#include <linux/types.h>
#include <linux/sched.h>
#include <linux/mm.h>
#include <linux/init.h>
#include <linux/ext2_fs.h>
#include <asm/uaccess.h>
#include <rsbac/types.h>
#include <rsbac/aci_data_structures.h>
#include <rsbac/mac_data_structures.h>
#include <rsbac/error.h>
#include <rsbac/helpers.h>
#include <rsbac/adf.h>
#include <rsbac/aci.h>
#include <rsbac/lists.h>
#include <rsbac/proc_fs.h>
#include <rsbac/rkmem.h>
#include <rsbac/getname.h>
#include <linux/string.h>
#include <linux/smp_lock.h>
Go to the source code of this file.
static struct rsbac_mac_device_list_item_t* add_device_item | ( | struct rsbac_mac_device_list_item_t * | device_p | ) | [static] |
Definition at line 189 of file mac_data_structures.c.
References rsbac_mac_device_list_head_t::count, rsbac_mac_device_list_head_t::curr, device_list_head, rsbac_mac_device_list_head_t::head, rsbac_mac_device_list_item_t::next, NULL, rsbac_mac_device_list_item_t::prev, and rsbac_mac_device_list_head_t::tail.
00190 { 00191 if (!device_p) 00192 return (NULL); 00193 00194 /* add new device to device list */ 00195 if (!device_list_head.head) { /* first device */ 00196 device_list_head.head = device_p; 00197 device_list_head.tail = device_p; 00198 device_list_head.curr = device_p; 00199 device_list_head.count = 1; 00200 device_p->prev = NULL; 00201 device_p->next = NULL; 00202 } else { /* there is another device -> hang to tail */ 00203 device_p->prev = device_list_head.tail; 00204 device_p->next = NULL; 00205 device_list_head.tail->next = device_p; 00206 device_list_head.tail = device_p; 00207 device_list_head.curr = device_p; 00208 device_list_head.count++; 00209 } 00210 return (device_p); 00211 }
static void clear_device_item | ( | struct rsbac_mac_device_list_item_t * | item_p | ) | [static] |
Definition at line 220 of file mac_data_structures.c.
References mac_detach_fd_lists(), and rsbac_kfree().
00221 { 00222 if (!item_p) 00223 return; 00224 00225 /* First deregister lists... */ 00226 mac_detach_fd_lists(item_p); 00227 /* OK, lets remove the device item itself */ 00228 rsbac_kfree(item_p); 00229 } /* end of clear_device_item() */
static int copy_fp_tru_set_item | ( | struct rsbac_mac_device_list_item_t * | device_p, | |
rsbac_mac_file_t | file, | |||
rsbac_pid_t | pid | |||
) | [static] |
Definition at line 271 of file mac_data_structures.c.
References rsbac_mac_device_list_item_t::handle, NULL, process_handle, RSBAC_ENOTFOUND, rsbac_get_parent(), rsbac_list_lol_get_all_subdesc_ttl(), rsbac_list_lol_remove(), rsbac_list_lol_subadd_ttl(), rsbac_vfree, and T_FILE.
Referenced by rsbac_mac_copy_fp_truset().
00274 { 00275 rsbac_uid_t *tru_item_p; 00276 rsbac_time_t *ttl_p; 00277 int i; 00278 long count; 00279 enum rsbac_target_t target = T_FILE; 00280 union rsbac_target_id_t tid; 00281 00282 rsbac_list_lol_remove(process_handle, &pid); 00283 count = rsbac_list_lol_get_all_subdesc_ttl(device_p->handle, 00284 &file.inode, 00285 (void **) &tru_item_p, 00286 &ttl_p); 00287 if (!count || (count == -RSBAC_ENOTFOUND) 00288 ) { 00289 tid.file = file; 00290 if (!rsbac_get_parent(target, tid, &target, &tid)) 00291 count = 00292 rsbac_list_lol_get_all_subdesc_ttl(device_p->handle, 00293 &tid.file. 00294 inode, 00295 (void **) 00296 &tru_item_p, 00297 &ttl_p); 00298 } 00299 if (count > 0) { 00300 for (i = 0; i < count; i++) { 00301 rsbac_list_lol_subadd_ttl(process_handle, 00302 ttl_p[i], 00303 &pid, 00304 &tru_item_p[i], NULL); 00305 } 00306 rsbac_vfree(tru_item_p); 00307 rsbac_vfree(ttl_p); 00308 } else { 00309 if ((count < 0) 00310 && (count != -RSBAC_ENOTFOUND) 00311 ) 00312 return count; 00313 } 00314 00315 return 0; 00316 } /* end of copy_fp_tru_set_item() */
static int copy_pp_tru_set_item | ( | rsbac_pid_t | old_pid, | |
rsbac_pid_t | new_pid | |||
) | [static] |
Definition at line 351 of file mac_data_structures.c.
References copy_pp_tru_set_item_handle(), and process_handle.
Referenced by rsbac_mac_copy_pp_truset().
00352 { 00353 return copy_pp_tru_set_item_handle(process_handle, old_pid, 00354 new_pid); 00355 } /* end of copy_pp_tru_set_item() */
static int copy_pp_tru_set_item_handle | ( | rsbac_list_handle_t | handle, | |
rsbac_pid_t | old_pid, | |||
rsbac_pid_t | new_pid | |||
) | [static] |
Definition at line 321 of file mac_data_structures.c.
References NULL, rsbac_list_lol_get_all_subdesc_ttl(), rsbac_list_lol_remove(), rsbac_list_lol_subadd_ttl(), and rsbac_vfree.
Referenced by copy_pp_tru_set_item().
00324 { 00325 rsbac_uid_t *tru_item_p; 00326 rsbac_time_t *ttl_p; 00327 int i; 00328 long count; 00329 00330 rsbac_list_lol_remove(handle, &new_pid); 00331 count = rsbac_list_lol_get_all_subdesc_ttl(handle, 00332 &old_pid, 00333 (void **) &tru_item_p, 00334 &ttl_p); 00335 if (count > 0) { 00336 for (i = 0; i < count; i++) { 00337 rsbac_list_lol_subadd_ttl(handle, 00338 ttl_p[i], 00339 &new_pid, 00340 &tru_item_p[i], NULL); 00341 } 00342 rsbac_vfree(tru_item_p); 00343 rsbac_vfree(ttl_p); 00344 } else { 00345 if (count < 0) 00346 return count; 00347 } 00348 return 0; 00349 }
static struct rsbac_mac_device_list_item_t* create_device_item | ( | kdev_t | kdev | ) | [static] |
Definition at line 170 of file mac_data_structures.c.
