|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen-unstable] xsm/flask: Code indentation.
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1285176496 -3600
# Node ID e20ee3a576450c63ec4c7db49542b94610daec8b
# Parent 20f1390104457a6e6f0a2b879329bfb4b3a3a160
xsm/flask: Code indentation.
Signed-off-by: Keir Fraser <keir.fraser@xxxxxxxxxx>
---
xen/xsm/flask/avc.c | 86 +++++------
xen/xsm/flask/flask_op.c | 82 +++++------
xen/xsm/flask/hooks.c | 339 +++++++++++++++++++++++------------------------
3 files changed, 254 insertions(+), 253 deletions(-)
diff -r 20f139010445 -r e20ee3a57645 xen/xsm/flask/avc.c
--- a/xen/xsm/flask/avc.c Wed Sep 22 18:26:01 2010 +0100
+++ b/xen/xsm/flask/avc.c Wed Sep 22 18:28:16 2010 +0100
@@ -54,18 +54,18 @@ static const char *class_to_string[] = {
static const struct av_inherit av_inherit[] = {
#define S_(c, i, b) { .tclass = c, .common_pts = common_##i##_perm_to_string, \
- .common_base = b },
+ .common_base = b },
#include "av_inherit.h"
#undef S_
};
const struct selinux_class_perm selinux_class_perm = {
- .av_perm_to_string = av_perm_to_string,
- .av_pts_len = ARRAY_SIZE(av_perm_to_string),
- .class_to_string = class_to_string,
- .cts_len = ARRAY_SIZE(class_to_string),
- .av_inherit = av_inherit,
- .av_inherit_len = ARRAY_SIZE(av_inherit)
+ .av_perm_to_string = av_perm_to_string,
+ .av_pts_len = ARRAY_SIZE(av_perm_to_string),
+ .class_to_string = class_to_string,
+ .cts_len = ARRAY_SIZE(class_to_string),
+ .av_inherit = av_inherit,
+ .av_inherit_len = ARRAY_SIZE(av_inherit)
};
#define AVC_CACHE_SLOTS 512
@@ -179,7 +179,7 @@ static void avc_dump_av(u16 tclass, u32
for ( i2 = 0; i2 < ARRAY_SIZE(av_perm_to_string); i2++ )
{
if ( (av_perm_to_string[i2].tclass == tclass) &&
- (av_perm_to_string[i2].value == perm) )
+ (av_perm_to_string[i2].value == perm) )
break;
}
if ( i2 < ARRAY_SIZE(av_perm_to_string) )
@@ -266,7 +266,7 @@ int avc_get_hash_stats(char *buf, uint32
head = &avc_cache.slots[i];
if ( !hlist_empty(head) )
{
- struct hlist_node *next;
+ struct hlist_node *next;
slots_used++;
chain_len = 0;
@@ -280,9 +280,9 @@ int avc_get_hash_stats(char *buf, uint32
rcu_read_unlock(&avc_rcu_lock);
return snprintf(buf, size, "entries: %d\nbuckets used: %d/%d\n"
- "longest chain: %d\n",
- atomic_read(&avc_cache.active_nodes),
- slots_used, AVC_CACHE_SLOTS, max_chain_len);
+ "longest chain: %d\n",
+ atomic_read(&avc_cache.active_nodes),
+ slots_used, AVC_CACHE_SLOTS, max_chain_len);
}
static void avc_node_free(struct rcu_head *rhead)
@@ -333,20 +333,20 @@ static inline int avc_reclaim_node(void)
rcu_read_lock(&avc_rcu_lock);
hlist_for_each_entry(node, next, head, list)
{
- avc_node_delete(node);
- avc_cache_stats_incr(reclaims);
- ecx++;
- if ( ecx >= AVC_CACHE_RECLAIM )
- {
- rcu_read_unlock(&avc_rcu_lock);
- spin_unlock_irqrestore(lock, flags);
- goto out;
- }
+ avc_node_delete(node);
+ avc_cache_stats_incr(reclaims);
+ ecx++;
+ if ( ecx >= AVC_CACHE_RECLAIM )
+ {
+ rcu_read_unlock(&avc_rcu_lock);
+ spin_unlock_irqrestore(lock, flags);
+ goto out;
+ }
}
rcu_read_unlock(&avc_rcu_lock);
spin_unlock_irqrestore(lock, flags);
}
-out:
+ out:
return ecx;
}
@@ -367,7 +367,7 @@ static struct avc_node *avc_alloc_node(v
if ( atomic_read(&avc_cache.active_nodes) > avc_cache_threshold )
avc_reclaim_node();
-out:
+ out:
return node;
}
@@ -392,8 +392,8 @@ static inline struct avc_node *avc_searc
hlist_for_each_entry_rcu(node, next, head, list)
{
if ( ssid == node->ae.ssid &&
- tclass == node->ae.tclass &&
- tsid == node->ae.tsid )
+ tclass == node->ae.tclass &&
+ tsid == node->ae.tsid )
{
ret = node;
break;
@@ -510,10 +510,10 @@ static struct avc_node *avc_insert(u32 s
}
}
hlist_add_head_rcu(&node->list, head);
-found:
+ found:
spin_unlock_irqrestore(lock, flag);
}
-out:
+ out:
return node;
}
@@ -591,8 +591,8 @@ void avc_audit(u32 ssid, u32 tsid, u16 t
* -%ENOMEM if insufficient memory exists to add the callback.
