ia64/xen-unstable

changeset 15639:dae6a2790f6b

[ACM] Coding style cleanups.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
author kfraser@localhost.localdomain
date Mon Jul 23 09:56:00 2007 +0100 (2007-07-23)
parents 4a8dbbc16d48
children f45c9f122e0e
files xen/acm/acm_chinesewall_hooks.c xen/acm/acm_policy.c xen/acm/acm_simple_type_enforcement_hooks.c
line diff
     1.1 --- a/xen/acm/acm_chinesewall_hooks.c	Mon Jul 23 09:45:23 2007 +0100
     1.2 +++ b/xen/acm/acm_chinesewall_hooks.c	Mon Jul 23 09:56:00 2007 +0100
     1.3 @@ -73,10 +73,10 @@ int acm_init_chwall_policy(void)
     1.4          (domaintype_t *) xmalloc_array(domaintype_t,
     1.5                                         chwall_bin_pol.max_types);
     1.6  
     1.7 -    if ((chwall_bin_pol.conflict_sets == NULL)
     1.8 +    if ( (chwall_bin_pol.conflict_sets == NULL)
     1.9          || (chwall_bin_pol.running_types == NULL)
    1.10          || (chwall_bin_pol.ssidrefs == NULL)
    1.11 -        || (chwall_bin_pol.conflict_aggregate_set == NULL))
    1.12 +        || (chwall_bin_pol.conflict_aggregate_set == NULL) )
    1.13          return ACM_INIT_SSID_ERROR;
    1.14  
    1.15      /* initialize state */
    1.16 @@ -97,14 +97,15 @@ static int chwall_init_domain_ssid(void 
    1.17  {
    1.18      struct chwall_ssid *chwall_ssidp = xmalloc(struct chwall_ssid);
    1.19      traceprintk("%s.\n", __func__);
    1.20 -    if (chwall_ssidp == NULL)
    1.21 +
    1.22 +    if ( chwall_ssidp == NULL )
    1.23          return ACM_INIT_SSID_ERROR;
    1.24  
    1.25      chwall_ssidp->chwall_ssidref =
    1.26          GET_SSIDREF(ACM_CHINESE_WALL_POLICY, ssidref);
    1.27  
    1.28 -    if ((chwall_ssidp->chwall_ssidref >= chwall_bin_pol.max_ssidrefs)
    1.29 -        || (chwall_ssidp->chwall_ssidref == ACM_DEFAULT_LOCAL_SSID))
    1.30 +    if ( (chwall_ssidp->chwall_ssidref >= chwall_bin_pol.max_ssidrefs)
    1.31 +        || (chwall_ssidp->chwall_ssidref == ACM_DEFAULT_LOCAL_SSID) )
    1.32      {
    1.33          printkd("%s: ERROR chwall_ssidref(%x) undefined (>max) or unset (0).\n",
    1.34                  __func__, chwall_ssidp->chwall_ssidref);
    1.35 @@ -119,7 +120,6 @@ static int chwall_init_domain_ssid(void 
    1.36  
    1.37  static void chwall_free_domain_ssid(void *chwall_ssid)
    1.38  {
    1.39 -    traceprintk("%s.\n", __func__);
    1.40      xfree(chwall_ssid);
    1.41      return;
    1.42  }
    1.43 @@ -132,7 +132,7 @@ static int chwall_dump_policy(u8 * buf, 
    1.44          (struct acm_chwall_policy_buffer *) buf;
    1.45      int ret = 0;
    1.46  
    1.47 -    if (buf_size < sizeof(struct acm_chwall_policy_buffer))
    1.48 +    if ( buf_size < sizeof(struct acm_chwall_policy_buffer) )
    1.49          return -EINVAL;
    1.50  
    1.51      chwall_buf->chwall_max_types = cpu_to_be32(chwall_bin_pol.max_types);
    1.52 @@ -159,7 +159,7 @@ static int chwall_dump_policy(u8 * buf, 
    1.53  
    1.54      ret = (ret + 7) & ~7;
    1.55  
    1.56 -    if (buf_size < ret)
    1.57 +    if ( buf_size < ret )
    1.58          return -EINVAL;
    1.59  
    1.60      /* now copy buffers over */
    1.61 @@ -214,12 +214,12 @@ chwall_init_state(struct acm_chwall_poli
    1.62          traceprintk("%s: validating policy for domain %x (chwall-REF=%x).\n",
    1.63                      __func__, d->domain_id, chwall_ssidref);
    1.64          /* a) adjust types ref-count for running domains */
    1.65 -        for (i = 0; i < chwall_buf->chwall_max_types; i++)
    1.66 +        for ( i = 0; i < chwall_buf->chwall_max_types; i++ )
    1.67              running_types[i] +=
    1.68                  ssidrefs[chwall_ssidref * chwall_buf->chwall_max_types + i];
    1.69  
    1.70          /* b) check for conflict */
    1.71 -        for (i = 0; i < chwall_buf->chwall_max_types; i++)
    1.72 +        for ( i = 0; i < chwall_buf->chwall_max_types; i++ )
    1.73              if (conflict_aggregate_set[i] &&
    1.74                  ssidrefs[chwall_ssidref * chwall_buf->chwall_max_types + i])
    1.75              {
    1.76 @@ -233,11 +233,11 @@ chwall_init_state(struct acm_chwall_poli
    1.77              }
    1.78          /* set violation and break out of the loop */
    1.79          /* c) adapt conflict aggregate set for this domain (notice conflicts) */
    1.80 -        for (i = 0; i < chwall_buf->chwall_max_conflictsets; i++)
    1.81 +        for ( i = 0; i < chwall_buf->chwall_max_conflictsets; i++ )
    1.82          {
    1.83              int common = 0;
    1.84              /* check if conflict_set_i and ssidref have common types */
    1.85 -            for (j = 0; j < chwall_buf->chwall_max_types; j++)
    1.86 +            for ( j = 0; j < chwall_buf->chwall_max_types; j++ )
    1.87                  if (conflict_sets[i * chwall_buf->chwall_max_types + j] &&
    1.88                      ssidrefs[chwall_ssidref *
    1.89                              chwall_buf->chwall_max_types + j])
    1.90 @@ -248,7 +248,7 @@ chwall_init_state(struct acm_chwall_poli
    1.91              if (common == 0)
    1.92                  continue;       /* try next conflict set */
    1.93              /* now add types of the conflict set to conflict_aggregate_set (except types in chwall_ssidref) */
    1.94 -            for (j = 0; j < chwall_buf->chwall_max_types; j++)
    1.95 +            for ( j = 0; j < chwall_buf->chwall_max_types; j++ )
    1.96                  if (conflict_sets[i * chwall_buf->chwall_max_types + j] &&
    1.97                      !ssidrefs[chwall_ssidref *
    1.98                               chwall_buf->chwall_max_types + j])
    1.99 @@ -268,7 +268,8 @@ chwall_init_state(struct acm_chwall_poli
   1.100  int
   1.101  do_chwall_init_state_curr(struct acm_sized_buffer *errors)
   1.102  {
   1.103 -    struct acm_chwall_policy_buffer chwall_buf = {
   1.104 +    struct acm_chwall_policy_buffer chwall_buf =
   1.105 +    {
   1.106           /* only these two are important */
   1.107           .chwall_max_types        = chwall_bin_pol.max_types,
   1.108           .chwall_max_conflictsets = chwall_bin_pol.max_conflictsets,
   1.109 @@ -300,8 +301,8 @@ static int _chwall_update_policy(u8 *buf
   1.110      /* policy write-locked already */
   1.111      struct acm_chwall_policy_buffer *chwall_buf =
   1.112          (struct acm_chwall_policy_buffer *) buf;
   1.113 -    void *ssids = NULL, *conflict_sets = NULL, *running_types =
   1.114 -        NULL, *conflict_aggregate_set = NULL;
   1.115 +    void *ssids = NULL, *conflict_sets = NULL, *running_types = NULL,
   1.116 +         *conflict_aggregate_set = NULL;
   1.117  
   1.118      /* 1. allocate new buffers */
   1.119      ssids =
   1.120 @@ -317,23 +318,23 @@ static int _chwall_update_policy(u8 *buf
   1.121      conflict_aggregate_set =
   1.122          xmalloc_array(domaintype_t, chwall_buf->chwall_max_types);
   1.123  
   1.124 -    if ((ssids == NULL) || (conflict_sets == NULL)
   1.125 -        || (running_types == NULL) || (conflict_aggregate_set == NULL))
   1.126 +    if ( (ssids == NULL) || (conflict_sets == NULL) ||
   1.127 +         (running_types == NULL) || (conflict_aggregate_set == NULL) )
   1.128          goto error_free;
   1.129  
   1.130      /* 2. set new policy */
   1.131 -    if (chwall_buf->chwall_ssid_offset + sizeof(domaintype_t) *
   1.132 -        chwall_buf->chwall_max_types * chwall_buf->chwall_max_ssidrefs >
   1.133 -        buf_size)
   1.134 +    if ( chwall_buf->chwall_ssid_offset + sizeof(domaintype_t) *
   1.135 +         chwall_buf->chwall_max_types * chwall_buf->chwall_max_ssidrefs >
   1.136 +         buf_size )
   1.137          goto error_free;
   1.138  
   1.139      arrcpy(ssids, buf + chwall_buf->chwall_ssid_offset,
   1.140             sizeof(domaintype_t),
   1.141             chwall_buf->chwall_max_types * chwall_buf->chwall_max_ssidrefs);
   1.142  
   1.143 -    if (chwall_buf->chwall_conflict_sets_offset + sizeof(domaintype_t) *
   1.144 -        chwall_buf->chwall_max_types *
   1.145 -        chwall_buf->chwall_max_conflictsets > buf_size)
   1.146 +    if ( chwall_buf->chwall_conflict_sets_offset + sizeof(domaintype_t) *
   1.147 +         chwall_buf->chwall_max_types *
   1.148 +         chwall_buf->chwall_max_conflictsets > buf_size )
   1.149          goto error_free;
   1.150  
   1.151      arrcpy(conflict_sets, buf + chwall_buf->chwall_conflict_sets_offset,
   1.152 @@ -349,10 +350,10 @@ static int _chwall_update_policy(u8 *buf
   1.153  
   1.154      /* 3. now re-calculate the state for the new policy based on running domains;
   1.155       *    this can fail if new policy is conflicting with running domains */
   1.156 -    if (chwall_init_state(chwall_buf, ssids,
   1.157 -                          conflict_sets, running_types,
   1.158 -                          conflict_aggregate_set,
   1.159 -                          errors))
   1.160 +    if ( chwall_init_state(chwall_buf, ssids,
   1.161 +                           conflict_sets, running_types,
   1.162 +                           conflict_aggregate_set,
   1.163 +                           errors))
   1.164      {
   1.165          printk("%s: New policy conflicts with running domains. Policy load aborted.\n",
   1.166                 __func__);
   1.167 @@ -360,7 +361,8 @@ static int _chwall_update_policy(u8 *buf
   1.168      }
   1.169  
   1.170      /* if this was only a test run, exit with ACM_OK */
   1.171 -    if (test_only) {
   1.172 +    if ( test_only )
   1.173 +    {
   1.174          rc = ACM_OK;
   1.175          goto error_free;
   1.176      }
   1.177 @@ -377,10 +379,13 @@ static int _chwall_update_policy(u8 *buf
   1.178      chwall_bin_pol.conflict_aggregate_set = conflict_aggregate_set;
   1.179      chwall_bin_pol.running_types = running_types;
   1.180      chwall_bin_pol.conflict_sets = conflict_sets;
   1.181 +
   1.182      return ACM_OK;
   1.183  
   1.184   error_free:
   1.185 -    if (!test_only) printk("%s: ERROR setting policy.\n", __func__);
   1.186 +    if ( !test_only )
   1.187 +        printk("%s: ERROR setting policy.\n", __func__);
   1.188 +
   1.189      xfree(ssids);
   1.190      xfree(conflict_sets);
   1.191      xfree(running_types);
   1.192 @@ -397,7 +402,7 @@ static int chwall_test_policy(u8 *buf, u
   1.193      struct acm_chwall_policy_buffer *chwall_buf =
   1.194          (struct acm_chwall_policy_buffer *) buf;
   1.195  
   1.196 -    if (buf_size < sizeof(struct acm_chwall_policy_buffer))
   1.197 +    if ( buf_size < sizeof(struct acm_chwall_policy_buffer) )
   1.198          return -EINVAL;
   1.199  
   1.200      /* rewrite the policy due to endianess */
   1.201 @@ -419,16 +424,15 @@ static int chwall_test_policy(u8 *buf, u
   1.202          be32_to_cpu(chwall_buf->chwall_conflict_aggregate_offset);
   1.203  
   1.204      /* policy type and version checks */
   1.205 -    if ((chwall_buf->policy_code != ACM_CHINESE_WALL_POLICY) ||
   1.206 -        (chwall_buf->policy_version != ACM_CHWALL_VERSION))
   1.207 +    if ( (chwall_buf->policy_code != ACM_CHINESE_WALL_POLICY) ||
   1.208 +         (chwall_buf->policy_version != ACM_CHWALL_VERSION) )
   1.209          return -EINVAL;
   1.210  
   1.211      /* during boot dom0_chwall_ssidref is set */
   1.212 -    if (is_bootpolicy &&
   1.213 -        (dom0_chwall_ssidref >= chwall_buf->chwall_max_ssidrefs))
   1.214 +    if ( is_bootpolicy &&
   1.215 +         (dom0_chwall_ssidref >= chwall_buf->chwall_max_ssidrefs) )
   1.216          return -EINVAL;
   1.217  
   1.218 -
   1.219      return _chwall_update_policy(buf, buf_size, 1, errors);
   1.220  }
   1.221  
   1.222 @@ -448,17 +452,17 @@ static int chwall_dump_ssid_types(ssidre
   1.223      int i;
   1.224  
   1.225      /* fill in buffer */
   1.226 -    if (chwall_bin_pol.max_types > len)
   1.227 +    if ( chwall_bin_pol.max_types > len )
   1.228          return -EFAULT;
   1.229  
   1.230 -    if (ssidref >= chwall_bin_pol.max_ssidrefs)
   1.231 +    if ( ssidref >= chwall_bin_pol.max_ssidrefs )
   1.232          return -EFAULT;
   1.233  
   1.234      /* read types for chwall ssidref */
   1.235 -    for (i = 0; i < chwall_bin_pol.max_types; i++)
   1.236 +    for ( i = 0; i < chwall_bin_pol.max_types; i++ )
   1.237      {
   1.238 -        if (chwall_bin_pol.
   1.239 -            ssidrefs[ssidref * chwall_bin_pol.max_types + i])
   1.240 +        if ( chwall_bin_pol.
   1.241 +             ssidrefs[ssidref * chwall_bin_pol.max_types + i] )
   1.242              buf[i] = 1;
   1.243          else
   1.244              buf[i] = 0;
   1.245 @@ -476,15 +480,16 @@ static int _chwall_pre_domain_create(voi
   1.246  {
   1.247      ssidref_t chwall_ssidref;
   1.248      int i, j;
   1.249 -    traceprintk("%s.\n", __func__);
   1.250  
   1.251      chwall_ssidref = GET_SSIDREF(ACM_CHINESE_WALL_POLICY, ssidref);
   1.252 +
   1.253      if (chwall_ssidref == ACM_DEFAULT_LOCAL_SSID)
   1.254      {
   1.255          printk("%s: ERROR CHWALL SSID is NOT SET but policy enforced.\n",
   1.256                 __func__);
   1.257          return ACM_ACCESS_DENIED;       /* catching and indicating config error */
   1.258      }
   1.259 +
   1.260      if (chwall_ssidref >= chwall_bin_pol.max_ssidrefs)
   1.261      {
   1.262          printk("%s: ERROR chwall_ssidref > max(%x).\n",
   1.263 @@ -503,15 +508,15 @@ static int _chwall_pre_domain_create(voi
   1.264  
   1.265      /* B: chinese wall conflict set adjustment (so that other
   1.266       *      other domains simultaneously created are evaluated against this new set)*/
   1.267 -    for (i = 0; i < chwall_bin_pol.max_conflictsets; i++)
   1.268 +    for ( i = 0; i < chwall_bin_pol.max_conflictsets; i++ )
   1.269      {
   1.270          int common = 0;
   1.271          /* check if conflict_set_i and ssidref have common types */
   1.272 -        for (j = 0; j < chwall_bin_pol.max_types; j++)
   1.273 -            if (chwall_bin_pol.
   1.274 -                conflict_sets[i * chwall_bin_pol.max_types + j]
   1.275 -                && chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.276 -                                          chwall_bin_pol.max_types + j])
   1.277 +        for ( j = 0; j < chwall_bin_pol.max_types; j++ )
   1.278 +            if ( chwall_bin_pol.
   1.279 +                 conflict_sets[i * chwall_bin_pol.max_types + j]
   1.280 +                 && chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.281 +                                            chwall_bin_pol.max_types + j] )
   1.282              {
   1.283                  common = 1;
   1.284                  break;
   1.285 @@ -519,12 +524,12 @@ static int _chwall_pre_domain_create(voi
   1.286          if (common == 0)
   1.287              continue;           /* try next conflict set */
   1.288          /* now add types of the conflict set to conflict_aggregate_set (except types in chwall_ssidref) */
   1.289 -        for (j = 0; j < chwall_bin_pol.max_types; j++)
   1.290 -            if (chwall_bin_pol.
   1.291 -                conflict_sets[i * chwall_bin_pol.max_types + j]
   1.292 -                && !chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.293 -                                           chwall_bin_pol.max_types + j])
   1.294 -                chwall_bin_pol.conflict_aggregate_set[j]++;
   1.295 +        for ( j = 0; j < chwall_bin_pol.max_types; j++ )
   1.296 +            if ( chwall_bin_pol.
   1.297 +                 conflict_sets[i * chwall_bin_pol.max_types + j]
   1.298 +                 && !chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.299 +                                             chwall_bin_pol.max_types + j])
   1.300 +                 chwall_bin_pol.conflict_aggregate_set[j]++;
   1.301      }
   1.302      return ACM_ACCESS_PERMITTED;
   1.303  }
   1.304 @@ -534,18 +539,16 @@ static void _chwall_post_domain_create(d
   1.305  {
   1.306      int i, j;
   1.307      ssidref_t chwall_ssidref;
   1.308 -    traceprintk("%s.\n", __func__);
   1.309  
   1.310      chwall_ssidref = GET_SSIDREF(ACM_CHINESE_WALL_POLICY, ssidref);
   1.311      /* adjust types ref-count for running domains */
   1.312 -    for (i = 0; i < chwall_bin_pol.max_types; i++)
   1.313 +    for ( i = 0; i < chwall_bin_pol.max_types; i++ )
   1.314          chwall_bin_pol.running_types[i] +=
   1.315              chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.316                                     chwall_bin_pol.max_types + i];
   1.317 -    if (domid)
   1.318 -    {
   1.319 +    if ( domid )
   1.320          return;
   1.321 -    }
   1.322 +
   1.323      /* Xen does not call pre-create hook for DOM0;
   1.324       * to consider type conflicts of any domain with DOM0, we need
   1.325       * to adjust the conflict_aggregate for DOM0 here the same way it
   1.326 @@ -555,27 +558,27 @@ static void _chwall_post_domain_create(d
   1.327  
   1.328      /* chinese wall conflict set adjustment (so that other
   1.329       *      other domains simultaneously created are evaluated against this new set)*/
   1.330 -    for (i = 0; i < chwall_bin_pol.max_conflictsets; i++)
   1.331 +    for ( i = 0; i < chwall_bin_pol.max_conflictsets; i++ )
   1.332      {
   1.333          int common = 0;
   1.334          /* check if conflict_set_i and ssidref have common types */
   1.335 -        for (j = 0; j < chwall_bin_pol.max_types; j++)
   1.336 -            if (chwall_bin_pol.
   1.337 -                conflict_sets[i * chwall_bin_pol.max_types + j]
   1.338 -                && chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.339 -                                          chwall_bin_pol.max_types + j])
   1.340 +        for ( j = 0; j < chwall_bin_pol.max_types; j++ )
   1.341 +            if ( chwall_bin_pol.
   1.342 +                 conflict_sets[i * chwall_bin_pol.max_types + j]
   1.343 +                 && chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.344 +                                            chwall_bin_pol.max_types + j] )
   1.345              {
   1.346                  common = 1;
   1.347                  break;
   1.348              }
   1.349 -        if (common == 0)
   1.350 +        if ( common == 0 )
   1.351              continue;           /* try next conflict set */
   1.352          /* now add types of the conflict set to conflict_aggregate_set (except types in chwall_ssidref) */
   1.353 -        for (j = 0; j < chwall_bin_pol.max_types; j++)
   1.354 -            if (chwall_bin_pol.
   1.355 -                conflict_sets[i * chwall_bin_pol.max_types + j]
   1.356 -                && !chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.357 -                                           chwall_bin_pol.max_types + j])
   1.358 +        for ( j = 0; j < chwall_bin_pol.max_types; j++ )
   1.359 +            if ( chwall_bin_pol.
   1.360 +                 conflict_sets[i * chwall_bin_pol.max_types + j]
   1.361 +                 && !chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.362 +                                             chwall_bin_pol.max_types + j] )
   1.363                  chwall_bin_pol.conflict_aggregate_set[j]++;
   1.364      }
   1.365      return;
   1.366 @@ -593,10 +596,11 @@ static int chwall_domain_create(void *su
   1.367  {
   1.368      int rc;
   1.369      read_lock(&acm_bin_pol_rwlock);
   1.370 +
   1.371      rc = _chwall_pre_domain_create(subject_ssid, ssidref);
   1.372 -    if (rc == ACM_ACCESS_PERMITTED) {
   1.373 +    if ( rc == ACM_ACCESS_PERMITTED )
   1.374          _chwall_post_domain_create(domid, ssidref);
   1.375 -    }
   1.376 +
   1.377      read_unlock(&acm_bin_pol_rwlock);
   1.378      return rc;
   1.379  }
   1.380 @@ -613,25 +617,23 @@ static void chwall_domain_destroy(void *
   1.381                                                   object_ssid);
   1.382      ssidref_t chwall_ssidref = chwall_ssidp->chwall_ssidref;
   1.383  
   1.384 -    traceprintk("%s.\n", __func__);
   1.385 +    read_lock(&acm_bin_pol_rwlock);
   1.386  
   1.387 -    read_lock(&acm_bin_pol_rwlock);
   1.388      /* adjust running types set */
   1.389 -    for (i = 0; i < chwall_bin_pol.max_types; i++)
   1.390 +    for ( i = 0; i < chwall_bin_pol.max_types; i++ )
   1.391          chwall_bin_pol.running_types[i] -=
   1.392              chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.393                                     chwall_bin_pol.max_types + i];
   1.394  
   1.395      /* roll-back: re-adjust conflicting types aggregate */
   1.396 -    for (i = 0; i < chwall_bin_pol.max_conflictsets; i++)
   1.397 +    for ( i = 0; i < chwall_bin_pol.max_conflictsets; i++ )
   1.398      {
   1.399          int common = 0;
   1.400          /* check if conflict_set_i and ssidref have common types */
   1.401 -        for (j = 0; j < chwall_bin_pol.max_types; j++)
   1.402 -            if (chwall_bin_pol.
   1.403 -                conflict_sets[i * chwall_bin_pol.max_types + j]
   1.404 -                && chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.405 -                                          chwall_bin_pol.max_types + j])
   1.406 +        for ( j = 0; j < chwall_bin_pol.max_types; j++ )
   1.407 +            if ( chwall_bin_pol.conflict_sets[i * chwall_bin_pol.max_types + j]
   1.408 +                 && chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.409 +                                            chwall_bin_pol.max_types + j])
   1.410              {
   1.411                  common = 1;
   1.412                  break;
   1.413 @@ -639,14 +641,16 @@ static void chwall_domain_destroy(void *
   1.414          if (common == 0)
   1.415              continue;           /* try next conflict set, this one does not include any type of chwall_ssidref */
   1.416          /* now add types of the conflict set to conflict_aggregate_set (except types in chwall_ssidref) */
   1.417 -        for (j = 0; j < chwall_bin_pol.max_types; j++)
   1.418 -            if (chwall_bin_pol.
   1.419 -                conflict_sets[i * chwall_bin_pol.max_types + j]
   1.420 -                && !chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.421 -                                           chwall_bin_pol.max_types + j])
   1.422 +        for ( j = 0; j < chwall_bin_pol.max_types; j++ )
   1.423 +            if ( chwall_bin_pol.
   1.424 +                 conflict_sets[i * chwall_bin_pol.max_types + j]
   1.425 +                 && !chwall_bin_pol.ssidrefs[chwall_ssidref *
   1.426 +                                             chwall_bin_pol.max_types + j])
   1.427                  chwall_bin_pol.conflict_aggregate_set[j]--;
   1.428      }
   1.429 +
   1.430      read_unlock(&acm_bin_pol_rwlock);
   1.431 +
   1.432      return;
   1.433  }
   1.434  
     2.1 --- a/xen/acm/acm_policy.c	Mon Jul 23 09:45:23 2007 +0100
     2.2 +++ b/xen/acm/acm_policy.c	Mon Jul 23 09:56:00 2007 +0100
     2.3 @@ -37,9 +37,9 @@
     2.4  static int acm_check_deleted_ssidrefs(struct acm_sized_buffer *dels,
     2.5                                        struct acm_sized_buffer *errors);
     2.6  static void acm_doms_change_ssidref(ssidref_t (*translator)
     2.7 -                                     (const struct acm_ssid_domain *,
     2.8 -                                      const struct acm_sized_buffer *),
     2.9 -                                      struct acm_sized_buffer *translation_map);
    2.10 +                                   (const struct acm_ssid_domain *,
    2.11 +                                    const struct acm_sized_buffer *),
    2.12 +                                    struct acm_sized_buffer *translation_map);
    2.13  static void acm_doms_restore_ssidref(void);
    2.14  static ssidref_t oldssid_to_newssid(const struct acm_ssid_domain *,
    2.15                                      const struct acm_sized_buffer *map);
    2.16 @@ -50,15 +50,15 @@ acm_set_policy(XEN_GUEST_HANDLE_64(void)
    2.17  {
    2.18      u8 *policy_buffer = NULL;
    2.19      int ret = -EFAULT;
    2.20 - 
    2.21 -    if (buf_size < sizeof(struct acm_policy_buffer))
    2.22 +
    2.23 +    if ( buf_size < sizeof(struct acm_policy_buffer) )
    2.24          return -EFAULT;
    2.25  
    2.26      /* copy buffer from guest domain */
    2.27 -    if ((policy_buffer = xmalloc_array(u8, buf_size)) == NULL)
    2.28 +    if ( (policy_buffer = xmalloc_array(u8, buf_size)) == NULL )
    2.29          return -ENOMEM;
    2.30  
    2.31 -    if (copy_from_guest(policy_buffer, buf, buf_size))
    2.32 +    if ( copy_from_guest(policy_buffer, buf, buf_size) )
    2.33      {
    2.34          printk("%s: Error copying!\n",__func__);
    2.35          goto error_free;
    2.36 @@ -93,9 +93,8 @@ static int
    2.37  
    2.38      if (  require_update != 0 &&
    2.39          ( deletions == NULL || ssidchanges == NULL ) )
    2.40 -    {
    2.41          goto error_lock_free;
    2.42 -    }
    2.43 +
    2.44      require_update = 1;
    2.45      /*
    2.46         first some tests to check compatibility of new policy with
    2.47 @@ -103,15 +102,13 @@ static int
    2.48       */
    2.49  
    2.50      /* if ssidrefs are to be deleted, make sure no domain is using them */
    2.51 -    if (deletions != NULL) {
    2.52 -        if (acm_check_deleted_ssidrefs(deletions, errors))
    2.53 +    if ( deletions != NULL )
    2.54 +        if ( acm_check_deleted_ssidrefs(deletions, errors) )
    2.55              goto error_lock_free;
    2.56 -    }
    2.57  
    2.58 -    if ((ssidchanges != NULL) && (ssidchanges->num_items > 0)) {
    2.59 +    if ( (ssidchanges != NULL) && (ssidchanges->num_items > 0) )
    2.60          /* assign all running domains new ssidrefs as requested */
    2.61          acm_doms_change_ssidref(oldssid_to_newssid, ssidchanges);
    2.62 -    }
    2.63  
    2.64      /* test primary policy data with the new ssidrefs */
    2.65      offset = be32_to_cpu(pol->primary_buffer_offset);
    2.66 @@ -129,9 +126,8 @@ static int
    2.67      if ( (offset + length) > buf_size ||
    2.68           acm_secondary_ops->test_binary_policy(buf + offset, length,
    2.69                                                 is_bootpolicy,
    2.70 -                                               errors)) {
    2.71 +                                               errors))
    2.72          goto error_lock_free;
    2.73 -    }
    2.74  
    2.75      /* end of testing --- now real updates */
    2.76  
    2.77 @@ -140,7 +136,7 @@ static int
    2.78  
    2.79      /* set label reference name */
    2.80      if ( (offset + length) > buf_size ||
    2.81 -        acm_set_policy_reference(buf + offset, length) )
    2.82 +         acm_set_policy_reference(buf + offset, length) )
    2.83          goto error_lock_free;
    2.84  
    2.85      /* set primary policy data */
    2.86 @@ -161,16 +157,16 @@ static int
    2.87             sizeof(acm_bin_pol.xml_pol_version));
    2.88  
    2.89      if ( acm_primary_ops->is_default_policy() &&
    2.90 -         acm_secondary_ops->is_default_policy() ) {
    2.91 +         acm_secondary_ops->is_default_policy() )
    2.92          require_update = 0;
    2.93 -    }
    2.94  
    2.95      write_unlock(&acm_bin_pol_rwlock);
    2.96  
    2.97      return ACM_OK;
    2.98  
    2.99  error_lock_free:
   2.100 -    if ((ssidchanges != NULL) && (ssidchanges->num_items > 0)) {
   2.101 +    if ( (ssidchanges != NULL) && (ssidchanges->num_items > 0) )
   2.102 +    {
   2.103          acm_doms_restore_ssidref();
   2.104      }
   2.105      do_chwall_init_state_curr(NULL);
   2.106 @@ -189,18 +185,21 @@ do_acm_set_policy(void *buf, u32 buf_siz
   2.107      struct acm_policy_buffer *pol = (struct acm_policy_buffer *)buf;
   2.108  
   2.109      /* some sanity checking */
   2.110 -    if ((be32_to_cpu(pol->magic) != ACM_MAGIC) ||
   2.111 -        (buf_size != be32_to_cpu(pol->len)) ||
   2.112 -        (be32_to_cpu(pol->policy_version) != ACM_POLICY_VERSION))
   2.113 +    if ( (be32_to_cpu(pol->magic) != ACM_MAGIC) ||
   2.114 +         (buf_size != be32_to_cpu(pol->len)) ||
   2.115 +         (be32_to_cpu(pol->policy_version) != ACM_POLICY_VERSION) )
   2.116      {
   2.117          printk("%s: ERROR in Magic, Version, or buf size.\n", __func__);
   2.118          goto error_free;
   2.119      }
   2.120  
   2.121 -    if (acm_active_security_policy == ACM_POLICY_UNDEFINED) {
   2.122 +    if ( acm_active_security_policy == ACM_POLICY_UNDEFINED )
   2.123 +    {
   2.124          /* setup the policy with the boot policy */
   2.125 -        if (acm_init_binary_policy((be32_to_cpu(pol->secondary_policy_code) << 4) |
   2.126 -                                   be32_to_cpu(pol->primary_policy_code))) {
   2.127 +        if ( acm_init_binary_policy(
   2.128 +                             (be32_to_cpu(pol->secondary_policy_code) << 4) |
   2.129 +                              be32_to_cpu(pol->primary_policy_code)) )
   2.130 +        {
   2.131              goto error_free;
   2.132          }
   2.133          acm_active_security_policy = (acm_bin_pol.secondary_policy_code << 4) |
   2.134 @@ -208,8 +207,10 @@ do_acm_set_policy(void *buf, u32 buf_siz
   2.135      }
   2.136  
   2.137      /* once acm_active_security_policy is set, it cannot be changed */
   2.138 -    if ((be32_to_cpu(pol->primary_policy_code) != acm_bin_pol.primary_policy_code) ||
   2.139 -        (be32_to_cpu(pol->secondary_policy_code) != acm_bin_pol.secondary_policy_code))
   2.140 +    if ( (be32_to_cpu(pol->primary_policy_code) !=
   2.141 +                                        acm_bin_pol.primary_policy_code) ||
   2.142 +         (be32_to_cpu(pol->secondary_policy_code) !=
   2.143 +                                        acm_bin_pol.secondary_policy_code) )
   2.144      {
   2.145          printkd("%s: Wrong policy type in boot policy!\n", __func__);
   2.146          goto error_free;
   2.147 @@ -232,18 +233,20 @@ acm_get_policy(XEN_GUEST_HANDLE_64(void)
   2.148      int ret;
   2.149      struct acm_policy_buffer *bin_pol;
   2.150  
   2.151 -    if (buf_size < sizeof(struct acm_policy_buffer))
   2.152 +    if ( buf_size < sizeof(struct acm_policy_buffer) )
   2.153          return -EFAULT;
   2.154  
   2.155 -    if ((policy_buffer = xmalloc_array(u8, buf_size)) == NULL)
   2.156 +    if ( (policy_buffer = xmalloc_array(u8, buf_size)) == NULL )
   2.157          return -ENOMEM;
   2.158  
   2.159      read_lock(&acm_bin_pol_rwlock);
   2.160  
   2.161      bin_pol = (struct acm_policy_buffer *)policy_buffer;
   2.162      bin_pol->magic = cpu_to_be32(ACM_MAGIC);
   2.163 -    bin_pol->primary_policy_code = cpu_to_be32(acm_bin_pol.primary_policy_code);
   2.164 -    bin_pol->secondary_policy_code = cpu_to_be32(acm_bin_pol.secondary_policy_code);
   2.165 +    bin_pol->primary_policy_code =
   2.166 +                                cpu_to_be32(acm_bin_pol.primary_policy_code);
   2.167 +    bin_pol->secondary_policy_code =
   2.168 +                                cpu_to_be32(acm_bin_pol.secondary_policy_code);
   2.169  
   2.170      bin_pol->len = cpu_to_be32(sizeof(struct acm_policy_buffer));
   2.171      bin_pol->policy_reference_offset = cpu_to_be32(be32_to_cpu(bin_pol->len));
   2.172 @@ -254,39 +257,47 @@ acm_get_policy(XEN_GUEST_HANDLE_64(void)
   2.173             &acm_bin_pol.xml_pol_version,
   2.174             sizeof(struct acm_policy_version));
   2.175  
   2.176 -    ret = acm_dump_policy_reference(policy_buffer + be32_to_cpu(bin_pol->policy_reference_offset),
   2.177 -                                    buf_size - be32_to_cpu(bin_pol->policy_reference_offset));
   2.178 -    if (ret < 0)
   2.179 +    ret = acm_dump_policy_reference(
   2.180 +               policy_buffer + be32_to_cpu(bin_pol->policy_reference_offset),
   2.181 +               buf_size - be32_to_cpu(bin_pol->policy_reference_offset));
   2.182 +
   2.183 +    if ( ret < 0 )
   2.184          goto error_free_unlock;
   2.185  
   2.186      bin_pol->len = cpu_to_be32(be32_to_cpu(bin_pol->len) + ret);
   2.187      bin_pol->primary_buffer_offset = cpu_to_be32(be32_to_cpu(bin_pol->len));
   2.188  
   2.189 -    ret = acm_primary_ops->dump_binary_policy (policy_buffer + be32_to_cpu(bin_pol->primary_buffer_offset),
   2.190 -                                               buf_size - be32_to_cpu(bin_pol->primary_buffer_offset));
   2.191 -    if (ret < 0)
   2.192 +    ret = acm_primary_ops->dump_binary_policy(
   2.193 +                 policy_buffer + be32_to_cpu(bin_pol->primary_buffer_offset),
   2.194 +                 buf_size - be32_to_cpu(bin_pol->primary_buffer_offset));
   2.195 +
   2.196 +    if ( ret < 0 )
   2.197          goto error_free_unlock;
   2.198  
   2.199      bin_pol->len = cpu_to_be32(be32_to_cpu(bin_pol->len) + ret);
   2.200      bin_pol->secondary_buffer_offset = cpu_to_be32(be32_to_cpu(bin_pol->len));
   2.201  
   2.202 -    ret = acm_secondary_ops->dump_binary_policy(policy_buffer + be32_to_cpu(bin_pol->secondary_buffer_offset),
   2.203 -                                                buf_size - be32_to_cpu(bin_pol->secondary_buffer_offset));
   2.204 -    if (ret < 0)
   2.205 +    ret = acm_secondary_ops->dump_binary_policy(
   2.206 +               policy_buffer + be32_to_cpu(bin_pol->secondary_buffer_offset),
   2.207 +               buf_size - be32_to_cpu(bin_pol->secondary_buffer_offset));
   2.208 +
   2.209 +    if ( ret < 0 )
   2.210          goto error_free_unlock;
   2.211  
   2.212      bin_pol->len = cpu_to_be32(be32_to_cpu(bin_pol->len) + ret);
   2.213 -    if (copy_to_guest(buf, policy_buffer, be32_to_cpu(bin_pol->len)))
   2.214 +    if ( copy_to_guest(buf, policy_buffer, be32_to_cpu(bin_pol->len)) )
   2.215          goto error_free_unlock;
   2.216  
   2.217      read_unlock(&acm_bin_pol_rwlock);
   2.218      xfree(policy_buffer);
   2.219 +
   2.220      return ACM_OK;
   2.221  
   2.222   error_free_unlock:
   2.223      read_unlock(&acm_bin_pol_rwlock);
   2.224      printk("%s: Error getting policy.\n", __func__);
   2.225      xfree(policy_buffer);
   2.226 +
   2.227      return -EFAULT;
   2.228  }
   2.229  
   2.230 @@ -298,40 +309,50 @@ acm_dump_statistics(XEN_GUEST_HANDLE_64(
   2.231      int len1, len2;
   2.232      struct acm_stats_buffer acm_stats;
   2.233  
   2.234 -    if ((stats_buffer = xmalloc_array(u8, buf_size)) == NULL)
   2.235 +    if ( (stats_buffer = xmalloc_array(u8, buf_size)) == NULL )
   2.236          return -ENOMEM;
   2.237  
   2.238      read_lock(&acm_bin_pol_rwlock);
   2.239       
   2.240 -    len1 = acm_primary_ops->dump_statistics(stats_buffer + sizeof(struct acm_stats_buffer),
   2.241 -                                            buf_size - sizeof(struct acm_stats_buffer));
   2.242 -    if (len1 < 0)
   2.243 +    len1 = acm_primary_ops->dump_statistics(
   2.244 +                             stats_buffer + sizeof(struct acm_stats_buffer),
   2.245 +                             buf_size - sizeof(struct acm_stats_buffer));
   2.246 +    if ( len1 < 0 )
   2.247          goto error_lock_free;
   2.248        
   2.249 -    len2 = acm_secondary_ops->dump_statistics(stats_buffer + sizeof(struct acm_stats_buffer) + len1,
   2.250 -                                              buf_size - sizeof(struct acm_stats_buffer) - len1);
   2.251 -    if (len2 < 0)
   2.252 +    len2 = acm_secondary_ops->dump_statistics(
   2.253 +                      stats_buffer + sizeof(struct acm_stats_buffer) + len1,
   2.254 +                      buf_size - sizeof(struct acm_stats_buffer) - len1);
   2.255 +    if ( len2 < 0 )
   2.256          goto error_lock_free;
   2.257  
   2.258      acm_stats.magic = cpu_to_be32(ACM_MAGIC);
   2.259 -    acm_stats.primary_policy_code = cpu_to_be32(acm_bin_pol.primary_policy_code);
   2.260 -    acm_stats.secondary_policy_code = cpu_to_be32(acm_bin_pol.secondary_policy_code);
   2.261 -    acm_stats.primary_stats_offset = cpu_to_be32(sizeof(struct acm_stats_buffer));
   2.262 -    acm_stats.secondary_stats_offset = cpu_to_be32(sizeof(struct acm_stats_buffer) + len1);
   2.263 +    acm_stats.primary_policy_code =
   2.264 +                           cpu_to_be32(acm_bin_pol.primary_policy_code);
   2.265 +    acm_stats.secondary_policy_code =
   2.266 +                           cpu_to_be32(acm_bin_pol.secondary_policy_code);
   2.267 +    acm_stats.primary_stats_offset =
   2.268 +                           cpu_to_be32(sizeof(struct acm_stats_buffer));
   2.269 +    acm_stats.secondary_stats_offset =
   2.270 +                           cpu_to_be32(sizeof(struct acm_stats_buffer) + len1);
   2.271      acm_stats.len = cpu_to_be32(sizeof(struct acm_stats_buffer) + len1 + len2);
   2.272  
   2.273      memcpy(stats_buffer, &acm_stats, sizeof(struct acm_stats_buffer));
   2.274  
   2.275 -    if (copy_to_guest(buf, stats_buffer, sizeof(struct acm_stats_buffer) + len1 + len2))
   2.276 +    if ( copy_to_guest(buf,
   2.277 +                       stats_buffer,
   2.278 +                       sizeof(struct acm_stats_buffer) + len1 + len2) )
   2.279          goto error_lock_free;
   2.280  
   2.281      read_unlock(&acm_bin_pol_rwlock);
   2.282      xfree(stats_buffer);
   2.283 +
   2.284      return ACM_OK;
   2.285  
   2.286   error_lock_free:
   2.287      read_unlock(&acm_bin_pol_rwlock);
   2.288      xfree(stats_buffer);
   2.289 +
   2.290      return -EFAULT;
   2.291  }
   2.292  
   2.293 @@ -343,10 +364,10 @@ acm_get_ssid(ssidref_t ssidref, XEN_GUES
   2.294      u8 *ssid_buffer;
   2.295      int ret;
   2.296      struct acm_ssid_buffer *acm_ssid;
   2.297 -    if (buf_size < sizeof(struct acm_ssid_buffer))
   2.298 +    if ( buf_size < sizeof(struct acm_ssid_buffer) )
   2.299          return -EFAULT;
   2.300  
   2.301 -    if ((ssid_buffer = xmalloc_array(u8, buf_size)) == NULL)
   2.302 +    if ( (ssid_buffer = xmalloc_array(u8, buf_size)) == NULL )
   2.303          return -ENOMEM;
   2.304  
   2.305      read_lock(&acm_bin_pol_rwlock);
   2.306 @@ -358,45 +379,50 @@ acm_get_ssid(ssidref_t ssidref, XEN_GUES
   2.307      acm_ssid->secondary_policy_code = acm_bin_pol.secondary_policy_code;
   2.308  
   2.309      acm_ssid->policy_reference_offset = acm_ssid->len;
   2.310 -    ret = acm_dump_policy_reference(ssid_buffer + acm_ssid->policy_reference_offset,
   2.311 -                                    buf_size - acm_ssid->policy_reference_offset);
   2.312 -    if (ret < 0)
   2.313 +    ret = acm_dump_policy_reference(
   2.314 +                          ssid_buffer + acm_ssid->policy_reference_offset,
   2.315 +                          buf_size - acm_ssid->policy_reference_offset);
   2.316 +    if ( ret < 0 )
   2.317          goto error_free_unlock;
   2.318  
   2.319      acm_ssid->len += ret;
   2.320      acm_ssid->primary_types_offset = acm_ssid->len;
   2.321  
   2.322      /* ret >= 0 --> ret == max_types */
   2.323 -    ret = acm_primary_ops->dump_ssid_types(ACM_PRIMARY(ssidref),
   2.324 -                                           ssid_buffer + acm_ssid->primary_types_offset,
   2.325 -                                           buf_size - acm_ssid->primary_types_offset);
   2.326 -    if (ret < 0)
   2.327 +    ret = acm_primary_ops->dump_ssid_types(
   2.328 +                                 ACM_PRIMARY(ssidref),
   2.329 +                                 ssid_buffer + acm_ssid->primary_types_offset,
   2.330 +                                 buf_size - acm_ssid->primary_types_offset);
   2.331 +    if ( ret < 0 )
   2.332          goto error_free_unlock;
   2.333  
   2.334      acm_ssid->len += ret;
   2.335      acm_ssid->primary_max_types = ret;
   2.336      acm_ssid->secondary_types_offset = acm_ssid->len;
   2.337  
   2.338 -    ret = acm_secondary_ops->dump_ssid_types(ACM_SECONDARY(ssidref),
   2.339 -                                             ssid_buffer + acm_ssid->secondary_types_offset,
   2.340 -                                             buf_size - acm_ssid->secondary_types_offset);
   2.341 -    if (ret < 0)
   2.342 +    ret = acm_secondary_ops->dump_ssid_types(
   2.343 +                             ACM_SECONDARY(ssidref),
   2.344 +                             ssid_buffer + acm_ssid->secondary_types_offset,
   2.345 +                             buf_size - acm_ssid->secondary_types_offset);
   2.346 +    if ( ret < 0 )
   2.347          goto error_free_unlock;
   2.348  
   2.349      acm_ssid->len += ret;
   2.350      acm_ssid->secondary_max_types = ret;
   2.351  
   2.352 -    if (copy_to_guest(buf, ssid_buffer, acm_ssid->len))
   2.353 +    if ( copy_to_guest(buf, ssid_buffer, acm_ssid->len) )
   2.354          goto error_free_unlock;
   2.355  
   2.356      read_unlock(&acm_bin_pol_rwlock);
   2.357      xfree(ssid_buffer);
   2.358 +
   2.359      return ACM_OK;
   2.360  
   2.361   error_free_unlock:
   2.362      read_unlock(&acm_bin_pol_rwlock);
   2.363      printk("%s: Error getting ssid.\n", __func__);
   2.364      xfree(ssid_buffer);
   2.365 +
   2.366      return -ENOMEM;
   2.367  }
   2.368  
   2.369 @@ -404,7 +430,8 @@ int
   2.370  acm_get_decision(ssidref_t ssidref1, ssidref_t ssidref2, u32 hook)
   2.371  {
   2.372      int ret = ACM_ACCESS_DENIED;
   2.373 -    switch (hook) {
   2.374 +    switch ( hook )
   2.375 +    {
   2.376  
   2.377      case ACMHOOK_sharing:
   2.378          /* Sharing hook restricts access in STE policy only */
   2.379 @@ -438,18 +465,21 @@ acm_check_used_ssidref(uint32_t policy_t
   2.380  
   2.381      read_lock(&ssid_list_rwlock);
   2.382  
   2.383 -    for_each_acmssid( rawssid ) {
   2.384 +    for_each_acmssid( rawssid )
   2.385 +    {
   2.386          ssidref_t ssidref;
   2.387          void *s = GET_SSIDP(policy_type, rawssid);
   2.388  
   2.389 -        if (policy_type == ACM_CHINESE_WALL_POLICY) {
   2.390 +        if ( policy_type == ACM_CHINESE_WALL_POLICY )
   2.391 +        {
   2.392              ssidref = ((struct chwall_ssid *)s)->chwall_ssidref;
   2.393          } else {
   2.394              ssidref = ((struct ste_ssid *)s)->ste_ssidref;
   2.395          }
   2.396          gdprintk(XENLOG_INFO,"domid=%d: search ssidref=%d, ssidref=%d\n",
   2.397                   rawssid->domainid,search_ssidref,ssidref);
   2.398 -        if (ssidref == search_ssidref) {
   2.399 +        if ( ssidref == search_ssidref )
   2.400 +        {
   2.401              /* one is enough */
   2.402              acm_array_append_tuple(errors, ACM_SSIDREF_IN_USE, search_ssidref);
   2.403              rc = 1;
   2.404 @@ -475,10 +505,13 @@ oldssid_to_newssid(const struct acm_ssid
   2.405  {
   2.406      uint i;
   2.407  
   2.408 -    if (rawssid != NULL) {
   2.409 +    if ( rawssid != NULL )
   2.410 +    {
   2.411          ssidref_t ssid = rawssid->ssidref & 0xffff;
   2.412 -        for (i = 0; i+1 < map->num_items; i += 2) {
   2.413 -            if (map->array[i] == ssid) {
   2.414 +        for ( i = 0; i + 1 < map->num_items; i += 2 )
   2.415 +        {
   2.416 +            if ( map->array[i] == ssid )
   2.417 +            {
   2.418                  return (map->array[i+1] << 16 | map->array[i+1]);
   2.419              }
   2.420          }
   2.421 @@ -491,7 +524,8 @@ oldssid_to_newssid(const struct acm_ssid
   2.422   * Assign an ssidref to the CHWALL policy component of the domain
   2.423   */
   2.424  static void
   2.425 -acm_pri_policy_assign_ssidref(struct acm_ssid_domain *rawssid, ssidref_t new_ssid)
   2.426 +acm_pri_policy_assign_ssidref(struct acm_ssid_domain *rawssid,
   2.427 +                              ssidref_t new_ssid)
   2.428  {
   2.429      struct chwall_ssid *chwall = (struct chwall_ssid *)rawssid->primary_ssid;
   2.430      chwall->chwall_ssidref = new_ssid;
   2.431 @@ -502,7 +536,8 @@ acm_pri_policy_assign_ssidref(struct acm
   2.432   * Assign an ssidref to the STE policy component of the domain
   2.433   */
   2.434  static void
   2.435 -acm_sec_policy_assign_ssidref(struct acm_ssid_domain *rawssid, ssidref_t new_ssid)
   2.436 +acm_sec_policy_assign_ssidref(struct acm_ssid_domain *rawssid,
   2.437 +                              ssidref_t new_ssid)
   2.438  {
   2.439      struct ste_ssid *ste = (struct ste_ssid *)rawssid->secondary_ssid;
   2.440      ste->ste_ssidref = new_ssid;
   2.441 @@ -521,13 +556,15 @@ acm_doms_change_ssidref(ssidref_t (*tran
   2.442  
   2.443      write_lock(&ssid_list_rwlock);
   2.444  
   2.445 -    for_each_acmssid( rawssid ) {
   2.446 +    for_each_acmssid( rawssid )
   2.447 +    {
   2.448          ssidref_t new_ssid;
   2.449  
   2.450          rawssid->old_ssidref = rawssid->ssidref;
   2.451  
   2.452          new_ssid = translator_fn(rawssid, translation_map);
