Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 1f067a682a9bd252107ac6f6946b7332fde42344^! / . / security / tomoyo / domain.c
commit1f067a682a9bd252107ac6f6946b7332fde42344[log] [tgz]
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>Sat Sep 10 15:24:56 2011 +0900
committerJames Morris <jmorris@namei.org>Wed Sep 14 08:27:06 2011 +1000
tree379bbbf02f0a802453e585a2a482192409308fbb
parent059d84dbb3897d4ee494a9c842c5dda54316cb47 [diff] [blame]
TOMOYO: Allow controlling generation of access granted logs for per an entry basis.

Add per-entry flag which controls generation of grant logs because Xen and KVM
issues ioctl requests so frequently. For example,

  file ioctl /dev/null 0x5401 grant_log=no

will suppress /sys/kernel/security/tomoyo/audit even if preference says
grant_log=yes .

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>

diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index 5931fb1..498fea7 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c

@@ -157,6 +157,7 @@
 			continue;
 		if (!tomoyo_condition(r, ptr->cond))
 			continue;
+		r->matched_acl = ptr;
 		r->granted = true;
 		return;
 	}