Emulation/switch-linux
1
0
Fork 0
mirror of https://github.com/fail0verflow/switch-linux.git synced 2025-05-04 02:34:21 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

TOMOYO: Remove next_domain from tomoyo_find_next_domain().

Browse source 
We can update bprm->cred->security inside tomoyo_find_next_domain().

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Tetsuo Handa 2009-06-19 14:13:27 +09:00 committed by James Morris
parent ccf135f509
commit 56f8c9bc41
3 changed files with 8 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
security/tomoyo/domain.c
View file

@ -786,13 +786,11 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
/** /**
* tomoyo_find_next_domain - Find a domain. * tomoyo_find_next_domain - Find a domain.
* *
* @bprm: Pointer to "struct linux_binprm". * @bprm: Pointer to "struct linux_binprm".
* @next_domain: Pointer to pointer to "struct tomoyo_domain_info".
* *
* Returns 0 on success, negative value otherwise. * Returns 0 on success, negative value otherwise.
*/ */
int tomoyo_find_next_domain(struct linux_binprm *bprm, int tomoyo_find_next_domain(struct linux_binprm *bprm)
struct tomoyo_domain_info **next_domain)
{ {
/* /*
* This function assumes that the size of buffer returned by * This function assumes that the size of buffer returned by
@ -914,9 +912,11 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm,
tomoyo_set_domain_flag(old_domain, false, tomoyo_set_domain_flag(old_domain, false,
TOMOYO_DOMAIN_FLAGS_TRANSITION_FAILED); TOMOYO_DOMAIN_FLAGS_TRANSITION_FAILED);
out: out:
if (!domain)
domain = old_domain;
bprm->cred->security = domain;
tomoyo_free(real_program_name); tomoyo_free(real_program_name);
tomoyo_free(symlink_program_name); tomoyo_free(symlink_program_name);
*next_domain = domain ? domain : old_domain;
tomoyo_free(tmp); tomoyo_free(tmp);
return retval; return retval;
} }

10
security/tomoyo/tomoyo.c
View file

@ -61,14 +61,8 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm)
* Execute permission is checked against pathname passed to do_execve() * Execute permission is checked against pathname passed to do_execve()
* using current domain. * using current domain.
*/ */
if (!domain) { if (!domain)
struct tomoyo_domain_info *next_domain = NULL; return tomoyo_find_next_domain(bprm);
int retval = tomoyo_find_next_domain(bprm, &next_domain);
if (!retval)
bprm->cred->security = next_domain;
return retval;
}
/* /*
* Read permission is checked against interpreters using next domain. * Read permission is checked against interpreters using next domain.
* '1' is the result of open_to_namei_flags(O_RDONLY). * '1' is the result of open_to_namei_flags(O_RDONLY).

3
security/tomoyo/tomoyo.h
View file

@ -31,8 +31,7 @@ int tomoyo_check_2path_perm(struct tomoyo_domain_info *domain,
struct path *path2); struct path *path2);
int tomoyo_check_rewrite_permission(struct tomoyo_domain_info *domain, int tomoyo_check_rewrite_permission(struct tomoyo_domain_info *domain,
struct file *filp); struct file *filp);
int tomoyo_find_next_domain(struct linux_binprm *bprm, int tomoyo_find_next_domain(struct linux_binprm *bprm);
struct tomoyo_domain_info **next_domain);
/* Index numbers for Access Controls. */ /* Index numbers for Access Controls. */