
+struct tomoyo_path_number_acl {
+ struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH_NUMBER_ACL */
+ u8 perm;
+ struct tomoyo_name_union name;
+ struct tomoyo_number_union number;
+};
+
+/* Structure for "allow_env" directive in domain policy. */
+struct tomoyo_env_acl {
+ struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_ENV_ACL */
+ const struct tomoyo_path_info *env; /* environment variable */
+};
+
+/* Structure for "allow_capability" directive. */
+struct tomoyo_capability_acl {
+ struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_CAPABILITY_ACL */
+ u8 operation;
+};
+
+struct tomoyo_ipv6addr_entry {
+ struct list_head list;
+ atomic_t users;
+ struct in6_addr addr;
+};
+
+/* Structure for "allow_network" directive. */
+struct tomoyo_ip_network_acl {
+ struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_IP_NETWORK_ACL */
+ u16 perm;
+ /*
+ * address_type takes one of the following constants.
+ * TOMOYO_IP_ADDRESS_TYPE_ADDRESS_GROUP
+ * if address points to "address_group" directive.
+ * TOMOYO_IP_ADDRESS_TYPE_IPv4
+ * if address points to an IPv4 address.
+ * TOMOYO_IP_ADDRESS_TYPE_IPv6
+ * if address points to an IPv6 address.
+ */
+ u8 address_type;
+ union {
+ struct {
+ /* Start of IPv4 address range. Host endian. */
+ u32 min;
+ /* End of IPv4 address range. Host endian. */
+ u32 max;
+ } ipv4;
+ struct {
+ /* Start of IPv6 address range. Big endian. */
+ const struct in6_addr *min;
+ /* End of IPv6 address range. Big endian. */
+ const struct in6_addr *max;
+ } ipv6;
+ /* Pointer to address group. */
+ struct tomoyo_address_group *group;
+ } address;
+ struct tomoyo_number_union port;
+};
+
+
+/*
+ * tomoyo_io_buffer is a structure which is used for reading and modifying
+ * configuration via /sys/kernel/security/tomoyo/ interface.
+ * It has many fields. ->read_var1 , ->read_var2 , ->write_var1 are used as
+ * cursors.
+ *
+ * Since the content of /sys/kernel/security/tomoyo/domain_policy is a list of
+ * "struct tomoyo_domain_info" entries and each "struct tomoyo_domain_info"
+ * entry has a list of "struct tomoyo_acl_info", we need two cursors when
+ * reading (one is for traversing tomoyo_domain_list and the other is for
+ * traversing "struct tomoyo_acl_info"->acl_info_list ).
+ *
+ * If a line written to /sys/kernel/security/tomoyo/domain_policy starts with
+ * "select ", TOMOYO seeks the cursor ->read_var1 and ->write_var1 to the
+ * domain with the domainname specified by the rest of that line (NULL is set
+ * if seek failed).
+ * If a line written to /sys/kernel/security/tomoyo/domain_policy starts with
+ * "delete ", TOMOYO deletes an entry or a domain specified by the rest of that
+ * line (->write_var1 is set to NULL if a domain was deleted).
+ * If a line written to /sys/kernel/security/tomoyo/domain_policy starts with
+ * neither "select " nor "delete ", an entry or a domain specified by that line
+ * is appended.
+ */
+struct tomoyo_io_buffer {
+ void (*read) (struct tomoyo_io_buffer *);
+ int (*write) (struct tomoyo_io_buffer *);
+ int (*poll) (struct file *file, poll_table *wait);
+ /* Exclusive lock for this structure. */
+ struct mutex io_sem;
+ /* Index returned by tomoyo_read_lock(). */
+ int reader_idx;
+ /* The position currently reading from. */
+ struct list_head *read_var1;
+ /* Extra variables for reading. */
+ struct list_head *read_var2;
+ /* The position currently writing to. */
+ struct tomoyo_domain_info *write_var1;
+ /* The step for reading. */
+ int read_step;
+ /* Buffer for reading. */
+ char *read_buf;
+ /* EOF flag for reading. */
+ bool read_eof;
+ /* Read domain ACL of specified PID? */
+ bool read_single_domain;
+ /* Read allow_execute entry only? */
+ bool read_execute_only;
+ /* Extra variable for reading. */
+ u8 read_bit;
+ /* Bytes available for reading. */
+ int read_avail;
+ /* Size of read buffer. */
+ int readbuf_size;
+ /* Buffer for writing. */
+ char *write_buf;
+ /* Bytes available for writing. */
+ int write_avail;
+ /* Size of write buffer. */
+ int writebuf_size;
+ /* Type of this interface. */
+ u8 type;
+};
+
+struct tomoyo_preference {
+#ifdef CONFIG_SECURITY_TOMOYO_AUDIT
+ unsigned int audit_max_grant_log;
+ unsigned int audit_max_reject_log;
+#endif
+ unsigned int learning_max_entry;
+ unsigned int enforcing_penalty;
+ bool audit_task_info;
+ bool audit_path_info;
+ bool enforcing_verbose;
+ bool learning_verbose;
+ bool learning_exec_realpath;
+ bool learning_exec_argv0;
+ bool learning_symlink_target;
+ bool permissive_verbose;
+};
+
+/*
+ * tomoyo_profile is a structure which is used for holding the mode of access
+ * controls. TOMOYO has 4 modes: disabled, learning, permissive, enforcing.
