This file contains common functions (e.g. policy I/O, pattern matching).
----- About pattern matching -----
In TOMOYO, all wildcard characters are in the form of '\' + one character.
Many programs interpret a character with a backslash as literal character, but
TOMOYO interprets all characters without a backslash as literal characters.
Since the characters which are interpreted as wildcard are program dependent
(e.g. For shells, '*' and '?' are wildcards but '.' isn't. For sed, '.' is
a wildcard). Those who worry about some characters being interpreted as
wildcard characters will add a backslash to every characters
(e.g. \/\t\m\p\/\* ) without knowing whether '/' 't' 'm' 'p' '*' are wildcard
characters or not.
Not only this approach requires the interpreter to remove unneeded backslashes
but also this approach keeps introduction of new wildcard characters away.
For example, until yesterday, 'p' was a literal character and users had been
allowed to add a backslash before 'p'. But, from today, '\p' is now a wildcard
character and users are no longer allowed to add a backslash before 'p' if the
users want to represent literal 'p'.
If the interpreter forces users not to add a backslash to represent literal
character, users must know all wildcard characters beforehand.
On the contrary, TOMOYO's approach allows introduction of new wildcard
characters as needed, for users won't add a backslash to represent literal
characters. If the interpreter forces users to add a backslash to represent
wildcard character, users needn't to know all wildcard characters beforehand.
Users can learn the meaning of new wildcard characters on first encounter.
You would go crazy with functions that handle string data.
But these functions are needed to stay inside the kernel for validating,
hashing and comparing string data.
To speeds up string comparison, TOMOYO hashes strings using "depth" (number of
'/' characters). This is calculated by tomoyo_path_depth() and used ...
