TOMOYO: Use array of "struct list_head".

Assign list id and make the lists as array of "struct list_head".
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>

security/tomoyo/common.c

@@ -434,38 +434,6 @@ static void tomoyo_read_profile(struct tomoyo_io_buffer *head)
 		head->read_eof = true;
 }
 
-/*
- * tomoyo_policy_manager_list is used for holding list of domainnames or
- * programs which are permitted to modify configuration via
- * /sys/kernel/security/tomoyo/ interface.
- *
- * An entry is added by
- *
- * # echo '<kernel> /sbin/mingetty /bin/login /bin/bash' > \
- *                                        /sys/kernel/security/tomoyo/manager
- *  (if you want to specify by a domainname)
- *
- *  or
- *
- * # echo '/usr/sbin/tomoyo-editpolicy' > /sys/kernel/security/tomoyo/manager
- *  (if you want to specify by a program's location)
- *
- * and is deleted by
- *
- * # echo 'delete <kernel> /sbin/mingetty /bin/login /bin/bash' > \
- *                                        /sys/kernel/security/tomoyo/manager
- *
- *  or
- *
- * # echo 'delete /usr/sbin/tomoyo-editpolicy' > \
- *                                        /sys/kernel/security/tomoyo/manager
- *
- * and all entries are retrieved by
- *
- * # cat /sys/kernel/security/tomoyo/manager
- */
-LIST_HEAD(tomoyo_policy_manager_list);
-
 static bool tomoyo_same_manager_entry(const struct tomoyo_acl_head *a,
 				      const struct tomoyo_acl_head *b)
 {
@@ -503,7 +471,7 @@ static int tomoyo_update_manager_entry(const char *manager,
 	if (!e.manager)
 		return -ENOMEM;
 	error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-				     &tomoyo_policy_manager_list,
+				     &tomoyo_policy_list[TOMOYO_ID_MANAGER],
 				     tomoyo_same_manager_entry);
 	tomoyo_put_name(e.manager);
 	return error;
@@ -545,7 +513,7 @@ static void tomoyo_read_manager_policy(struct tomoyo_io_buffer *head)
 	if (head->read_eof)
 		return;
 	list_for_each_cookie(pos, head->read_var2,
-			     &tomoyo_policy_manager_list) {
+			     &tomoyo_policy_list[TOMOYO_ID_MANAGER]) {
 		struct tomoyo_policy_manager_entry *ptr;
 		ptr = list_entry(pos, struct tomoyo_policy_manager_entry,
 				 head.list);
@@ -578,7 +546,8 @@ static bool tomoyo_policy_manager(void)
 		return true;
 	if (!tomoyo_manage_by_non_root && (task->cred->uid || task->cred->euid))
 		return false;
-	list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, head.list) {
+	list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_MANAGER],
+				head.list) {
 		if (!ptr->head.is_deleted && ptr->is_domain
 		    && !tomoyo_pathcmp(domainname, ptr->manager)) {
 			found = true;
@@ -590,7 +559,8 @@ static bool tomoyo_policy_manager(void)
 	exe = tomoyo_get_exe();
 	if (!exe)
 		return false;
-	list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, head.list) {
+	list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_MANAGER],
+				head.list) {
 		if (!ptr->head.is_deleted && !ptr->is_domain
 		    && !strcmp(exe, ptr->manager->name)) {
 			found = true;

security/tomoyo/common.h

@@ -46,6 +46,30 @@ enum tomoyo_mode_index {
 	TOMOYO_CONFIG_USE_DEFAULT = 255
 };
 