+ * An administrator can define up to 256 profiles.
+ * The ->profile of "struct tomoyo_domain_info" is used for remembering
+ * the profile's number (0 - 255) assigned to that domain.
+ *
+ * audit/learning/permissive/enforcing point to either self->preference or
+ * tomoyo_default_profile->preference.
+ */
+struct tomoyo_profile {
+ const struct tomoyo_path_info *comment;
+ struct tomoyo_preference *audit;
+ struct tomoyo_preference *learning;
+ struct tomoyo_preference *permissive;
+ struct tomoyo_preference *enforcing;
+ struct tomoyo_preference preference;
+ u8 default_config;
+ u8 config[TOMOYO_MAX_MAC_INDEX + TOMOYO_MAX_CAPABILITY_INDEX
+ + TOMOYO_MAX_MAC_CATEGORY_INDEX];
+};
+
+/* Prototype definition. */
+
+bool tomoyo_address_matches_group(const bool is_ipv6, const u32 *address,
+ const struct tomoyo_address_group *group);
+bool tomoyo_commit_ok(void *ptr, void *data, const unsigned int size);
+bool tomoyo_compare_name_union(const struct tomoyo_path_info *name,
+ const struct tomoyo_name_union *ptr);
+bool tomoyo_compare_number_union(const unsigned long value,
+ const struct tomoyo_number_union *ptr);
+bool tomoyo_condition(struct tomoyo_request_info *r,
+ const struct tomoyo_acl_info *acl);
+bool tomoyo_domain_quota_ok(struct tomoyo_request_info *r);
+bool tomoyo_dump_page(struct linux_binprm *bprm, unsigned long pos,
+ struct tomoyo_page_dump *dump);
+bool tomoyo_get_audit(const u8 profile, const u8 index, const bool is_granted);
+bool tomoyo_io_printf(struct tomoyo_io_buffer *head, const char *fmt, ...)
+ __attribute__ ((format(printf, 2, 3)));
+bool tomoyo_is_correct_domain(const unsigned char *domainname);
+bool tomoyo_is_correct_path(const char *filename, const s8 start_type,
+ const s8 pattern_type, const s8 end_type);
+bool tomoyo_is_domain_def(const unsigned char *buffer);
+bool tomoyo_memory_ok(const void *ptr, const unsigned int size);
+bool tomoyo_number_matches_group(const unsigned long min,
+ const unsigned long max,
+ const struct tomoyo_number_group *group);
+bool tomoyo_parse_name_union(const char *filename,
+ struct tomoyo_name_union *ptr);
+bool tomoyo_parse_number_union(char *data, struct tomoyo_number_union *num);
+bool tomoyo_path_matches_group(const struct tomoyo_path_info *pathname,
+ const struct tomoyo_path_group *group,
+ const bool may_use_pattern);
+bool tomoyo_path_matches_pattern(const struct tomoyo_path_info *filename,
+ const struct tomoyo_path_info *pattern);
+bool tomoyo_print_number_union(struct tomoyo_io_buffer *head,
+ const struct tomoyo_number_union *ptr);
+bool tomoyo_read_address_group_policy(struct tomoyo_io_buffer *head);
+bool tomoyo_read_aggregator_policy(struct tomoyo_io_buffer *head);
+bool tomoyo_read_domain_initializer_policy(struct tomoyo_io_buffer *head);
+bool tomoyo_read_domain_keeper_policy(struct tomoyo_io_buffer *head);
+bool tomoyo_read_file_pattern(struct tomoyo_io_buffer *head);
+bool tomoyo_read_globally_readable_policy(struct tomoyo_io_buffer *head);
+bool tomoyo_read_globally_usable_env_policy(struct tomoyo_io_buffer *head);
+bool tomoyo_read_no_rewrite_policy(struct tomoyo_io_buffer *head);
+bool tomoyo_read_number_group_policy(struct tomoyo_io_buffer *head);
+bool tomoyo_read_path_group_policy(struct tomoyo_io_buffer *head);
+bool tomoyo_str_starts(char **src, const char *find);
+bool tomoyo_tokenize(char *buffer, char *w[], size_t size);
+char *tomoyo_encode(const char *str);
+char *tomoyo_init_audit_log(int *len, struct tomoyo_request_info *r);
+char *tomoyo_realpath_from_path(struct path *path);
+const char *tomoyo_cap2keyword(const u8 operation);