*/
int avc_add_callback(int (*callback)(u32 event, u32 ssid, u32 tsid, u16 tclass,
- u32 perms, u32 *out_retained), u32 events, u32 ssid, u32 tsid,
- u16 tclass, u32 perms)
+ u32 perms, u32 *out_retained), u32
events, u32 ssid, u32 tsid,
+ u16 tclass, u32 perms)
{
struct avc_callback_node *c;
int rc = 0;
@@ -611,7 +611,7 @@ int avc_add_callback(int (*callback)(u32
c->perms = perms;
c->next = avc_callbacks;
avc_callbacks = c;
-out:
+ out:
return rc;
}
@@ -632,7 +632,7 @@ static inline int avc_sidcmp(u32 x, u32
* will release later by RCU.
*/
static int avc_update_node(u32 event, u32 perms, u32 ssid, u32 tsid, u16
tclass,
- u32 seqno)
+ u32 seqno)
{
int hvalue, rc = 0;
unsigned long flag;
@@ -658,9 +658,9 @@ static int avc_update_node(u32 event, u3
hlist_for_each_entry(pos, next, head, list)
{
if ( ssid == pos->ae.ssid &&
- tsid == pos->ae.tsid &&
- tclass == pos->ae.tclass &&
- seqno == pos->ae.avd.seqno )
+ tsid == pos->ae.tsid &&
+ tclass == pos->ae.tclass &&
+ seqno == pos->ae.avd.seqno )
{
orig = pos;
break;
@@ -684,28 +684,28 @@ static int avc_update_node(u32 event, u3
{
case AVC_CALLBACK_GRANT:
node->ae.avd.allowed |= perms;
- break;
+ break;
case AVC_CALLBACK_TRY_REVOKE:
case AVC_CALLBACK_REVOKE:
node->ae.avd.allowed &= ~perms;
- break;
+ break;
case AVC_CALLBACK_AUDITALLOW_ENABLE:
node->ae.avd.auditallow |= perms;
- break;
+ break;
case AVC_CALLBACK_AUDITALLOW_DISABLE:
node->ae.avd.auditallow &= ~perms;
- break;
+ break;
case AVC_CALLBACK_AUDITDENY_ENABLE:
node->ae.avd.auditdeny |= perms;
- break;
+ break;
case AVC_CALLBACK_AUDITDENY_DISABLE:
node->ae.avd.auditdeny &= ~perms;
- break;
+ break;
}
avc_node_replace(node, orig);
-out_unlock:
+ out_unlock:
spin_unlock_irqrestore(lock, flag);
-out:
+ out:
return rc;
}
@@ -817,7 +817,7 @@ int avc_has_perm_noaudit(u32 ssid, u32 t
}
rcu_read_unlock(&avc_rcu_lock);
-out:
+ out:
return rc;
}
diff -r 20f139010445 -r e20ee3a57645 xen/xsm/flask/flask_op.c
--- a/xen/xsm/flask/flask_op.c Wed Sep 22 18:26:01 2010 +0100
+++ b/xen/xsm/flask/flask_op.c Wed Sep 22 18:28:16 2010 +0100
@@ -87,7 +87,7 @@ static int domain_has_security(struct do
return -EACCES;
return avc_has_perm(dsec->sid, SECINITSID_SECURITY, SECCLASS_SECURITY,
- perms, NULL);
+ perms, NULL);
}
static int flask_security_user(char *buf, uint32_t size)
@@ -166,13 +166,13 @@ static int flask_security_user(char *buf
memset(buf, 0, size);
memcpy(buf, page, length);
-out3:
+ out3:
xfree(sids);
-out2:
+ out2:
if ( page )
xfree(page);
xfree(user);
-out:
+ out:
xfree(con);
return length;
}
@@ -232,11 +232,11 @@ static int flask_security_relabel(char *
memcpy(buf, newcon, len);
length = len;
-out3:
+ out3:
xfree(newcon);
-out2:
+ out2:
xfree(tcon);
-out:
+ out:
xfree(scon);
return length;
}
@@ -297,11 +297,11 @@ static int flask_security_create(char *b
memcpy(buf, newcon, len);
length = len;
-out3:
+ out3:
xfree(newcon);
-out2:
+ out2:
xfree(tcon);
-out:
+ out:
xfree(scon);
return length;
}
@@ -348,13 +348,13 @@ static int flask_security_access(char *b
memset(buf, 0, size);
length = snprintf(buf, size, "%x %x %x %x %u",
- avd.allowed, 0xffffffff,
- avd.auditallow, avd.auditdeny,
- avd.seqno);
+ avd.allowed, 0xffffffff,
+ avd.auditallow, avd.auditdeny,
+ avd.seqno);
-out2:
+ out2:
xfree(tcon);
-out:
+ out:
xfree(scon);
return length;
}
@@ -406,7 +406,7 @@ static int flask_security_member(char *b
if ( len > size )
{
printk("%s: context size (%u) exceeds payload "
- "max\n", __FUNCTION__, len);
+ "max\n", __FUNCTION__, len);
length = -ERANGE;
goto out3;
}
@@ -415,11 +415,11 @@ static int flask_security_member(char *b
memcpy(buf, newcon, len);
length = len;
-out3:
+ out3:
xfree(newcon);
-out2:
+ out2:
xfree(tcon);
-out:
+ out:
xfree(scon);
return length;
}
@@ -443,7 +443,7 @@ static int flask_security_setenforce(cha
}
length = count;
-out:
+ out:
return length;
}
@@ -463,7 +463,7 @@ static int flask_security_context(char *
memset(buf, 0, count);
length = snprintf(buf, count, "%u", sid);
-out:
+ out:
return length;
}
@@ -491,7 +491,7 @@ static int flask_security_sid(char *buf,
xfree(context);
-out:
+ out:
return length;
}
@@ -539,7 +539,7 @@ static int flask_security_disable(char *
length = count;
-out:
+ out:
return length;
}
@@ -563,7 +563,7 @@ static int flask_security_setavc_thresho
}
ret = count;
-out:
+ out:
return ret;
}
@@ -590,7 +590,7 @@ static int flask_security_set_bool(char
bool_pending_values[i] = new_value;
length = count;
-out:
+ out:
spin_unlock(&sel_sem);
return length;
}
@@ -615,7 +615,7 @@ static int flask_security_commit_bools(c
length = count;
-out:
+ out:
spin_unlock(&sel_sem);
return length;
}
@@ -640,9 +640,9 @@ static int flask_security_get_bool(char
memset(buf, 0, count);
length = snprintf(buf, count, "%d %d", cur_enforcing,
- bool_pending_values[i]);
-
-out:
+ bool_pending_values[i]);
+
+ out:
spin_unlock(&sel_sem);
return length;
}
@@ -663,7 +663,7 @@ static int flask_security_make_bools(voi
bool_num = num;
bool_pending_values = values;
-out:
+ out:
if ( names )
{
for ( i = 0; i < num; i++ )
@@ -689,7 +689,7 @@ static int flask_security_avc_cachestats
memset(page, 0, PAGE_SIZE);
len = snprintf(page, PAGE_SIZE, "lookups hits misses allocations reclaims "
- "frees\n");
+ "frees\n");
if ( len > count ) {
length = -EINVAL;
goto out;
@@ -705,8 +705,8 @@ static int flask_security_avc_cachestats
st = &per_cpu(avc_cache_stats, cpu);
len = snprintf(page, PAGE_SIZE, "%u %u %u %u %u %u\n", st->lookups,
- st->hits, st->misses, st->allocations,
- st->reclaims,
st->frees);
+ st->hits, st->misses, st->allocations,
+ st->reclaims, st->frees);
if ( len > count ) {
length = -EINVAL;
goto out;
@@ -717,7 +717,7 @@ static int flask_security_avc_cachestats
count -= len;
}
-out:
+ out:
xfree(page);
return length;
}
@@ -745,7 +745,7 @@ static int flask_security_load(char *buf
else
length = count;
-out:
+ out:
spin_unlock(&sel_sem);
return length;
}
@@ -780,7 +780,7 @@ static int flask_ocontext_del(char *buf,
}
len = security_ocontext_del(ocontext, low, high);
- out:
+ out:
xfree(ocontext);
return len;
}
@@ -831,7 +831,7 @@ static int flask_ocontext_add(char *buf,
goto out;
}
len = security_ocontext_add(ocontext, low, high, sid);
-out:
+ out:
xfree(ocontext);
xfree(scontext);
return len;
@@ -854,7 +854,7 @@ long do_flask_op(XEN_GUEST_HANDLE(xsm_op
return -EINVAL;
if ( (op->buf == NULL && op->size != 0) ||
- (op->buf != NULL && op->size == 0) )
+ (op->buf != NULL && op->size == 0) )
return -EINVAL;
arg = xmalloc_bytes(op->size + 1);
@@ -864,7 +864,7 @@ long do_flask_op(XEN_GUEST_HANDLE(xsm_op
memset(arg, 0, op->size + 1);