+enum tomoyo_policy_id {
+	TOMOYO_ID_GROUP,
+	TOMOYO_ID_PATH_GROUP,
+	TOMOYO_ID_NUMBER_GROUP,
+	TOMOYO_ID_DOMAIN_INITIALIZER,
+	TOMOYO_ID_DOMAIN_KEEPER,
+	TOMOYO_ID_AGGREGATOR,
+	TOMOYO_ID_ALIAS,
+	TOMOYO_ID_GLOBALLY_READABLE,
+	TOMOYO_ID_PATTERN,
+	TOMOYO_ID_NO_REWRITE,
+	TOMOYO_ID_MANAGER,
+	TOMOYO_ID_NAME,
+	TOMOYO_ID_ACL,
+	TOMOYO_ID_DOMAIN,
+	TOMOYO_MAX_POLICY
+};
+
+enum tomoyo_group_id {
+	TOMOYO_PATH_GROUP,
+	TOMOYO_NUMBER_GROUP,
+	TOMOYO_MAX_GROUP
+};
+
 /* Keywords for ACLs. */
 #define TOMOYO_KEYWORD_AGGREGATOR                "aggregator "
 #define TOMOYO_KEYWORD_ALIAS                     "alias "
@@ -570,7 +594,7 @@ struct tomoyo_globally_readable_file_entry {
 
 /*
  * tomoyo_pattern_entry is a structure which is used for holding
- * "tomoyo_pattern_list" entries.
+ * "file_pattern" entries.
  * It has following fields.
  *
  *  (1) "head" is "struct tomoyo_acl_head".
@@ -950,16 +974,8 @@ extern struct srcu_struct tomoyo_ss;
 /* The list for "struct tomoyo_domain_info". */
 extern struct list_head tomoyo_domain_list;
 
-extern struct list_head tomoyo_path_group_list;
-extern struct list_head tomoyo_number_group_list;
-extern struct list_head tomoyo_domain_initializer_list;
-extern struct list_head tomoyo_domain_keeper_list;
-extern struct list_head tomoyo_aggregator_list;
-extern struct list_head tomoyo_alias_list;
-extern struct list_head tomoyo_globally_readable_list;
-extern struct list_head tomoyo_pattern_list;
-extern struct list_head tomoyo_no_rewrite_list;
-extern struct list_head tomoyo_policy_manager_list;
+extern struct list_head tomoyo_policy_list[TOMOYO_MAX_POLICY];
+extern struct list_head tomoyo_group_list[TOMOYO_MAX_GROUP];
 extern struct list_head tomoyo_name_list[TOMOYO_MAX_HASH];
 
 /* Lock for protecting policy. */

security/tomoyo/file.c

@@ -265,33 +265,6 @@ static int tomoyo_audit_path_number_log(struct tomoyo_request_info *r)
 				 tomoyo_file_pattern(filename), buffer);
 }
 
-/*
- * tomoyo_globally_readable_list is used for holding list of pathnames which
- * are by default allowed to be open()ed for reading by any process.
- *
- * An entry is added by
- *
- * # echo 'allow_read /lib/libc-2.5.so' > \
- *                               /sys/kernel/security/tomoyo/exception_policy
- *
- * and is deleted by
- *
- * # echo 'delete allow_read /lib/libc-2.5.so' > \
- *                               /sys/kernel/security/tomoyo/exception_policy
- *
- * and all entries are retrieved by
- *
- * # grep ^allow_read /sys/kernel/security/tomoyo/exception_policy
- *
- * In the example above, any process is allowed to
- * open("/lib/libc-2.5.so", O_RDONLY).
- * One exception is, if the domain which current process belongs to is marked
- * as "ignore_global_allow_read", current process can't do so unless explicitly
- * given "allow_read /lib/libc-2.5.so" to the domain which current process
- * belongs to.
- */
-LIST_HEAD(tomoyo_globally_readable_list);
-
 static bool tomoyo_same_globally_readable(const struct tomoyo_acl_head *a,
 					  const struct tomoyo_acl_head *b)
 {
@@ -323,7 +296,8 @@ static int tomoyo_update_globally_readable_entry(const char *filename,
 	if (!e.filename)
 		return -ENOMEM;
 	error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-				     &tomoyo_globally_readable_list,
+				     &tomoyo_policy_list
+				     [TOMOYO_ID_GLOBALLY_READABLE],
 				     tomoyo_same_globally_readable);
 	tomoyo_put_name(e.filename);
 	return error;
@@ -344,8 +318,8 @@ static bool tomoyo_globally_readable_file(const struct tomoyo_path_info *
 	struct tomoyo_globally_readable_file_entry *ptr;
 	bool found = false;
 
