[devel] RC redirect

ALT Linux Team development discussions
 help / color / mirror / Atom feed

* [devel] RC redirect - 2.0
@ 2001-07-17 13:47 Stanislav Ievlev
  0 siblings, 0 replies; only message in thread
From: Stanislav Ievlev @ 2001-07-17 13:47 UTC (permalink / raw)
  To: devel

[-- Attachment #1: Type: text/plain, Size: 498 bytes --]

Для любителей копаться в ядре второе поколение патча для перенаправления 
по RC-ролям
на этот раз это перенаправление по каталогам

Как заводится:
1. Создается каталог /tmp/redirect
2. Создаются подкаталоги /tmp/redirect/1, /tmp/redirect/2,...
3. Устанавливается rc_initial_role для /tmp/redirect в 99.
4. Теперь при заходе в каталог /tmp/redirect пользователь будет реально 
попадать в /tmp/redirect/<role-num>

Патч прилагается (патчатся d_path() и path_walk() )
------------
Станислав Иевлев.



[-- Attachment #2: rsbac-rc-redirect-2.patch --]
[-- Type: text/plain, Size: 6121 bytes --]

diff -Naur linux.orig/fs/dcache.c linux/fs/dcache.c
--- linux.orig/fs/dcache.c	Tue Jul 17 17:19:14 2001
+++ linux/fs/dcache.c	Tue Jul 17 17:20:55 2001
@@ -26,6 +26,14 @@
 
 #include <asm/uaccess.h>
 
+//REDIRECTION
+/* RSBAC */
+#ifdef CONFIG_RSBAC
+#include <rsbac/adf.h>
+#include <rsbac/fs.h>
+#endif
+//REDIRECTION
+
 #define DCACHE_PARANOIA 1
 /* #define DCACHE_DEBUG 1 */
 
@@ -948,6 +956,10 @@
 	char * end = buffer+buflen;
 	char * retval;
 	int namelen;
+//REDIRECTION
+        union rsbac_target_id_t       redir_rsbac_target_id;
+        union rsbac_attribute_value_t redir_rsbac_attribute_value;
+//REDIRECTION
 
 	*--end = '\0';
 	buflen--;
@@ -963,7 +975,7 @@
 
 	for (;;) {
 		struct dentry * parent;
-
+		
 		if (dentry == root && vfsmnt == rootmnt)
 			break;
 		if (dentry == vfsmnt->mnt_root || IS_ROOT(dentry)) {
@@ -974,6 +986,29 @@
 			vfsmnt = vfsmnt->mnt_parent;
 			continue;
 		}
+//REDIRECTION
+	    	redir_rsbac_target_id.dir.device = dentry->d_parent->d_inode->i_dev;
+            	redir_rsbac_target_id.dir.inode  = dentry->d_parent->d_inode->i_ino;
+            	redir_rsbac_target_id.dir.dentry_p = dentry->d_parent;
+            	redir_rsbac_attribute_value.dummy = 0;
+		    
+		if (rsbac_get_attr(T_DIR,
+		                  redir_rsbac_target_id,
+		                  A_rc_initial_role,
+		                  &redir_rsbac_attribute_value,
+		                  FALSE))
+		{
+		    printk(KERN_WARNING "d_path(): rsbac_get_attr() returned error!\n");
+		}
+			    
+		if (redir_rsbac_attribute_value.rc_initial_role==99){
+			//printk("d_path: super dir!\n");
+			dentry = dentry->d_parent;
+			continue;
+		}
+		//printk(KERN_EMERG "d_path: %lu\n",dentry->d_inode->i_ino);
+//REDIRECTION
+
 		parent = dentry->d_parent;
 		namelen = dentry->d_name.len;
 		buflen -= namelen + 1;
diff -Naur linux.orig/fs/namei.c linux/fs/namei.c
--- linux.orig/fs/namei.c	Tue Jul 17 17:19:37 2001
+++ linux/fs/namei.c	Tue Jul 17 16:56:52 2001
@@ -453,6 +453,11 @@
         union rsbac_target_id_t       rsbac_target_id;
         union rsbac_attribute_value_t rsbac_attribute_value;
         #endif
+//REDIRECTION
+        union rsbac_target_id_t       redir_rsbac_target_id;
+        union rsbac_attribute_value_t redir_rsbac_attribute_value;
+//REDIRECTION
+	
 
 	while (*name=='/')
 		name++;
@@ -513,6 +518,7 @@
 		while (*++name == '/');
 		if (!*name)
 			goto last_with_slashes;
+		
 