References NULL, and rsbac_kmalloc().
00171 { 00172 struct rsbac_mac_device_list_item_t *new_item_p; 00173 00174 /* allocate memory for new device, return NULL, if failed */ 00175 if (!(new_item_p = (struct rsbac_mac_device_list_item_t *) 00176 rsbac_kmalloc(sizeof(*new_item_p)))) 00177 return (NULL); 00178 00179 new_item_p->id = kdev; 00180 new_item_p->mount_count = 1; 00181 00182 /* init file/dir sublists */ 00183 new_item_p->handle = NULL; 00184 return (new_item_p); 00185 }
static struct rsbac_mac_device_list_item_t* lookup_device | ( | kdev_t | kdev | ) | [static] |
Definition at line 136 of file mac_data_structures.c.
References rsbac_mac_device_list_head_t::curr, device_list_head, rsbac_mac_device_list_head_t::head, rsbac_mac_device_list_item_t::id, and rsbac_mac_device_list_item_t::next.
00137 { 00138 struct rsbac_mac_device_list_item_t *curr = device_list_head.curr; 00139 00140 /* if there is no current item or it is not the right one, search... */ 00141 if (!(curr && (RSBAC_MAJOR(curr->id) == RSBAC_MAJOR(kdev)) 00142 && (RSBAC_MINOR(curr->id) == RSBAC_MINOR(kdev)) 00143 ) 00144 ) { 00145 curr = device_list_head.head; 00146 while (curr 00147 && ((RSBAC_MAJOR(curr->id) != RSBAC_MAJOR(kdev)) 00148 || (RSBAC_MINOR(curr->id) != RSBAC_MINOR(kdev)) 00149 ) 00150 ) { 00151 curr = curr->next; 00152 } 00153 if (curr) 00154 device_list_head.curr = curr; 00155 } 00156 /* it is the current item -> return it */ 00157 return (curr); 00158 }
static int mac_detach_fd_lists | ( | struct rsbac_mac_device_list_item_t * | device_p | ) | [static] |
Definition at line 105 of file mac_data_structures.c.
References get_error_name(), rsbac_mac_device_list_item_t::handle, rsbac_mac_device_list_item_t::id, RSBAC_EINVALIDPOINTER, rsbac_kfree(), rsbac_kmalloc(), rsbac_list_lol_detach(), RSBAC_MAC_FD_FILENAME, RSBAC_MAC_LIST_KEY, RSBAC_MAXNAMELEN, and rsbac_printk().
Referenced by clear_device_item().
00107 { 00108 int err = 0; 00109 00110 if (!device_p) 00111 return (-RSBAC_EINVALIDPOINTER); 00112 00113 err = rsbac_list_lol_detach(&device_p->handle, 00114 RSBAC_MAC_LIST_KEY); 00115 if (err) { 00116 char *tmp; 00117 00118 tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN); 00119 if (tmp) { 00120 rsbac_printk(KERN_WARNING "mac_detach_fd_lists(): detaching from list %s for device %02u:%02u failed with error %s!\n", 00121 RSBAC_MAC_FD_FILENAME, 00122 RSBAC_MAJOR(device_p->id), 00123 RSBAC_MINOR(device_p->id), 00124 get_error_name(tmp, err)); 00125 rsbac_kfree(tmp); 00126 } 00127 } 00128 return err; 00129 }
static int mac_register_fd_lists | ( | struct rsbac_mac_device_list_item_t * | device_p, | |
kdev_t | kdev | |||
) | [static] |
Definition at line 56 of file mac_data_structures.c.
References rsbac_list_lol_info_t::data_size, rsbac_list_lol_info_t::desc_size, get_error_name(), rsbac_mac_device_list_item_t::handle, rsbac_list_lol_info_t::key, rsbac_list_lol_info_t::max_age, nr_fd_hashes, NULL, RSBAC_EINVALIDPOINTER, rsbac_kfree(), rsbac_kmalloc(), RSBAC_LIST_DEF_DATA, rsbac_list_hash_fd(), rsbac_list_lol_register_hashed(), RSBAC_LIST_PERSIST, RSBAC_LIST_VERSION, RSBAC_MAC_FD_FILENAME, RSBAC_MAC_FD_LIST_VERSION, RSBAC_MAC_FD_OLD_FILENAME, RSBAC_MAC_LIST_KEY, RSBAC_MAXNAMELEN, rsbac_printk(), rsbac_list_lol_info_t::subdata_size, rsbac_list_lol_info_t::subdesc_size, and rsbac_list_lol_info_t::version.
Referenced by rsbac_init_mac(), and rsbac_mount_mac().
00058 { 00059 int err = 0; 00060 int tmperr; 00061 struct rsbac_list_lol_info_t lol_info; 00062 00063 if (!device_p) 00064 return (-RSBAC_EINVALIDPOINTER); 00065 00066 lol_info.version = RSBAC_MAC_FD_LIST_VERSION; 00067 lol_info.key = RSBAC_MAC_LIST_KEY; 00068 lol_info.desc_size = sizeof(rsbac_inode_nr_t); 00069 lol_info.data_size = 0; 00070 lol_info.subdesc_size = sizeof(rsbac_uid_t); 00071 lol_info.subdata_size = 0; /* rights */ 00072 lol_info.max_age = 0; 00073 tmperr = rsbac_list_lol_register_hashed(RSBAC_LIST_VERSION, 00074 &device_p->handle, 00075 &lol_info, 00076 RSBAC_LIST_PERSIST | 00077 RSBAC_LIST_DEF_DATA, 00078 NULL, 00079 NULL, 00080 NULL, NULL, NULL, NULL, 00081 RSBAC_MAC_FD_FILENAME, kdev, 00082 nr_fd_hashes, 00083 rsbac_list_hash_fd, 00084 RSBAC_MAC_FD_OLD_FILENAME); 00085 if (tmperr) { 00086 char *tmp; 00087 00088 tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN); 00089 if (tmp) { 00090 rsbac_printk(KERN_WARNING "mac_register_fd_lists(): registering list %s for device %02u:%02u failed with error %s!\n", 00091 RSBAC_MAC_FD_FILENAME, 00092 RSBAC_MAJOR(kdev), 00093 RSBAC_MINOR(kdev), 00094 get_error_name(tmp, tmperr)); 00095 rsbac_kfree(tmp); 00096 } 00097 err = tmperr; 00098 } 00099 return err; 00100 }
static void remove_device_item | ( | kdev_t | kdev | ) | [static] |
Definition at line 231 of file mac_data_structures.c.
References clear_device_item(), rsbac_mac_device_list_head_t::count, rsbac_mac_device_list_head_t::curr, device_list_head, rsbac_mac_device_list_head_t::head, lookup_device(), rsbac_mac_device_list_item_t::next, NULL, rsbac_mac_device_list_item_t::prev, and rsbac_mac_device_list_head_t::tail.
00232 { 00233 struct rsbac_mac_device_list_item_t *item_p; 00234 00235 /* first we must locate the item. */ 00236 if ((item_p = lookup_device(kdev))) { /* ok, item was found */ 00237 if (device_list_head.head == item_p) { /* item is head */ 00238 if (device_list_head.tail == item_p) { /* item is head and tail = only item -> list will be empty */ 00239 device_list_head.head = NULL; 00240 device_list_head.tail = NULL; 00241 } else { /* item is head, but not tail -> next item becomes head */ 00242 item_p->next->prev = NULL; 00243 device_list_head.head = item_p->next; 00244 } 00245 } else { /* item is not head */ 00246 if (device_list_head.tail == item_p) { /*item is not head, but tail -> previous item becomes tail */ 00247 item_p->prev->next = NULL; 00248 device_list_head.tail = item_p->prev; 00249 } else { /* item is neither head nor tail -> item is cut out */ 00250 item_p->prev->next = item_p->next; 00251 item_p->next->prev = item_p->prev; 00252 } 00253 } 00254 00255 /* curr is no longer valid -> reset. */ 00256 device_list_head.curr = NULL; 00257 /* adjust counter */ 00258 device_list_head.count--; 00259 00260 /* now we can remove the item from memory. This means cleaning up */ 00261 /* everything below. */ 00262 clear_device_item(item_p); 00263 } /* end of if: item was found */ 00264 00265 } /* end of remove_device_item() */
int __init rsbac_init_mac | ( | void | ) |
Definition at line 712 of file mac_data_structures.c.
References add_device_item(), rsbac_mac_device_list_head_t::count, create_device_item(), rsbac_mac_device_list_head_t::curr, rsbac_list_lol_info_t::data_size, rsbac_list_lol_info_t::desc_size, device_list_head, get_error_name(), rsbac_mac_device_list_head_t::head, rsbac_list_lol_info_t::key, rsbac_mac_device_list_head_t::lock, mac_register_fd_lists(), rsbac_list_lol_info_t::max_age, NULL, proc_rsbac_root_p, process_handle, RSBAC_ECOULDNOTADDDEVICE, RSBAC_EREINIT, rsbac_is_initialized(), rsbac_kfree(), rsbac_kmalloc(), RSBAC_LIST_DEF_DATA, rsbac_list_lol_register(), RSBAC_LIST_VERSION, RSBAC_MAC_LIST_KEY, RSBAC_MAC_P_LIST_NAME, RSBAC_MAC_P_LIST_VERSION, RSBAC_MAXNAMELEN, rsbac_pr_debug, rsbac_printk(), rsbac_root_dev, rsbac_list_lol_info_t::subdata_size, rsbac_list_lol_info_t::subdesc_size, rsbac_mac_device_list_head_t::tail, and rsbac_list_lol_info_t::version.
Referenced by rsbac_do_init().
00714 { 00715 int err = 0; 00716 struct rsbac_mac_device_list_item_t *device_p = NULL; 00717 u_long dflags; 00718 struct proc_dir_entry *tmp_entry_p; 00719 struct rsbac_list_lol_info_t lol_info; 00720 00721 if (rsbac_is_initialized()) { 00722 rsbac_printk(KERN_WARNING "rsbac_init_mac(): RSBAC already initialized\n"); 00723 return (-RSBAC_EREINIT); 00724 } 00725 00726 /* set rw-spinlocks to unlocked status and init data structures */ 00727 rsbac_printk(KERN_INFO "rsbac_init_mac(): Initializing RSBAC: MAC subsystem\n"); 00728 00729 lol_info.version = RSBAC_MAC_P_LIST_VERSION; 00730 lol_info.key = RSBAC_MAC_LIST_KEY; 00731 lol_info.desc_size = sizeof(rsbac_pid_t); 00732 lol_info.data_size = 0; 00733 lol_info.subdesc_size = sizeof(rsbac_uid_t); 00734 lol_info.subdata_size = 0; 00735 lol_info.max_age = 0; 00736 err = rsbac_list_lol_register(RSBAC_LIST_VERSION, 00737 &process_handle, 00738 &lol_info, 00739 RSBAC_LIST_DEF_DATA, 00740 NULL, 00741 NULL, 00742 NULL, 00743 NULL, 00744 NULL, 00745 NULL, 00746 RSBAC_MAC_P_LIST_NAME, 00747 RSBAC_AUTO_DEV); 00748 if (err) { 00749 char *tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN); 00750 00751 if (tmp) { 00752 rsbac_printk(KERN_WARNING "rsbac_init_mac(): Registering MAC process trusted user list failed with error %s\n", 00753 get_error_name(tmp, err)); 00754 rsbac_kfree(tmp); 00755 } 00756 } 00757 00758 /* Init FD lists */ 00759 device_list_head.lock = RW_LOCK_UNLOCKED; 00760 device_list_head.head = NULL; 00761 device_list_head.tail = NULL; 00762 device_list_head.curr = NULL; 00763 device_list_head.count = 0; 00764 00765 /* read all data */ 00766 rsbac_pr_debug(ds_mac, "rsbac_init_mac(): Registering FD lists\n"); 00767 device_p = create_device_item(rsbac_root_dev); 00768 if (!device_p) { 00769 rsbac_printk(KERN_CRIT 00770 "rsbac_init_mac(): Could not add device!