-	list_for_each_entry_rcu(ptr, &tomoyo_globally_readable_list,
-				head.list) {
+	list_for_each_entry_rcu(ptr, &tomoyo_policy_list
+				[TOMOYO_ID_GLOBALLY_READABLE], head.list) {
 		if (!ptr->head.is_deleted &&
 		    tomoyo_path_matches_pattern(filename, ptr->filename)) {
 			found = true;
@@ -385,7 +359,7 @@ bool tomoyo_read_globally_readable_policy(struct tomoyo_io_buffer *head)
 	bool done = true;
 
 	list_for_each_cookie(pos, head->read_var2,
-			     &tomoyo_globally_readable_list) {
+			     &tomoyo_policy_list[TOMOYO_ID_GLOBALLY_READABLE]) {
 		struct tomoyo_globally_readable_file_entry *ptr;
 		ptr = list_entry(pos,
 				 struct tomoyo_globally_readable_file_entry,
@@ -400,37 +374,6 @@ bool tomoyo_read_globally_readable_policy(struct tomoyo_io_buffer *head)
 	return done;
 }
 
-/* tomoyo_pattern_list is used for holding list of pathnames which are used for
- * converting pathnames to pathname patterns during learning mode.
- *
- * An entry is added by
- *
- * # echo 'file_pattern /proc/\$/mounts' > \
- *                             /sys/kernel/security/tomoyo/exception_policy
- *
- * and is deleted by
- *
- * # echo 'delete file_pattern /proc/\$/mounts' > \
- *                             /sys/kernel/security/tomoyo/exception_policy
- *
- * and all entries are retrieved by
- *
- * # grep ^file_pattern /sys/kernel/security/tomoyo/exception_policy
- *
- * In the example above, if a process which belongs to a domain which is in
- * learning mode requested open("/proc/1/mounts", O_RDONLY),
- * "allow_read /proc/\$/mounts" is automatically added to the domain which that
- * process belongs to.
- *
- * It is not a desirable behavior that we have to use /proc/\$/ instead of
- * /proc/self/ when current process needs to access only current process's
- * information. As of now, LSM version of TOMOYO is using __d_path() for
- * calculating pathname. Non LSM version of TOMOYO is using its own function
- * which pretends as if /proc/self/ is not a symlink; so that we can forbid
- * current process from accessing other process's information.
- */
-LIST_HEAD(tomoyo_pattern_list);
-
 static bool tomoyo_same_pattern(const struct tomoyo_acl_head *a,
 				const struct tomoyo_acl_head *b)
 {
@@ -460,7 +403,7 @@ static int tomoyo_update_file_pattern_entry(const char *pattern,
 	if (!e.pattern)
 		return -ENOMEM;
 	error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-				     &tomoyo_pattern_list,
+				     &tomoyo_policy_list[TOMOYO_ID_PATTERN],
 				     tomoyo_same_pattern);
 	tomoyo_put_name(e.pattern);
 	return error;
@@ -480,7 +423,8 @@ const char *tomoyo_file_pattern(const struct tomoyo_path_info *filename)
 	struct tomoyo_pattern_entry *ptr;
 	const struct tomoyo_path_info *pattern = NULL;
 
-	list_for_each_entry_rcu(ptr, &tomoyo_pattern_list, head.list) {
+	list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_PATTERN],
+				head.list) {
 		if (ptr->head.is_deleted)
 			continue;
 		if (!tomoyo_path_matches_pattern(filename, ptr->pattern))
@@ -527,7 +471,8 @@ bool tomoyo_read_file_pattern(struct tomoyo_io_buffer *head)
 	struct list_head *pos;
 	bool done = true;
 