   2.453 -        if (new_ssid == ACM_INVALID_SSIDREF) {
   2.454 +        if ( new_ssid == ACM_INVALID_SSIDREF )
   2.455 +        {
   2.456              /* means no mapping found, so no change -- old = new */
   2.457              continue;
   2.458          }
   2.459 @@ -551,10 +588,11 @@ acm_doms_restore_ssidref(void)
   2.460  
   2.461      write_lock(&ssid_list_rwlock);
   2.462  
   2.463 -    for_each_acmssid( rawssid ) {
   2.464 +    for_each_acmssid( rawssid )
   2.465 +    {
   2.466          ssidref_t old_ssid;
   2.467  
   2.468 -        if (rawssid->old_ssidref == rawssid->ssidref)
   2.469 +        if ( rawssid->old_ssidref == rawssid->ssidref )
   2.470              continue;
   2.471  
   2.472          old_ssid = rawssid->old_ssidref & 0xffff;
   2.473 @@ -579,13 +617,15 @@ acm_check_deleted_ssidrefs(struct acm_si
   2.474      int rc = 0;
   2.475      uint idx;
   2.476      /* check for running domains that should not be there anymore */
   2.477 -    for (idx = 0; idx < dels->num_items; idx++) {
   2.478 -        if (acm_check_used_ssidref(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY,
   2.479 -                                   dels->array[idx],
   2.480 -                                   errors) > 0 ||
   2.481 -            acm_check_used_ssidref(ACM_CHINESE_WALL_POLICY,
   2.482 -                                   dels->array[idx],
   2.483 -                                   errors) > 0) {
   2.484 +    for ( idx = 0; idx < dels->num_items; idx++ )
   2.485 +    {
   2.486 +        if ( acm_check_used_ssidref(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY,
   2.487 +                                    dels->array[idx],
   2.488 +                                    errors) > 0 ||
   2.489 +             acm_check_used_ssidref(ACM_CHINESE_WALL_POLICY,
   2.490 +                                    dels->array[idx],
   2.491 +                                    errors) > 0)
   2.492 +        {
   2.493              rc = ACM_ERROR;
   2.494              break;
   2.495          }
   2.496 @@ -602,46 +642,56 @@ acm_change_policy(struct acm_change_poli
   2.497  {
   2.498      int rc = 0;
   2.499      u8 *binpolicy = NULL;
   2.500 -    struct acm_sized_buffer dels = {
   2.501 +    struct acm_sized_buffer dels =
   2.502 +    {
   2.503          .array = NULL,
   2.504      };
   2.505 -    struct acm_sized_buffer ssidmap = {
   2.506 +    struct acm_sized_buffer ssidmap =
   2.507 +    {
   2.508          .array = NULL,
   2.509      };
   2.510 -    struct acm_sized_buffer errors = {
   2.511 +    struct acm_sized_buffer errors =
   2.512 +    {
   2.513          .array = NULL,
   2.514      };
   2.515  
   2.516      gdprintk(XENLOG_INFO, "change policy operation\n");
   2.517  
   2.518 -    if ((chgpolicy->delarray_size > 4096) ||
   2.519 -        (chgpolicy->chgarray_size > 4096) ||
   2.520 -        (chgpolicy->errarray_size > 4096)) {
   2.521 +    if ( (chgpolicy->delarray_size > 4096) ||
   2.522 +         (chgpolicy->chgarray_size > 4096) ||
   2.523 +         (chgpolicy->errarray_size > 4096))
   2.524 +    {
   2.525          return ACM_ERROR;
   2.526      }
   2.527  
   2.528      dels.num_items = chgpolicy->delarray_size / sizeof(uint32_t);
   2.529 -    if (dels.num_items > 0) {
   2.530 +    if ( dels.num_items > 0 )
   2.531 +    {
   2.532          dels.array = xmalloc_array(uint32_t, dels.num_items);
   2.533 -        if (dels.array == NULL) {
   2.534 +        if ( dels.array == NULL )
   2.535 +        {
   2.536              rc = -ENOMEM;
   2.537              goto acm_chg_policy_exit;
   2.538          }
   2.539      }
   2.540  
   2.541      ssidmap.num_items = chgpolicy->chgarray_size / sizeof(uint32_t);
   2.542 -    if (ssidmap.num_items > 0) {
   2.543 +    if ( ssidmap.num_items > 0 )
   2.544 +    {
   2.545          ssidmap.array = xmalloc_array(uint32_t, ssidmap.num_items);
   2.546 -        if (ssidmap.array == NULL) {
   2.547 +        if ( ssidmap.array == NULL )
   2.548 +        {
   2.549              rc = -ENOMEM;
   2.550              goto acm_chg_policy_exit;
   2.551          }
   2.552      }
   2.553  
   2.554      errors.num_items = chgpolicy->errarray_size / sizeof(uint32_t);
   2.555 -    if (errors.num_items > 0) {
   2.556 +    if ( errors.num_items > 0 )
   2.557 +    {
   2.558          errors.array = xmalloc_array(uint32_t, errors.num_items);
   2.559 -        if (errors.array == NULL) {
   2.560 +        if ( errors.array == NULL )
   2.561 +        {
   2.562              rc = -ENOMEM;
   2.563              goto acm_chg_policy_exit;
   2.564          }
   2.565 @@ -650,7 +700,8 @@ acm_change_policy(struct acm_change_poli
   2.566  
   2.567      binpolicy = xmalloc_array(u8,
   2.568                                chgpolicy->policy_pushcache_size);
   2.569 -    if (binpolicy == NULL) {
   2.570 +    if ( binpolicy == NULL )
   2.571 +    {
   2.572          rc = -ENOMEM;
   2.573          goto acm_chg_policy_exit;
   2.574      }
   2.575 @@ -663,7 +714,8 @@ acm_change_policy(struct acm_change_poli
   2.576                           chgpolicy->chgarray_size) ||
   2.577           copy_from_guest(binpolicy,
   2.578                           chgpolicy->policy_pushcache,
   2.579 -                         chgpolicy->policy_pushcache_size )) {
   2.580 +                         chgpolicy->policy_pushcache_size ))
   2.581 +    {
   2.582          rc = -EFAULT;
   2.583          goto acm_chg_policy_exit;
   2.584      }
   2.585 @@ -676,7 +728,8 @@ acm_change_policy(struct acm_change_poli
   2.586      if ( (errors.num_items > 0) &&
   2.587           copy_to_guest(chgpolicy->err_array,
   2.588                         errors.array,
   2.589 -                       errors.num_items ) ) {
   2.590 +                       errors.num_items ) )
   2.591 +    {
   2.592          rc = -EFAULT;
   2.593          goto acm_chg_policy_exit;
   2.594      }
   2.595 @@ -703,10 +756,10 @@ domid_to_newssid(const struct acm_ssid_d
   2.596  {
   2.597      domid_t domid = rawssid->domainid;
   2.598      uint i;
   2.599 -    for (i = 0; (i+1) < map->num_items; i += 2) {
   2.600 -        if (map->array[i] == domid) {
   2.601 +    for ( i = 0; (i+1) < map->num_items; i += 2 )
   2.602 +    {
   2.603 +        if ( map->array[i] == domid )
   2.604              return (ssidref_t)map->array[i+1];
   2.605 -        }
   2.606      }
   2.607      return ACM_INVALID_SSIDREF;
   2.608  }
   2.609 @@ -725,7 +778,8 @@ do_acm_relabel_doms(struct acm_sized_buf
   2.610      /* run tests; collect as much error info as possible */
   2.611      irc =  do_chwall_init_state_curr(errors);
   2.612      irc += do_ste_init_state_curr(errors);
   2.613 -    if (irc != 0) {
   2.614 +    if ( irc != 0 )
   2.615 +    {
   2.616          rc = -EFAULT;
   2.617          goto acm_relabel_doms_lock_err_exit;
   2.618      }
   2.619 @@ -749,30 +803,37 @@ int
   2.620  acm_relabel_domains(struct acm_relabel_doms *relabel)
   2.621  {
   2.622      int rc = ACM_OK;
   2.623 -    struct acm_sized_buffer relabels = {
   2.624 +    struct acm_sized_buffer relabels =
   2.625 +    {
   2.626          .array = NULL,
   2.627      };
   2.628 -    struct acm_sized_buffer errors = {
   2.629 +    struct acm_sized_buffer errors =
   2.630 +    {
   2.631          .array = NULL,
   2.632      };
   2.633  
   2.634 -    if (relabel->relabel_map_size > 4096) {
   2.635 +    if ( relabel->relabel_map_size > 4096 )
   2.636 +    {
   2.637          return ACM_ERROR;
   2.638      }
   2.639  
   2.640      relabels.num_items = relabel->relabel_map_size / sizeof(uint32_t);
   2.641 -    if (relabels.num_items > 0) {
   2.642 +    if ( relabels.num_items > 0 )
   2.643 +    {
   2.644          relabels.array = xmalloc_array(uint32_t, relabels.num_items);
   2.645 -        if (relabels.array == NULL) {
   2.646 +        if ( relabels.array == NULL )
   2.647 +        {
   2.648              rc = -ENOMEM;
   2.649              goto acm_relabel_doms_exit;
   2.650          }
   2.651      }
   2.652  
   2.653      errors.num_items = relabel->errarray_size / sizeof(uint32_t);
   2.654 -    if (errors.num_items > 0) {
   2.655 +    if ( errors.num_items > 0 )
   2.656 +    {
   2.657          errors.array = xmalloc_array(uint32_t, errors.num_items);
   2.658 -        if (errors.array == NULL) {
   2.659 +        if ( errors.array == NULL )
   2.660 +        {
   2.661              rc = -ENOMEM;
   2.662              goto acm_relabel_doms_exit;
   2.663          }
   2.664 @@ -781,7 +842,8 @@ acm_relabel_domains(struct acm_relabel_d
   2.665  
   2.666      if ( copy_from_guest(relabels.array,
   2.667                           relabel->relabel_map,
   2.668 -                         relabel->relabel_map_size) ) {
   2.669 +                         relabel->relabel_map_size) )
   2.670 +    {
   2.671          rc = -EFAULT;
   2.672          goto acm_relabel_doms_exit;
   2.673      }
   2.674 @@ -790,10 +852,8 @@ acm_relabel_domains(struct acm_relabel_d
   2.675  
   2.676      if ( copy_to_guest(relabel->err_array,
   2.677                         errors.array,
   2.678 -                       errors.num_items ) ) {
   2.679 +                       errors.num_items ) )
   2.680          rc = -EFAULT;
   2.681 -        goto acm_relabel_doms_exit;
   2.682 -    }
   2.683  
   2.684  acm_relabel_doms_exit:
   2.685      xfree(relabels.array);
     3.1 --- a/xen/acm/acm_simple_type_enforcement_hooks.c	Mon Jul 23 09:45:23 2007 +0100
     3.2 +++ b/xen/acm/acm_simple_type_enforcement_hooks.c	Mon Jul 23 09:56:00 2007 +0100
     3.3 @@ -40,9 +40,10 @@ struct ste_binary_policy ste_bin_pol;
     3.4  
     3.5  static inline int have_common_type (ssidref_t ref1, ssidref_t ref2) {
     3.6      int i;
     3.7 -    for(i=0; i< ste_bin_pol.max_types; i++)
     3.8 +    for( i = 0; i< ste_bin_pol.max_types; i++ )
     3.9          if ( ste_bin_pol.ssidrefs[ref1*ste_bin_pol.max_types + i] && 
    3.10 -             ste_bin_pol.ssidrefs[ref2*ste_bin_pol.max_types + i]) {
    3.11 +             ste_bin_pol.ssidrefs[ref2*ste_bin_pol.max_types + i])
    3.12 +        {
    3.13              printkd("%s: common type #%02x.\n", __func__, i);
    3.14              return 1;
    3.15          }
    3.16 @@ -55,17 +56,22 @@ static int share_common_type(struct doma
    3.17      ssidref_t ref_s, ref_o;
    3.18      int ret;
    3.19  
    3.20 -    if ((subj == NULL) || (obj == NULL) || (subj->ssid == NULL) || (obj->ssid == NULL))
    3.21 +    if ( (subj == NULL) || (obj == NULL) ||
    3.22 +         (subj->ssid == NULL) || (obj->ssid == NULL) )
    3.23          return 0;
    3.24 +
    3.25      read_lock(&acm_bin_pol_rwlock);
    3.26 +
    3.27      /* lookup the policy-local ssids */
    3.28 -    ref_s = ((struct ste_ssid *)(GET_SSIDP(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, 
    3.29 -                                           (struct acm_ssid_domain *)subj->ssid)))->ste_ssidref;
    3.30 +    ref_s = ((struct ste_ssid *)(GET_SSIDP(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY,
    3.31 +                       (struct acm_ssid_domain *)subj->ssid)))->ste_ssidref;