\n"); 00771 return (-RSBAC_ECOULDNOTADDDEVICE); 00772 } 00773 if ((err = mac_register_fd_lists(device_p, rsbac_root_dev))) { 00774 char tmp[RSBAC_MAXNAMELEN]; 00775 00776 rsbac_printk(KERN_WARNING "rsbac_init_mac(): File/Dir trusted user set registration failed for dev %02u:%02u, err %s!\n", 00777 RSBAC_MAJOR(rsbac_root_dev), 00778 RSBAC_MINOR(rsbac_root_dev), 00779 get_error_name(tmp, err)); 00780 } 00781 /* wait for write access to device_list_head */ 00782 rsbac_write_lock_irq(&device_list_head.lock, &dflags); 00783 device_p = add_device_item(device_p); 00784 /* device was added, allow access */ 00785 rsbac_write_unlock_irq(&device_list_head.lock, &dflags); 00786 if (!device_p) { 00787 rsbac_printk(KERN_CRIT 00788 "rsbac_init_mac(): Could not add device!\n"); 00789 return (-RSBAC_ECOULDNOTADDDEVICE); 00790 } 00791 #if defined(CONFIG_RSBAC_PROC) && defined(CONFIG_PROC_FS) 00792 tmp_entry_p = create_proc_entry("mac_devices", 00793 S_IFREG | S_IRUGO | S_IWUGO, 00794 proc_rsbac_root_p); 00795 if (tmp_entry_p) { 00796 tmp_entry_p->get_info = mac_devices_proc_info; 00797 } 00798 tmp_entry_p = create_proc_entry("stats_mac", 00799 S_IFREG | S_IRUGO, 00800 proc_rsbac_root_p); 00801 if (tmp_entry_p) { 00802 tmp_entry_p->get_info = stats_mac_proc_info; 00803 } 00804 tmp_entry_p = create_proc_entry("mac_trusted", 00805 S_IFREG | S_IRUGO, 00806 proc_rsbac_root_p); 00807 if (tmp_entry_p) { 00808 tmp_entry_p->get_info = mac_trulist_proc_info; 00809 } 00810 #endif 00811 00812 rsbac_pr_debug(aef_mac, "Ready.\n"); 00813 return (err); 00814 }
int rsbac_mac_add_to_f_truset | ( | rsbac_list_ta_number_t | ta_number, | |
rsbac_mac_file_t | file, | |||
rsbac_uid_t | member, | |||
rsbac_time_t | ttl | |||
) |
Definition at line 993 of file mac_data_structures.c.
References device_list_head, rsbac_mac_device_list_item_t::handle, rsbac_mac_device_list_head_t::lock, lookup_device(), NULL, RSBAC_EINVALIDDEV, RSBAC_ENOTINITIALIZED, rsbac_get_super_block(), rsbac_is_initialized(), rsbac_printk(), and rsbac_ta_list_lol_subadd_ttl().
Referenced by rsbac_mac_add_f_tru().
00996 { 00997 int err = 0; 00998 u_long dflags; 00999 struct rsbac_mac_device_list_item_t *device_p; 01000 01001 if (!rsbac_is_initialized()) { 01002 rsbac_printk(KERN_WARNING "rsbac_mac_add_to_f_truset(): RSBAC not initialized\n"); 01003 return (-RSBAC_ENOTINITIALIZED); 01004 } 01005 if (in_interrupt()) { 01006 rsbac_printk(KERN_WARNING "rsbac_mac_add_to_f_truset(): called from interrupt!\n"); 01007 } 01008 01009 /* protect device list */ 01010 rsbac_read_lock(&device_list_head.lock, &dflags); 01011 device_p = lookup_device(file.device); 01012 if (!device_p) { 01013 /* trigger rsbac_mount() */ 01014 rsbac_read_unlock(&device_list_head.lock, &dflags); 01015 rsbac_get_super_block(file.device); 01016 /* retry */ 01017 rsbac_read_lock(&device_list_head.lock, &dflags); 01018 device_p = lookup_device(file.device); 01019 if (!device_p) { 01020 rsbac_printk(KERN_WARNING "rsbac_mac_add_to_f_truset(): invalid device %02u:%02u!\n", 01021 RSBAC_MAJOR(file.device), 01022 RSBAC_MINOR(file.device)); 01023 rsbac_read_unlock(&device_list_head.lock, &dflags); 01024 return (-RSBAC_EINVALIDDEV); 01025 } 01026 } 01027 01028 err = rsbac_ta_list_lol_subadd_ttl(ta_number, 01029 device_p->handle, 01030 ttl, &file.inode, &member, 01031 NULL); 01032 rsbac_read_unlock(&device_list_head.lock, &dflags); 01033 return (err); 01034 }
int rsbac_mac_add_to_p_truset | ( | rsbac_list_ta_number_t | ta_number, | |
rsbac_pid_t | pid, | |||
rsbac_uid_t | member, | |||
rsbac_time_t | ttl | |||
) |
Definition at line 978 of file mac_data_structures.c.
References NULL, process_handle, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_printk(), and rsbac_ta_list_lol_subadd_ttl().
Referenced by rsbac_mac_add_p_tru().
00981 { 00982 if (!rsbac_is_initialized()) { 00983 rsbac_printk(KERN_WARNING "rsbac_mac_add_to_p_truset(): RSBAC not initialized\n"); 00984 return (-RSBAC_ENOTINITIALIZED); 00985 } 00986 if (in_interrupt()) { 00987 rsbac_printk(KERN_WARNING "rsbac_mac_add_to_p_truset(): called from interrupt!\n"); 00988 } 00989 return rsbac_ta_list_lol_subadd_ttl(ta_number, process_handle, ttl, 00990 &pid, &member, NULL); 00991 }
int rsbac_mac_clear_f_truset | ( | rsbac_list_ta_number_t | ta_number, | |
rsbac_mac_file_t | file | |||
) |
Definition at line 1112 of file mac_data_structures.c.
References device_list_head, rsbac_mac_device_list_item_t::handle, rsbac_mac_device_list_head_t::lock, lookup_device(), RSBAC_EINVALIDDEV, RSBAC_ENOTINITIALIZED, rsbac_get_super_block(), rsbac_is_initialized(), rsbac_printk(), and rsbac_ta_list_lol_remove().
Referenced by rsbac_mac_remove_f_trusets().
