summaryrefslogtreecommitdiffstats
path: root/security/tomoyo
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2011-08-25 14:15:00 +0200
committerJames Morris <jmorris@namei.org>2011-09-10 01:08:48 +0200
commit852584157c55c1689bcf3809ea44b79870c3e409 (patch)
tree9965e2ceb8fbb7ffaec131eb7c1963f9a32e1c0c /security/tomoyo
parenttpm: suppress durations sysfs output if not read (diff)
downloadlinux-852584157c55c1689bcf3809ea44b79870c3e409.tar.xz
linux-852584157c55c1689bcf3809ea44b79870c3e409.zip
TOMOYO: Fix incorrect enforce mode.
In tomoyo_get_mode() since 2.6.36, CONFIG::file::execute was by error used in place of CONFIG::file if CONFIG::file::execute was set to other than default. As a result, enforcing mode was not applied in a way documentation says. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo')
-rw-r--r--security/tomoyo/util.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c
index c36bd1107fc8..6a4195a4b93c 100644
--- a/security/tomoyo/util.c
+++ b/security/tomoyo/util.c
@@ -925,7 +925,8 @@ int tomoyo_get_mode(const struct tomoyo_policy_namespace *ns, const u8 profile,
return TOMOYO_CONFIG_DISABLED;
mode = tomoyo_profile(ns, profile)->config[index];
if (mode == TOMOYO_CONFIG_USE_DEFAULT)
- mode = tomoyo_profile(ns, profile)->config[category];
+ mode = tomoyo_profile(ns, profile)->config
+ [category + TOMOYO_MAX_MAC_INDEX];
if (mode == TOMOYO_CONFIG_USE_DEFAULT)
mode = tomoyo_profile(ns, profile)->default_config;
return mode & 3;