diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/tomoyo/domain.c | 10 | ||||
-rw-r--r-- | security/tomoyo/tomoyo.c | 10 | ||||
-rw-r--r-- | security/tomoyo/tomoyo.h | 3 |
3 files changed, 8 insertions, 15 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index e68b1052354..fcf52accce2 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c | |||
@@ -786,13 +786,11 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * | |||
786 | /** | 786 | /** |
787 | * tomoyo_find_next_domain - Find a domain. | 787 | * tomoyo_find_next_domain - Find a domain. |
788 | * | 788 | * |
789 | * @bprm: Pointer to "struct linux_binprm". | 789 | * @bprm: Pointer to "struct linux_binprm". |
790 | * @next_domain: Pointer to pointer to "struct tomoyo_domain_info". | ||
791 | * | 790 | * |
792 | * Returns 0 on success, negative value otherwise. | 791 | * Returns 0 on success, negative value otherwise. |
793 | */ | 792 | */ |
794 | int tomoyo_find_next_domain(struct linux_binprm *bprm, | 793 | int tomoyo_find_next_domain(struct linux_binprm *bprm) |
795 | struct tomoyo_domain_info **next_domain) | ||
796 | { | 794 | { |
797 | /* | 795 | /* |
798 | * This function assumes that the size of buffer returned by | 796 | * This function assumes that the size of buffer returned by |
@@ -914,9 +912,11 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm, | |||
914 | tomoyo_set_domain_flag(old_domain, false, | 912 | tomoyo_set_domain_flag(old_domain, false, |
915 | TOMOYO_DOMAIN_FLAGS_TRANSITION_FAILED); | 913 | TOMOYO_DOMAIN_FLAGS_TRANSITION_FAILED); |
916 | out: | 914 | out: |
915 | if (!domain) | ||
916 | domain = old_domain; | ||
917 | bprm->cred->security = domain; | ||
917 | tomoyo_free(real_program_name); | 918 | tomoyo_free(real_program_name); |
918 | tomoyo_free(symlink_program_name); | 919 | tomoyo_free(symlink_program_name); |
919 | *next_domain = domain ? domain : old_domain; | ||
920 | tomoyo_free(tmp); | 920 | tomoyo_free(tmp); |
921 | return retval; | 921 | return retval; |
922 | } | 922 | } |
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 3194d09fe0f..35a13e7915e 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c | |||
@@ -61,14 +61,8 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm) | |||
61 | * Execute permission is checked against pathname passed to do_execve() | 61 | * Execute permission is checked against pathname passed to do_execve() |
62 | * using current domain. | 62 | * using current domain. |
63 | */ | 63 | */ |
64 | if (!domain) { | 64 | if (!domain) |
65 | struct tomoyo_domain_info *next_domain = NULL; | 65 | return tomoyo_find_next_domain(bprm); |
66 | int retval = tomoyo_find_next_domain(bprm, &next_domain); | ||
67 | |||
68 | if (!retval) | ||
69 | bprm->cred->security = next_domain; | ||
70 | return retval; | ||
71 | } | ||
72 | /* | 66 | /* |
73 | * Read permission is checked against interpreters using next domain. | 67 | * Read permission is checked against interpreters using next domain. |
74 | * '1' is the result of open_to_namei_flags(O_RDONLY). | 68 | * '1' is the result of open_to_namei_flags(O_RDONLY). |
diff --git a/security/tomoyo/tomoyo.h b/security/tomoyo/tomoyo.h index 0fd588a629c..cd6ba0bf706 100644 --- a/security/tomoyo/tomoyo.h +++ b/security/tomoyo/tomoyo.h | |||
@@ -31,8 +31,7 @@ int tomoyo_check_2path_perm(struct tomoyo_domain_info *domain, | |||
31 | struct path *path2); | 31 | struct path *path2); |
32 | int tomoyo_check_rewrite_permission(struct tomoyo_domain_info *domain, | 32 | int tomoyo_check_rewrite_permission(struct tomoyo_domain_info *domain, |
33 | struct file *filp); | 33 | struct file *filp); |
34 | int tomoyo_find_next_domain(struct linux_binprm *bprm, | 34 | int tomoyo_find_next_domain(struct linux_binprm *bprm); |
35 | struct tomoyo_domain_info **next_domain); | ||
36 | 35 | ||
37 | /* Index numbers for Access Controls. */ | 36 | /* Index numbers for Access Controls. */ |
38 | 37 | ||