/**
* tomoyo_write_env - Write "struct tomoyo_env_acl" list.
*
* @param: Pointer to "struct tomoyo_acl_param".
*
* Returns 0 on success, negative value otherwise.
*
* Caller holds tomoyo_read_lock().
*/
static int tomoyo_write_env(struct tomoyo_acl_param *param)
{
struct tomoyo_env_acl e = { .head.type = TOMOYO_TYPE_ENV_ACL };
int error = -ENOMEM;
const char *data = tomoyo_read_token(param);
if (!tomoyo_correct_word(data) || strchr(data, '='))
return -EINVAL;
e.env = tomoyo_get_name(data);
if (!e.env)
return error;
error = tomoyo_update_domain(&e.head, sizeof(e), param,
tomoyo_same_env_acl, NULL);
tomoyo_put_name(e.env);
return error;
}
/**
* tomoyo_write_misc - Update environment variable list.
*
* @param: Pointer to "struct tomoyo_acl_param".
*
* Returns 0 on success, negative value otherwise.
*/
int tomoyo_write_misc(struct tomoyo_acl_param *param)
{
if (tomoyo_str_starts(¶m->data, "env "))
return tomoyo_write_env(param);
return -EINVAL;
}
static int tomoyo_update_mount_acl(struct tomoyo_acl_param *param)
{
struct tomoyo_mount_acl e = { .head.type = TOMOYO_TYPE_MOUNT_ACL };
int error;
if (!tomoyo_parse_name_union(param, &e.dev_name) ||
!tomoyo_parse_name_union(param, &e.dir_name) ||
!tomoyo_parse_name_union(param, &e.fs_type) ||
!tomoyo_parse_number_union(param, &e.flags))
error = -EINVAL;
else
error = tomoyo_update_domain(&e.head, sizeof(e), param,
tomoyo_same_mount_acl, NULL);
tomoyo_put_name_union(&e.dev_name);
tomoyo_put_name_union(&e.dir_name);
tomoyo_put_name_union(&e.fs_type);
tomoyo_put_number_union(&e.flags);
return error;
}
int tomoyo_write_file(struct tomoyo_acl_param *param)
{
u16 perm = 0;
u8 type;
const char *operation = tomoyo_read_token(param);
for (type = 0; type < TOMOYO_MAX_PATH_OPERATION; type++)
if (tomoyo_permstr(operation, tomoyo_path_keyword[type]))
perm |= 1 << type;
if (perm)
return tomoyo_update_path_acl(perm, param);
for (type = 0; type < TOMOYO_MAX_PATH2_OPERATION; type++)
if (tomoyo_permstr(operation,
tomoyo_mac_keywords[tomoyo_pp2mac[type]]))
perm |= 1 << type;
if (perm)
return tomoyo_update_path2_acl(perm, param);
for (type = 0; type < TOMOYO_MAX_PATH_NUMBER_OPERATION; type++)
if (tomoyo_permstr(operation,
tomoyo_mac_keywords[tomoyo_pn2mac[type]]))
perm |= 1 << type;
if (perm)
return tomoyo_update_path_number_acl(perm, param);
for (type = 0; type < TOMOYO_MAX_MKDEV_OPERATION; type++)
if (tomoyo_permstr(operation,
tomoyo_mac_keywords[tomoyo_pnnn2mac[type]]))
perm |= 1 << type;
if (perm)
return tomoyo_update_mkdev_acl(perm, param);
if (tomoyo_permstr(operation,
tomoyo_mac_keywords[TOMOYO_MAC_FILE_MOUNT]))
return tomoyo_update_mount_acl(param);
return -EINVAL;
}
static int tomoyo_write_env(struct tomoyo_acl_param *param)
{
struct tomoyo_env_acl e = { .head.type = TOMOYO_TYPE_ENV_ACL };
int error = -ENOMEM;
const char *data = tomoyo_read_token(param);
if (!tomoyo_correct_word(data) || strchr(data, '='))
return -EINVAL;
e.env = tomoyo_get_name(data);
if (!e.env)
return error;
error = tomoyo_update_domain(&e.head, sizeof(e), param,
tomoyo_same_env_acl, NULL);
tomoyo_put_name(e.env);
return error;
}
int tomoyo_write_misc(struct tomoyo_acl_param *param)
{
if (tomoyo_str_starts(¶m->data, "env "))
return tomoyo_write_env(param);
return -EINVAL;
}
