diff --git a/src/rm_policy.c b/src/rm_policy.c
index 75b1c3b1f46b8419f08edff7fc5cb0c853715400..8e2a7c74e9a9d54dbc5ed15755aac831cf1cf14b 100644 (file)
--- a/src/rm_policy.c
+++ b/src/rm_policy.c
Rm_PolicyPermission *permissionsList)
{
while (permissionsList) {
- if (strcmp(permissionsList->instName, Rm_policyAllInstances) &&
+ if (strncmp(permissionsList->instName, Rm_policyAllInstances, RM_NAME_MAX_CHARS) &&
(!rmPolicyGetValidInstNode(validInstTree, permissionsList->instName))) {
return(RM_ERROR_PERM_STR_INST_NOT_VALID);
}
permission = permissionStart = policyGetAssignmentPermissions(assignment, result);
while (permission) {
- if ((strcmp(permission->instName, privilegeCfg->validInstNode->name) == 0) ||
- (strcmp(permission->instName, Rm_policyAllInstances) == 0)) {
+ if ((strncmp(permission->instName, privilegeCfg->validInstNode->name, RM_NAME_MAX_CHARS) == 0) ||
+ (strncmp(permission->instName, Rm_policyAllInstances, RM_NAME_MAX_CHARS) == 0)) {
foundInstance = true;
/* Check instance's permissions */
return(false);
}
}
+ else if (privilegeCfg->type == Rm_policyCheck_SHARED_LINUX) {
+ if (!RM_policy_GET_PERM(permission->permissionBits, RM_POLICY_PERM_SHARED_LINUX_SHIFT)) {
+ policyFreeAssignmentPermissions(permissionStart);
+ rmDtbUtilPolicyFreeAssignments(assignmentStart);
+ return(false);
+ }
+ }
break;
}
permission = permission->nextPermission;
@@ -670,8 +677,8 @@ uint32_t rmPolicyGetResourceBase(void *policyDtb, Rm_PolicyValidInstNode *validI
while (assignment) {
permission = permissionStart = policyGetAssignmentPermissions(assignment, result);
while (permission) {
- if ((strcmp(permission->instName, validInstNode->name) == 0) ||
- (strcmp(permission->instName, Rm_policyAllInstances) == 0)) {
+ if ((strncmp(permission->instName, validInstNode->name, RM_NAME_MAX_CHARS) == 0) ||
+ (strncmp(permission->instName, Rm_policyAllInstances, RM_NAME_MAX_CHARS) == 0)) {
/* Check instance's permissions */
if (RM_policy_GET_PERM(allocType, RM_POLICY_PERM_INIT_SHIFT) &&
RM_policy_GET_PERM(permission->permissionBits, RM_POLICY_PERM_INIT_SHIFT)) {
nodeOffset = fdt_next_node(policyDtb, nodeOffset, &depth);
nodeName = fdt_get_name(policyDtb, nodeOffset, NULL);
- if (strcmp(nodeName, resourceName) == 0)
+ if (strncmp(nodeName, resourceName, RM_NAME_MAX_CHARS) == 0)
{
break;
}
}
+
+ if (depth < RM_DTB_UTIL_STARTING_DEPTH) {
+ /* Resource name not found */
+ nodeOffset = RM_SERVICE_DENIED_RES_DOES_NOT_EXIST;
+ }
return(nodeOffset);
}
@@ -921,11 +933,13 @@ Rm_PolicyValidInstTree *rmPolicyCreateValidInstTree(void *policyDtb, bool addLin
void rmPolicyFreeValidInstTree(Rm_PolicyValidInstTree *validInstTree)
{
Rm_PolicyValidInstNode *node;
-
- RB_FOREACH(node, _Rm_PolicyValidInstTree, validInstTree) {
+ Rm_PolicyValidInstNode *nextNode;
+
+ for (node = RB_MIN(_Rm_PolicyValidInstTree, validInstTree); node != NULL; node = nextNode) {
+ nextNode = RB_NEXT(_Rm_PolicyValidInstTree, validInstTree, node);
RB_REMOVE(_Rm_PolicyValidInstTree, validInstTree, node);
rmPolicyValidInstNodeFree(node);
- }
+ }
if (RB_MIN(_Rm_PolicyValidInstTree, validInstTree) == NULL) {
/* No more valid instance nodes in tree */
Rm_osalFree((void *)validInstTree, sizeof(Rm_PolicyValidInstTree));