tomoyo_supervisor

Name:moyo_supervisor - Ask for the supervisor's decision

Proto:int tomoyo_supervisor(struct tomoyo_request_info *r, const char *fmt, ...)

Type:int

Parameter:

Type	Parameter	Name
struct tomoyo_request_info *	r
const char *	fmt

2065

struct tomoyo_query entry = {}

2066

bool quota_exceeded = false

2068

va_start(args, fmt)

2069

len = vsnprintf - Format a string and place it in a buffer*@buf: The buffer to place the result into*@size: The size of the buffer, including the trailing null space*@fmt: The format string to use*@args: Arguments for the format string* This function generally + 1

2070

2072

va_start(args, fmt)

2073

moyo_write_log2 - Write an audit log.*@r: Pointer to "struct tomoyo_request_info".*@len: Buffer size needed for @fmt and @args.*@fmt: The printf()'s format string.*@args: va_list structure for @fmt.* Returns nothing.

2074

2076

If granted Then Return 0

2078

If One of tomoyo_mode_index . Then moyo_update_stat - Update statistic counters.*@index: Index for policy type.* Returns nothing.

2081

Case One of tomoyo_mode_index . == TOMOYO_CONFIG_ENFORCING

2082

2083

If atomic_read( & Number of "struct file" referring /sys/kernel/security/tomoyo/query* interface.) Then Break

2085

Go to out

2086

Case One of tomoyo_mode_index . == TOMOYO_CONFIG_LEARNING

2087

error = 0

2089

If moyo_domain_quota_is_ok - Check for domain's quota.*@r: Pointer to "struct tomoyo_request_info".* Returns true if the domain is not exceeded quota, false otherwise.* Caller holds tomoyo_read_lock(). Then Break

2092

Default

2093

Return 0

2096

va_start(args, fmt)

2097

query = moyo_init_log - Allocate buffer for audit logs

2098

2099

If Not query Then Go to out

2101

query_len = strlen - Find the length of a string*@s: The string to be sized + 1

2102

If Not error Then

2103

moyo_add_entry - Add an ACL to current thread's domain. Used by learning mode.*@domain: Pointer to "struct tomoyo_domain_info".*@header: Lines containing ACL.* Returns nothing.

2104

Go to out

2106

len = moyo_round2 - Round up to power of 2 for calculating memory usage.*@size: Size to be rounded up.* Returns @size.* Since SLOB does not round up, this function simply returns @size.

2107

domain = domain

2108

spin_lock( & Lock for manipulating tomoyo_query_list. )

2109

If tomoyo_memory_quota[TOMOYO_MEMORY_QUERY] && tomoyo_memory_used[TOMOYO_MEMORY_QUERY] + len >= tomoyo_memory_quota[TOMOYO_MEMORY_QUERY] Then

2112

quota_exceeded = true

2113

Else

2114

serial = tomoyo_serial++

2115

2116

tomoyo_memory_used[TOMOYO_MEMORY_QUERY] += len

2117

list_add_tail - add a new entry*@new: new entry to be added*@head: list head to add it before* Insert a new entry before the specified head.* This is useful for implementing queues.

2119

spin_unlock( & Lock for manipulating tomoyo_query_list. )

2120

If quota_exceeded Then Go to out

2123

When timer < 10 cycle

2124

wake_up_all( & Wait queue for kernel -> userspace notification. )

2125

If (wait_event_interruptible_timeout - sleep until a condition gets true or a timeout elapses*@wq_head: the waitqueue to wait on*@condition: a C expression for the event to wait for*@timeout: timeout, in jiffies* The process is put to sleep (Wait queue for userspace -> kernel notification. , answer || !atomic_read( & Number of "struct file" referring /sys/kernel/security/tomoyo/query* interface.), HZ)) Then Break

2129

timer++

2131

spin_lock( & Lock for manipulating tomoyo_query_list. )

2132

deletes entry from list

2133

tomoyo_memory_used[TOMOYO_MEMORY_QUERY] -= len

2134

spin_unlock( & Lock for manipulating tomoyo_query_list. )

2136

Case answer == 3

2137

error = Retry this request. Returned by tomoyo_supervisor() if policy violation has* occurred in enforcing mode and the userspace daemon decided to retry.* We must choose a positive value in order to distinguish "granted" (which is

2138

retry++

2139

Break

2140

Case answer == 1

2142

error = 0

2143

Break

2144

Default

2146

Break

2148

out :

2149

2150

Return error

**Caller**
Name	Describe
tomoyo_audit_env_log	moyo_audit_env_log - Audit environment variable name log.@r: Pointer to "struct tomoyo_request_info". Returns 0 on success, negative value otherwise.
tomoyo_audit_path_log	moyo_audit_path_log - Audit path request log.@r: Pointer to "struct tomoyo_request_info". Returns 0 on success, negative value otherwise.
tomoyo_audit_path2_log	moyo_audit_path2_log - Audit path/path request log.@r: Pointer to "struct tomoyo_request_info". Returns 0 on success, negative value otherwise.
tomoyo_audit_mkdev_log	moyo_audit_mkdev_log - Audit path/number/number/number request log.@r: Pointer to "struct tomoyo_request_info". Returns 0 on success, negative value otherwise.
tomoyo_audit_path_number_log	moyo_audit_path_number_log - Audit path/number request log.@r: Pointer to "struct tomoyo_request_info". Returns 0 on success, negative value otherwise.
tomoyo_audit_mount_log	moyo_audit_mount_log - Audit mount log.@r: Pointer to "struct tomoyo_request_info". Returns 0 on success, negative value otherwise.
tomoyo_audit_net_log	moyo_audit_net_log - Audit network log.@r: Pointer to "struct tomoyo_request_info".@family: Name of socket family ("inet" or "unix").@protocol: Name of protocol in @family.@operation: Name of socket operation.*@address: Name of address.

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion