tomoyo: Coding style fix. (cdcf6723) · Commits · e / devices / android_kernel_fairphone_FP5

security/tomoyo/audit.c

+20 −11

Original line number	Diff line number	Diff line
		@@ -32,6 +32,7 @@ static char tomoyo_print_bprm(struct linux_binprm bprm,
		int argv_count = bprm->argc;
		int envp_count = bprm->envc;
		bool truncated = false;

		if (!buffer)
		return NULL;
		len = snprintf(buffer, tomoyo_buffer_len - 1, "argv[]={ ");
		@@ -49,6 +50,7 @@ static char tomoyo_print_bprm(struct linux_binprm bprm,
		while (offset < PAGE_SIZE) {
		const char *kaddr = dump->data;
		const unsigned char c = kaddr[offset++];

		if (cp == last_start)
		*cp++ = '"';
		if (cp >= buffer + tomoyo_buffer_len - 32) {
		@@ -154,19 +156,18 @@ static char tomoyo_print_header(struct tomoyo_request_info r)
		char *buffer = kmalloc(tomoyo_buffer_len, GFP_NOFS);
		int pos;
		u8 i;

		if (!buffer)
		return NULL;

		tomoyo_convert_time(ktime_get_real_seconds(), &stamp);

		pos = snprintf(buffer, tomoyo_buffer_len - 1,
		"#%04u/%02u/%02u %02u:%02u:%02u# profile=%u mode=%s "
		"granted=%s (global-pid=%u) task={ pid=%u ppid=%u "
		"uid=%u gid=%u euid=%u egid=%u suid=%u sgid=%u "
		"fsuid=%u fsgid=%u }", stamp.year, stamp.month,
		stamp.day, stamp.hour, stamp.min, stamp.sec, r->profile,
		tomoyo_mode[r->mode], tomoyo_yesno(r->granted), gpid,
		tomoyo_sys_getpid(), tomoyo_sys_getppid(),
		"#%04u/%02u/%02u %02u:%02u:%02u# profile=%u mode=%s granted=%s (global-pid=%u) task={ pid=%u ppid=%u uid=%u gid=%u euid=%u egid=%u suid=%u sgid=%u fsuid=%u fsgid=%u }",
		stamp.year, stamp.month, stamp.day, stamp.hour,
		stamp.min, stamp.sec, r->profile, tomoyo_mode[r->mode],
		tomoyo_yesno(r->granted), gpid, tomoyo_sys_getpid(),
		tomoyo_sys_getppid(),
		from_kuid(&init_user_ns, current_uid()),
		from_kgid(&init_user_ns, current_gid()),
		from_kuid(&init_user_ns, current_euid()),
		@@ -185,6 +186,7 @@ static char tomoyo_print_header(struct tomoyo_request_info r)
		struct tomoyo_mini_stat *stat;
		unsigned int dev;
		umode_t mode;

		if (!obj->stat_valid[i])
		continue;
		stat = &obj->stat[i];
		@@ -193,8 +195,8 @@ static char tomoyo_print_header(struct tomoyo_request_info r)
		if (i & 1) {
		pos += snprintf(buffer + pos,
		tomoyo_buffer_len - 1 - pos,
		" path%u.parent={ uid=%u gid=%u "
		"ino=%lu perm=0%o }", (i >> 1) + 1,
		" path%u.parent={ uid=%u gid=%u ino=%lu perm=0%o }",
		(i >> 1) + 1,
		from_kuid(&init_user_ns, stat->uid),
		from_kgid(&init_user_ns, stat->gid),
		(unsigned long)stat->ino,
		@@ -202,8 +204,8 @@ static char tomoyo_print_header(struct tomoyo_request_info r)
		continue;
		}
		pos += snprintf(buffer + pos, tomoyo_buffer_len - 1 - pos,
		" path%u={ uid=%u gid=%u ino=%lu major=%u"
		" minor=%u perm=0%o type=%s", (i >> 1) + 1,
		" path%u={ uid=%u gid=%u ino=%lu major=%u minor=%u perm=0%o type=%s",
		(i >> 1) + 1,
		from_kuid(&init_user_ns, stat->uid),
		from_kgid(&init_user_ns, stat->gid),
		(unsigned long)stat->ino,
		@@ -249,6 +251,7 @@ char tomoyo_init_log(struct tomoyo_request_info r, int len, const char *fmt,
		const char *symlink = NULL;
		int pos;
		const char *domainname = r->domain->domainname->name;

		header = tomoyo_print_header(r);
		if (!header)
		return NULL;
		@@ -256,6 +259,7 @@ char tomoyo_init_log(struct tomoyo_request_info r, int len, const char *fmt,
		len += strlen(domainname) + strlen(header) + 10;
		if (r->ee) {
		struct file *file = r->ee->bprm->file;

		realpath = tomoyo_realpath_from_path(&file->f_path);
		bprm_info = tomoyo_print_bprm(r->ee->bprm, &r->ee->dump);
		if (!realpath \|\| !bprm_info)
		@@ -275,6 +279,7 @@ char tomoyo_init_log(struct tomoyo_request_info r, int len, const char *fmt,
		pos = snprintf(buf, len, "%s", header);
		if (realpath) {
		struct linux_binprm *bprm = r->ee->bprm;