01114 { 01115 int err = 0; 01116 u_long dflags; 01117 struct rsbac_mac_device_list_item_t *device_p; 01118 01119 if (!rsbac_is_initialized()) { 01120 rsbac_printk(KERN_WARNING "rsbac_mac_clear_f_truset(): RSBAC not initialized\n"); 01121 return (-RSBAC_ENOTINITIALIZED); 01122 } 01123 if (in_interrupt()) { 01124 rsbac_printk(KERN_WARNING "rsbac_mac_clear_f_truset(): called from interrupt!\n"); 01125 } 01126 /* protect device list */ 01127 rsbac_read_lock(&device_list_head.lock, &dflags); 01128 device_p = lookup_device(file.device); 01129 if (!device_p) { 01130 /* trigger rsbac_mount() */ 01131 rsbac_read_unlock(&device_list_head.lock, &dflags); 01132 rsbac_get_super_block(file.device); 01133 /* retry */ 01134 rsbac_read_lock(&device_list_head.lock, &dflags); 01135 device_p = lookup_device(file.device); 01136 if (!device_p) { 01137 rsbac_printk(KERN_WARNING "rsbac_mac_clear_f_truset(): invalid device %02u:%02u!\n", 01138 RSBAC_MAJOR(file.device), 01139 RSBAC_MINOR(file.device)); 01140 rsbac_read_unlock(&device_list_head.lock, &dflags); 01141 return (-RSBAC_EINVALIDDEV); 01142 } 01143 } 01144 err = rsbac_ta_list_lol_remove(ta_number, 01145 device_p->handle, 01146 &file.inode); 01147 rsbac_read_unlock(&device_list_head.lock, &dflags); 01148 return (err); 01149 }
int rsbac_mac_clear_p_truset | ( | rsbac_list_ta_number_t | ta_number, | |
rsbac_pid_t | pid | |||
) |
Definition at line 1099 of file mac_data_structures.c.
References process_handle, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_printk(), and rsbac_ta_list_lol_remove().
Referenced by rsbac_mac_remove_p_trusets().
01101 { 01102 if (!rsbac_is_initialized()) { 01103 rsbac_printk(KERN_WARNING "rsbac_mac_clear_p_truset(): RSBAC not initialized\n"); 01104 return (-RSBAC_ENOTINITIALIZED); 01105 } 01106 if (in_interrupt()) { 01107 rsbac_printk(KERN_WARNING "rsbac_mac_clear_p_truset(): called from interrupt!\n"); 01108 } 01109 return rsbac_ta_list_lol_remove(ta_number, process_handle, &pid); 01110 }
int rsbac_mac_copy_fp_truset | ( | rsbac_mac_file_t | file, | |
rsbac_pid_t | p_tru_set_id | |||
) |
Definition at line 1184 of file mac_data_structures.c.
References copy_fp_tru_set_item(), device_list_head, rsbac_mac_device_list_head_t::lock, lookup_device(), RSBAC_EINVALIDDEV, RSBAC_ENOTINITIALIZED, rsbac_get_super_block(), rsbac_is_initialized(), and rsbac_printk().
Referenced by rsbac_adf_set_attr_mac().
01186 { 01187 u_long dflags; 01188 struct rsbac_mac_device_list_item_t *device_p; 01189 int err = 0; 01190 01191 if (!rsbac_is_initialized()) { 01192 rsbac_printk(KERN_WARNING "rsbac_mac_copy_fp_truset(): RSBAC not initialized\n"); 01193 return (-RSBAC_ENOTINITIALIZED); 01194 } 01195 if (in_interrupt()) { 01196 rsbac_printk(KERN_WARNING "rsbac_mac_copy_fp_truset(): called from interrupt!\n"); 01197 } 01198 /* 01199 rsbac_pr_debug(ds_mac, "Copying file cap set data to process cap set\n"); 01200 */ 01201 /* protect device list */ 01202 rsbac_read_lock(&device_list_head.lock, &dflags); 01203 device_p = lookup_device(file.device); 01204 if (!device_p) { 01205 /* trigger rsbac_mount() */ 01206 rsbac_read_unlock(&device_list_head.lock, &dflags); 01207 rsbac_get_super_block(file.device); 01208 /* retry */ 01209 rsbac_read_lock(&device_list_head.lock, &dflags); 01210 device_p = lookup_device(file.device); 01211 if (!device_p) { 01212 rsbac_printk(KERN_WARNING "rsbac_mac_copy_fp_truset(): invalid device %02u:%02u!\n", 01213 RSBAC_MAJOR(file.device), 01214 RSBAC_MINOR(file.device)); 01215 rsbac_read_unlock(&device_list_head.lock, &dflags); 01216 return (-RSBAC_EINVALIDDEV); 01217 } 01218 } 01219 /* call the copy function */ 01220 err = copy_fp_tru_set_item(device_p, file, p_tru_set_id); 01221 rsbac_read_unlock(&device_list_head.lock, &dflags); 01222 return (err); 01223 }
int rsbac_mac_copy_pp_truset | ( | rsbac_pid_t | old_p_set_id, | |
rsbac_pid_t | new_p_set_id | |||
) |
Definition at line 1225 of file mac_data_structures.c.
References copy_pp_tru_set_item(), RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), and rsbac_printk().
Referenced by rsbac_adf_set_attr_mac().
01227 { 01228 if (!rsbac_is_initialized()) { 01229 rsbac_printk(KERN_WARNING "rsbac_mac_copy_pp_truset(): RSBAC not initialized\n"); 01230 return (-RSBAC_ENOTINITIALIZED); 01231 } 01232 if (in_interrupt()) { 01233 rsbac_printk(KERN_WARNING "rsbac_mac_copy_pp_truset(): called from interrupt!\n"); 01234 } 01235 /* 01236 rsbac_pr_debug(ds_mac, "Copying process cap set data to process cap set\n"); 01237 */ 01238 /* call the copy function */ 01239 return copy_pp_tru_set_item(old_p_set_id, new_p_set_id); 01240 }
int rsbac_mac_get_f_trulist | ( | rsbac_list_ta_number_t | ta_number, | |
rsbac_mac_file_t | file, | |||
rsbac_uid_t ** | trulist_p, | |||
rsbac_time_t ** | ttllist_p | |||
) |
Definition at line 1242 of file mac_data_structures.c.
Referenced by sys_rsbac_mac_get_f_trulist().
