Lines Matching refs:r
165 static int tomoyo_audit_path_log(struct tomoyo_request_info *r) in tomoyo_audit_path_log() argument
167 return tomoyo_supervisor(r, "file %s %s\n", tomoyo_path_keyword in tomoyo_audit_path_log()
168 [r->param.path.operation], in tomoyo_audit_path_log()
169 r->param.path.filename->name); in tomoyo_audit_path_log()
179 static int tomoyo_audit_path2_log(struct tomoyo_request_info *r) in tomoyo_audit_path2_log() argument
181 return tomoyo_supervisor(r, "file %s %s %s\n", tomoyo_mac_keywords in tomoyo_audit_path2_log()
182 [tomoyo_pp2mac[r->param.path2.operation]], in tomoyo_audit_path2_log()
183 r->param.path2.filename1->name, in tomoyo_audit_path2_log()
184 r->param.path2.filename2->name); in tomoyo_audit_path2_log()
194 static int tomoyo_audit_mkdev_log(struct tomoyo_request_info *r) in tomoyo_audit_mkdev_log() argument
196 return tomoyo_supervisor(r, "file %s %s 0%o %u %u\n", in tomoyo_audit_mkdev_log()
198 [tomoyo_pnnn2mac[r->param.mkdev.operation]], in tomoyo_audit_mkdev_log()
199 r->param.mkdev.filename->name, in tomoyo_audit_mkdev_log()
200 r->param.mkdev.mode, r->param.mkdev.major, in tomoyo_audit_mkdev_log()
201 r->param.mkdev.minor); in tomoyo_audit_mkdev_log()
211 static int tomoyo_audit_path_number_log(struct tomoyo_request_info *r) in tomoyo_audit_path_number_log() argument
213 const u8 type = r->param.path_number.operation; in tomoyo_audit_path_number_log()
231 tomoyo_print_ulong(buffer, sizeof(buffer), r->param.path_number.number, in tomoyo_audit_path_number_log()
233 return tomoyo_supervisor(r, "file %s %s %s\n", tomoyo_mac_keywords in tomoyo_audit_path_number_log()
235 r->param.path_number.filename->name, buffer); in tomoyo_audit_path_number_log()
250 static bool tomoyo_check_path_acl(struct tomoyo_request_info *r, in tomoyo_check_path_acl() argument
255 if (acl->perm & (1 << r->param.path.operation)) { in tomoyo_check_path_acl()
256 r->param.path.matched_path = in tomoyo_check_path_acl()
257 tomoyo_compare_name_union(r->param.path.filename, in tomoyo_check_path_acl()
259 return r->param.path.matched_path != NULL; in tomoyo_check_path_acl()
272 static bool tomoyo_check_path_number_acl(struct tomoyo_request_info *r, in tomoyo_check_path_number_acl() argument
277 return (acl->perm & (1 << r->param.path_number.operation)) && in tomoyo_check_path_number_acl()
278 tomoyo_compare_number_union(r->param.path_number.number, in tomoyo_check_path_number_acl()
280 tomoyo_compare_name_union(r->param.path_number.filename, in tomoyo_check_path_number_acl()
292 static bool tomoyo_check_path2_acl(struct tomoyo_request_info *r, in tomoyo_check_path2_acl() argument
297 return (acl->perm & (1 << r->param.path2.operation)) && in tomoyo_check_path2_acl()
298 tomoyo_compare_name_union(r->param.path2.filename1, &acl->name1) in tomoyo_check_path2_acl()
299 && tomoyo_compare_name_union(r->param.path2.filename2, in tomoyo_check_path2_acl()
311 static bool tomoyo_check_mkdev_acl(struct tomoyo_request_info *r, in tomoyo_check_mkdev_acl() argument
316 return (acl->perm & (1 << r->param.mkdev.operation)) && in tomoyo_check_mkdev_acl()
317 tomoyo_compare_number_union(r->param.mkdev.mode, in tomoyo_check_mkdev_acl()
319 tomoyo_compare_number_union(r->param.mkdev.major, in tomoyo_check_mkdev_acl()
321 tomoyo_compare_number_union(r->param.mkdev.minor, in tomoyo_check_mkdev_acl()
323 tomoyo_compare_name_union(r->param.mkdev.filename, in tomoyo_check_mkdev_acl()
558 static int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation, in tomoyo_path_permission() argument
563 r->type = tomoyo_p2mac[operation]; in tomoyo_path_permission()
564 r->mode = tomoyo_get_mode(r->domain->ns, r->profile, r->type); in tomoyo_path_permission()
565 if (r->mode == TOMOYO_CONFIG_DISABLED) in tomoyo_path_permission()
567 r->param_type = TOMOYO_TYPE_PATH_ACL; in tomoyo_path_permission()
568 r->param.path.filename = filename; in tomoyo_path_permission()
569 r->param.path.operation = operation; in tomoyo_path_permission()
571 tomoyo_check_acl(r, tomoyo_check_path_acl); in tomoyo_path_permission()