if ( (FLASK_COPY_IN&(1UL<<op->cmd)) && op->buf != NULL &&
- copy_from_guest(arg, guest_handle_from_ptr(op->buf, char),
op->size) )
+ copy_from_guest(arg, guest_handle_from_ptr(op->buf, char), op->size) )
{
rc = -EFAULT;
goto out;
@@ -1020,7 +1020,7 @@ long do_flask_op(XEN_GUEST_HANDLE(xsm_op
}
if ( (FLASK_COPY_OUT&(1UL<<op->cmd)) && op->buf != NULL &&
- copy_to_guest(guest_handle_from_ptr(op->buf, char), arg,
op->size) )
+ copy_to_guest(guest_handle_from_ptr(op->buf, char), arg, op->size) )
{
rc = -EFAULT;
goto out;
@@ -1030,7 +1030,7 @@ long do_flask_op(XEN_GUEST_HANDLE(xsm_op
if ( copy_to_guest(u_flask_op, op, 1) )
rc = -EFAULT;
-out:
+ out:
xfree(arg);
return rc;
}
diff -r 20f139010445 -r e20ee3a57645 xen/xsm/flask/hooks.c
--- a/xen/xsm/flask/hooks.c Wed Sep 22 18:26:01 2010 +0100
+++ b/xen/xsm/flask/hooks.c Wed Sep 22 18:28:16 2010 +0100
@@ -1,4 +1,4 @@
- /*
+/*
* This file contains the Flask hook function implementations for Xen.
*
* Author: George Coker, <gscoker@xxxxxxxxxxxxxx>
@@ -32,7 +32,7 @@ struct xsm_operations *original_ops = NU
struct xsm_operations *original_ops = NULL;
static int domain_has_perm(struct domain *dom1, struct domain *dom2,
- u16 class, u32 perms)
+ u16 class, u32 perms)
{
struct domain_security_struct *dsec1, *dsec2;
@@ -102,7 +102,7 @@ static void flask_domain_free_security(s
}
static int flask_evtchn_unbound(struct domain *d1, struct evtchn *chn,
- domid_t
id2)
+ domid_t id2)
{
u32 newsid;
int rc;
@@ -126,7 +126,7 @@ static int flask_evtchn_unbound(struct d
dsec2 = d2->ssid;
rc = security_transition_sid(dsec1->sid, dsec2->sid, SECCLASS_EVENT,
- &newsid);
+ &newsid);
if ( rc )
goto out;
@@ -140,13 +140,13 @@ static int flask_evtchn_unbound(struct d
else
esec->sid = newsid;
-out:
+ out:
put_domain(d2);
return rc;
}
static int flask_evtchn_interdomain(struct domain *d1, struct evtchn *chn1,
- struct domain *d2, struct evtchn *chn2)
+ struct domain *d2, struct evtchn *chn2)
{
u32 newsid1;
u32 newsid2;
@@ -161,11 +161,11 @@ static int flask_evtchn_interdomain(stru
esec2 = chn2->ssid;
rc = security_transition_sid(dsec1->sid, dsec2->sid,
- SECCLASS_EVENT, &newsid1);
+ SECCLASS_EVENT, &newsid1);
if ( rc )
{
printk("%s: security_transition_sid failed, rc=%d (domain=%d)\n",
- __FUNCTION__, -rc, d2->domain_id);
+ __FUNCTION__, -rc, d2->domain_id);
return rc;
}
@@ -174,11 +174,11 @@ static int flask_evtchn_interdomain(stru
return rc;
rc = security_transition_sid(dsec2->sid, dsec1->sid,
- SECCLASS_EVENT, &newsid2);
+ SECCLASS_EVENT, &newsid2);
if ( rc )
{
printk("%s: security_transition_sid failed, rc=%d (domain=%d)\n",
- __FUNCTION__, -rc, d1->domain_id);
+ __FUNCTION__, -rc, d1->domain_id);
return rc;
}
@@ -216,11 +216,11 @@ static int flask_evtchn_send(struct doma
{
case ECS_INTERDOMAIN:
rc = domain_has_evtchn(d, chn, EVENT__SEND);
- break;
+ break;
case ECS_IPI:
case ECS_UNBOUND:
rc = 0;
- break;
+ break;
default:
rc = -EPERM;
}
@@ -274,7 +274,7 @@ static void flask_free_security_evtchn(s
}
static int flask_grant_mapref(struct domain *d1, struct domain *d2,
- uint32_t flags)
+ uint32_t flags)
{
u32 perms = GRANT__MAP_READ;
@@ -327,20 +327,20 @@ static int get_page_sid(struct page_info
switch ( d->domain_id )
{
- case DOMID_IO:
- /*A tracked IO page?*/