    3.32      ref_o = ((struct ste_ssid *)(GET_SSIDP(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, 
    3.33 -                                           (struct acm_ssid_domain *)obj->ssid)))->ste_ssidref;
    3.34 +                       (struct acm_ssid_domain *)obj->ssid)))->ste_ssidref;
    3.35      /* check whether subj and obj share a common ste type */
    3.36      ret = have_common_type(ref_s, ref_o);
    3.37 +
    3.38      read_unlock(&acm_bin_pol_rwlock);
    3.39 +
    3.40      return ret;
    3.41  }
    3.42  
    3.43 @@ -100,6 +106,7 @@ int acm_init_ste_policy(void)
    3.44      atomic_set(&(ste_bin_pol.gt_eval_count), 0);
    3.45      atomic_set(&(ste_bin_pol.gt_denied_count), 0);
    3.46      atomic_set(&(ste_bin_pol.gt_cachehit_count), 0);
    3.47 +
    3.48      return ACM_OK;
    3.49  }
    3.50  
    3.51 @@ -110,27 +117,29 @@ ste_init_domain_ssid(void **ste_ssid, ss
    3.52  {
    3.53      int i;
    3.54      struct ste_ssid *ste_ssidp = xmalloc(struct ste_ssid);
    3.55 -    traceprintk("%s.\n", __func__);
    3.56  
    3.57 -    if (ste_ssidp == NULL)
    3.58 +    if ( ste_ssidp == NULL )
    3.59          return ACM_INIT_SSID_ERROR;
    3.60  
    3.61      /* get policy-local ssid reference */
    3.62 -    ste_ssidp->ste_ssidref = GET_SSIDREF(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, ssidref);
    3.63 -    if ((ste_ssidp->ste_ssidref >= ste_bin_pol.max_ssidrefs) ||
    3.64 -        (ste_ssidp->ste_ssidref == ACM_DEFAULT_LOCAL_SSID)) {
    3.65 +    ste_ssidp->ste_ssidref = GET_SSIDREF(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY,
    3.66 +                                         ssidref);
    3.67 +
    3.68 +    if ( (ste_ssidp->ste_ssidref >= ste_bin_pol.max_ssidrefs) )
    3.69 +    {
    3.70          printkd("%s: ERROR ste_ssidref (%x) undefined or unset (0).\n",
    3.71                  __func__, ste_ssidp->ste_ssidref);
    3.72          xfree(ste_ssidp);
    3.73          return ACM_INIT_SSID_ERROR;
    3.74      }
    3.75      /* clean ste cache */
    3.76 -    for (i=0; i<ACM_TE_CACHE_SIZE; i++)
    3.77 +    for ( i = 0; i < ACM_TE_CACHE_SIZE; i++ )
    3.78          ste_ssidp->ste_cache[i].valid = ACM_STE_free;
    3.79  
    3.80      (*ste_ssid) = ste_ssidp;
    3.81      printkd("%s: determined ste_ssidref to %x.\n", 
    3.82              __func__, ste_ssidp->ste_ssidref);
    3.83 +
    3.84      return ACM_OK;
    3.85  }
    3.86  
    3.87 @@ -138,7 +147,6 @@ ste_init_domain_ssid(void **ste_ssid, ss
    3.88  static void
    3.89  ste_free_domain_ssid(void *ste_ssid)
    3.90  {
    3.91 -    traceprintk("%s.\n", __func__);
    3.92      xfree(ste_ssid);
    3.93      return;
    3.94  }
    3.95 @@ -146,16 +154,18 @@ ste_free_domain_ssid(void *ste_ssid)
    3.96  /* dump type enforcement cache; policy read-locked already */
    3.97  static int 
    3.98  ste_dump_policy(u8 *buf, u32 buf_size) {
    3.99 -    struct acm_ste_policy_buffer *ste_buf = (struct acm_ste_policy_buffer *)buf;
   3.100 +    struct acm_ste_policy_buffer *ste_buf =
   3.101 +                                  (struct acm_ste_policy_buffer *)buf;
   3.102      int ret = 0;
   3.103  
   3.104 -    if (buf_size < sizeof(struct acm_ste_policy_buffer))
   3.105 +    if ( buf_size < sizeof(struct acm_ste_policy_buffer) )
   3.106          return -EINVAL;
   3.107  
   3.108      ste_buf->ste_max_types = cpu_to_be32(ste_bin_pol.max_types);
   3.109      ste_buf->ste_max_ssidrefs = cpu_to_be32(ste_bin_pol.max_ssidrefs);
   3.110      ste_buf->policy_code = cpu_to_be32(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY);
   3.111 -    ste_buf->ste_ssid_offset = cpu_to_be32(sizeof(struct acm_ste_policy_buffer));
   3.112 +    ste_buf->ste_ssid_offset =
   3.113 +                           cpu_to_be32(sizeof(struct acm_ste_policy_buffer));
   3.114      ret = be32_to_cpu(ste_buf->ste_ssid_offset) +
   3.115          sizeof(domaintype_t)*ste_bin_pol.max_ssidrefs*ste_bin_pol.max_types;
   3.116  
   3.117 @@ -173,10 +183,12 @@ ste_dump_policy(u8 *buf, u32 buf_size) {
   3.118      return ret;
   3.119  }
   3.120  
   3.121 -/* ste_init_state is called when a policy is changed to detect violations (return != 0).
   3.122 - * from a security point of view, we simulate that all running domains are re-started and
   3.123 - * all sharing decisions are replayed to detect violations or current sharing behavior
   3.124 - * (right now: event_channels, future: also grant_tables)
   3.125 +/*
   3.126 + * ste_init_state is called when a policy is changed to detect violations
   3.127 + * (return != 0). from a security point of view, we simulate that all
   3.128 + * running domains are re-started and all sharing decisions are replayed
   3.129 + * to detect violations or current sharing behavior (right now:
   3.130 + * event_channels, future: also grant_tables)
   3.131   */ 
   3.132  static int
   3.133  ste_init_state(struct acm_sized_buffer *errors)
   3.134 @@ -191,27 +203,35 @@ ste_init_state(struct acm_sized_buffer *
   3.135  
   3.136      rcu_read_lock(&domlist_read_lock);
   3.137      read_lock(&ssid_list_rwlock);
   3.138 -    /* go through all domains and adjust policy as if this domain was started now */
   3.139 +
   3.140 +    /* go through all domains and adjust policy as if this domain was
   3.141 +       started now */
   3.142 +
   3.143      for_each_domain ( d )
   3.144      {
   3.145          struct evtchn *ports;
   3.146          unsigned int bucket;
   3.147 +
   3.148          ste_ssid = GET_SSIDP(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, 
   3.149                               (struct acm_ssid_domain *)d->ssid);
   3.150          ste_ssidref = ste_ssid->ste_ssidref;
   3.151          traceprintk("%s: validating policy for eventch domain %x (ste-Ref=%x).\n",
   3.152                      __func__, d->domain_id, ste_ssidref);
   3.153          /* a) check for event channel conflicts */
   3.154 -        for (bucket = 0; bucket < NR_EVTCHN_BUCKETS; bucket++) {
   3.155 +        for ( bucket = 0; bucket < NR_EVTCHN_BUCKETS; bucket++ )
   3.156 +        {
   3.157              spin_lock(&d->evtchn_lock);
   3.158              ports = d->evtchn[bucket];
   3.159 -            if (ports == NULL) {
   3.160 +            if ( ports == NULL)
   3.161 +            {
   3.162                  spin_unlock(&d->evtchn_lock);
   3.163                  break;
   3.164              }
   3.165  
   3.166 -            for (port=0; port < EVTCHNS_PER_BUCKET; port++) {
   3.167 -                if (ports[port].state == ECS_INTERDOMAIN) {
   3.168 +            for ( port = 0; port < EVTCHNS_PER_BUCKET; port++ )
   3.169 +            {
   3.170 +                if ( ports[port].state == ECS_INTERDOMAIN )
   3.171 +                {
   3.172                      rdom = ports[port].u.interdomain.remote_dom;
   3.173                      rdomid = rdom->domain_id;
   3.174                  } else {
   3.175 @@ -227,7 +247,8 @@ ste_init_state(struct acm_sized_buffer *
   3.176                              __func__, d->domain_id, ste_ssidref,
   3.177                              rdom->domain_id, ste_rssidref, port);
   3.178                  /* check whether on subj->ssid, obj->ssid share a common type*/
   3.179 -                if (!have_common_type(ste_ssidref, ste_rssidref)) {
   3.180 +                if ( ! have_common_type(ste_ssidref, ste_rssidref) )
   3.181 +                {
   3.182                      printkd("%s: Policy violation in event channel domain "
   3.183                              "%x -> domain %x.\n",
   3.184                              __func__, d->domain_id, rdomid);
   3.185 @@ -245,7 +266,8 @@ ste_init_state(struct acm_sized_buffer *
   3.186  
   3.187          /* b) check for grant table conflicts on shared pages */
   3.188          spin_lock(&d->grant_table->lock);
   3.189 -        for ( i = 0; i < nr_active_grant_frames(d->grant_table); i++ ) {
   3.190 +        for ( i = 0; i < nr_active_grant_frames(d->grant_table); i++ )
   3.191 +        {
   3.192  #define APP (PAGE_SIZE / sizeof(struct active_grant_entry))
   3.193              act = &d->grant_table->active[i/APP][i%APP];
   3.194              if ( act->pin != 0 ) {
   3.195 @@ -254,7 +276,8 @@ ste_init_state(struct acm_sized_buffer *
   3.196                          __func__, d->domain_id, i, act->pin,
   3.197                          act->domid, (unsigned long)act->frame);
   3.198                  rdomid = act->domid;
   3.199 -                if ((rdom = rcu_lock_domain_by_id(rdomid)) == NULL) {
   3.200 +                if ( (rdom = rcu_lock_domain_by_id(rdomid)) == NULL )
   3.201 +                {
   3.202                      spin_unlock(&d->grant_table->lock);
   3.203                      printkd("%s: domain not found ERROR!\n", __func__);
   3.204  
   3.205 @@ -268,7 +291,8 @@ ste_init_state(struct acm_sized_buffer *
   3.206                                        (struct acm_ssid_domain *)(rdom->ssid));
   3.207                  ste_rssidref = ste_rssid->ste_ssidref;
   3.208                  rcu_unlock_domain(rdom);
   3.209 -                if (!have_common_type(ste_ssidref, ste_rssidref)) {
   3.210 +                if ( ! have_common_type(ste_ssidref, ste_rssidref) )
   3.211 +                {
   3.212                      spin_unlock(&d->grant_table->lock);
   3.213                      printkd("%s: Policy violation in grant table "
   3.214                              "sharing domain %x -> domain %x.\n",
   3.215 @@ -288,11 +312,14 @@ ste_init_state(struct acm_sized_buffer *
   3.216      read_unlock(&ssid_list_rwlock);
   3.217      rcu_read_unlock(&domlist_read_lock);
   3.218      return violation;
   3.219 -    /* returning "violation != 0" means that existing sharing between domains would not 
   3.220 -     * have been allowed if the new policy had been enforced before the sharing; for ste, 
   3.221 -     * this means that there are at least 2 domains that have established sharing through 
   3.222 -     * event-channels or grant-tables but these two domains don't have no longer a common 
   3.223 -     * type in their typesets referenced by their ssidrefs */
   3.224 +    /*
   3.225 +       returning "violation != 0" means that existing sharing between domains
   3.226 +       would not have been allowed if the new policy had been enforced before
   3.227 +       the sharing; for ste, this means that there are at least 2 domains
   3.228 +       that have established sharing through event-channels or grant-tables
   3.229 +       but these two domains don't have no longer a common type in their
   3.230 +       typesets referenced by their ssidrefs
   3.231 +      */
   3.232  }
   3.233  
   3.234  
   3.235 @@ -312,7 +339,8 @@ static int
   3.236                     struct acm_sized_buffer *errors)
   3.237  {
   3.238      int rc = -EFAULT;
   3.239 -    struct acm_ste_policy_buffer *ste_buf = (struct acm_ste_policy_buffer *)buf;
   3.240 +    struct acm_ste_policy_buffer *ste_buf =
   3.241 +                                 (struct acm_ste_policy_buffer *)buf;
   3.242      void *ssidrefsbuf;
   3.243      struct ste_ssid *ste_ssid;
   3.244      struct acm_ssid_domain *rawssid;
