/**
* secpolicy_updatefileguarddata - update file access guard data.
* @ppUpdateData: file access data pointer
*
* This function is to update process access guard data.
*
*/
void secpolicy_updatefileguarddata(struct FileGData **ppUpdateData)
{
if (ppUpdateData != NULL) {
secpolicy_releasefileguarddata(gppfileg_data);
gppfileg_data = ppUpdateData;
}
}
/**
* seccore_exefileguarddata - file target execute.
* @pData: file access guard policy data pointer
* @size: file access guard policy data size
*
* This function is file file target execute.
*
* return infomation
* true:execute success
* false:execute failed
*/
bool seccore_exefileguarddata(const char *pData, size_t size)
{
bool result = true;
int targetSetIndex=-1;
struct Header* pHeader = (struct Header*)(pData);
struct FileGData **ppUpdateData = NULL;
struct FileGData *pFileGData = NULL;
struct FileGData **ppWork = NULL;
while (!IS_NONDATA(pHeader->mType)) {
targetSetIndex++;
/* memory extend */
ppWork = (struct FileGData**)seccore_extenddata(
(char *)ppUpdateData,
sizeof(struct FileGData *) * (targetSetIndex + 1),
sizeof(struct FileGData *));
if (ppWork == NULL) {
result = false;
break;
}
if (ppUpdateData != NULL)
secfunc_free(ppUpdateData);
ppUpdateData = ppWork;
/* memory extend add target data */
pFileGData = secfunc_malloc(sizeof(struct FileGData));
if (pFileGData == NULL) {
result = false;
break;
}
secfunc_memset(pFileGData, 0, sizeof(struct FileGData));
ppUpdateData[targetSetIndex] = pFileGData;
/* read target conditions */
pHeader = seccore_exefileg_target(pHeader, pFileGData);
if (pHeader == NULL) {
result = false;
break;
}
/* read caller conditions */
result = seccore_execaller(pHeader,
&pFileGData->mCallers,
&pHeader);
if (result == false)
break;
}
if (result) {
/* update data */
secpolicy_updatefileguarddata(ppUpdateData);
} else {
/* release data */
secpolicy_releasefileguarddata(ppUpdateData);
}
return result;
}
/**
* secpolicy_resetfileguarddata - reaset file access guard data.
* @ppUpdateData: file access data pointer
*
* This function is to reaset process access guard data.
*
*/
void secpolicy_resetfileguarddata(void)
{
secpolicy_releasefileguarddata(gppfileg_data);
gppfileg_data = gpfileg_data_empty;
}