		pos += snprintf(buf + pos, len - pos,
		" exec={ realpath=\"%s\" argc=%d envc=%d %s }",
		realpath, bprm->argc, bprm->envc, bprm_info);
		@@ -328,6 +333,7 @@ static bool tomoyo_get_audit(const struct tomoyo_policy_namespace *ns,
		const u8 category = tomoyo_index2category[index] +
		TOMOYO_MAX_MAC_INDEX;
		struct tomoyo_profile *p;

		if (!tomoyo_policy_loaded)
		return false;
		p = tomoyo_profile(ns, profile);
		@@ -362,6 +368,7 @@ void tomoyo_write_log2(struct tomoyo_request_info r, int len, const char fmt,
		char *buf;
		struct tomoyo_log *entry;
		bool quota_exceeded = false;

		if (!tomoyo_get_audit(r->domain->ns, r->profile, r->type,
		r->matched_acl, r->granted))
		goto out;
		@@ -413,6 +420,7 @@ void tomoyo_write_log(struct tomoyo_request_info r, const char fmt, ...)
		{
		va_list args;
		int len;

		va_start(args, fmt);
		len = vsnprintf((char *) &len, 1, fmt, args) + 1;
		va_end(args);
		@@ -431,6 +439,7 @@ void tomoyo_write_log(struct tomoyo_request_info r, const char fmt, ...)
		void tomoyo_read_log(struct tomoyo_io_buffer *head)
		{
		struct tomoyo_log *ptr = NULL;

		if (head->r.w_pos)
		return;
		kfree(head->read_buf);

security/tomoyo/common.c

+99 −39

File changed.

Preview size limit exceeded, changes collapsed.

security/tomoyo/common.h

+8 −5

Original line number	Diff line number	Diff line
		@@ -10,6 +10,8 @@
		#ifndef _SECURITY_TOMOYO_COMMON_H
		#define _SECURITY_TOMOYO_COMMON_H

		#define pr_fmt(fmt) fmt

		#include <linux/ctype.h>
		#include <linux/string.h>
		#include <linux/mm.h>
		@@ -788,8 +790,8 @@ struct tomoyo_acl_param {
		* interfaces.
		*/
		struct tomoyo_io_buffer {
		void (read) (struct tomoyo_io_buffer );
		int (write) (struct tomoyo_io_buffer );
		void (read)(struct tomoyo_io_buffer head);
		int (write)(struct tomoyo_io_buffer head);
		__poll_t (poll)(struct file file, poll_table *wait);
		/* Exclusive lock for this structure. */
		struct mutex io_sem;
		@@ -1131,6 +1133,7 @@ static inline void tomoyo_read_unlock(int idx)
		static inline pid_t tomoyo_sys_getppid(void)
		{
		pid_t pid;

		rcu_read_lock();
		pid = task_tgid_vnr(rcu_dereference(current->real_parent));
		rcu_read_unlock();

security/tomoyo/condition.c

+43 −16

File changed.

Preview size limit exceeded, changes collapsed.

security/tomoyo/domain.c

+33 −17

Original line number	Diff line number	Diff line
		@@ -198,6 +198,7 @@ LIST_HEAD(tomoyo_domain_list);
		static const char tomoyo_last_word(const char name)
		{
		const char *cp = strrchr(name, ' ');

		if (cp)
		return cp + 1;
		return name;
		@@ -220,6 +221,7 @@ static bool tomoyo_same_transition_control(const struct tomoyo_acl_head *a,
		const struct tomoyo_transition_control *p2 = container_of(b,
		typeof(*p2),
		head);

		return p1->type == p2->type && p1->is_last_name == p2->is_last_name
		&& p1->domainname == p2->domainname
		&& p1->program == p2->program;
		@@ -240,6 +242,7 @@ int tomoyo_write_transition_control(struct tomoyo_acl_param *param,
		int error = param->is_delete ? -ENOENT : -ENOMEM;
		char *program = param->data;
		char *domainname = strstr(program, " from ");

		if (domainname) {
		*domainname = '\0';
		domainname += 6;
		@@ -293,6 +296,7 @@ static inline bool tomoyo_scan_transition
		const enum tomoyo_transition_type type)
		{
		const struct tomoyo_transition_control *ptr;

		list_for_each_entry_rcu(ptr, list, head.list) {
		if (ptr->head.is_deleted \|\| ptr->type != type)
		continue;
		@@ -338,9 +342,11 @@ static enum tomoyo_transition_type tomoyo_transition_type
		{
		const char *last_name = tomoyo_last_word(domainname->name);
		enum tomoyo_transition_type type = TOMOYO_TRANSITION_CONTROL_NO_RESET;

		while (type < TOMOYO_MAX_TRANSITION_TYPE) {
		const struct list_head * const list =
		&ns->policy_list[TOMOYO_ID_TRANSITION_CONTROL];