- *sid = SECINITSID_DOMIO;
- break;
-
- case DOMID_XEN:
- /*A page from Xen's private heap?*/
- *sid = SECINITSID_DOMXEN;
- break;
-
- default:
- /*Pages are implicitly labeled by domain ownership!*/
- dsec = d->ssid;
- *sid = dsec ? dsec->sid : SECINITSID_UNLABELED;
+ case DOMID_IO:
+ /*A tracked IO page?*/
+ *sid = SECINITSID_DOMIO;
+ break;
+
+ case DOMID_XEN:
+ /*A page from Xen's private heap?*/
+ *sid = SECINITSID_DOMXEN;
+ break;
+
+ default:
+ /*Pages are implicitly labeled by domain ownership!*/
+ dsec = d->ssid;
+ *sid = dsec ? dsec->sid : SECINITSID_UNLABELED;
break;
}
@@ -397,14 +397,14 @@ static int flask_console_io(struct domai
switch ( cmd )
{
- case CONSOLEIO_read:
- perm = XEN__READCONSOLE;
- break;
- case CONSOLEIO_write:
- perm = XEN__WRITECONSOLE;
- break;
- default:
- return -EPERM;
+ case CONSOLEIO_read:
+ perm = XEN__READCONSOLE;
+ break;
+ case CONSOLEIO_write:
+ perm = XEN__WRITECONSOLE;
+ break;
+ default:
+ return -EPERM;
}
return domain_has_xen(d, perm);
@@ -416,27 +416,27 @@ static int flask_profile(struct domain *
switch ( op )
{
- case XENOPROF_init:
- case XENOPROF_enable_virq:
- case XENOPROF_disable_virq:
- case XENOPROF_get_buffer:
- perm = XEN__NONPRIVPROFILE;
- break;
- case XENOPROF_reset_active_list:
- case XENOPROF_reset_passive_list:
- case XENOPROF_set_active:
- case XENOPROF_set_passive:
- case XENOPROF_reserve_counters:
- case XENOPROF_counter:
- case XENOPROF_setup_events:
- case XENOPROF_start:
- case XENOPROF_stop:
- case XENOPROF_release_counters:
- case XENOPROF_shutdown:
- perm = XEN__PRIVPROFILE;
- break;
- default:
- return -EPERM;
+ case XENOPROF_init:
+ case XENOPROF_enable_virq:
+ case XENOPROF_disable_virq:
+ case XENOPROF_get_buffer:
+ perm = XEN__NONPRIVPROFILE;
+ break;
+ case XENOPROF_reset_active_list:
+ case XENOPROF_reset_passive_list:
+ case XENOPROF_set_active:
+ case XENOPROF_set_passive:
+ case XENOPROF_reserve_counters:
+ case XENOPROF_counter:
+ case XENOPROF_setup_events:
+ case XENOPROF_start:
+ case XENOPROF_stop:
+ case XENOPROF_release_counters:
+ case XENOPROF_shutdown:
+ perm = XEN__PRIVPROFILE;
+ break;
+ default:
+ return -EPERM;
}
return domain_has_xen(d, perm);
@@ -453,7 +453,7 @@ static int flask_schedop_shutdown(struct
}
static void flask_security_domaininfo(struct domain *d,
- struct xen_domctl_getdomaininfo *info)
+ struct xen_domctl_getdomaininfo *info)
{
struct domain_security_struct *dsec;
@@ -464,7 +464,7 @@ static int flask_setvcpucontext(struct d
static int flask_setvcpucontext(struct domain *d)
{
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN,
-
DOMAIN__SETVCPUCONTEXT);
+ DOMAIN__SETVCPUCONTEXT);
}
static int flask_pausedomain(struct domain *d)
@@ -491,21 +491,21 @@ static int flask_domain_create(struct do
dsec1 = current->domain->ssid;
if ( dsec1->create_sid == SECSID_NULL )
- dsec1->create_sid = ssidref;
-
- rc = avc_has_perm(dsec1->sid, dsec1->create_sid, SECCLASS_DOMAIN,
-
DOMAIN__CREATE, NULL);
- if ( rc )
- {
- dsec1->create_sid = SECSID_NULL;
- return rc;
+ dsec1->create_sid = ssidref;
+
+ rc = avc_has_perm(dsec1->sid, dsec1->create_sid, SECCLASS_DOMAIN,
+ DOMAIN__CREATE, NULL);
+ if ( rc )
+ {
+ dsec1->create_sid = SECSID_NULL;
+ return rc;
}
dsec2 = d->ssid;
dsec2->sid = dsec1->create_sid;
- dsec1->create_sid = SECSID_NULL;