   3.245 @@ -320,11 +348,17 @@ static int
   3.246  
   3.247  
   3.248      /* 1. create and copy-in new ssidrefs buffer */
   3.249 -    ssidrefsbuf = xmalloc_array(u8, sizeof(domaintype_t)*ste_buf->ste_max_types*ste_buf->ste_max_ssidrefs);
   3.250 -    if (ssidrefsbuf == NULL) {
   3.251 +    ssidrefsbuf = xmalloc_array(u8,
   3.252 +                                sizeof(domaintype_t) *
   3.253 +                                 ste_buf->ste_max_types *
   3.254 +                                 ste_buf->ste_max_ssidrefs);
   3.255 +    if ( ssidrefsbuf == NULL ) {
   3.256          return -ENOMEM;
   3.257      }
   3.258 -    if (ste_buf->ste_ssid_offset + sizeof(domaintype_t) * ste_buf->ste_max_ssidrefs*ste_buf->ste_max_types > buf_size)
   3.259 +    if ( ste_buf->ste_ssid_offset +
   3.260 +         sizeof(domaintype_t) *
   3.261 +         ste_buf->ste_max_ssidrefs *
   3.262 +         ste_buf->ste_max_types > buf_size )
   3.263          goto error_free;
   3.264  
   3.265      arrcpy(ssidrefsbuf, 
   3.266 @@ -333,18 +367,23 @@ static int
   3.267             ste_buf->ste_max_ssidrefs*ste_buf->ste_max_types);
   3.268  
   3.269  
   3.270 -    /* 3. in test mode: re-calculate sharing decisions based on running domains;
   3.271 -     *    this can fail if new policy is conflicting with sharing of running domains 
   3.272 -     *    now: reject violating new policy; future: adjust sharing through revoking sharing */
   3.273 +    /*
   3.274 +     * 3. in test mode: re-calculate sharing decisions based on running
   3.275 +     *    domains; this can fail if new policy is conflicting with sharing
   3.276 +     *    of running domains
   3.277 +     *    now: reject violating new policy; future: adjust sharing through
   3.278 +     *    revoking sharing
   3.279 +     */
   3.280  
   3.281 -    if (test_only) {
   3.282 +    if ( test_only ) {
   3.283          /* temporarily replace old policy with new one for the testing */
   3.284          struct ste_binary_policy orig_ste_bin_pol = ste_bin_pol;
   3.285          ste_bin_pol.max_types = ste_buf->ste_max_types;
   3.286          ste_bin_pol.max_ssidrefs = ste_buf->ste_max_ssidrefs;
   3.287          ste_bin_pol.ssidrefs = (domaintype_t *)ssidrefsbuf;
   3.288  
   3.289 -        if (ste_init_state(NULL)) {
   3.290 +        if ( ste_init_state(NULL) )
   3.291 +        {
   3.292              /* new policy conflicts with sharing of running domains */
   3.293              printk("%s: New policy conflicts with running domains. "
   3.294                     "Policy load aborted.\n", __func__);
   3.295 @@ -365,9 +404,10 @@ static int
   3.296      /* clear all ste caches */
   3.297      read_lock(&ssid_list_rwlock);
   3.298  
   3.299 -    for_each_acmssid( rawssid ) {
   3.300 +    for_each_acmssid( rawssid )
   3.301 +    {
   3.302          ste_ssid = GET_SSIDP(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, rawssid);
   3.303 -        for (i=0; i<ACM_TE_CACHE_SIZE; i++)
   3.304 +        for ( i = 0; i < ACM_TE_CACHE_SIZE; i++ )
   3.305              ste_ssid->ste_cache[i].valid = ACM_STE_free;
   3.306      }
   3.307  
   3.308 @@ -376,7 +416,8 @@ static int
   3.309      return ACM_OK;
   3.310  
   3.311   error_free:
   3.312 -    if (!test_only) printk("%s: ERROR setting policy.\n", __func__);
   3.313 +    if ( !test_only )
   3.314 +        printk("%s: ERROR setting policy.\n", __func__);
   3.315      xfree(ssidrefsbuf);
   3.316      return rc;
   3.317  }
   3.318 @@ -388,7 +429,7 @@ ste_test_policy(u8 *buf, u32 buf_size, i
   3.319      struct acm_ste_policy_buffer *ste_buf =
   3.320               (struct acm_ste_policy_buffer *)buf;
   3.321  
   3.322 -    if (buf_size < sizeof(struct acm_ste_policy_buffer))
   3.323 +    if ( buf_size < sizeof(struct acm_ste_policy_buffer) )
   3.324          return -EINVAL;
   3.325  
   3.326      /* Convert endianess of policy */
   3.327 @@ -399,12 +440,12 @@ ste_test_policy(u8 *buf, u32 buf_size, i
   3.328      ste_buf->ste_ssid_offset = be32_to_cpu(ste_buf->ste_ssid_offset);
   3.329  
   3.330      /* policy type and version checks */
   3.331 -    if ((ste_buf->policy_code != ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY) ||
   3.332 -        (ste_buf->policy_version != ACM_STE_VERSION))
   3.333 +    if ( (ste_buf->policy_code != ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY) ||
   3.334 +         (ste_buf->policy_version != ACM_STE_VERSION) )
   3.335          return -EINVAL;
   3.336  
   3.337      /* during boot dom0_chwall_ssidref is set */
   3.338 -    if (is_bootpolicy && (dom0_ste_ssidref >= ste_buf->ste_max_ssidrefs))
   3.339 +    if ( is_bootpolicy && (dom0_ste_ssidref >= ste_buf->ste_max_ssidrefs) )
   3.340          return -EINVAL;
   3.341  
   3.342      return _ste_update_policy(buf, buf_size, 1, errors);
   3.343 @@ -422,17 +463,24 @@ ste_dump_stats(u8 *buf, u16 buf_len)
   3.344      struct acm_ste_stats_buffer stats;
   3.345  
   3.346      /* now send the hook counts to user space */
   3.347 -    stats.ec_eval_count = cpu_to_be32(atomic_read(&ste_bin_pol.ec_eval_count));
   3.348 -    stats.gt_eval_count = cpu_to_be32(atomic_read(&ste_bin_pol.gt_eval_count));
   3.349 -    stats.ec_denied_count = cpu_to_be32(atomic_read(&ste_bin_pol.ec_denied_count));
   3.350 -    stats.gt_denied_count = cpu_to_be32(atomic_read(&ste_bin_pol.gt_denied_count));
   3.351 -    stats.ec_cachehit_count = cpu_to_be32(atomic_read(&ste_bin_pol.ec_cachehit_count));
   3.352 -    stats.gt_cachehit_count = cpu_to_be32(atomic_read(&ste_bin_pol.gt_cachehit_count));
   3.353 +    stats.ec_eval_count =
   3.354 +                    cpu_to_be32(atomic_read(&ste_bin_pol.ec_eval_count));
   3.355 +    stats.gt_eval_count =
   3.356 +                    cpu_to_be32(atomic_read(&ste_bin_pol.gt_eval_count));
   3.357 +    stats.ec_denied_count =
   3.358 +                    cpu_to_be32(atomic_read(&ste_bin_pol.ec_denied_count));
   3.359 +    stats.gt_denied_count =
   3.360 +                    cpu_to_be32(atomic_read(&ste_bin_pol.gt_denied_count));
   3.361 +    stats.ec_cachehit_count =
   3.362 +                    cpu_to_be32(atomic_read(&ste_bin_pol.ec_cachehit_count));
   3.363 +    stats.gt_cachehit_count =
   3.364 +                    cpu_to_be32(atomic_read(&ste_bin_pol.gt_cachehit_count));
   3.365  
   3.366 -    if (buf_len < sizeof(struct acm_ste_stats_buffer))
   3.367 +    if ( buf_len < sizeof(struct acm_ste_stats_buffer) )
   3.368          return -ENOMEM;
   3.369  
   3.370      memcpy(buf, &stats, sizeof(struct acm_ste_stats_buffer));
   3.371 +
   3.372      return sizeof(struct acm_ste_stats_buffer);
   3.373  }
   3.374  
   3.375 @@ -442,14 +490,15 @@ ste_dump_ssid_types(ssidref_t ssidref, u
   3.376      int i;
   3.377  
   3.378      /* fill in buffer */
   3.379 -    if (ste_bin_pol.max_types > len)
   3.380 +    if ( ste_bin_pol.max_types > len )
   3.381          return -EFAULT;
   3.382  
   3.383 -    if (ssidref >= ste_bin_pol.max_ssidrefs)
   3.384 +    if ( ssidref >= ste_bin_pol.max_ssidrefs )
   3.385          return -EFAULT;
   3.386  
   3.387      /* read types for chwall ssidref */
   3.388 -    for(i=0; i< ste_bin_pol.max_types; i++) {
   3.389 +    for( i = 0; i< ste_bin_pol.max_types; i++ )
   3.390 +    {
   3.391          if (ste_bin_pol.ssidrefs[ssidref * ste_bin_pol.max_types + i])
   3.392              buf[i] = 1;
   3.393          else
   3.394 @@ -461,7 +510,8 @@ ste_dump_ssid_types(ssidref_t ssidref, u
   3.395  /* we need to go through this before calling the hooks,
   3.396   * returns 1 == cache hit */
   3.397  static int inline
   3.398 -check_cache(struct domain *dom, domid_t rdom) {
   3.399 +check_cache(struct domain *dom, domid_t rdom)
   3.400 +{
   3.401      struct ste_ssid *ste_ssid;
   3.402      int i;
   3.403  
   3.404 @@ -472,10 +522,14 @@ check_cache(struct domain *dom, domid_t 
   3.405      ste_ssid = GET_SSIDP(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, 
   3.406                           (struct acm_ssid_domain *)(dom->ssid));
   3.407  
   3.408 -    for(i=0; i< ACM_TE_CACHE_SIZE; i++) {
   3.409 -        if ((ste_ssid->ste_cache[i].valid == ACM_STE_valid) &&
   3.410 -            (ste_ssid->ste_cache[i].id == rdom)) {
   3.411 -            printkd("cache hit (entry %x, id= %x!\n", i, ste_ssid->ste_cache[i].id);
   3.412 +    for( i = 0; i < ACM_TE_CACHE_SIZE; i++ )
   3.413 +    {
   3.414 +        if ( (ste_ssid->ste_cache[i].valid == ACM_STE_valid) &&
   3.415 +             (ste_ssid->ste_cache[i].id == rdom) )
   3.416 +        {
   3.417 +            printkd("cache hit (entry %x, id= %x!\n",
   3.418 +                    i,
   3.419 +                    ste_ssid->ste_cache[i].id);
   3.420              return 1;
   3.421          }
   3.422      }
   3.423 @@ -488,15 +542,21 @@ static void inline
   3.424  cache_result(struct domain *subj, struct domain *obj) {
   3.425      struct ste_ssid *ste_ssid;
   3.426      int i;
   3.427 -    printkd("caching from doms: %x --> %x.\n", subj->domain_id, obj->domain_id);
   3.428 -    if (subj->ssid == NULL)
   3.429 +
   3.430 +    printkd("caching from doms: %x --> %x.\n",
   3.431 +            subj->domain_id, obj->domain_id);
   3.432 +
   3.433 +    if ( subj->ssid == NULL )
   3.434          return;
   3.435 +
   3.436      ste_ssid = GET_SSIDP(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, 
   3.437                           (struct acm_ssid_domain *)(subj)->ssid);
   3.438 -    for(i=0; i< ACM_TE_CACHE_SIZE; i++)
   3.439 -        if (ste_ssid->ste_cache[i].valid == ACM_STE_free)
   3.440 +
   3.441 +    for( i = 0; i < ACM_TE_CACHE_SIZE; i++ )
   3.442 +        if ( ste_ssid->ste_cache[i].valid == ACM_STE_free )
   3.443              break;
   3.444 -    if (i< ACM_TE_CACHE_SIZE) {
   3.445 +    if ( i < ACM_TE_CACHE_SIZE )
   3.446 +    {
   3.447          ste_ssid->ste_cache[i].valid = ACM_STE_valid;
   3.448          ste_ssid->ste_cache[i].id = obj->domain_id;
   3.449      } else
   3.450 @@ -512,20 +572,23 @@ clean_id_from_cache(domid_t id)
   3.451      struct acm_ssid_domain *rawssid;
   3.452  
   3.453      printkd("deleting cache for dom %x.\n", id);
   3.454 +
   3.455      read_lock(&ssid_list_rwlock);
   3.456      /* look through caches of all domains */
   3.457  
   3.458 -    for_each_acmssid ( rawssid ) {
   3.459 +    for_each_acmssid ( rawssid )
   3.460 +    {
   3.461 +        ste_ssid = GET_SSIDP(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, rawssid);
   3.462  
   3.463 -        ste_ssid = GET_SSIDP(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, rawssid);
   3.464 -        if (!ste_ssid) {
   3.465 +        if ( !ste_ssid )
   3.466 +        {
   3.467              printk("%s: deleting ID from cache ERROR (no ste_ssid)!\n",
   3.468                     __func__);
   3.469              goto out;
   3.470          }
   3.471 -        for (i=0; i<ACM_TE_CACHE_SIZE; i++)
   3.472 -            if ((ste_ssid->ste_cache[i].valid == ACM_STE_valid) &&
   3.473 -                (ste_ssid->ste_cache[i].id == id))
   3.474 +        for ( i = 0; i < ACM_TE_CACHE_SIZE; i++ )
   3.475 +            if ( (ste_ssid->ste_cache[i].valid == ACM_STE_valid) &&
