static int sel_make_avc_files(struct dentry *dir) { int i; static struct tree_descr files[] = { { "cache_threshold", &sel_avc_cache_threshold_ops, S_IRUGO|S_IWUSR }, { "hash_stats", &sel_avc_hash_stats_ops, S_IRUGO }, #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS { "cache_stats", &sel_avc_cache_stats_ops, S_IRUGO }, #endif }; for (i = 0; i < ARRAY_SIZE(files); i++) { struct inode *inode; struct dentry *dentry; dentry = d_alloc_name(dir, files[i].name); if (!dentry) return -ENOMEM; inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode); if (!inode) return -ENOMEM; inode->i_fop = files[i].ops; inode->i_ino = ++sel_last_ino; d_add(dentry, inode); } return 0; }
static int sel_make_initcon_files(struct dentry *dir) { int i, ret = 0; for (i = 1; i <= SECINITSID_NUM; i++) { struct inode *inode; struct dentry *dentry; dentry = d_alloc_name(dir, security_get_initial_sid_context(i)); if (!dentry) { ret = -ENOMEM; goto out; } inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); if (!inode) { ret = -ENOMEM; goto out; } inode->i_fop = &sel_initcon_ops; inode->i_ino = i|SEL_INITCON_INO_OFFSET; d_add(dentry, inode); } out: return ret; }
static int sel_make_bools(void) { int i, ret; ssize_t len; struct dentry *dentry = NULL; struct dentry *dir = bool_dir; struct inode *inode = NULL; struct inode_security_struct *isec; char **names = NULL, *page; int num; int *values = NULL; u32 sid; /* remove any existing files */ for (i = 0; i < bool_num; i++) kfree(bool_pending_names[i]); kfree(bool_pending_names); kfree(bool_pending_values); bool_num = 0; bool_pending_names = NULL; bool_pending_values = NULL; sel_remove_entries(dir); ret = -ENOMEM; page = (char *)get_zeroed_page(GFP_KERNEL); if (!page) goto out; ret = security_get_bools(&num, &names, &values); if (ret) goto out; for (i = 0; i < num; i++) { ret = -ENOMEM; dentry = d_alloc_name(dir, names[i]); if (!dentry) goto out; ret = -ENOMEM; inode = sel_make_inode(dir->d_sb, S_IFREG | S_IRUGO | S_IWUSR); if (!inode) goto out; ret = -EINVAL; len = snprintf(page, PAGE_SIZE, "/%s/%s", BOOL_DIR_NAME, names[i]); if (len < 0) goto out; ret = -ENAMETOOLONG; if (len >= PAGE_SIZE) goto out; isec = (struct inode_security_struct *)inode->i_security; ret = security_genfs_sid("selinuxfs", page, SECCLASS_FILE, &sid); if (ret) goto out; isec->sid = sid; isec->initialized = 1; inode->i_fop = &sel_bool_ops; inode->i_ino = i|SEL_BOOL_INO_OFFSET; d_add(dentry, inode); } bool_num = num; bool_pending_names = names; bool_pending_values = values; free_page((unsigned long)page); return 0; out: free_page((unsigned long)page); if (names) { for (i = 0; i < num; i++) kfree(names[i]); kfree(names); } kfree(values); sel_remove_entries(dir); return ret; }