+const char *tomoyo_file_pattern(const struct tomoyo_path_info *filename);
+const char *tomoyo_get_exe(void);
+const char *tomoyo_last_word(const char *name);
+const char *tomoyo_net2keyword(const u8 operation);
+const char *tomoyo_path22keyword(const u8 operation);
+const char *tomoyo_path2keyword(const u8 operation);
+const char *tomoyo_path_number2keyword(const u8 operation);
+const char *tomoyo_path_number32keyword(const u8 operation);
+const struct tomoyo_path_info *tomoyo_get_name(const char *name);
+const struct in6_addr *tomoyo_get_ipv6_address(const struct in6_addr *addr);
+int tomoyo_close_control(struct file *file);
+int tomoyo_delete_domain(char *data);
+int tomoyo_env_perm(struct tomoyo_request_info *r, const char *env);
+int tomoyo_exec_perm(struct tomoyo_request_info *r,
+ const struct tomoyo_path_info *filename);
+int tomoyo_get_mode(const u8 profile, const u8 index);
+int tomoyo_get_path(const char *pathname, struct path *path);
+int tomoyo_init_request_info(struct tomoyo_request_info *r,
+ struct tomoyo_domain_info *domain,
+ const u8 index);
+int tomoyo_open_control(const u8 type, struct file *file);
+int tomoyo_parse_ip_address(char *address, u16 *min, u16 *max);
+int tomoyo_poll_control(struct file *file, poll_table *wait);
+int tomoyo_poll_grant_log(struct file *file, poll_table *wait);
+int tomoyo_poll_reject_log(struct file *file, poll_table *wait);
+int tomoyo_read_control(struct file *file, char __user *buffer,
+ const int buffer_len);
+int tomoyo_read_lock(void) __acquires(tomoyo_ss);
+int tomoyo_supervisor(struct tomoyo_request_info *r, const char *fmt, ...)
+ __attribute__ ((format(printf, 2, 3)));
+int tomoyo_symlink_path(const char *pathname, struct tomoyo_path_info *name);
+int tomoyo_write_address_group_policy(char *data, const bool is_delete);
+int tomoyo_write_aggregator_policy(char *data, const bool is_delete);
+int tomoyo_write_audit_log(const bool is_granted,
+ struct tomoyo_request_info *r,
+ const char *fmt, ...)
+ __attribute__ ((format(printf, 3, 4)));
+int tomoyo_write_capability_policy(char *data,
+ struct tomoyo_domain_info *domain,
+ struct tomoyo_condition *condition,
+ const bool is_delete);
+int tomoyo_write_control(struct file *file, const char __user *buffer,
+ const int buffer_len);
+int tomoyo_write_domain_initializer_policy(char *data, const bool is_not,
+ const bool is_delete);
+int tomoyo_write_domain_keeper_policy(char *data, const bool is_not,
+ const bool is_delete);
+int tomoyo_write_env_policy(char *data, struct tomoyo_domain_info *domain,
+ struct tomoyo_condition *condition,
+ const bool is_delete);
+int tomoyo_write_file_policy(char *data, struct tomoyo_domain_info *domain,
+ struct tomoyo_condition *condition,
+ const bool is_delete);
+int tomoyo_write_globally_readable_policy(char *data, const bool is_delete);
+int tomoyo_write_globally_usable_env_policy(char *data, const bool is_delete);
+int tomoyo_write_memory_quota(struct tomoyo_io_buffer *head);
+int tomoyo_write_mount_policy(char *data, struct tomoyo_domain_info *domain,
+ struct tomoyo_condition *condition,
+ const bool is_delete);
+int tomoyo_write_network_policy(char *data, struct tomoyo_domain_info *domain,
+ struct tomoyo_condition *condition,
+ const bool is_delete);
+int tomoyo_write_no_rewrite_policy(char *data, const bool is_delete);
+int tomoyo_write_number_group_policy(char *data, const bool is_delete);
+int tomoyo_write_path_group_policy(char *data, const bool is_delete);
+int tomoyo_write_pattern_policy(char *data, const bool is_delete);
+struct tomoyo_address_group *tomoyo_get_address_group(const char *group_name);