572 error = tomoyo_audit_path_log(r); in tomoyo_path_permission()
587 int tomoyo_execute_permission(struct tomoyo_request_info *r, in tomoyo_execute_permission() argument
595 r->type = TOMOYO_MAC_FILE_EXECUTE; in tomoyo_execute_permission()
596 r->mode = tomoyo_get_mode(r->domain->ns, r->profile, r->type); in tomoyo_execute_permission()
597 r->param_type = TOMOYO_TYPE_PATH_ACL; in tomoyo_execute_permission()
598 r->param.path.filename = filename; in tomoyo_execute_permission()
599 r->param.path.operation = TOMOYO_TYPE_EXECUTE; in tomoyo_execute_permission()
600 tomoyo_check_acl(r, tomoyo_check_path_acl); in tomoyo_execute_permission()
601 r->ee->transition = r->matched_acl && r->matched_acl->cond ? in tomoyo_execute_permission()
602 r->matched_acl->cond->transit : NULL; in tomoyo_execute_permission()
603 if (r->mode != TOMOYO_CONFIG_DISABLED) in tomoyo_execute_permission()
604 return tomoyo_audit_path_log(r); in tomoyo_execute_permission()
693 struct tomoyo_request_info r; in tomoyo_path_number_perm() local
701 if (tomoyo_init_request_info(&r, NULL, tomoyo_pn2mac[type]) in tomoyo_path_number_perm()
707 r.obj = &obj; in tomoyo_path_number_perm()
710 r.param_type = TOMOYO_TYPE_PATH_NUMBER_ACL; in tomoyo_path_number_perm()
711 r.param.path_number.operation = type; in tomoyo_path_number_perm()
712 r.param.path_number.filename = &buf; in tomoyo_path_number_perm()
713 r.param.path_number.number = number; in tomoyo_path_number_perm()
715 tomoyo_check_acl(&r, tomoyo_check_path_number_acl); in tomoyo_path_number_perm()
716 error = tomoyo_audit_path_number_log(&r); in tomoyo_path_number_perm()
721 if (r.mode != TOMOYO_CONFIG_ENFORCING) in tomoyo_path_number_perm()
741 struct tomoyo_request_info r; in tomoyo_check_open_permission() local
748 r.mode = TOMOYO_CONFIG_DISABLED; in tomoyo_check_open_permission()
751 tomoyo_init_request_info(&r, domain, TOMOYO_MAC_FILE_OPEN) in tomoyo_check_open_permission()
757 r.obj = &obj; in tomoyo_check_open_permission()
759 error = tomoyo_path_permission(&r, TOMOYO_TYPE_READ, in tomoyo_check_open_permission()
762 error = tomoyo_path_permission(&r, (flag & O_APPEND) ? in tomoyo_check_open_permission()
770 if (r.mode != TOMOYO_CONFIG_ENFORCING) in tomoyo_check_open_permission()
787 struct tomoyo_request_info r; in tomoyo_path_perm() local
797 if (tomoyo_init_request_info(&r, NULL, tomoyo_p2mac[operation]) in tomoyo_path_perm()
800 is_enforce = (r.mode == TOMOYO_CONFIG_ENFORCING); in tomoyo_path_perm()
806 r.obj = &obj; in tomoyo_path_perm()
820 error = tomoyo_path_permission(&r, operation, &buf); in tomoyo_path_perm()
844 struct tomoyo_request_info r; in tomoyo_mkdev_perm() local
852 if (tomoyo_init_request_info(&r, NULL, tomoyo_pnnn2mac[operation]) in tomoyo_mkdev_perm()
858 r.obj = &obj; in tomoyo_mkdev_perm()
860 r.param_type = TOMOYO_TYPE_MKDEV_ACL; in tomoyo_mkdev_perm()
861 r.param.mkdev.filename = &buf; in tomoyo_mkdev_perm()
862 r.param.mkdev.operation = operation; in tomoyo_mkdev_perm()
863 r.param.mkdev.mode = mode; in tomoyo_mkdev_perm()
864 r.param.mkdev.major = MAJOR(dev); in tomoyo_mkdev_perm()
865 r.param.mkdev.minor = MINOR(dev); in tomoyo_mkdev_perm()
866 tomoyo_check_acl(&r, tomoyo_check_mkdev_acl); in tomoyo_mkdev_perm()
867 error = tomoyo_audit_mkdev_log(&r); in tomoyo_mkdev_perm()
871 if (r.mode != TOMOYO_CONFIG_ENFORCING) in tomoyo_mkdev_perm()
891 struct tomoyo_request_info r; in tomoyo_path2_perm() local
898 if (tomoyo_init_request_info(&r, NULL, tomoyo_pp2mac[operation]) in tomoyo_path2_perm()
920 r.obj = &obj; in tomoyo_path2_perm()
921 r.param_type = TOMOYO_TYPE_PATH2_ACL; in tomoyo_path2_perm()
922 r.param.path2.operation = operation; in tomoyo_path2_perm()
923 r.param.path2.filename1 = &buf1; in tomoyo_path2_perm()
924 r.param.path2.filename2 = &buf2; in tomoyo_path2_perm()
926 tomoyo_check_acl(&r, tomoyo_check_path2_acl); in tomoyo_path2_perm()
927 error = tomoyo_audit_path2_log(&r); in tomoyo_path2_perm()
933 if (r.mode != TOMOYO_CONFIG_ENFORCING) in tomoyo_path2_perm()