summaryrefslogtreecommitdiffstats
path: root/security/tomoyo/gc.c
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2011-07-08 06:23:44 +0200
committerJames Morris <jmorris@namei.org>2011-07-11 03:05:33 +0200
commit2ca9bf453bdd478bcb6c01aa2d0bd4c2f4350563 (patch)
treeb9f6051059a2a90547a4501bf296b0cf3c9dbc76 /security/tomoyo/gc.c
parentTOMOYO: Allow using owner/group etc. of file objects as conditions. (diff)
downloadlinux-2ca9bf453bdd478bcb6c01aa2d0bd4c2f4350563.tar.xz
linux-2ca9bf453bdd478bcb6c01aa2d0bd4c2f4350563.zip
TOMOYO: Allow using executable's realpath and symlink's target as conditions.
This patch adds support for permission checks using executable file's realpath upon execve() and symlink's target upon symlink(). Hooks are in the last patch of this pathset. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to '')
-rw-r--r--security/tomoyo/gc.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c
index 21fccd67c255..e0502b6d5866 100644
--- a/security/tomoyo/gc.c
+++ b/security/tomoyo/gc.c
@@ -357,13 +357,18 @@ void tomoyo_del_condition(struct list_head *element)
head.list);
const u16 condc = cond->condc;
const u16 numbers_count = cond->numbers_count;
+ const u16 names_count = cond->names_count;
unsigned int i;
const struct tomoyo_condition_element *condp
= (const struct tomoyo_condition_element *) (cond + 1);
struct tomoyo_number_union *numbers_p
= (struct tomoyo_number_union *) (condp + condc);
+ struct tomoyo_name_union *names_p
+ = (struct tomoyo_name_union *) (numbers_p + numbers_count);
for (i = 0; i < numbers_count; i++)
tomoyo_put_number_union(numbers_p++);
+ for (i = 0; i < names_count; i++)
+ tomoyo_put_name_union(names_p++);
}
/**