コード例 #1
0
ファイル: status.c プロジェクト: nos1609/Chrono_Kernel-1 
/*
 * selinux_kernel_status_page
 *
 * It returns a reference to selinux_status_page. If the status page is
 * not allocated yet, it also tries to allocate it at the first time.
 */
struct page *selinux_kernel_status_page(void)
{
	struct selinux_kernel_status   *status;
	struct page		       *result = NULL;

	mutex_lock(&selinux_status_lock);
	if (!selinux_status_page) {
		selinux_status_page = alloc_page(GFP_KERNEL|__GFP_ZERO);

		if (selinux_status_page) {
			status = page_address(selinux_status_page);

			status->version = SELINUX_KERNEL_STATUS_VERSION;
			status->sequence = 0;
			status->enforcing = selinux_enforcing;
			/*
			 * NOTE: the next policyload event shall set
			 * a positive value on the status->policyload,
			 * although it may not be 1, but never zero.
			 * So, application can know it was updated.
			 */
			status->policyload = 0;
			status->deny_unknown = !security_get_allow_unknown();
		}
	}
	result = selinux_status_page;
	mutex_unlock(&selinux_status_lock);

	return result;
}
コード例 #2
0
static ssize_t sel_read_handle_unknown(struct file *filp, char __user *buf,
					size_t count, loff_t *ppos)
{
	char tmpbuf[TMPBUFLEN];
	ssize_t length;
	ino_t ino = filp->f_path.dentry->d_inode->i_ino;
	int handle_unknown = (ino == SEL_REJECT_UNKNOWN) ?
		security_get_reject_unknown() : !security_get_allow_unknown();

	length = scnprintf(tmpbuf, TMPBUFLEN, "%d", handle_unknown);
	return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
}
コード例 #3
0
ファイル: status.c プロジェクト: nos1609/Chrono_Kernel-1 
/*
 * selinux_status_update_policyload
 *
 * It updates status of the times of policy reloaded, and current
 * setting of deny_unknown.
 */
void selinux_status_update_policyload(int seqno)
{
	struct selinux_kernel_status   *status;

	mutex_lock(&selinux_status_lock);
	if (selinux_status_page) {
		status = page_address(selinux_status_page);

		status->sequence++;
		smp_wmb();

		status->policyload = seqno;
		status->deny_unknown = !security_get_allow_unknown();

		smp_wmb();
		status->sequence++;
	}
	mutex_unlock(&selinux_status_lock);
}
コード例 #4
0
struct page *selinux_kernel_status_page(void)
{
    struct selinux_kernel_status   *status;
    struct page		       *result = NULL;

    mutex_lock(&selinux_status_lock);
    if (!selinux_status_page) {
        selinux_status_page = alloc_page(GFP_KERNEL|__GFP_ZERO);

        if (selinux_status_page) {
            status = page_address(selinux_status_page);

            status->version = SELINUX_KERNEL_STATUS_VERSION;
            status->sequence = 0;
            status->enforcing = selinux_enforcing;
            status->policyload = 0;
            status->deny_unknown = !security_get_allow_unknown();
        }
    }
    result = selinux_status_page;
    mutex_unlock(&selinux_status_lock);

    return result;
}