01246 { 01247 u_long dflags; 01248 struct rsbac_mac_device_list_item_t *device_p; 01249 long count; 01250 01251 if (!rsbac_is_initialized()) { 01252 rsbac_printk(KERN_WARNING "rsbac_mac_get_f_trulist(): RSBAC not initialized\n"); 01253 return (-RSBAC_ENOTINITIALIZED); 01254 } 01255 if (in_interrupt()) { 01256 rsbac_printk(KERN_WARNING "rsbac_mac_get_f_trulist(): called from interrupt!\n"); 01257 } 01258 /* 01259 rsbac_pr_debug(ds_mac, "Getting file/dir trusted user set list\n"); 01260 */ 01261 /* protect device list */ 01262 rsbac_read_lock(&device_list_head.lock, &dflags); 01263 device_p = lookup_device(file.device); 01264 if (!device_p) { 01265 /* trigger rsbac_mount() */ 01266 rsbac_read_unlock(&device_list_head.lock, &dflags); 01267 rsbac_get_super_block(file.device); 01268 /* retry */ 01269 rsbac_read_lock(&device_list_head.lock, &dflags); 01270 device_p = lookup_device(file.device); 01271 if (!device_p) { 01272 rsbac_printk(KERN_WARNING "rsbac_mac_get_f_trulist(): invalid device %02u:%02u!\n", 01273 RSBAC_MAJOR(file.device), 01274 RSBAC_MINOR(file.device)); 01275 rsbac_read_unlock(&device_list_head.lock, &dflags); 01276 return (-RSBAC_EINVALIDDEV); 01277 } 01278 } 01279 count = rsbac_ta_list_lol_get_all_subdesc_ttl(ta_number, 01280 device_p->handle, 01281 &file.inode, 01282 (void **) trulist_p, 01283 ttllist_p); 01284 rsbac_read_unlock(&device_list_head.lock, &dflags); 01285 return (count); 01286 }
int rsbac_mac_get_p_trulist | ( | rsbac_list_ta_number_t | ta_number, | |
rsbac_pid_t | pid, | |||
rsbac_uid_t ** | trulist_p, | |||
rsbac_time_t ** | ttllist_p | |||
) |
Definition at line 1288 of file mac_data_structures.c.
Referenced by sys_rsbac_mac_get_p_trulist().
01292 { 01293 if (!rsbac_is_initialized()) { 01294 rsbac_printk(KERN_WARNING "rsbac_mac_get_p_trulist(): RSBAC not initialized\n"); 01295 return (-RSBAC_ENOTINITIALIZED); 01296 } 01297 if (in_interrupt()) { 01298 rsbac_printk(KERN_WARNING "rsbac_mac_get_p_trulist(): called from interrupt!\n"); 01299 } 01300 /* 01301 rsbac_pr_debug(ds_mac, "Getting process trusted user set list\n"); 01302 */ 01303 return rsbac_ta_list_lol_get_all_subdesc_ttl(ta_number, 01304 process_handle, 01305 &pid, 01306 (void **) trulist_p, 01307 ttllist_p); 01308 }
rsbac_boolean_t rsbac_mac_p_truset_member | ( | rsbac_pid_t | pid, | |
rsbac_uid_t | member | |||
) |
Definition at line 1154 of file mac_data_structures.c.
References FALSE, process_handle, RSBAC_ALL_USERS, rsbac_is_initialized(), rsbac_list_lol_subexist(), rsbac_printk(), and TRUE.
Referenced by rsbac_adf_set_attr_mac().
01156 { 01157 if (!rsbac_is_initialized()) { 01158 rsbac_printk(KERN_WARNING "rsbac_mac_p_truset_member(): RSBAC not initialized\n"); 01159 return FALSE; 01160 } 01161 if (in_interrupt()) { 01162 rsbac_printk(KERN_WARNING "rsbac_mac_p_truset_member(): called from interrupt!\n"); 01163 } 01164 if (rsbac_list_lol_subexist(process_handle, &pid, &member)) 01165 return TRUE; 01166 member = RSBAC_ALL_USERS; 01167 return rsbac_list_lol_subexist(process_handle, &pid, &member); 01168 }
int rsbac_mac_remove_f_trusets | ( | rsbac_mac_file_t | file | ) |
Definition at line 1179 of file mac_data_structures.c.
References FALSE, and rsbac_mac_clear_f_truset().
Referenced by rsbac_ta_remove_target().
01180 { 01181 return rsbac_mac_clear_f_truset(FALSE, file); 01182 }
int rsbac_mac_remove_from_f_truset | ( | rsbac_list_ta_number_t | ta_number, | |
rsbac_mac_file_t | file, | |||
rsbac_uid_t | member | |||
) |
Definition at line 1054 of file mac_data_structures.c.
References device_list_head, rsbac_mac_device_list_item_t::handle, rsbac_mac_device_list_head_t::lock, lookup_device(), RSBAC_EINVALIDDEV, RSBAC_ENOTINITIALIZED, rsbac_get_super_block(), rsbac_is_initialized(), rsbac_printk(), and rsbac_ta_list_lol_subremove().
Referenced by rsbac_mac_remove_f_tru().
01057 { 01058 int err = 0; 01059 u_long dflags; 01060 struct rsbac_mac_device_list_item_t *device_p; 01061 01062 if (!rsbac_is_initialized()) { 01063 rsbac_printk(KERN_WARNING "rsbac_mac_remove_from_f_truset(): RSBAC not initialized\n"); 01064 return (-RSBAC_ENOTINITIALIZED); 01065 } 01066 if (in_interrupt()) { 01067 rsbac_printk(KERN_WARNING "rsbac_mac_remove_from_f_truset(): called from interrupt!\n"); 01068 } 01069 01070 /* protect device list */ 01071 rsbac_read_lock(&device_list_head.lock, &dflags); 01072 device_p = lookup_device(file.device); 01073 if (!device_p) { 01074 /* trigger rsbac_mount() */ 01075 rsbac_read_unlock(&device_list_head.lock, &dflags); 01076 rsbac_get_super_block(file.device); 01077 /* retry */ 01078 rsbac_read_lock(&device_list_head.lock, &dflags); 01079 device_p = lookup_device(file.device); 01080 if (!device_p) { 01081 rsbac_printk(KERN_WARNING "rsbac_mac_remove_from_f_truset(): invalid device %02u:%02u!\n", 01082 RSBAC_MAJOR(file.device), 01083 RSBAC_MINOR(file.device)); 01084 rsbac_read_unlock(&device_list_head.lock, &dflags); 01085 return (-RSBAC_EINVALIDDEV); 01086 } 01087 } 01088 err = rsbac_ta_list_lol_subremove(ta_number, 01089 device_p->handle, 01090 &file.inode, &member); 01091 rsbac_read_unlock(&device_list_head.lock, &dflags); 01092 return (err); 01093 }
int rsbac_mac_remove_from_p_truset | ( | rsbac_list_ta_number_t | ta_number, | |
rsbac_pid_t | pid, | |||
rsbac_uid_t | member | |||
) |
Definition at line 1040 of file mac_data_structures.c.
References process_handle, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_printk(), and rsbac_ta_list_lol_subremove().
Referenced by rsbac_mac_remove_p_tru().
01042 { 01043 if (!rsbac_is_initialized()) { 01044 rsbac_printk(KERN_WARNING "rsbac_mac_remove_from_p_truset(): RSBAC not initialized\n"); 01045 return (-RSBAC_ENOTINITIALIZED); 01046 } 01047 if (in_interrupt()) { 01048 rsbac_printk(KERN_WARNING "rsbac_mac_remove_from_p_truset(): called from interrupt!\n"); 01049 } 01050 return rsbac_ta_list_lol_subremove(ta_number, process_handle, &pid, 01051 &member); 01052 }
int rsbac_mac_remove_p_trusets | ( | rsbac_pid_t | pid | ) |
Definition at line 1174 of file mac_data_structures.c.
References FALSE, and rsbac_mac_clear_p_truset().
Referenced by rsbac_ta_remove_target().
01175 { 01176 return rsbac_mac_clear_p_truset(FALSE, pid); 01177 }
int rsbac_mount_mac | ( | kdev_t | kdev | ) |
Definition at line 816 of file mac_data_structures.c.
References add_device_item(), clear_device_item(), create_device_item(), device_list_head, get_error_name(), rsbac_mac_device_list_head_t::lock, lookup_device(), mac_register_fd_lists(), rsbac_mac_device_list_item_t::mount_count, RSBAC_ECOULDNOTADDDEVICE, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), RSBAC_MAXNAMELEN, rsbac_pr_debug, and rsbac_printk().
Referenced by rsbac_mount().
00817 { 00818 int err = 0; 00819 struct rsbac_mac_device_list_item_t *device_p; 00820 struct rsbac_mac_device_list_item_t *new_device_p; 00821 u_long dflags; 00822 00823 if (!rsbac_is_initialized()) { 00824 rsbac_printk(KERN_WARNING "rsbac_mount_mac(): RSBAC not initialized\n"); 00825 return (-RSBAC_ENOTINITIALIZED); 00826 } 00827 rsbac_pr_debug(aef_mac, "mounting device %02u:%02u\n", 00828 RSBAC_MAJOR(kdev), RSBAC_MINOR(kdev)); 00829 /* wait for write access to device_list_head */ 00830 rsbac_read_lock(&device_list_head.lock, &dflags); 00831 device_p = lookup_device(kdev); 00832 /* repeated mount? */ 00833 if (device_p) { 00834 rsbac_printk(KERN_WARNING "rsbac_mount_mac: repeated mount %u of device %02u:%02u\n", 00835 device_p->mount_count, RSBAC_MAJOR(kdev), 00836 RSBAC_MINOR(kdev)); 00837 device_p->mount_count++; 00838 rsbac_read_unlock(&device_list_head.lock, &dflags); 00839 return 0; 00840 } 00841 rsbac_read_unlock(&device_list_head.lock, &dflags); 00842 00843 new_device_p = create_device_item(kdev); 00844 if (!new_device_p) 00845 return -RSBAC_ECOULDNOTADDDEVICE; 00846 00847 /* register lists */ 00848 if ((err = mac_register_fd_lists(new_device_p, kdev))) { 00849 char tmp[RSBAC_MAXNAMELEN]; 00850 00851 rsbac_printk(KERN_WARNING "rsbac_mount_mac(): File/Dir ACL registration failed for dev %02u:%02u, err %s!\n", 00852 RSBAC_MAJOR(kdev), RSBAC_MINOR(kdev), 00853 get_error_name(tmp, err)); 00854 } 00855 00856 /* wait for read access to device_list_head */ 00857 rsbac_read_lock(&device_list_head.lock, &dflags); 00858 /* make sure to only add, if this device item has not been added in the meantime */ 00859 device_p = lookup_device(kdev); 00860 if (device_p) { 00861 rsbac_printk(KERN_WARNING "rsbac_mount_mac(): mount race for device %02u:%02u detected!\n", 00862 RSBAC_MAJOR(kdev), RSBAC_MINOR(kdev)); 00863 device_p->mount_count++; 00864 rsbac_read_unlock(&device_list_head.lock, &dflags); 00865 clear_device_item(new_device_p); 00866 } else { 00867 rsbac_read_unlock(&device_list_head.lock, &dflags); 00868 rsbac_write_lock_irq(&device_list_head.lock, &dflags); 00869 device_p = add_device_item(new_device_p); 00870 rsbac_write_unlock_irq(&device_list_head.lock, &dflags); 00871 if (!device_p) { 00872 rsbac_printk(KERN_WARNING "rsbac_mount_mac: adding device %02u:%02u failed!\n", 00873 RSBAC_MAJOR(kdev), RSBAC_MINOR(kdev)); 00874 clear_device_item(new_device_p); 00875 err = -RSBAC_ECOULDNOTADDDEVICE; 00876 } 00877 } 00878 return (err); 00879 }
int rsbac_stats_mac | ( | void | ) |
Definition at line 921 of file mac_data_structures.c.
References A_none, device_list_head, rsbac_attribute_value_t::dummy, rsbac_mac_device_list_item_t::handle, rsbac_mac_device_list_head_t::head, rsbac_mac_device_list_item_t::id, rsbac_mac_device_list_head_t::lock, rsbac_mac_device_list_item_t::next, process_handle, R_GET_STATUS_DATA, rsbac_adf_request(), RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_list_lol_all_subcount(), rsbac_list_lol_count(), rsbac_pr_debug, rsbac_printk(), rsbac_target_id_t::scd, ST_rsbac, and T_SCD.