+struct tomoyo_condition *tomoyo_get_condition(char * const condition);
+struct tomoyo_domain_info *tomoyo_find_domain(const char *domainname);
+struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain
+(const char *domainname, const u8 profile);
+struct tomoyo_number_group *tomoyo_get_number_group(const char *group_name);
+struct tomoyo_path_group *tomoyo_get_path_group(const char *group_name);
+struct tomoyo_profile *tomoyo_profile(const u8 profile);
+u8 tomoyo_parse_ulong(unsigned long *result, char **str);
+void tomoyo_check_profile(void);
+void tomoyo_fill_path_info(struct tomoyo_path_info *ptr);
+void tomoyo_get_attributes(struct tomoyo_obj_info *obj);
+void tomoyo_load_policy(const char *filename);
+void tomoyo_memory_free(const void *ptr, size_t size);
+void tomoyo_normalize_line(unsigned char *buffer);
+void tomoyo_print_ipv6(char *buffer, const int buffer_len,
+ const struct in6_addr *ip);
+void tomoyo_print_ulong(char *buffer, const int buffer_len,
+ const unsigned long value, const u8 type);
+void tomoyo_put_address_group(struct tomoyo_address_group *group);
+void tomoyo_put_condition(struct tomoyo_condition *cond);
+void tomoyo_put_ipv6_address(const struct in6_addr *addr);
+void tomoyo_put_name(const struct tomoyo_path_info *name);
+void tomoyo_put_name_union(struct tomoyo_name_union *ptr);
+void tomoyo_put_number_group(struct tomoyo_number_group *group);
+void tomoyo_put_number_union(struct tomoyo_number_union *ptr);
+void tomoyo_put_path_group(struct tomoyo_path_group *group);
+void tomoyo_read_grant_log(struct tomoyo_io_buffer *head);
+void tomoyo_read_memory_counter(struct tomoyo_io_buffer *head);
+void tomoyo_read_reject_log(struct tomoyo_io_buffer *head);
+void tomoyo_read_unlock(const int idx) __releases(tomoyo_ss);
+void tomoyo_run_gc(void);
+void tomoyo_warn_log(struct tomoyo_request_info *r, const char *fmt, ...)
+ __attribute__ ((format(printf, 2, 3)));
+void tomoyo_warn_oom(const char *function);
+int tomoyo_start_execve(struct linux_binprm *bprm);
+void tomoyo_finish_execve(struct tomoyo_execve_entry *ee, const bool rollback);
+int tomoyo_file_perm(struct tomoyo_request_info *r,
+ const struct tomoyo_path_info *filename, const u8 mode);
+int tomoyo_chroot_permission(struct path *path);
+int tomoyo_mount_permission(char *dev_name, struct path *dir, char *type,
+ const unsigned long flags);
+int tomoyo_pivot_root_permission(struct path *old_path, struct path *new_path);
+int tomoyo_umount_permission(struct vfsmount *mnt);
+int tomoyo_open_permission(struct dentry *dentry, struct vfsmount *mnt,
+ const int flag);
+int tomoyo_rewrite_permission(struct file *filp);
+int tomoyo_ioctl_permission(struct file *filp, unsigned int cmd,
+ unsigned long arg);
+_Bool tomoyo_capable(const u8 operation);
+int tomoyo_mknod_permission(struct inode *dir, struct dentry *dentry,
+ struct vfsmount *mnt, unsigned int mode,
+ unsigned int dev);
+int tomoyo_mkdir_permission(struct inode *dir, struct dentry *dentry,
+ struct vfsmount *mnt, unsigned int mode);
+int tomoyo_rmdir_permission(struct inode *dir, struct dentry *dentry,
+ struct vfsmount *mnt);
+int tomoyo_unlink_permission(struct inode *dir, struct dentry *dentry,
+ struct vfsmount *mnt);
+int tomoyo_symlink_permission(struct inode *dir, struct dentry *dentry,
+ struct vfsmount *mnt, const char *from);
+int tomoyo_truncate_permission(struct dentry *dentry, struct vfsmount *mnt,
+ loff_t length, unsigned int time_attrs);
+int tomoyo_rename_permission(struct inode *old_dir, struct dentry *old_dentry,
+ struct inode *new_dir, struct dentry *new_dentry,
+ struct vfsmount *mnt);