		if (!tomoyo_scan_transition(list, domainname, program,
		last_name, type)) {
		type++;
		@@ -375,6 +381,7 @@ static bool tomoyo_same_aggregator(const struct tomoyo_acl_head *a,
		head);
		const struct tomoyo_aggregator p2 = container_of(b, typeof(p2),
		head);

		return p1->original_name == p2->original_name &&
		p1->aggregated_name == p2->aggregated_name;
		}
		@@ -394,6 +401,7 @@ int tomoyo_write_aggregator(struct tomoyo_acl_param *param)
		int error = param->is_delete ? -ENOENT : -ENOMEM;
		const char *original_name = tomoyo_read_token(param);
		const char *aggregated_name = tomoyo_read_token(param);

		if (!tomoyo_correct_word(original_name) \|\|
		!tomoyo_correct_path(aggregated_name))
		return -EINVAL;
		@@ -426,6 +434,7 @@ static struct tomoyo_policy_namespace *tomoyo_find_namespace
		(const char *name, const unsigned int len)
		{
		struct tomoyo_policy_namespace *ns;

		list_for_each_entry(ns, &tomoyo_namespace_list, namespace_list) {
		if (strncmp(name, ns->name, len) \|\|
		(name[len] && name[len] != ' '))
		@@ -451,6 +460,7 @@ struct tomoyo_policy_namespace tomoyo_assign_namespace(const char domainname)
		struct tomoyo_policy_namespace *entry;
		const char *cp = domainname;
		unsigned int len = 0;

		while (cp && cp++ != ' ')
		len++;
		ptr = tomoyo_find_namespace(domainname, len);
		@@ -466,6 +476,7 @@ struct tomoyo_policy_namespace tomoyo_assign_namespace(const char domainname)
		ptr = tomoyo_find_namespace(domainname, len);
		if (!ptr && tomoyo_memory_ok(entry)) {
		char name = (char ) (entry + 1);

		ptr = entry;
		memmove(name, domainname, len);
		name[len] = '\0';
		@@ -490,6 +501,7 @@ static bool tomoyo_namespace_jump(const char *domainname)
		{
		const char *namespace = tomoyo_current_namespace()->name;
		const int len = strlen(namespace);

		return strncmp(domainname, namespace, len) \|\|
		(domainname[len] && domainname[len] != ' ');
		}
		@@ -510,6 +522,7 @@ struct tomoyo_domain_info tomoyo_assign_domain(const char domainname,
		struct tomoyo_domain_info e = { };
		struct tomoyo_domain_info *entry = tomoyo_find_domain(domainname);
		bool created = false;

		if (entry) {
		if (transit) {
		/*
		@@ -546,6 +559,7 @@ struct tomoyo_domain_info tomoyo_assign_domain(const char domainname,
		*/
		if (transit) {
		const struct tomoyo_domain_info *domain = tomoyo_domain();

		e.profile = domain->profile;
		e.group = domain->group;
		}
		@@ -569,6 +583,7 @@ struct tomoyo_domain_info tomoyo_assign_domain(const char domainname,
		if (entry && transit) {
		if (created) {
		struct tomoyo_request_info r;

		tomoyo_init_request_info(&r, entry,
		TOMOYO_MAC_FILE_EXECUTE);
		r.granted = false;
		@@ -712,6 +727,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
		struct tomoyo_aggregator *ptr;
		struct list_head *list =
		&old_domain->ns->policy_list[TOMOYO_ID_AGGREGATOR];

		/* Check 'aggregator' directive. */
		candidate = &exename;
		list_for_each_entry_rcu(ptr, list, head.list) {
		@@ -747,6 +763,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
		*/
		if (ee->transition) {
		const char *domainname = ee->transition->name;

		reject_on_transition_failure = true;
		if (!strcmp(domainname, "keep"))
		goto force_keep_domain;
		@@ -758,6 +775,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
		goto force_initialize_domain;
		if (!strcmp(domainname, "parent")) {
		char *cp;

		strncpy(ee->tmp, old_domain->domainname->name,
		TOMOYO_EXEC_TMPSIZE - 1);
		cp = strrchr(ee->tmp, ' ');
		@@ -822,8 +840,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
		if (domain)
		retval = 0;
		else if (reject_on_transition_failure) {
		printk(KERN_WARNING "ERROR: Domain '%s' not ready.\n",
		ee->tmp);
		pr_warn("ERROR: Domain '%s' not ready.\n", ee->tmp);
		retval = -ENOMEM;
		} else if (ee->r.mode == TOMOYO_CONFIG_ENFORCING)
		retval = -ENOMEM;
		@@ -834,8 +851,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
		ee->r.granted = false;
		tomoyo_write_log(&ee->r, "%s", tomoyo_dif
		[TOMOYO_DIF_TRANSITION_FAILED]);
		printk(KERN_WARNING
		"ERROR: Domain '%s' not defined.\n", ee->tmp);
		pr_warn("ERROR: Domain '%s' not defined.\n", ee->tmp);
		}
		}
		out: