aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/tomoyo/domain.c10
-rw-r--r--security/tomoyo/tomoyo.c10
-rw-r--r--security/tomoyo/tomoyo.h3
3 files changed, 8 insertions, 15 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index e68b1052354..fcf52accce2 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -786,13 +786,11 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
786/** 786/**
787 * tomoyo_find_next_domain - Find a domain. 787 * tomoyo_find_next_domain - Find a domain.
788 * 788 *
789 * @bprm: Pointer to "struct linux_binprm". 789 * @bprm: Pointer to "struct linux_binprm".
790 * @next_domain: Pointer to pointer to "struct tomoyo_domain_info".
791 * 790 *
792 * Returns 0 on success, negative value otherwise. 791 * Returns 0 on success, negative value otherwise.
793 */ 792 */
794int tomoyo_find_next_domain(struct linux_binprm *bprm, 793int tomoyo_find_next_domain(struct linux_binprm *bprm)
795 struct tomoyo_domain_info **next_domain)
796{ 794{
797 /* 795 /*
798 * This function assumes that the size of buffer returned by 796 * This function assumes that the size of buffer returned by
@@ -914,9 +912,11 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm,
914 tomoyo_set_domain_flag(old_domain, false, 912 tomoyo_set_domain_flag(old_domain, false,
915 TOMOYO_DOMAIN_FLAGS_TRANSITION_FAILED); 913 TOMOYO_DOMAIN_FLAGS_TRANSITION_FAILED);
916 out: 914 out:
915 if (!domain)
916 domain = old_domain;
917 bprm->cred->security = domain;
917 tomoyo_free(real_program_name); 918 tomoyo_free(real_program_name);
918 tomoyo_free(symlink_program_name); 919 tomoyo_free(symlink_program_name);
919 *next_domain = domain ? domain : old_domain;
920 tomoyo_free(tmp); 920 tomoyo_free(tmp);
921 return retval; 921 return retval;
922} 922}
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c
index 3194d09fe0f..35a13e7915e 100644
--- a/security/tomoyo/tomoyo.c
+++ b/security/tomoyo/tomoyo.c
@@ -61,14 +61,8 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm)
61 * Execute permission is checked against pathname passed to do_execve() 61 * Execute permission is checked against pathname passed to do_execve()
62 * using current domain. 62 * using current domain.
63 */ 63 */
64 if (!domain) { 64 if (!domain)
65 struct tomoyo_domain_info *next_domain = NULL; 65 return tomoyo_find_next_domain(bprm);
66 int retval = tomoyo_find_next_domain(bprm, &next_domain);
67
68 if (!retval)
69 bprm->cred->security = next_domain;
70 return retval;
71 }
72 /* 66 /*
73 * Read permission is checked against interpreters using next domain. 67 * Read permission is checked against interpreters using next domain.
74 * '1' is the result of open_to_namei_flags(O_RDONLY). 68 * '1' is the result of open_to_namei_flags(O_RDONLY).
diff --git a/security/tomoyo/tomoyo.h b/security/tomoyo/tomoyo.h
index 0fd588a629c..cd6ba0bf706 100644
--- a/security/tomoyo/tomoyo.h
+++ b/security/tomoyo/tomoyo.h
@@ -31,8 +31,7 @@ int tomoyo_check_2path_perm(struct tomoyo_domain_info *domain,
31 struct path *path2); 31 struct path *path2);
32int tomoyo_check_rewrite_permission(struct tomoyo_domain_info *domain, 32int tomoyo_check_rewrite_permission(struct tomoyo_domain_info *domain,
33 struct file *filp); 33 struct file *filp);
34int tomoyo_find_next_domain(struct linux_binprm *bprm, 34int tomoyo_find_next_domain(struct linux_binprm *bprm);
35 struct tomoyo_domain_info **next_domain);
36 35
37/* Index numbers for Access Controls. */ 36/* Index numbers for Access Controls. */
38 37