+int tomoyo_link_permission(struct dentry *old_dentry, struct inode *new_dir,
+ struct dentry *new_dentry, struct vfsmount *mnt);
+int tomoyo_socket_create_permission(int family, int type, int protocol);
+int tomoyo_socket_listen_permission(struct socket *sock);
+int tomoyo_socket_connect_permission(struct socket *sock,
+ struct sockaddr *addr, int addr_len);
+int tomoyo_socket_bind_permission(struct socket *sock, struct sockaddr *addr,
+ int addr_len);
+int tomoyo_socket_accept_permission(struct socket *sock);
+int tomoyo_socket_sendmsg_permission(struct socket *sock, struct msghdr *msg);
+int tomoyo_chown_permission(struct dentry *dentry, struct vfsmount *mnt,
+ uid_t user, gid_t group);
+int tomoyo_chmod_permission(struct dentry *dentry, struct vfsmount *mnt,
+ mode_t mode);
+
+/* strcmp() for "struct tomoyo_path_info" structure. */
+static inline bool tomoyo_pathcmp(const struct tomoyo_path_info *a,
+ const struct tomoyo_path_info *b)
+{
+ return a->hash != b->hash || strcmp(a->name, b->name);
+}
+
+static inline int tomoyo_memcmp(void *a, void *b, const u8 offset,
+ const u8 size)
+{
+ return memcmp(((char *) a) + offset, ((char *) b) + offset,
+ size - offset);
+}
+
+extern struct mutex tomoyo_policy_lock;
+extern struct list_head tomoyo_domain_list;
+extern struct list_head tomoyo_address_group_list;
+extern struct list_head tomoyo_globally_readable_list;
+extern struct list_head tomoyo_path_group_list;
+extern struct list_head tomoyo_number_group_list;
+extern struct list_head tomoyo_pattern_list;
+extern struct list_head tomoyo_no_rewrite_list;
+extern struct list_head tomoyo_globally_usable_env_list;
+extern struct list_head tomoyo_domain_initializer_list;
+extern struct list_head tomoyo_domain_keeper_list;
+extern struct list_head tomoyo_aggregator_list;
+extern struct list_head tomoyo_policy_manager_list;
+extern __initdata bool tomoyo_registered;
+extern bool tomoyo_policy_loaded;
+extern struct tomoyo_domain_info tomoyo_kernel_domain;
+extern const char *tomoyo_condition_keyword[TOMOYO_MAX_CONDITION_KEYWORD];
+extern unsigned int tomoyo_audit_log_memory_size;
+extern unsigned int tomoyo_quota_for_audit_log;
+extern unsigned int tomoyo_query_memory_size;
+extern unsigned int tomoyo_quota_for_query;
+
+static inline struct tomoyo_domain_info *tomoyo_task_domain(struct task_struct
+ *task)
+{
+ return task->tomoyo_domain_info ?
+ task->tomoyo_domain_info : &tomoyo_kernel_domain;
+}
+
+static inline struct tomoyo_domain_info *tomoyo_current_domain(void)
+{
+ struct task_struct *task = current;
+ if (!task->tomoyo_domain_info)
+ task->tomoyo_domain_info = &tomoyo_kernel_domain;
+ return task->tomoyo_domain_info;
+}
+
+static inline void tomoyo_add_domain_acl(struct tomoyo_domain_info *domain,
+ struct tomoyo_acl_info *acl)
+{
+ if (acl->cond)
+ atomic_inc(&acl->cond->users);
+ list_add_tail_rcu(&acl->list, &domain->acl_info_list);
+}
+
+#if defined(CONFIG_SLOB)
+static inline int tomoyo_round2(size_t size)
+{
+ return size;
+}
+#else
+static inline int tomoyo_round2(size_t size)
+{
+#if PAGE_SIZE == 4096
+ size_t bsize = 32;
+#else
+ size_t bsize = 64;
+#endif
+ if (!size)
+ return 0;
+ while (size > bsize)
+ bsize <<= 1;
+ return bsize;
+}
+#endif
+
+#if defined(__LITTLE_ENDIAN)
+#define HIPQUAD(addr) \
+ ((unsigned char *)&addr)[3], \
+ ((unsigned char *)&addr)[2], \
+ ((unsigned char *)&addr)[1], \
+ ((unsigned char *)&addr)[0]
+#elif defined(__BIG_ENDIAN)
+#define HIPQUAD NIPQUAD
+#else
+#error "Please fix asm/byteorder.h"
+#endif /* __LITTLE_ENDIAN */
+
+#endif

--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/