-	list_for_each_cookie(pos, head->read_var2, &tomoyo_pattern_list) {
+	list_for_each_cookie(pos, head->read_var2,
+			     &tomoyo_policy_list[TOMOYO_ID_PATTERN]) {
 		struct tomoyo_pattern_entry *ptr;
 		ptr = list_entry(pos, struct tomoyo_pattern_entry, head.list);
 		if (ptr->head.is_deleted)
@@ -540,37 +485,6 @@ bool tomoyo_read_file_pattern(struct tomoyo_io_buffer *head)
 	return done;
 }
 
-/*
- * tomoyo_no_rewrite_list is used for holding list of pathnames which are by
- * default forbidden to modify already written content of a file.
- *
- * An entry is added by
- *
- * # echo 'deny_rewrite /var/log/messages' > \
- *                              /sys/kernel/security/tomoyo/exception_policy
- *
- * and is deleted by
- *
- * # echo 'delete deny_rewrite /var/log/messages' > \
- *                              /sys/kernel/security/tomoyo/exception_policy
- *
- * and all entries are retrieved by
- *
- * # grep ^deny_rewrite /sys/kernel/security/tomoyo/exception_policy
- *
- * In the example above, if a process requested to rewrite /var/log/messages ,
- * the process can't rewrite unless the domain which that process belongs to
- * has "allow_rewrite /var/log/messages" entry.
- *
- * It is not a desirable behavior that we have to add "\040(deleted)" suffix
- * when we want to allow rewriting already unlink()ed file. As of now,
- * LSM version of TOMOYO is using __d_path() for calculating pathname.
- * Non LSM version of TOMOYO is using its own function which doesn't append
- * " (deleted)" suffix if the file is already unlink()ed; so that we don't
- * need to worry whether the file is already unlink()ed or not.
- */
-LIST_HEAD(tomoyo_no_rewrite_list);
-
 static bool tomoyo_same_no_rewrite(const struct tomoyo_acl_head *a,
 				   const struct tomoyo_acl_head *b)
 {
@@ -601,7 +515,7 @@ static int tomoyo_update_no_rewrite_entry(const char *pattern,
 	if (!e.pattern)
 		return -ENOMEM;
 	error = tomoyo_update_policy(&e.head, sizeof(e), is_delete,
-				     &tomoyo_no_rewrite_list,
+				     &tomoyo_policy_list[TOMOYO_ID_NO_REWRITE],
 				     tomoyo_same_no_rewrite);
 	tomoyo_put_name(e.pattern);
 	return error;
@@ -622,7 +536,8 @@ static bool tomoyo_no_rewrite_file(const struct tomoyo_path_info *filename)
 	struct tomoyo_no_rewrite_entry *ptr;
 	bool found = false;
 
-	list_for_each_entry_rcu(ptr, &tomoyo_no_rewrite_list, head.list) {
+	list_for_each_entry_rcu(ptr, &tomoyo_policy_list[TOMOYO_ID_NO_REWRITE],
+				head.list) {
 		if (ptr->head.is_deleted)
 			continue;
 		if (!tomoyo_path_matches_pattern(filename, ptr->pattern))
@@ -662,7 +577,8 @@ bool tomoyo_read_no_rewrite_policy(struct tomoyo_io_buffer *head)
 	struct list_head *pos;
 	bool done = true;
 
-	list_for_each_cookie(pos, head->read_var2, &tomoyo_no_rewrite_list) {
+	list_for_each_cookie(pos, head->read_var2,
+			     &tomoyo_policy_list[TOMOYO_ID_NO_REWRITE]) {
 		struct tomoyo_no_rewrite_entry *ptr;
 		ptr = list_entry(pos, struct tomoyo_no_rewrite_entry,
 				 head.list);