- dsec2->create_sid = SECSID_NULL;
+ dsec1->create_sid = SECSID_NULL;
+ dsec2->create_sid = SECSID_NULL;
return rc;
}
@@ -513,13 +513,13 @@ static int flask_max_vcpus(struct domain
static int flask_max_vcpus(struct domain *d)
{
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN,
- DOMAIN__MAX_VCPUS);
+ DOMAIN__MAX_VCPUS);
}
static int flask_destroydomain(struct domain *d)
{
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN,
- DOMAIN__DESTROY);
+ DOMAIN__DESTROY);
}
static int flask_vcpuaffinity(int cmd, struct domain *d)
@@ -528,14 +528,14 @@ static int flask_vcpuaffinity(int cmd, s
switch ( cmd )
{
- case XEN_DOMCTL_setvcpuaffinity:
- perm = DOMAIN__SETVCPUAFFINITY;
- break;
- case XEN_DOMCTL_getvcpuaffinity:
- perm = DOMAIN__GETVCPUAFFINITY;
- break;
- default:
- return -EPERM;
+ case XEN_DOMCTL_setvcpuaffinity:
+ perm = DOMAIN__SETVCPUAFFINITY;
+ break;
+ case XEN_DOMCTL_getvcpuaffinity:
+ perm = DOMAIN__GETVCPUAFFINITY;
+ break;
+ default:
+ return -EPERM;
}
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm );
@@ -550,25 +550,25 @@ static int flask_scheduler(struct domain
return rc;
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN,
- DOMAIN__SCHEDULER);
+ DOMAIN__SCHEDULER);
}
static int flask_getdomaininfo(struct domain *d)
{
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN,
- DOMAIN__GETDOMAININFO);
+ DOMAIN__GETDOMAININFO);
}
static int flask_getvcpucontext(struct domain *d)
{
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN,
-
DOMAIN__GETVCPUCONTEXT);
+ DOMAIN__GETVCPUCONTEXT);
}
static int flask_getvcpuinfo(struct domain *d)
{
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN,
- DOMAIN__GETVCPUINFO);
+ DOMAIN__GETVCPUINFO);
}
static int flask_domain_settime(struct domain *d)
@@ -604,19 +604,19 @@ static int flask_setdomainmaxmem(struct
static int flask_setdomainmaxmem(struct domain *d)
{
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN,
- DOMAIN__SETDOMAINMAXMEM);
+ DOMAIN__SETDOMAINMAXMEM);
}
static int flask_setdomainhandle(struct domain *d)
{
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN,
- DOMAIN__SETDOMAINHANDLE);
+ DOMAIN__SETDOMAINHANDLE);
}
static int flask_setdebugging(struct domain *d)
{
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN,
- DOMAIN__SETDEBUGGING);
+ DOMAIN__SETDEBUGGING);
}
static int flask_debug_keys(void)
@@ -652,7 +652,7 @@ static int irq_has_perm(struct domain *d
struct avc_audit_data ad;
rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE,
- resource_to_perm(access));
+ resource_to_perm(access));
if ( rc )
return rc;
@@ -678,7 +678,7 @@ static int irq_has_perm(struct domain *d
if ( access )
return avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE,
- RESOURCE__USE, &ad);
+ RESOURCE__USE, &ad);
else
return rc;
}
@@ -693,7 +693,7 @@ static int iomem_has_perm(struct domain
struct avc_audit_data ad;
rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE,
- resource_to_perm(access));
+ resource_to_perm(access));
if ( rc )
return rc;
@@ -718,7 +718,7 @@ static int iomem_has_perm(struct domain
return rc;
return avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE,
- RESOURCE__USE, &ad);
+ RESOURCE__USE, &ad);
}
static int flask_perfcontrol(void)
@@ -733,23 +733,23 @@ static int flask_shadow_control(struct d