 		/*
 		 * "." and ".." are special - ".." especially so because it has
@@ -531,6 +537,7 @@
 			case 1:
 				continue;
 		}
+		
 		/*
 		 * See if the low-level filesystem might want
 		 * to use its own hash..
@@ -579,6 +586,59 @@
 		err = -ENOTDIR; 
 		if (!inode->i_op->lookup)
 			break;
+		
+//REDIRECTION
+		if (inode){
+            	    redir_rsbac_target_id.dir.device = inode->i_dev;
+            	    redir_rsbac_target_id.dir.inode  = inode->i_ino;
+            	    redir_rsbac_target_id.dir.dentry_p = nd->dentry;
+            	    redir_rsbac_attribute_value.dummy = 0;
+		    
+		    if (rsbac_get_attr(T_DIR,
+		                      redir_rsbac_target_id,
+		                      A_rc_initial_role,
+		                      &redir_rsbac_attribute_value,
+		                      FALSE))
+		    {
+			printk(KERN_WARNING "path_walk(): rsbac_get_attr() returned error!\n");
+		    }
+			    
+		    if (redir_rsbac_attribute_value.rc_initial_role==99)
+		    {
+			char	*new_name=kmalloc(10,GFP_KERNEL);
+			int	new_error;
+			unsigned int old_lookup_flags = nd->flags;
+			
+			redir_rsbac_target_id.process = current->pid;
+			if (rsbac_get_attr(T_PROCESS,
+					    redir_rsbac_target_id,
+					    A_rc_role,
+					    &redir_rsbac_attribute_value,
+					    FALSE))
+			{
+			    printk(KERN_WARNING "path_walk(): rsbac_get_attr() returned error!\n");
+			}
+			
+			sprintf(new_name,"%u",redir_rsbac_attribute_value.rc_role);
+			nd->flags=LOOKUP_FOLLOW|LOOKUP_POSITIVE;
+			//strcpy (new_name,"2");
+			
+			new_error=path_walk(new_name,nd);
+			nd->flags=old_lookup_flags;
+			
+			if (new_error>=0)
+			{
+			    //printk (KERN_EMERG "1>> REDIRECT %s %lu\n",new_name,nd->dentry->d_inode->i_ino);
+			    dentry=nd->dentry;
+			    inode=dentry->d_inode;
+			};
+			
+			kfree(new_name);
+		    }
+		    //printk(KERN_EMERG "1>>`%s` %lu\n",this.name,inode->i_ino);
+		}
+//REDIRECTION
+
 		continue;
 		/* here ends the main loop */
 
@@ -633,6 +693,58 @@
 			if (!inode->i_op || !inode->i_op->lookup)
 				break;
 		}
+//REDIRECTION
+		if (inode){
+            	    redir_rsbac_target_id.dir.device = inode->i_dev;
+            	    redir_rsbac_target_id.dir.inode  = inode->i_ino;
+            	    redir_rsbac_target_id.dir.dentry_p = nd->dentry;
+            	    redir_rsbac_attribute_value.dummy = 0;
+		    
+		    if (rsbac_get_attr(T_DIR,
+		                      redir_rsbac_target_id,
+		                      A_rc_initial_role,
+		                      &redir_rsbac_attribute_value,
+		                      FALSE))
+		    {
+			printk(KERN_WARNING "path_walk()-2: rsbac_get_attr() returned error!\n");
+		    }
+			    
+		    if (redir_rsbac_attribute_value.rc_initial_role==99)
+		    {
+			char	*new_name=kmalloc(10,GFP_KERNEL);
+			int	new_error;
+			unsigned int old_lookup_flags = nd->flags;
+
+			redir_rsbac_target_id.process = current->pid;
+			if (rsbac_get_attr(T_PROCESS,
+					    redir_rsbac_target_id,
+					    A_rc_role,
+					    &redir_rsbac_attribute_value,
+					    FALSE))
+			{
+			    printk(KERN_WARNING "path_walk()-2: rsbac_get_attr() returned error!\n");
+			}
+			
+			sprintf(new_name,"%u",redir_rsbac_attribute_value.rc_role);
+			
+			nd->flags=LOOKUP_FOLLOW|LOOKUP_POSITIVE;
+			//strcpy (new_name,"2");
+			
+			new_error=path_walk(new_name,nd);
+			nd->flags=old_lookup_flags;
+			
+			if (new_error>=0)
+			{
+			    //printk (KERN_EMERG "2>> REDIRECT %s %lu\n",new_name,nd->dentry->d_inode->i_ino);
+			    dentry=nd->dentry;
+			    inode=dentry->d_inode;
+			};
+			
+			kfree(new_name);
+		    }
+		    //printk(KERN_EMERG "2>>`%s` %lu\n",this.name,inode->i_ino);
+		}
+//REDIRECTION
 		goto return_base;
 no_inode:
 		err = -ENOENT;

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2001-07-17 13:47 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2001-07-17 13:47 [devel] RC redirect - 2.0 Stanislav Ievlev

ALT Linux Team development discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://lore.altlinux.org/devel/0 devel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 devel devel/ http://lore.altlinux.org/devel \
		devel@altlinux.org devel@altlinux.ru devel@lists.altlinux.org devel@lists.altlinux.ru devel@linux.iplabs.ru mandrake-russian@linuxteam.iplabs.ru sisyphus@linuxteam.iplabs.ru
	public-inbox-index devel

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://lore.altlinux.org/org.altlinux.lists.devel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git