security/tomoyo/gc.c

@@ -11,24 +11,6 @@
 #include <linux/kthread.h>
 #include <linux/slab.h>
 
-enum tomoyo_policy_id {
-	TOMOYO_ID_GROUP,
-	TOMOYO_ID_PATH_GROUP,
-	TOMOYO_ID_NUMBER_GROUP,
-	TOMOYO_ID_DOMAIN_INITIALIZER,
-	TOMOYO_ID_DOMAIN_KEEPER,
-	TOMOYO_ID_AGGREGATOR,
-	TOMOYO_ID_ALIAS,
-	TOMOYO_ID_GLOBALLY_READABLE,
-	TOMOYO_ID_PATTERN,
-	TOMOYO_ID_NO_REWRITE,
-	TOMOYO_ID_MANAGER,
-	TOMOYO_ID_NAME,
-	TOMOYO_ID_ACL,
-	TOMOYO_ID_DOMAIN,
-	TOMOYO_MAX_POLICY
-};
-
 struct tomoyo_gc_entry {
 	struct list_head list;
 	int type;
@@ -226,17 +208,6 @@ static void tomoyo_del_number_group(struct list_head *element)
 		container_of(element, typeof(*member), head.list);
 }
 
-static struct list_head *tomoyo_policy_list[TOMOYO_MAX_POLICY] = {
-	[TOMOYO_ID_GLOBALLY_READABLE] = &tomoyo_globally_readable_list,
-	[TOMOYO_ID_PATTERN] = &tomoyo_pattern_list,
-	[TOMOYO_ID_NO_REWRITE] = &tomoyo_no_rewrite_list,
-	[TOMOYO_ID_DOMAIN_INITIALIZER] = &tomoyo_domain_initializer_list,
-	[TOMOYO_ID_DOMAIN_KEEPER] = &tomoyo_domain_keeper_list,
-	[TOMOYO_ID_AGGREGATOR] = &tomoyo_aggregator_list,
-	[TOMOYO_ID_ALIAS] = &tomoyo_alias_list,
-	[TOMOYO_ID_MANAGER] = &tomoyo_policy_manager_list,
-};
-
 static bool tomoyo_collect_member(struct list_head *member_list, int id)
 {
 	struct tomoyo_acl_head *member;
@@ -267,9 +238,8 @@ static void tomoyo_collect_entry(void)
 	if (mutex_lock_interruptible(&tomoyo_policy_lock))
 		return;
 	for (i = 0; i < TOMOYO_MAX_POLICY; i++) {
-		if (tomoyo_policy_list[i])
-			if (!tomoyo_collect_member(tomoyo_policy_list[i], i))
-				goto unlock;
+		if (!tomoyo_collect_member(&tomoyo_policy_list[i], i))
+			goto unlock;
 	}
 	{
 		struct tomoyo_domain_info *domain;
@@ -298,7 +268,9 @@ static void tomoyo_collect_entry(void)
 	}
 	{
 		struct tomoyo_group *group;
-		list_for_each_entry_rcu(group, &tomoyo_path_group_list, list) {
+		list_for_each_entry_rcu(group,
+					&tomoyo_group_list[TOMOYO_PATH_GROUP],
+					list) {
 			tomoyo_collect_member(&group->member_list,
 					      TOMOYO_ID_PATH_GROUP);
 			if (!list_empty(&group->member_list) ||
@@ -311,7 +283,8 @@ static void tomoyo_collect_entry(void)
 	}
 	{
 		struct tomoyo_group *group;
-		list_for_each_entry_rcu(group, &tomoyo_number_group_list,
+		list_for_each_entry_rcu(group,
+					&tomoyo_group_list[TOMOYO_NUMBER_GROUP],
 					list) {
 			tomoyo_collect_member(&group->member_list,
 					      TOMOYO_ID_NUMBER_GROUP);

security/tomoyo/memory.c

@@ -153,6 +153,10 @@ void __init tomoyo_mm_init(void)
 {
 	int idx;
 
+	for (idx = 0; idx < TOMOYO_MAX_POLICY; idx++)
+		INIT_LIST_HEAD(&tomoyo_policy_list[idx]);
+	for (idx = 0; idx < TOMOYO_MAX_GROUP; idx++)
+		INIT_LIST_HEAD(&tomoyo_group_list[idx]);
 	for (idx = 0; idx < TOMOYO_MAX_HASH; idx++)
 		INIT_LIST_HEAD(&tomoyo_name_list[idx]);
 	INIT_LIST_HEAD(&tomoyo_kernel_domain.acl_info_list);

security/tomoyo/number_group.c

@@ -7,9 +7,6 @@
 #include <linux/slab.h>
 #include "common.h"
 
-/* The list for "struct tomoyo_number_group". */
-LIST_HEAD(tomoyo_number_group_list);
-
 /**
  * tomoyo_get_group - Allocate memory for "struct tomoyo_number_group".
  *
@@ -32,7 +29,8 @@ struct tomoyo_group *tomoyo_get_number_group(const char *group_name)
 	entry = kzalloc(sizeof(*entry), GFP_NOFS);
 	if (mutex_lock_interruptible(&tomoyo_policy_lock))
 		goto out;
-	list_for_each_entry_rcu(group, &tomoyo_number_group_list, list) {
+	list_for_each_entry_rcu(group, &tomoyo_group_list[TOMOYO_NUMBER_GROUP],
+				list) {
 		if (saved_group_name != group->group_name)
 			continue;
 		atomic_inc(&group->users);
@@ -44,7 +42,8 @@ struct tomoyo_group *tomoyo_get_number_group(const char *group_name)
 		entry->group_name = saved_group_name;
 		saved_group_name = NULL;
 		atomic_set(&entry->users, 1);
-		list_add_tail_rcu(&entry->list, &tomoyo_number_group_list);
+		list_add_tail_rcu(&entry->list,
+				  &tomoyo_group_list[TOMOYO_NUMBER_GROUP]);
 		group = entry;
 		entry = NULL;
 		error = 0;
@@ -110,7 +109,8 @@ bool tomoyo_read_number_group_policy(struct tomoyo_io_buffer *head)
 {
 	struct list_head *gpos;
 	struct list_head *mpos;
-	list_for_each_cookie(gpos, head->read_var1, &tomoyo_number_group_list) {
+	list_for_each_cookie(gpos, head->read_var1,
+			     &tomoyo_group_list[TOMOYO_NUMBER_GROUP]) {
 		struct tomoyo_group *group;
 		const char *name;
 		group = list_entry(gpos, struct tomoyo_group, list);

security/tomoyo/path_group.c

@@ -6,8 +6,6 @@
 
 #include <linux/slab.h>
 #include "common.h"
-/* The list for "struct tomoyo_path_group". */
-LIST_HEAD(tomoyo_path_group_list);
 
 /**
  * tomoyo_get_group - Allocate memory for "struct tomoyo_path_group".
@@ -30,7 +28,8 @@ struct tomoyo_group *tomoyo_get_path_group(const char *group_name)
 	entry = kzalloc(sizeof(*entry), GFP_NOFS);
 	if (mutex_lock_interruptible(&tomoyo_policy_lock))
 		goto out;
-	list_for_each_entry_rcu(group, &tomoyo_path_group_list, list) {
+	list_for_each_entry_rcu(group, &tomoyo_group_list[TOMOYO_PATH_GROUP],
+				list) {
 		if (saved_group_name != group->group_name)
 			continue;
 		atomic_inc(&group->users);
@@ -42,7 +41,8 @@ struct tomoyo_group *tomoyo_get_path_group(const char *group_name)
 		entry->group_name = saved_group_name;
 		saved_group_name = NULL;
 		atomic_set(&entry->users, 1);
-		list_add_tail_rcu(&entry->list, &tomoyo_path_group_list);
+		list_add_tail_rcu(&entry->list,
+				  &tomoyo_group_list[TOMOYO_PATH_GROUP]);
 		group = entry;
 		entry = NULL;
 		error = 0;
@@ -107,7 +107,8 @@ bool tomoyo_read_path_group_policy(struct tomoyo_io_buffer *head)
 {
 	struct list_head *gpos;
 	struct list_head *mpos;
-	list_for_each_cookie(gpos, head->read_var1, &tomoyo_path_group_list) {
+	list_for_each_cookie(gpos, head->read_var1,
+			     &tomoyo_group_list[TOMOYO_PATH_GROUP]) {
 		struct tomoyo_group *group;
 		group = list_entry(gpos, struct tomoyo_group, list);
 		list_for_each_cookie(mpos, head->read_var2,