switch ( op )
{
- case XEN_DOMCTL_SHADOW_OP_OFF:
- perm = SHADOW__DISABLE;
- break;
- case XEN_DOMCTL_SHADOW_OP_ENABLE:
- case XEN_DOMCTL_SHADOW_OP_ENABLE_TEST:
- case XEN_DOMCTL_SHADOW_OP_ENABLE_TRANSLATE:
- case XEN_DOMCTL_SHADOW_OP_GET_ALLOCATION:
- case XEN_DOMCTL_SHADOW_OP_SET_ALLOCATION:
- perm = SHADOW__ENABLE;
- break;
- case XEN_DOMCTL_SHADOW_OP_ENABLE_LOGDIRTY:
- case XEN_DOMCTL_SHADOW_OP_PEEK:
- case XEN_DOMCTL_SHADOW_OP_CLEAN:
- perm = SHADOW__LOGDIRTY;
- break;
- default:
- return -EPERM;
+ case XEN_DOMCTL_SHADOW_OP_OFF:
+ perm = SHADOW__DISABLE;
+ break;
+ case XEN_DOMCTL_SHADOW_OP_ENABLE:
+ case XEN_DOMCTL_SHADOW_OP_ENABLE_TEST:
+ case XEN_DOMCTL_SHADOW_OP_ENABLE_TRANSLATE:
+ case XEN_DOMCTL_SHADOW_OP_GET_ALLOCATION:
+ case XEN_DOMCTL_SHADOW_OP_SET_ALLOCATION:
+ perm = SHADOW__ENABLE;
+ break;
+ case XEN_DOMCTL_SHADOW_OP_ENABLE_LOGDIRTY:
+ case XEN_DOMCTL_SHADOW_OP_PEEK:
+ case XEN_DOMCTL_SHADOW_OP_CLEAN:
+ perm = SHADOW__LOGDIRTY;
+ break;
+ default:
+ return -EPERM;
}
return domain_has_perm(current->domain, d, SECCLASS_SHADOW, perm);
@@ -765,7 +765,7 @@ static int ioport_has_perm(struct domain
struct domain_security_struct *ssec, *tsec;
rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE,
- resource_to_perm(access));
+ resource_to_perm(access));
if ( rc )
return rc;
@@ -791,7 +791,7 @@ static int ioport_has_perm(struct domain
if ( access )
return avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE,
- RESOURCE__USE, &ad);
+ RESOURCE__USE, &ad);
else
return rc;
}
@@ -819,7 +819,7 @@ static int flask_hypercall_init(struct d
static int flask_hypercall_init(struct domain *d)
{
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN,
- DOMAIN__HYPERCALL);
+ DOMAIN__HYPERCALL);
}
static int flask_hvmcontext(struct domain *d, uint32_t cmd)
@@ -828,15 +828,15 @@ static int flask_hvmcontext(struct domai
switch ( cmd )
{
- case XEN_DOMCTL_sethvmcontext:
- perm = HVM__SETHVMC;
- break;
- case XEN_DOMCTL_gethvmcontext:
- case XEN_DOMCTL_gethvmcontext_partial:
- perm = HVM__GETHVMC;
- break;
- default:
- return -EPERM;
+ case XEN_DOMCTL_sethvmcontext:
+ perm = HVM__SETHVMC;
+ break;
+ case XEN_DOMCTL_gethvmcontext:
+ case XEN_DOMCTL_gethvmcontext_partial:
+ perm = HVM__GETHVMC;
+ break;
+ default:
+ return -EPERM;
}
return domain_has_perm(current->domain, d, SECCLASS_HVM, perm);
@@ -848,14 +848,14 @@ static int flask_address_size(struct dom
switch ( cmd )
{
- case XEN_DOMCTL_set_address_size:
- perm = DOMAIN__SETADDRSIZE;
- break;
- case XEN_DOMCTL_get_address_size:
- perm = DOMAIN__GETADDRSIZE;
- break;
- default:
- return -EPERM;
+ case XEN_DOMCTL_set_address_size:
+ perm = DOMAIN__SETADDRSIZE;
+ break;
+ case XEN_DOMCTL_get_address_size:
+ perm = DOMAIN__GETADDRSIZE;
+ break;
+ default:
+ return -EPERM;
}
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm);
@@ -867,14 +867,14 @@ static int flask_hvm_param(struct domain
switch ( op )
{
- case HVMOP_set_param:
- perm = HVM__SETPARAM;
- break;
- case HVMOP_get_param:
- perm = HVM__GETPARAM;
- break;
- default:
- return -EPERM;
+ case HVMOP_set_param:
+ perm = HVM__SETPARAM;
+ break;
+ case HVMOP_get_param:
+ perm = HVM__GETPARAM;
+ break;
+ default:
+ return -EPERM;
}
return domain_has_perm(current->domain, d, SECCLASS_HVM, perm);
