nkipt tyumenclass=" ink yspgetclass="s.r_logot> a/.static/">LXR 7.1/"/security/tomoyo/securityfs_if.ck y/spgenk y!-- --nk rel t tyspgetid="s.r_priva"k rel t t> nk tyncod a(args="+priva=security/tomoyo/securityfs_if.c"method)?"; } "tid="priva_ncodink t buttgs,t/javasubmi "tclass="priva"nk rel t el t tyimg.static/js/lxrng-on.pprivae="imaalt="Priva"nk rel tel t ty/buttgsnk ty/ncodnk rel t ty/spgenk rel t tyspgetid="s.r_save"k rel t t> nk tyncod a(args="+save=security/tomoyo/securityfs_if.c"method)?"; } "tid="save_ncodink t buttgs,t/javasubmi "tclass="save"nk rel t el t tyimg.static/js/lxrng-on.psavee="imaalt="Save"nk rel tel t ty/buttgsnk ty/ncodnk rel t ty/spgenk rel ty/spgenk k rel tyumenclass="s.r_r(vuink yspgetclass="s.r_versrgsink tya/k t /.static/.7.1/"> /security/tomoyo/securityfs_if.cink t img.static/js/lxrng-on.plefae="imaalt="<<t> ank tyncod a(args="security/tomoyo/securityfs_if.c"method)?"tByink t spgetid="ver_|| eleink t s| eleid='+="v"tid="v"t onhandle="upif(e_versrgsespon, 'r.linux.no/linux+v3.7.1/"> ', '7.1/"', '', 'security/tomoyo/securityfs_if.c');"nk r opargs,a[i]; "v4.9.11"k tnk rv4.9.11 k t /spasnk /formnk a k t href="../linux+v3.7.2/security/tomoyo/securityfs_if.c">k t img src="../.static/gfx/right.png" alt=">>">k /spasnkk spas class="lxr_search">k t
k t input typ; "hidden" nam; "navtarget" a[i]; "">k t input typ; "text" nam; "search" id "search">k t buttgs,typ; "submit">Searchk t Prefsk /a>k /spasnk t /divnk t form acargs="ajax+*" method="post" onsubmit="return false;">k input typ; "hidden" nam; "ajax_lookup" id "ajax_lookup" a[i]; "">k t /formnkk t div class="headingbottgm">k div id "file_contents"n
   1 /a> spas class="comment">/* /spasnk   2 /a> spas class="comment"> * security/tomoyo/securityfs_if.c /spasnk   3 /a> spas class="comment"> * /spasnk   4 /a> spas class="comment"> * Copyright (C) 2005-2011  NTT DATA CORPORATION /spasnk   5 /a> spas class="comment"> */ /spasnk   6 /a>k   7 /a>#include <linux/security.h /a>>k   8 /a>#include "common.h /a>"k   9 /a>k  10 spas class="comment">/** /spasnk  11 /a> spas class="comment"> * tomoyo_check_task_acl - Check permissrgs,for task operaargs. /spasnk  12 /a> spas class="comment"> * /spasnk  13 /a> spas class="comment"> * @r:t  Pointer to "struct tomoyo_request_info". /spasnk  14 /a> spas class="comment"> * @ptr:tPointer to "struct tomoyo_acl_info". /spasnk  15 /a> spas class="comment"> * /spasnk  16 /a> spas class="comment"> * Returns true if granted, false otherwise. /spasnk  17 /a> spas class="comment"> */ /spasnk  18 /a>static  a href="+code=bool" class="sref">bool /a>  a href="+code=tomoyo_check_task_acl" class="sref">tomoyo_check_task_acl /a>(struct  a href="+code=tomoyo_request_info" class="sref">tomoyo_request_info /a> * a href="+code=r" class="sref">r /a>,k  19 /a>                                  const struct  a href="+code=tomoyo_acl_info" class="sref">tomoyo_acl_info /a> * a href="+code=ptr" class="sref">ptr /a>)k  20{k  21 /a>        const struct  a href="+code=tomoyo_task_acl" class="sref">tomoyo_task_acl /a> * a href="+code=acl" class="sref">acl /a> =  a href="+code=container_of" class="sref">container_of /a>( a href="+code=ptr" class="sref">ptr /a>,  a href="+code=typ;of" class="sref">typ;of /a>(* a href="+code=acl" class="sref">acl /a>),k  22 /a>                                                          a href="+code=head" class="sref">head /a>);k  23 /a>        return ! a href="+code=tomoyo_pathcmp" class="sref">tomoyo_pathcmp /a>( a href="+code=r" class="sref">r /a>-> a href="+code=param" class="sref">param /a>. a href="+code=task" class="sref">task /a>. a href="+code=domainnam;" class="sref">domainnam; /a>,  a href="+code=acl" class="sref">acl /a>-> a href="+code=domainnam;" class="sref">domainnam; /a>);k  24 /a>}k  25 /a>k  26 /a> spas class="comment">/** /spasnk  27 /a> spas class="comment"> * tomoyo_write_self - write(),for /sys/kernel/security/tomoyo/self_domain interface. /spasnk  28 /a> spas class="comment"> * /spasnk  29 /a> spas class="comment"> * @file:  Pointer to "struct file". /spasnk  30 spas class="comment"> * @buf:t  Domainnam; to transit to. /spasnk  31 /a> spas class="comment"> * @count: Size of @buf. /spasnk  32 /a> spas class="comment"> * @ppos:t Unused. /spasnk  33 /a> spas class="comment"> * /spasnk  34 /a> spas class="comment"> * Returns @count gs,success, negative a[i]; otherwise. /spasnk  35 /a> spas class="comment"> * /spasnk  36 /a> spas class="comment"> * If domain transitrgs,was permitted but the domain transitrgs,failed, this /spasnk  37 /a> spas class="comment"> * funcargs returns error rather thas terminating current thread with SIGKILL. /spasnk  38 /a> spas class="comment"> */ /spasnk  39 /a>static  a href="+code=ssize_t" class="sref">ssize_t /a>  a href="+code=tomoyo_write_self" class="sref">tomoyo_write_self /a>(struct  a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>, const char  a href="+code=__user" class="sref">__user /a> * a href="+code=buf" class="sref">buf /a>,k  40 /a>                               a href="+code=size_t" class="sref">size_t /a>  a href="+code=count" class="sref">count /a>,  a href="+code=loff_t" class="sref">loff_t /a> * a href="+code=ppos" class="sref">ppos /a>)k  41{k  42 /a>        char * a href="+code=data" class="sref">data /a>;k  43 /a>        int  a href="+code=error" class="sref">error /a>;k  44 /a>        if (! a href="+code=count" class="sref">count /a> ||  a href="+code=count" class="sref">count /a> >=  a href="+code=TOMOYO_EXEC_TMPSIZE" class="sref">TOMOYO_EXEC_TMPSIZE /a> - 10)k  45 /a>                return - a href="+code=ENOMEM" class="sref">ENOMEM /a>;k  46 /a>         a href="+code=data" class="sref">data /a> =  a href="+code=kzalloc" class="sref">kzalloc /a>( a href="+code=count" class="sref">count /a> + 1,  a href="+code=GFP_NOFS" class="sref">GFP_NOFS /a>);k  47 /a>        if (! a href="+code=data" class="sref">data /a>)k  48 /a>                return - a href="+code=ENOMEM" class="sref">ENOMEM /a>;k  49 /a>        if ( a href="+code=copy_from_user" class="sref">copy_from_user /a>( a href="+code=data" class="sref">data /a>,  a href="+code=buf" class="sref">buf /a>,  a href="+code=count" class="sref">count /a>)) {k  50 /a>                 a href="+code=error" class="sref">error /a> = - a href="+code=EFAULT" class="sref">EFAULT /a>;k  51 /a>                goto  a href="+code=out" class="sref">out /a>;k  52 /a>        }k  53 /a>         a href="+code=tomoyo_normalize_line" class="sref">tomoyo_normalize_line /a>( a href="+code=data" class="sref">data /a>);k  54 /a>        if ( a href="+code=tomoyo_correct_domain" class="sref">tomoyo_correct_domain /a>( a href="+code=data" class="sref">data /a>)) {k  55 /a>                const int  a href="+code=idx" class="sref">idx /a> =  a href="+code=tomoyo_read_lock" class="sref">tomoyo_read_lock /a>();k  56 /a>                struct  a href="+code=tomoyo_path_info" class="sref">tomoyo_path_info /a>  a href="+code=nam;" class="sref">nam; /a>;k  57 /a>                struct  a href="+code=tomoyo_request_info" class="sref">tomoyo_request_info /a>  a href="+code=r" class="sref">r /a>;k  58 /a>                 a href="+code=nam;" class="sref">nam; /a>. a href="+code=nam;" class="sref">nam; /a> =  a href="+code=data" class="sref">data /a>;k  59 /a>                 a href="+code=tomoyo_fill_path_info" class="sref">tomoyo_fill_path_info /a>(& a href="+code=nam;" class="sref">nam; /a>);k  60 /a>                 spas class="comment">/* Check "task manual_domain_transitrgs" permissrgs. */ /spasnk  61 /a>                 a href="+code=tomoyo_init_request_info" class="sref">tomoyo_init_request_info /a>(& a href="+code=r" class="sref">r /a>,  a href="+code=NULL" class="sref">NULL /a>,  a href="+code=TOMOYO_MAC_FILE_EXECUTE" class="sref">TOMOYO_MAC_FILE_EXECUTE /a>);k  62 /a>                 a href="+code=r" class="sref">r /a>. a href="+code=param_typ;" class="sref">param_typ; /a> =  a href="+code=TOMOYO_TYPE_MANUAL_TASK_ACL" class="sref">TOMOYO_TYPE_MANUAL_TASK_ACL /a>;k  63 /a>                 a href="+code=r" class="sref">r /a>. a href="+code=param" class="sref">param /a>. a href="+code=task" class="sref">task /a>. a href="+code=domainnam;" class="sref">domainnam; /a> = & a href="+code=nam;" class="sref">nam; /a>;k  64 /a>                 a href="+code=tomoyo_check_acl" class="sref">tomoyo_check_acl /a>(& a href="+code=r" class="sref">r /a>,  a href="+code=tomoyo_check_task_acl" class="sref">tomoyo_check_task_acl /a>);k  65 /a>                if (! a href="+code=r" class="sref">r /a>. a href="+code=granted" class="sref">granted /a>)k  66 /a>                         a href="+code=error" class="sref">error /a> = - a href="+code=EPERM" class="sref">EPERM /a>;k  67 /a>                else {k  68 /a>                        struct  a href="+code=tomoyo_domain_info" class="sref">tomoyo_domain_info /a> * a href="+code=new_domain" class="sref">new_domain /a> =k  69 /a>                                 a href="+code=tomoyo_assign_domain" class="sref">tomoyo_assign_domain /a>( a href="+code=data" class="sref">data /a>,  a href="+code=true" class="sref">true /a>);k  70 /a>                        if (! a href="+code=new_domain" class="sref">new_domain /a>) {k  71 /a>                                 a href="+code=error" class="sref">error /a> = - a href="+code=ENOENT" class="sref">ENOENT /a>;k  72 /a>                        } else {k  73 /a>                                struct  a href="+code=cred" class="sref">cred /a> * a href="+code=cred" class="sref">cred /a> =  a href="+code=prepare_creds" class="sref">prepare_creds /a>();k  74 /a>                                if (! a href="+code=cred" class="sref">cred /a>) {k  75 /a>                                         a href="+code=error" class="sref">error /a> = - a href="+code=ENOMEM" class="sref">ENOMEM /a>;k  76 /a>                                } else {k  77 /a>                                        struct  a href="+code=tomoyo_domain_info" class="sref">tomoyo_domain_info /a> * a href="+code=old_domain" class="sref">old_domain /a> =k  78 /a>                                                 a href="+code=cred" class="sref">cred /a>-> a href="+code=security" class="sref">security /a>;k  79 /a>                                         a href="+code=cred" class="sref">cred /a>-> a href="+code=security" class="sref">security /a> =  a href="+code=new_domain" class="sref">new_domain /a>;k  80 /a>                                         a href="+code=atomic_inc" class="sref">atomic_inc /a>(& a href="+code=new_domain" class="sref">new_domain /a>-> a href="+code=users" class="sref">users /a>);k  81 /a>                                         a href="+code=atomic_dec" class="sref">atomic_dec /a>(& a href="+code=old_domain" class="sref">old_domain /a>-> a href="+code=users" class="sref">users /a>);k  82 /a>                                         a href="+code=commit_creds" class="sref">commit_creds /a>( a href="+code=cred" class="sref">cred /a>);k  83 /a>                                         a href="+code=error" class="sref">error /a> = 0;k  84 /a>                                }k  85 /a>                        }k  86 /a>                }k  87 /a>                 a href="+code=tomoyo_read_unlock" class="sref">tomoyo_read_unlock /a>( a href="+code=idx" class="sref">idx /a>);k  88 /a>        } elsek  89 /a>                 a href="+code=error" class="sref">error /a> = - a href="+code=EINVAL" class="sref">EINVAL /a>;k  90 a href="+code=out" class="sref">out /a>:k  91 /a>         a href="+code=kfree" class="sref">kfree /a>( a href="+code=data" class="sref">data /a>);k  92 /a>        return  a href="+code=error" class="sref">error /a> ?  a href="+code=error" class="sref">error /a> :  a href="+code=count" class="sref">count /a>;k  93 /a>}k  94 /a>k  95 /a> spas class="comment">/** /spasnk  96 /a> spas class="comment"> * tomoyo_read_self - read(),for /sys/kernel/security/tomoyo/self_domain interface. /spasnk  97 /a> spas class="comment"> * /spasnk  98 /a> spas class="comment"> * @file:  Pointer to "struct file". /spasnk  99 /a> spas class="comment"> * @buf:t  Domainnam; which current thread belongs to. /spasnk 100 /a> spas class="comment"> * @count: Size of @buf. /spasnk 101 /a> spas class="comment"> * @ppos:t Bytes read by now. /spasnk 102 /a> spas class="comment"> * /spasnk 103 /a> spas class="comment"> * Returns read size os,success, negative a[i]; otherwise. /spasnk 104 /a> spas class="comment"> */ /spasnk 105 /a>static  a href="+code=ssize_t" class="sref">ssize_t /a>  a href="+code=tomoyo_read_self" class="sref">tomoyo_read_self /a>(struct  a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>, char  a href="+code=__user" class="sref">__user /a> * a href="+code=buf" class="sref">buf /a>,k 106 /a>                                 a href="+code=size_t" class="sref">size_t /a>  a href="+code=count" class="sref">count /a>,  a href="+code=loff_t" class="sref">loff_t /a> * a href="+code=ppos" class="sref">ppos /a>)k 107 /a>{k 108 /a>        const char * a href="+code=domain" class="sref">domain /a> =  a href="+code=tomoyo_domain" class="sref">tomoyo_domain /a>()-> a href="+code=domainnam;" class="sref">domainnam; /a>-> a href="+code=nam;" class="sref">nam; /a>;k 109 /a>         a href="+code=loff_t" class="sref">loff_t /a>  a href="+code=len" class="sref">len /a> =  a href="+code=strlen" class="sref">strlen /a>( a href="+code=domain" class="sref">domain /a>);k 110 /a>         a href="+code=loff_t" class="sref">loff_t /a>  a href="+code=pos" class="sref">pos /a> = * a href="+code=ppos" class="sref">ppos /a>;k 111 /a>        if ( a href="+code=pos" class="sref">pos /a> >=  a href="+code=len" class="sref">len /a> || ! a href="+code=count" class="sref">count /a>)k 112 /a>                return 0;k 113 /a>         a href="+code=len" class="sref">len /a> -=  a href="+code=pos" class="sref">pos /a>;k 114 /a>        if ( a href="+code=count" class="sref">count /a> <  a href="+code=len" class="sref">len /a>)k 115 /a>                 a href="+code=len" class="sref">len /a> =  a href="+code=count" class="sref">count /a>;k 116 /a>        if ( a href="+code=copy_to_user" class="sref">copy_to_user /a>( a href="+code=buf" class="sref">buf /a>,  a href="+code=domain" class="sref">domain /a> +  a href="+code=pos" class="sref">pos /a>,  a href="+code=len" class="sref">len /a>))k 117 /a>                return - a href="+code=EFAULT" class="sref">EFAULT /a>;k 118 /a>        * a href="+code=ppos" class="sref">ppos /a> +=  a href="+code=len" class="sref">len /a>;k 119 /a>        return  a href="+code=len" class="sref">len /a>;k 120}k 121 /a>k 122 /a> spas class="comment">/* Operaargss,for /sys/kernel/security/tomoyo/self_domain interface. */ /spasnk 123 /a>static const struct  a href="+code=file_operaargss" class="sref">file_operaargss /a>  a href="+code=tomoyo_self_operaargss" class="sref">tomoyo_self_operaargss /a> = {k 124 /a>        . a href="+code=write" class="sref">write /a> =  a href="+code=tomoyo_write_self" class="sref">tomoyo_write_self /a>,k 125 /a>        . a href="+code=read" class="sref">read /a>  =  a href="+code=tomoyo_read_self" class="sref">tomoyo_read_self /a>,k 126 /a>};k 127 /a>k 128 /a> spas class="comment">/** /spasnk 129 /a> spas class="comment"> * tomoyo_open - open(),for /sys/kernel/security/tomoyo/ interface. /spasnk 130 spas class="comment"> * /spasnk 131 /a> spas class="comment"> * @inode:tPointer to "struct inode". /spasnk 132 /a> spas class="comment"> * @file:  Pointer to "struct file". /spasnk 133 /a> spas class="comment"> * /spasnk 134 /a> spas class="comment"> * Returns 0 os,success, negative a[i]; otherwise. /spasnk 135 /a> spas class="comment"> */ /spasnk 136 /a>static int  a href="+code=tomoyo_open" class="sref">tomoyo_open /a>(struct  a href="+code=inode" class="sref">inode /a> * a href="+code=inode" class="sref">inode /a>, struct  a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>)k 137 /a>{k 138 /a>        const int  a href="+code=key" class="sref">key /a> = (( a href="+code=u8" class="sref">u8 /a> *)  a href="+code=file" class="sref">file /a>-> a href="+code=f_path" class="sref">f_path /a>. a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>-> a href="+code=i_private" class="sref">i_private /a>)k 139 /a>                - (( a href="+code=u8" class="sref">u8 /a> *)  a href="+code=NULL" class="sref">NULL /a>);k 140 /a>        return  a href="+code=tomoyo_open_control" class="sref">tomoyo_open_control /a>( a href="+code=key" class="sref">key /a>,  a href="+code=file" class="sref">file /a>);k 141}k 142 /a>k 143 /a> spas class="comment">/** /spasnk 144 /a> spas class="comment"> * tomoyo_release - close(),for /sys/kernel/security/tomoyo/ interface. /spasnk 145 /a> spas class="comment"> * /spasnk 146 /a> spas class="comment"> * @inode:tPointer to "struct inode". /spasnk 147 /a> spas class="comment"> * @file:  Pointer to "struct file". /spasnk 148 /a> spas class="comment"> * /spasnk 149 /a> spas class="comment"> * Returns 0 os,success, negative a[i]; otherwise. /spasnk 150 spas class="comment"> */ /spasnk 151 /a>static int  a href="+code=tomoyo_release" class="sref">tomoyo_release /a>(struct  a href="+code=inode" class="sref">inode /a> * a href="+code=inode" class="sref">inode /a>, struct  a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>)k 152 /a>{k 153 /a>        return  a href="+code=tomoyo_close_control" class="sref">tomoyo_close_control /a>( a href="+code=file" class="sref">file /a>-> a href="+code=private_data" class="sref">private_data /a>);k 154 /a>}k 155 /a>k 156 /a> spas class="comment">/** /spasnk 157 /a> spas class="comment"> * tomoyo_poll - poll(),for /sys/kernel/security/tomoyo/ interface. /spasnk 158 /a> spas class="comment"> * /spasnk 159 /a> spas class="comment"> * @file: Pointer to "struct file". /spasnk 160 /a> spas class="comment"> * @wait: Pointer to "poll_table". Maybe NULL. /spasnk 161 /a> spas class="comment"> * /spasnk 162 /a> spas class="comment"> * Returns POLLIN | POLLRDNORM | POLLOUT | POLLWRNORM if ready to read/write, /spasnk 163 /a> spas class="comment"> * POLLOUT | POLLWRNORM otherwise. /spasnk 164 /a> spas class="comment"> */ /spasnk 165 /a>static unsigned int  a href="+code=tomoyo_poll" class="sref">tomoyo_poll /a>(struct  a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>,  a href="+code=poll_table" class="sref">poll_table /a> * a href="+code=wait" class="sref">wait /a>)k 166 /a>{k 167 /a>        return  a href="+code=tomoyo_poll_control" class="sref">tomoyo_poll_control /a>( a href="+code=file" class="sref">file /a>,  a href="+code=wait" class="sref">wait /a>);k 168 /a>}k 169 /a>k 170 spas class="comment">/** /spasnk 171 /a> spas class="comment"> * tomoyo_read - read(),for /sys/kernel/security/tomoyo/ interface. /spasnk 172 /a> spas class="comment"> * /spasnk 173 /a> spas class="comment"> * @file:  Pointer to "struct file". /spasnk 174 /a> spas class="comment"> * @buf:t  Pointer to buffer. /spasnk 175 /a> spas class="comment"> * @count: Size of @buf. /spasnk 176 /a> spas class="comment"> * @ppos:t Unused. /spasnk 177 /a> spas class="comment"> * /spasnk 178 /a> spas class="comment"> * Returns bytes read os,success, negative a[i]; otherwise. /spasnk 179 /a> spas class="comment"> */ /spasnk 180 /a>static  a href="+code=ssize_t" class="sref">ssize_t /a>  a href="+code=tomoyo_read" class="sref">tomoyo_read /a>(struct  a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>, char  a href="+code=__user" class="sref">__user /a> * a href="+code=buf" class="sref">buf /a>,  a href="+code=size_t" class="sref">size_t /a>  a href="+code=count" class="sref">count /a>,k 181 /a>                            a href="+code=loff_t" class="sref">loff_t /a> * a href="+code=ppos" class="sref">ppos /a>)k 182 /a>{k 183 /a>        return  a href="+code=tomoyo_read_control" class="sref">tomoyo_read_control /a>( a href="+code=file" class="sref">file /a>-> a href="+code=private_data" class="sref">private_data /a>,  a href="+code=buf" class="sref">buf /a>,  a href="+code=count" class="sref">count /a>);k 184 /a>}k 185 /a>k 186 /a> spas class="comment">/** /spasnk 187 /a> spas class="comment"> * tomoyo_write - write(),for /sys/kernel/security/tomoyo/ interface. /spasnk 188 /a> spas class="comment"> * /spasnk 189 /a> spas class="comment"> * @file:  Pointer to "struct file". /spasnk 190 spas class="comment"> * @buf:t  Pointer to buffer. /spasnk 191 /a> spas class="comment"> * @count: Size of @buf. /spasnk 192 /a> spas class="comment"> * @ppos:t Unused. /spasnk 193 /a> spas class="comment"> * /spasnk 194 /a> spas class="comment"> * Returns @count gs,success, negative a[i]; otherwise. /spasnk 195 /a> spas class="comment"> */ /spasnk 196 /a>static  a href="+code=ssize_t" class="sref">ssize_t /a>  a href="+code=tomoyo_write" class="sref">tomoyo_write /a>(struct  a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>, const char  a href="+code=__user" class="sref">__user /a> * a href="+code=buf" class="sref">buf /a>,k 197 /a>                             a href="+code=size_t" class="sref">size_t /a>  a href="+code=count" class="sref">count /a>,  a href="+code=loff_t" class="sref">loff_t /a> * a href="+code=ppos" class="sref">ppos /a>)k 198 /a>{k 199 /a>        return  a href="+code=tomoyo_write_control" class="sref">tomoyo_write_control /a>( a href="+code=file" class="sref">file /a>-> a href="+code=private_data" class="sref">private_data /a>,  a href="+code=buf" class="sref">buf /a>,  a href="+code=count" class="sref">count /a>);k 200}k 201 /a>k 202 /a> spas class="comment">/* /spasnk 203 /a> spas class="comment"> * tomoyo_operaargss,is a "struct file_operaargss" which is used,for handling /spasnk 204 /a> spas class="comment"> * /sys/kernel/security/tomoyo/ interface. /spasnk 205 /a> spas class="comment"> * /spasnk 206 /a> spas class="comment"> * Some files under /sys/kernel/security/tomoyo/ directory accept open(O_RDWR). /spasnk 207 /a> spas