   3.476 +                 (ste_ssid->ste_cache[i].id == id) )
   3.477                  ste_ssid->ste_cache[i].valid = ACM_STE_free;
   3.478      }
   3.479  
   3.480 @@ -544,19 +607,19 @@ ste_pre_domain_create(void *subject_ssid
   3.481      traceprintk("%s.\n", __func__);
   3.482  
   3.483      read_lock(&acm_bin_pol_rwlock);
   3.484 +
   3.485      ste_ssidref = GET_SSIDREF(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, ssidref);
   3.486 -    if (ste_ssidref == ACM_DEFAULT_LOCAL_SSID) {
   3.487 -        printk("%s: ERROR STE SSID is NOT SET but policy enforced.\n", __func__);
   3.488 -        read_unlock(&acm_bin_pol_rwlock);
   3.489 -        return ACM_ACCESS_DENIED; /* catching and indicating config error */
   3.490 -    }
   3.491 -    if (ste_ssidref >= ste_bin_pol.max_ssidrefs) {
   3.492 +
   3.493 +    if ( ste_ssidref >= ste_bin_pol.max_ssidrefs )
   3.494 +    {
   3.495          printk("%s: ERROR ste_ssidref > max(%x).\n", 
   3.496                 __func__, ste_bin_pol.max_ssidrefs-1);
   3.497          read_unlock(&acm_bin_pol_rwlock);
   3.498          return ACM_ACCESS_DENIED;
   3.499      }
   3.500 +
   3.501      read_unlock(&acm_bin_pol_rwlock);
   3.502 +
   3.503      return ACM_ACCESS_PERMITTED;
   3.504  }
   3.505  
   3.506 @@ -583,34 +646,42 @@ ste_pre_eventchannel_unbound(domid_t id1
   3.507                  (id1 == DOMID_SELF) ? current->domain->domain_id : id1,
   3.508                  (id2 == DOMID_SELF) ? current->domain->domain_id : id2);
   3.509  
   3.510 -    if (id1 == DOMID_SELF) id1 = current->domain->domain_id;
   3.511 -    if (id2 == DOMID_SELF) id2 = current->domain->domain_id;
   3.512 +    if ( id1 == DOMID_SELF )
   3.513 +        id1 = current->domain->domain_id;
   3.514 +    if ( id2 == DOMID_SELF )
   3.515 +        id2 = current->domain->domain_id;
   3.516  
   3.517      subj = rcu_lock_domain_by_id(id1);
   3.518      obj  = rcu_lock_domain_by_id(id2);
   3.519 -    if ((subj == NULL) || (obj == NULL)) {
   3.520 +    if ( (subj == NULL) || (obj == NULL) )
   3.521 +    {
   3.522          ret = ACM_ACCESS_DENIED;
   3.523          goto out;
   3.524      }
   3.525      /* cache check late */
   3.526 -    if (check_cache(subj, obj->domain_id)) {
   3.527 +    if ( check_cache(subj, obj->domain_id) )
   3.528 +    {
   3.529          atomic_inc(&ste_bin_pol.ec_cachehit_count);
   3.530          ret = ACM_ACCESS_PERMITTED;
   3.531          goto out;
   3.532      }
   3.533      atomic_inc(&ste_bin_pol.ec_eval_count);
   3.534  
   3.535 -    if (share_common_type(subj, obj)) {
   3.536 +    if ( share_common_type(subj, obj) )
   3.537 +    {
   3.538          cache_result(subj, obj);
   3.539          ret = ACM_ACCESS_PERMITTED;
   3.540 -    } else {
   3.541 +    }
   3.542 +    else
   3.543 +    {
   3.544          atomic_inc(&ste_bin_pol.ec_denied_count);
   3.545          ret = ACM_ACCESS_DENIED;
   3.546      }
   3.547 +
   3.548    out:
   3.549 -    if (obj != NULL)
   3.550 +    if ( obj != NULL )
   3.551          rcu_unlock_domain(obj);
   3.552 -    if (subj != NULL)
   3.553 +    if ( subj != NULL )
   3.554          rcu_unlock_domain(subj);
   3.555      return ret;
   3.556  }
   3.557 @@ -628,17 +699,20 @@ ste_pre_eventchannel_interdomain(domid_t
   3.558      /* following is a bit longer but ensures that we
   3.559       * "put" only domains that we where "find"-ing 
   3.560       */
   3.561 -    if (id == DOMID_SELF) id = current->domain->domain_id;
   3.562 +    if ( id == DOMID_SELF )
   3.563 +        id = current->domain->domain_id;
   3.564  
   3.565      subj = current->domain;
   3.566      obj  = rcu_lock_domain_by_id(id);
   3.567 -    if (obj == NULL) {
   3.568 +    if ( obj == NULL )
   3.569 +    {
   3.570          ret = ACM_ACCESS_DENIED;
   3.571          goto out;
   3.572      }
   3.573  
   3.574      /* cache check late, but evtchn is not on performance critical path */
   3.575 -    if (check_cache(subj, obj->domain_id)) {
   3.576 +    if ( check_cache(subj, obj->domain_id) )
   3.577 +    {
   3.578          atomic_inc(&ste_bin_pol.ec_cachehit_count);
   3.579          ret = ACM_ACCESS_PERMITTED;
   3.580          goto out;
   3.581 @@ -646,15 +720,19 @@ ste_pre_eventchannel_interdomain(domid_t
   3.582  
   3.583      atomic_inc(&ste_bin_pol.ec_eval_count);
   3.584  
   3.585 -    if (share_common_type(subj, obj)) {
   3.586 +    if ( share_common_type(subj, obj) )
   3.587 +    {
   3.588          cache_result(subj, obj);
   3.589          ret = ACM_ACCESS_PERMITTED;
   3.590 -    } else {
   3.591 +    }
   3.592 +    else
   3.593 +    {
   3.594          atomic_inc(&ste_bin_pol.ec_denied_count);
   3.595          ret = ACM_ACCESS_DENIED;
   3.596      }
   3.597 +
   3.598   out:
   3.599 -    if (obj != NULL)
   3.600 +    if ( obj != NULL )
   3.601          rcu_unlock_domain(obj);
   3.602      return ret;
   3.603  }
   3.604 @@ -662,13 +740,15 @@ ste_pre_eventchannel_interdomain(domid_t
   3.605  /* -------- SHARED MEMORY OPERATIONS -----------*/
   3.606  
   3.607  static int
   3.608 -ste_pre_grant_map_ref (domid_t id) {
   3.609 +ste_pre_grant_map_ref (domid_t id)
   3.610 +{
   3.611      struct domain *obj, *subj;
   3.612      int ret;
   3.613      traceprintk("%s: dom%x-->dom%x.\n", __func__,
   3.614                  current->domain->domain_id, id);
   3.615  
   3.616 -    if (check_cache(current->domain, id)) {
   3.617 +    if ( check_cache(current->domain, id) )
   3.618 +    {
   3.619          atomic_inc(&ste_bin_pol.gt_cachehit_count);
   3.620          return ACM_ACCESS_PERMITTED;
   3.621      }
   3.622 @@ -676,15 +756,18 @@ ste_pre_grant_map_ref (domid_t id) {
   3.623      subj = current->domain;
   3.624      obj = rcu_lock_domain_by_id(id);
   3.625  
   3.626 -    if (share_common_type(subj, obj)) {
   3.627 +    if ( share_common_type(subj, obj) )
   3.628 +    {
   3.629          cache_result(subj, obj);
   3.630          ret = ACM_ACCESS_PERMITTED;
   3.631 -    } else {
   3.632 +    }
   3.633 +    else
   3.634 +    {
   3.635          atomic_inc(&ste_bin_pol.gt_denied_count);
   3.636          printkd("%s: ACCESS DENIED!\n", __func__);
   3.637          ret = ACM_ACCESS_DENIED;
   3.638      }
   3.639 -    if (obj != NULL)
   3.640 +    if ( obj != NULL )
   3.641          rcu_unlock_domain(obj);
   3.642      return ret;
   3.643  }
   3.644 @@ -694,34 +777,41 @@ ste_pre_grant_map_ref (domid_t id) {
   3.645     flow from the creating domain to the domain that is setup, we 
   3.646     check types in addition to the general authorization */
   3.647  static int
   3.648 -ste_pre_grant_setup (domid_t id) {
   3.649 +ste_pre_grant_setup (domid_t id)
   3.650 +{
   3.651      struct domain *obj, *subj;
   3.652      int ret;
   3.653      traceprintk("%s: dom%x-->dom%x.\n", __func__,
   3.654                  current->domain->domain_id, id);
   3.655  
   3.656 -    if (check_cache(current->domain, id)) {
   3.657 +    if ( check_cache(current->domain, id) )
   3.658 +    {
   3.659          atomic_inc(&ste_bin_pol.gt_cachehit_count);
   3.660          return ACM_ACCESS_PERMITTED;
   3.661      }
   3.662      atomic_inc(&ste_bin_pol.gt_eval_count);
   3.663      /* a) check authorization (eventually use specific capabilities) */
   3.664 -    if (!IS_PRIV(current->domain)) {
   3.665 -        printk("%s: Grant table management authorization denied ERROR!\n", __func__);
   3.666 +    if ( !IS_PRIV(current->domain) )
   3.667 +    {
   3.668 +        printk("%s: Grant table management authorization denied ERROR!\n",
   3.669 +               __func__);
   3.670          return ACM_ACCESS_DENIED;
   3.671      }
   3.672      /* b) check types */
   3.673      subj = current->domain;
   3.674      obj = rcu_lock_domain_by_id(id);
   3.675  
   3.676 -    if (share_common_type(subj, obj)) {
   3.677 +    if ( share_common_type(subj, obj) )
   3.678 +    {
   3.679          cache_result(subj, obj);
   3.680          ret = ACM_ACCESS_PERMITTED;
   3.681 -    } else {
   3.682 +    }
   3.683 +    else
   3.684 +    {
   3.685          atomic_inc(&ste_bin_pol.gt_denied_count);
   3.686          ret = ACM_ACCESS_DENIED;
   3.687      }
   3.688 -    if (obj != NULL)
   3.689 +    if ( obj != NULL )
   3.690          rcu_unlock_domain(obj);
   3.691      return ret;
   3.692  }
   3.693 @@ -729,46 +819,42 @@ ste_pre_grant_setup (domid_t id) {
   3.694  /* -------- DOMAIN-Requested Decision hooks -----------*/
   3.695  
   3.696  static int
   3.697 -ste_sharing(ssidref_t ssidref1, ssidref_t ssidref2) {
   3.698 -    if (have_common_type (
   3.699 +ste_sharing(ssidref_t ssidref1, ssidref_t ssidref2)
   3.700 +{
   3.701 +    int hct = have_common_type(
   3.702          GET_SSIDREF(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, ssidref1),
   3.703 -        GET_SSIDREF(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, ssidref2)
   3.704 -        ))
   3.705 -        return ACM_ACCESS_PERMITTED;
   3.706 -    else
   3.707 -        return ACM_ACCESS_DENIED;
   3.708 +        GET_SSIDREF(ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY, ssidref2));
   3.709 +    return (hct ? ACM_ACCESS_PERMITTED : ACM_ACCESS_DENIED);
   3.710  }
   3.711  
   3.712 -/* */
   3.713 -
   3.714  static int
   3.715  ste_is_default_policy(void)
   3.716  {
   3.717 -    return ( (ste_bin_pol.max_types    == 1) &&
   3.718 -             (ste_bin_pol.max_ssidrefs == 2) );
   3.719 +    return ((ste_bin_pol.max_types    == 1) &&
   3.720 +            (ste_bin_pol.max_ssidrefs == 2));
   3.721  }
   3.722  
   3.723  /* now define the hook structure similarly to LSM */
   3.724  struct acm_operations acm_simple_type_enforcement_ops = {
   3.725  
   3.726      /* policy management services */
   3.727 -    .init_domain_ssid  = ste_init_domain_ssid,
   3.728 -    .free_domain_ssid  = ste_free_domain_ssid,
   3.729 +    .init_domain_ssid       = ste_init_domain_ssid,
   3.730 +    .free_domain_ssid       = ste_free_domain_ssid,
   3.731      .dump_binary_policy     = ste_dump_policy,
   3.732      .test_binary_policy     = ste_test_policy,
   3.733      .set_binary_policy      = ste_set_policy,
   3.734 -    .dump_statistics  = ste_dump_stats,
   3.735 +    .dump_statistics        = ste_dump_stats,
   3.736      .dump_ssid_types        = ste_dump_ssid_types,
   3.737  
   3.738      /* domain management control hooks */
   3.739 -    .domain_create = ste_domain_create,
   3.740 -    .domain_destroy    = ste_domain_destroy,
   3.741 +    .domain_create          = ste_domain_create,
   3.742 +    .domain_destroy         = ste_domain_destroy,
   3.743  
   3.744      /* event channel control hooks */
   3.745 -    .pre_eventchannel_unbound   = ste_pre_eventchannel_unbound,
   3.746 +    .pre_eventchannel_unbound = ste_pre_eventchannel_unbound,
   3.747      .fail_eventchannel_unbound = NULL,
   3.748      .pre_eventchannel_interdomain = ste_pre_eventchannel_interdomain,
   3.749 -    .fail_eventchannel_interdomain  = NULL,
   3.750 +    .fail_eventchannel_interdomain = NULL,
   3.751  
   3.752      /* grant table control hooks */
   3.753      .pre_grant_map_ref      = ste_pre_grant_map_ref,