TOMOYO: Use pathname specified by policy rather than execve() Commit c9e69318 "TOMOYO: Allow wildcard for execute permission." changed execute permission and domainname to accept wildcards. But tomoyo_find_next_domain() was using pathname passed to execve() rather than pathname specified by the execute permission. As a result, processes were not able to transit to domains which contain wildcards in their domainnames. This patch passes pathname specified by the execute permission back to tomoyo_find_next_domain() so that processes can transit to domains which contain wildcards in their domainnames. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>

commit: 484ca79c653121d3c79fffb86e1deea724f2e20b [log] [tgz]
author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Thu Jul 29 14:29:55 2010 +0900
committer: James Morris <jmorris@namei.org> Mon Aug 02 15:38:38 2010 +1000
tree: 457aa73e37c9b5e5b4306430f40d1985b59ca226
parent: 4d6ec10bb4461fdc9a9ab94ef32934e13564e873 [diff] [blame]
diff --git a/security/tomoyo/mount.c b/security/tomoyo/mount.c
index cfeff87..82bf8c2 100644
--- a/security/tomoyo/mount.c
+++ b/security/tomoyo/mount.c

@@ -60,7 +60,7 @@
 				 flags);
 }
 
-static bool tomoyo_check_mount_acl(const struct tomoyo_request_info *r,
+static bool tomoyo_check_mount_acl(struct tomoyo_request_info *r,
 				   const struct tomoyo_acl_info *ptr)
 {
 	const struct tomoyo_mount_acl *acl =
commit	484ca79c653121d3c79fffb86e1deea724f2e20b	[log] [tgz]
author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>	Thu Jul 29 14:29:55 2010 +0900
committer	James Morris <jmorris@namei.org>	Mon Aug 02 15:38:38 2010 +1000
tree	457aa73e37c9b5e5b4306430f40d1985b59ca226
parent	4d6ec10bb4461fdc9a9ab94ef32934e13564e873 [diff] [blame]