@@ -901,14 +901,14 @@ static int flask_apic(struct domain *d,
switch ( cmd )
{
- case PHYSDEVOP_APIC_READ:
- perm = XEN__READAPIC;
- break;
- case PHYSDEVOP_APIC_WRITE:
- perm = XEN__WRITEAPIC;
- break;
- default:
- return -EPERM;
+ case PHYSDEVOP_APIC_READ:
+ perm = XEN__READAPIC;
+ break;
+ case PHYSDEVOP_APIC_WRITE:
+ perm = XEN__WRITEAPIC;
+ break;
+ default:
+ return -EPERM;
}
return domain_has_xen(d, perm);
@@ -937,17 +937,17 @@ static int flask_memtype(uint32_t access
switch ( access )
{
- case XENPF_add_memtype:
- perm = XEN__MTRR_ADD;
- break;
- case XENPF_del_memtype:
- perm = XEN__MTRR_DEL;
- break;
- case XENPF_read_memtype:
- perm = XEN__MTRR_READ;
- break;
- default:
- return -EPERM;
+ case XENPF_add_memtype:
+ perm = XEN__MTRR_ADD;
+ break;
+ case XENPF_del_memtype:
+ perm = XEN__MTRR_DEL;
+ break;
+ case XENPF_read_memtype:
+ perm = XEN__MTRR_READ;
+ break;
+ default:
+ return -EPERM;
}
return domain_has_xen(current->domain, perm);
@@ -969,7 +969,7 @@ static int flask_platform_quirk(uint32_t
dsec = current->domain->ssid;
return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_XEN,
- XEN__QUIRK, NULL);
+ XEN__QUIRK, NULL);
}
static int flask_firmware_info(void)
@@ -998,7 +998,7 @@ static int flask_machine_memory_map(void
dsec = current->domain->ssid;
return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_MMU,
- MMU__MEMORYMAP,
NULL);
+ MMU__MEMORYMAP, NULL);
}
static int flask_domain_memory_map(struct domain *d)
@@ -1007,7 +1007,7 @@ static int flask_domain_memory_map(struc
}
static int flask_mmu_normal_update(struct domain *d, struct domain *f,
- intpte_t fpte)
+ intpte_t fpte)
{
int rc = 0;
u32 map_perms = MMU__MAP_READ;
@@ -1044,7 +1044,7 @@ static int flask_mmu_machphys_update(str
}
static int flask_update_va_mapping(struct domain *d, struct domain *f,
- l1_pgentry_t pte)
+ l1_pgentry_t pte)
{
int rc = 0;
u32 psid;
@@ -1165,14 +1165,14 @@ static int flask_ext_vcpucontext (struct
switch ( cmd )
{
- case XEN_DOMCTL_set_ext_vcpucontext:
- perm = DOMAIN__SETEXTVCPUCONTEXT;
- break;
- case XEN_DOMCTL_get_ext_vcpucontext:
- perm = DOMAIN__GETEXTVCPUCONTEXT;
- break;
- default:
- return -EPERM;
+ case XEN_DOMCTL_set_ext_vcpucontext:
+ perm = DOMAIN__SETEXTVCPUCONTEXT;
+ break;
+ case XEN_DOMCTL_get_ext_vcpucontext:
+ perm = DOMAIN__GETEXTVCPUCONTEXT;
+ break;
+ default:
+ return -EPERM;
}
return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm);
@@ -1180,7 +1180,7 @@ static int flask_ext_vcpucontext (struct
#endif
static int io_has_perm(struct domain *d, char *name, unsigned long s,
- unsigned long e, u32
access)
+ unsigned long e, u32 access)
{
int rc = -EPERM;
@@ -1218,13 +1218,13 @@ static int io_has_perm(struct domain *d,
}
static int flask_add_range(struct domain *d, char *name, unsigned long s,
- unsigned
long e)
+ unsigned long e)
{
return io_has_perm(d, name, s, e, 1);
}
static int flask_remove_range(struct domain *d, char *name, unsigned long s,
- unsigned
long e)
+ unsigned long e)
{
return io_has_perm(d, name, s, e, 0);
}
@@ -1335,7 +1335,8 @@ static __init int flask_init(void)
{
int ret = 0;
- if ( !flask_enabled ) {
+ if ( !flask_enabled )
+ {
printk("Flask: Disabled at boot.\n");
return 0;
}
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |