~hc/RK356X_SDK_RELEASE.git

..	..	@@ -10,6 +10,8 @@
10	10	#ifndef _SECURITY_TOMOYO_COMMON_H
11	11	#define _SECURITY_TOMOYO_COMMON_H
12	12
	13	+#define pr_fmt(fmt) fmt
	14	+
13	15	#include <linux/ctype.h>
14	16	#include <linux/string.h>
15	17	#include <linux/mm.h>
..	..	@@ -29,6 +31,7 @@
29	31	#include <linux/in.h>
30	32	#include <linux/in6.h>
31	33	#include <linux/un.h>
	34	+#include <linux/lsm_hooks.h>
32	35	#include <net/sock.h>
33	36	#include <net/af_unix.h>
34	37	#include <net/ip.h>
..	..	@@ -422,7 +425,7 @@
422	425	struct tomoyo_obj_info *obj;
423	426	/*
424	427	* For holding parameters specific to execve() request.
425		- * NULL if not dealing do_execve().
	428	+ * NULL if not dealing execve().
426	429	*/
427	430	struct tomoyo_execve *ee;
428	431	struct tomoyo_domain_info *domain;
..	..	@@ -681,11 +684,12 @@
681	684	const struct tomoyo_path_info *domainname;
682	685	/* Namespace for this domain. Never NULL. */
683	686	struct tomoyo_policy_namespace *ns;
	687	+ /* Group numbers to use. */
	688	+ unsigned long group[TOMOYO_MAX_ACL_GROUPS / BITS_PER_LONG];
684	689	u8 profile; /* Profile number to use. */
685		- u8 group; /* Group number to use. */
686	690	bool is_deleted; /* Delete flag. */
687	691	bool flags[TOMOYO_MAX_DOMAIN_INFO_FLAGS];
688		- atomic_t users; /* Number of referring credentials. */
	692	+ atomic_t users; /* Number of referring tasks. */
689	693	};
690	694
691	695	/*
..	..	@@ -787,9 +791,9 @@
787	791	* interfaces.
788	792	*/
789	793	struct tomoyo_io_buffer {
790		- void (read) (struct tomoyo_io_buffer );
791		- int (write) (struct tomoyo_io_buffer );
792		- __poll_t (poll) (struct file file, poll_table *wait);
	794	+ void (read)(struct tomoyo_io_buffer head);
	795	+ int (write)(struct tomoyo_io_buffer head);
	796	+ __poll_t (poll)(struct file file, poll_table *wait);
793	797	/* Exclusive lock for this structure. */
794	798	struct mutex io_sem;
795	799	char __user *read_user_buf;
..	..	@@ -906,10 +910,16 @@
906	910	struct list_head acl_group[TOMOYO_MAX_ACL_GROUPS];
907	911	/* List for connecting to tomoyo_namespace_list list. */
908	912	struct list_head namespace_list;
909		- /* Profile version. Currently only 20110903 is defined. */
	913	+ /* Profile version. Currently only 20150505 is defined. */
910	914	unsigned int profile_version;
911	915	/* Name of this namespace (e.g. "<kernel>", "</usr/sbin/httpd>" ). */
912	916	const char *name;
	917	+};
	918	+
	919	+/* Structure for "struct task_struct"->security. */
	920	+struct tomoyo_task {
	921	+ struct tomoyo_domain_info *domain_info;
	922	+ struct tomoyo_domain_info *old_domain_info;
913	923	};
914	924
915	925	/******** Function prototypes. ********/
..	..	@@ -1020,6 +1030,7 @@
1020	1030	struct tomoyo_condition tomoyo_get_condition(struct tomoyo_acl_param param);
1021	1031	struct tomoyo_domain_info tomoyo_assign_domain(const char domainname,
1022	1032	const bool transit);
	1033	+struct tomoyo_domain_info *tomoyo_domain(void);
1023	1034	struct tomoyo_domain_info tomoyo_find_domain(const char domainname);
1024	1035	struct tomoyo_group tomoyo_get_group(struct tomoyo_acl_param param,
1025	1036	const u8 idx);
..	..	@@ -1034,8 +1045,8 @@
1034	1045	void __init tomoyo_load_builtin_policy(void);
1035	1046	void __init tomoyo_mm_init(void);
1036	1047	void tomoyo_check_acl(struct tomoyo_request_info *r,
1037		- bool (check_entry) (struct tomoyo_request_info ,
1038		- const struct tomoyo_acl_info *));
	1048	+ bool (check_entry)(struct tomoyo_request_info ,
	1049	+ const struct tomoyo_acl_info *));
1039	1050	void tomoyo_check_profile(void);
1040	1051	void tomoyo_convert_time(time64_t time, struct tomoyo_time *stamp);
1041	1052	void tomoyo_del_condition(struct list_head *element);
..	..	@@ -1062,6 +1073,7 @@
1062	1073	/******** External variable definitions. ********/
1063	1074
1064	1075	extern bool tomoyo_policy_loaded;
	1076	+extern int tomoyo_enabled;
1065	1077	extern const char * const tomoyo_condition_keyword
1066	1078	[TOMOYO_MAX_CONDITION_KEYWORD];
1067	1079	extern const char * const tomoyo_dif[TOMOYO_MAX_DOMAIN_INFO_FLAGS];
..	..	@@ -1085,6 +1097,7 @@
1085	1097	extern struct tomoyo_policy_namespace tomoyo_kernel_namespace;
1086	1098	extern unsigned int tomoyo_memory_quota[TOMOYO_MAX_MEMORY_STAT];
1087	1099	extern unsigned int tomoyo_memory_used[TOMOYO_MAX_MEMORY_STAT];
	1100	+extern struct lsm_blob_sizes tomoyo_blob_sizes;
1088	1101
1089	1102	/******** Inlined functions. ********/
1090	1103
..	..	@@ -1121,6 +1134,7 @@
1121	1134	static inline pid_t tomoyo_sys_getppid(void)
1122	1135	{
1123	1136	pid_t pid;
	1137	+
1124	1138	rcu_read_lock();
1125	1139	pid = task_tgid_vnr(rcu_dereference(current->real_parent));
1126	1140	rcu_read_unlock();
..	..	@@ -1197,26 +1211,15 @@
1197	1211	}
1198	1212
1199	1213	/**
1200		- * tomoyo_domain - Get "struct tomoyo_domain_info" for current thread.
	1214	+ * tomoyo_task - Get "struct tomoyo_task" for specified thread.
1201	1215	*
1202		- * Returns pointer to "struct tomoyo_domain_info" for current thread.
	1216	+ * @task - Pointer to "struct task_struct".
	1217	+ *
	1218	+ * Returns pointer to "struct tomoyo_task" for specified thread.
1203	1219	*/
1204		-static inline struct tomoyo_domain_info *tomoyo_domain(void)
	1220	+static inline struct tomoyo_task tomoyo_task(struct task_struct task)
1205	1221	{
1206		- return current_cred()->security;
1207		-}
1208		-
1209		-/**
1210		- * tomoyo_real_domain - Get "struct tomoyo_domain_info" for specified thread.
1211		- *
1212		- * @task: Pointer to "struct task_struct".
1213		- *
1214		- * Returns pointer to "struct tomoyo_security" for specified thread.
1215		- */
1216		-static inline struct tomoyo_domain_info *tomoyo_real_domain(struct task_struct
1217		- *task)
1218		-{
1219		- return task_cred_xxx(task, security);
	1222	+ return task->security + tomoyo_blob_sizes.lbs_task;
1220	1223	}
1221	1224
1222	1225	/**