class="comment"> * See tomoyo_io_buffer,for internals. /spasnk 208 /a> spas class="comment"> */ /spasnk 209 /a>static const struct  a href="+code=file_operaargss" class="sref">file_operaargss /a>  a href="+code=tomoyo_operaargss" class="sref">tomoyo_operaargss /a> = {k 210 /a>        . a href="+code=open" class="sref">open /a>    =  a href="+code=tomoyo_open" class="sref">tomoyo_open /a>,k 211 /a>        . a href="+code=release" class="sref">release /a> =  a href="+code=tomoyo_release" class="sref">tomoyo_release /a>,k 212 /a>        . a href="+code=poll" class="sref">poll /a>    =  a href="+code=tomoyo_poll" class="sref">tomoyo_poll /a>,k 213 /a>        . a href="+code=read" class="sref">read /a>    =  a href="+code=tomoyo_read" class="sref">tomoyo_read /a>,k 214 /a>        . a href="+code=write" class="sref">write /a>   =  a href="+code=tomoyo_write" class="sref">tomoyo_write /a>,k 215 /a>        . a href="+code=llseek" class="sref">llseek /a>  =  a href="+code=noop_llseek" class="sref">noop_llseek /a>,k 216 /a>};k 217 /a>k 218 /a> spas class="comment">/** /spasnk 219 /a> spas class="comment"> * tomoyo_create_entry - Create interface files under /sys/kernel/security/tomoyo/ directory. /spasnk 220 spas class="comment"> * /spasnk 221 /a> spas class="comment"> * @nam;:t  The nam; of the interface file. /spasnk 222 /a> spas class="comment"> * @mode:t  The permissrgs of the interface file. /spasnk 223 /a> spas class="comment"> * @parent: The parent directory. /spasnk 224 /a> spas class="comment"> * @key:t   Typ; of interface. /spasnk 225 /a> spas class="comment"> * /spasnk 226 /a> spas class="comment"> * Returns nothing. /spasnk 227 /a> spas class="comment"> */ /spasnk 228 /a>static void  a href="+code=__init" class="sref">__init /a>  a href="+code=tomoyo_create_entry" class="sref">tomoyo_create_entry /a>(const char * a href="+code=nam;" class="sref">nam; /a>, const  a href="+code=umode_t" class="sref">umode_t /a>  a href="+code=mode" class="sref">mode /a>,k 229 /a>                                       struct  a href="+code=dentry" class="sref">dentry /a> * a href="+code=parent" class="sref">parent /a>, const  a href="+code=u8" class="sref">u8 /a>  a href="+code=key" class="sref">key /a>)k 230{k 231 /a>         a href="+code=securityfs_create_file" class="sref">securityfs_create_file /a>( a href="+code=nam;" class="sref">nam; /a>,  a href="+code=mode" class="sref">mode /a>,  a href="+code=parent" class="sref">parent /a>, (( a href="+code=u8" class="sref">u8 /a> *)  a href="+code=NULL" class="sref">NULL /a>) +  a href="+code=key" class="sref">key /a>,k 232 /a>                               & a href="+code=tomoyo_operaargss" class="sref">tomoyo_operaargss /a>);k 233 /a>}k 234 /a>k 235 /a> spas class="comment">/** /spasnk 236 /a> spas class="comment"> * tomoyo_initerface_init - Initialize /sys/kernel/security/tomoyo/ interface. /spasnk 237 /a> spas class="comment"> * /spasnk 238 /a> spas class="comment"> * Returns 0. /spasnk 239 /a> spas class="comment"> */ /spasnk 240 /a>static int  a href="+code=__init" class="sref">__init /a>  a href="+code=tomoyo_initerface_init" class="sref">tomoyo_initerface_init /a>(void)k 241{k 242 /a>        struct  a href="+code=dentry" class="sref">dentry /a> * a href="+code=tomoyo_dir" class="sref">tomoyo_dir /a>;k 243 /a>k 244 /a>         spas class="comment">/* Don't create securityfs entries unless registered. */ /spasnk 245 /a>        if ( a href="+code=current_cred" class="sref">current_cred /a>()-> a href="+code=security" class="sref">security /a> != & a href="+code=tomoyo_kernel_domain" class="sref">tomoyo_kernel_domain /a>)k 246 /a>                return 0;k 247 /a>k 248 /a>         a href="+code=tomoyo_dir" class="sref">tomoyo_dir /a> =  a href="+code=securityfs_create_dir" class="sref">securityfs_create_dir /a>( spas class="string">"tomoyo" /spasn,  a href="+code=NULL" class="sref">NULL /a>);k 249 /a>         a href="+code=tomoyo_create_entry" class="sref">tomoyo_create_entry /a>( spas class="string">"query" /spasn,            0600,  a href="+code=tomoyo_dir" class="sref">tomoyo_dir /a>,k 250 /a>                             a href="+code=TOMOYO_QUERY" class="sref">TOMOYO_QUERY /a>);k 251 /a>         a href="+code=tomoyo_create_entry" class="sref">tomoyo_create_entry /a>( spas class="string">"domain_policy" /spasn,    0600,  a href="+code=tomoyo_dir" class="sref">tomoyo_dir /a>,k 252 /a>                             a href="+code=TOMOYO_DOMAINPOLICY" class="sref">TOMOYO_DOMAINPOLICY /a>);k 253 /a>         a href="+code=tomoyo_create_entry" class="sref">tomoyo_create_entry /a>( spas class="string">"exceptrgs_policy" /spasn, 0600,  a href="+code=tomoyo_dir" class="sref">tomoyo_dir /a>,k 254 /a>                             a href="+code=TOMOYO_EXCEPTIONPOLICY" class="sref">TOMOYO_EXCEPTIONPOLICY /a>);k 255 /a>         a href="+code=tomoyo_create_entry" class="sref">tomoyo_create_entry /a>( spas class="string">"audit" /spasn,            0400,  a href="+code=tomoyo_dir" class="sref">tomoyo_dir /a>,k 256 /a>                             a href="+code=TOMOYO_AUDIT" class="sref">TOMOYO_AUDIT /a>);k 257 /a>         a href="+code=tomoyo_create_entry" class="sref">tomoyo_create_entry /a>( spas class="string">".process_status" /spasn,  0600,  a href="+code=tomoyo_dir" class="sref">tomoyo_dir /a>,k 258 /a>                             a href="+code=TOMOYO_PROCESS_STATUS" class="sref">TOMOYO_PROCESS_STATUS /a>);k 259 /a>         a href="+code=tomoyo_create_entry" class="sref">tomoyo_create_entry /a>( spas class="string">"stat" /spasn,             0644,  a href="+code=tomoyo_dir" class="sref">tomoyo_dir /a>,k 260 /a>                             a href="+code=TOMOYO_STAT" class="sref">TOMOYO_STAT /a>);k 261 /a>         a href="+code=tomoyo_create_entry" class="sref">tomoyo_create_entry /a>( spas class="string">"profile" /spasn,          0600,  a href="+code=tomoyo_dir" class="sref">tomoyo_dir /a>,k 262 /a>                             a href="+code=TOMOYO_PROFILE" class="sref">TOMOYO_PROFILE /a>);k 263 /a>         a href="+code=tomoyo_create_entry" class="sref">tomoyo_create_entry /a>( spas class="string">"manager" /spasn,          0600,  a href="+code=tomoyo_dir" class="sref">tomoyo_dir /a>,k 264 /a>                             a href="+code=TOMOYO_MANAGER" class="sref">TOMOYO_MANAGER /a>);k 265 /a>         a href="+code=tomoyo_create_entry" class="sref">tomoyo_create_entry /a>( spas class="string">"versrgs" /spasn,          0400,  a href="+code=tomoyo_dir" class="sref">tomoyo_dir /a>,k 266 /a>                             a href="+code=TOMOYO_VERSION" class="sref">TOMOYO_VERSION /a>);k 267 /a>         a href="+code=securityfs_create_file" class="sref">securityfs_create_file /a>( spas class="string">"self_domain" /spasn, 0666,  a href="+code=tomoyo_dir" class="sref">tomoyo_dir /a>,  a href="+code=NULL" class="sref">NULL /a>,k 268 /a>                               & a href="+code=tomoyo_self_operaargss" class="sref">tomoyo_self_operaargss /a>);k 269 /a>         a href="+code=tomoyo_load_builtin_policy" class="sref">tomoyo_load_builtin_policy /a>();k 270 /a>        return 0;k 271}k 272 /a>k 273 /a> a href="+code=fs_initcall" class="sref">fs_initcall /a>( a href="+code=tomoyo_initerface_init" class="sref">tomoyo_initerface_init /a>);k 274 /a> /pre> /div>


 /div>