00922 { 00923 u_long dflags; 00924 struct rsbac_mac_device_list_item_t *device_p; 00925 00926 union rsbac_target_id_t rsbac_target_id; 00927 union rsbac_attribute_value_t rsbac_attribute_value; 00928 00929 if (!rsbac_is_initialized()) { 00930 rsbac_printk(KERN_WARNING "rsbac_stats_mac(): RSBAC not initialized\n"); 00931 return (-RSBAC_ENOTINITIALIZED); 00932 } 00933 rsbac_pr_debug(aef_mac, "calling ADF\n"); 00934 rsbac_target_id.scd = ST_rsbac; 00935 rsbac_attribute_value.dummy = 0; 00936 if (!rsbac_adf_request(R_GET_STATUS_DATA, 00937 current->pid, 00938 T_SCD, 00939 rsbac_target_id, 00940 A_none, rsbac_attribute_value)) { 00941 return -EPERM; 00942 } 00943 00944 rsbac_printk(KERN_INFO "MAC Status\n----------\n"); 00945 00946 rsbac_printk(KERN_INFO "%lu process trusted user set items, sum of %lu members\n", 00947 rsbac_list_lol_count(process_handle), 00948 rsbac_list_lol_all_subcount(process_handle)); 00949 00950 /* protect device list */ 00951 rsbac_read_lock(&device_list_head.lock, &dflags); 00952 device_p = device_list_head.head; 00953 while (device_p) { 00954 rsbac_printk(KERN_INFO "device %02u:%02u has %u file trusted user set items, sum of %u members\n", 00955 RSBAC_MAJOR(device_p->id), 00956 RSBAC_MINOR(device_p->id), 00957 rsbac_list_lol_count(device_p->handle), 00958 rsbac_list_lol_all_subcount(device_p->handle)); 00959 device_p = device_p->next; 00960 } 00961 /* unprotect device list */ 00962 rsbac_read_unlock(&device_list_head.lock, &dflags); 00963 return 0; 00964 }
int rsbac_umount_mac | ( | kdev_t | kdev | ) |
Definition at line 883 of file mac_data_structures.c.
References device_list_head, rsbac_mac_device_list_head_t::lock, lookup_device(), rsbac_mac_device_list_item_t::mount_count, remove_device_item(), RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_pr_debug, and rsbac_printk().
Referenced by rsbac_umount().
00884 { 00885 u_long flags; 00886 struct rsbac_mac_device_list_item_t *device_p; 00887 00888 if (!rsbac_is_initialized()) { 00889 rsbac_printk(KERN_WARNING "rsbac_umount(): RSBAC not initialized\n"); 00890 return (-RSBAC_ENOTINITIALIZED); 00891 } 00892 rsbac_pr_debug(aef_mac, "umounting device %02u:%02u\n", 00893 RSBAC_MAJOR(kdev), RSBAC_MINOR(kdev)); 00894 /* sync of attribute lists was done in rsbac_umount */ 00895 /* wait for write access to device_list_head */ 00896 rsbac_write_lock(&device_list_head.lock, &flags); 00897 /* OK, nobody else is working on it... */ 00898 device_p = lookup_device(kdev); 00899 if (device_p) { 00900 if (device_p->mount_count == 1) 00901 remove_device_item(kdev); 00902 else { 00903 if (device_p->mount_count > 1) { 00904 device_p->mount_count--; 00905 } else { 00906 rsbac_printk(KERN_WARNING "rsbac_mount_mac: device %02u:%02u has mount_count < 1!\n", 00907 RSBAC_MAJOR(kdev), 00908 RSBAC_MINOR(kdev)); 00909 } 00910 } 00911 } 00912 00913 /* allow access */ 00914 rsbac_write_unlock(&device_list_head.lock, &flags); 00915 return 0; 00916 }
rsbac_boolean_t writable | ( | struct super_block * | sb_p | ) |
Definition at line 323 of file aci_data_structures.c.
References FALSE, KERNEL_VERSION, rsbac_debug_no_write, SOCKFS_MAGIC, SYSFS_MAGIC, and TRUE.
Referenced by lookup_aci_path_dentry(), and rsbac_write_open().
00324 { 00325 #ifdef CONFIG_RSBAC_NO_WRITE 00326 return (FALSE); 00327 #else 00328 if (!sb_p || !sb_p->s_dev) 00329 return (FALSE); 00330 if (rsbac_debug_no_write || (sb_p->s_flags & MS_RDONLY) 00331 || in_interrupt()) 00332 return (FALSE); 00333 if (!MAJOR(sb_p->s_dev) 00334 #ifndef CONFIG_RSBAC_MSDOS_WRITE 00335 || (sb_p->s_magic == MSDOS_SUPER_MAGIC) 00336 #endif 00337 || (sb_p->s_magic == SOCKFS_MAGIC) 00338 || (sb_p->s_magic == PIPEFS_MAGIC) 00339 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) 00340 || (sb_p->s_magic == SYSFS_MAGIC) 00341 #endif 00342 || (sb_p->s_magic == NFS_SUPER_MAGIC) 00343 || (sb_p->s_magic == CODA_SUPER_MAGIC) 00344 || (sb_p->s_magic == NCP_SUPER_MAGIC) 00345 || (sb_p->s_magic == SMB_SUPER_MAGIC) 00346 || (sb_p->s_magic == ISOFS_SUPER_MAGIC)) 00347 return (FALSE); 00348 else 00349 return (TRUE); 00350 #endif 00351 }
struct rsbac_mac_device_list_head_t device_list_head [static] |
Definition at line 33 of file mac_data_structures.c.
Referenced by add_device_item(), lookup_device(), remove_device_item(), rsbac_init_mac(), rsbac_mac_add_to_f_truset(), rsbac_mac_clear_f_truset(), rsbac_mac_copy_fp_truset(), rsbac_mac_get_f_trulist(), rsbac_mac_remove_from_f_truset(), rsbac_mount_mac(), rsbac_stats_mac(), and rsbac_umount_mac().
u_int nr_fd_hashes = RSBAC_MAC_NR_TRU_FD_LISTS [static] |
Definition at line 51 of file mac_data_structures.c.
rsbac_list_handle_t process_handle = NULL [static] |
Definition at line 35 of file mac_data_structures.c.