litmus-rt.git/security/tomoyo, branch linux-tip The LITMUS^RT kernel. fs: take dcache_lock inside __d_path 2010-10-26T01:26:12+00:00 Christoph Hellwig hch@infradead.org 2010-10-10T09:36:21+00:00 be148247cfbe2422f5709e77d9c3e10b8a6394da All callers take dcache_lock just around the call to __d_path, so take the lock into it in preparation of getting rid of dcache_lock. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
All callers take dcache_lock just around the call to __d_path, so
take the lock into it in preparation of getting rid of dcache_lock.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
TOMOYO: Print URL information before panic(). 2010-10-20T23:12:45+00:00 Tetsuo Handa penguin-kernel@I-love.SAKURA.ne.jp 2010-10-08T05:43:22+00:00 9f1c1d426b0402b25cd0d7ca719ffc8e20e46d5f Configuration files for TOMOYO 2.3 are not compatible with TOMOYO 2.2. But current panic() message is too unfriendly and is confusing users. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Reviewed-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Signed-off-by: James Morris <jmorris@namei.org> 
Configuration files for TOMOYO 2.3 are not compatible with TOMOYO 2.2.
But current panic() message is too unfriendly and is confusing users.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Reviewed-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Signed-off-by: James Morris <jmorris@namei.org>
tomoyo: cleanup. don't store bogus pointer 2010-10-20T23:12:32+00:00 Dan Carpenter error27@gmail.com 2010-08-07T22:17:51+00:00 68eda8f59081c74a51d037cc29893bd7c9b3c2d8 If domain is NULL then &domain->list is a bogus address. Let's leave head->r.domain NULL instead of saving an unusable pointer. This is just a cleanup. The current code always checks head->r.eof before dereferencing head->r.domain. Signed-off-by: Dan Carpenter <error27@gmail.com> Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> 
If domain is NULL then &domain->list is a bogus address.  Let's leave
head->r.domain NULL instead of saving an unusable pointer.

This is just a cleanup.  The current code always checks head->r.eof
before dereferencing head->r.domain.

Signed-off-by: Dan Carpenter <error27@gmail.com>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
TOMOYO: Don't abuse sys_getpid(), sys_getppid() 2010-09-27T00:53:18+00:00 Ben Hutchings ben@decadent.org.uk 2010-09-26T04:55:13+00:00 c8da96e87d349e9035345293093ecc74792fb96a System call entry functions sys_*() are never to be called from general kernel code. The fact that they aren't declared in header files should have been a clue. These functions also don't exist on Alpha since it has sys_getxpid() instead. Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org> 
System call entry functions sys_*() are never to be called from
general kernel code.  The fact that they aren't declared in header
files should have been a clue.  These functions also don't exist on
Alpha since it has sys_getxpid() instead.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
TOMOYO: Use pathname specified by policy rather than execve() 2010-08-02T05:38:38+00:00 Tetsuo Handa penguin-kernel@I-love.SAKURA.ne.jp 2010-07-29T05:29:55+00:00 484ca79c653121d3c79fffb86e1deea724f2e20b Commit c9e69318 "TOMOYO: Allow wildcard for execute permission." changed execute permission and domainname to accept wildcards. But tomoyo_find_next_domain() was using pathname passed to execve() rather than pathname specified by the execute permission. As a result, processes were not able to transit to domains which contain wildcards in their domainnames. This patch passes pathname specified by the execute permission back to tomoyo_find_next_domain() so that processes can transit to domains which contain wildcards in their domainnames. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org> 
Commit c9e69318 "TOMOYO: Allow wildcard for execute permission." changed execute
permission and domainname to accept wildcards. But tomoyo_find_next_domain()
was using pathname passed to execve() rather than pathname specified by the
execute permission. As a result, processes were not able to transit to domains
which contain wildcards in their domainnames.

This patch passes pathname specified by the execute permission back to
tomoyo_find_next_domain() so that processes can transit to domains which
contain wildcards in their domainnames.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
TOMOYO: Update version to 2.3.0 2010-08-02T05:35:10+00:00 Tetsuo Handa penguin-kernel@I-love.SAKURA.ne.jp 2010-07-27T08:17:06+00:00 e6f6a4cc955d626ed26562d98de5766bf1f73526 Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org> 
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
TOMOYO: Fix quota check. 2010-08-02T05:35:09+00:00 Tetsuo Handa penguin-kernel@I-love.SAKURA.ne.jp 2010-07-27T01:08:29+00:00 7e3d199a4009a4094a955282daf5ecd43f2c8152 Commit d74725b9 "TOMOYO: Use callback for updating entries." broke tomoyo_domain_quota_is_ok() by counting deleted entries. It needs to count non-deleted entries. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org> 
Commit d74725b9 "TOMOYO: Use callback for updating entries." broke
tomoyo_domain_quota_is_ok() by counting deleted entries. It needs to
count non-deleted entries.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
TOMOYO: Explicitly set file_operations->llseek pointer. 2010-08-02T05:34:57+00:00 Tetsuo Handa penguin-kernel@I-love.SAKURA.ne.jp 2010-07-08T12:57:41+00:00 7e2deb7ce8f662bce877dbfd3b0053e9559c25a3 TOMOYO does not deal offset pointer. Thus seek operation makes no sense. Changing default seek operation from default_llseek() to no_llseek() might break some applications. Thus, explicitly set noop_llseek(). Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org> 
TOMOYO does not deal offset pointer. Thus seek operation makes
no sense. Changing default seek operation from default_llseek()
to no_llseek() might break some applications. Thus, explicitly
set noop_llseek().

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
TOMOYO: Add missing poll() hook. 2010-08-02T05:34:55+00:00 Tetsuo Handa penguin-kernel@I-love.SAKURA.ne.jp 2010-06-25T03:22:09+00:00 0849e3ba53c3ef603dffa9758a73e07ed186a937 Commit 1dae08c "TOMOYO: Add interactive enforcing mode." forgot to register poll() hook. As a result, /usr/sbin/tomoyo-queryd was doing busy loop. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org> 
Commit 1dae08c "TOMOYO: Add interactive enforcing mode." forgot to register
poll() hook. As a result, /usr/sbin/tomoyo-queryd was doing busy loop.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
TOMOYO: Rename symbols. 2010-08-02T05:34:54+00:00 Tetsuo Handa penguin-kernel@I-love.SAKURA.ne.jp 2010-06-25T02:16:00+00:00 e2bf69077acefee5247bb661faac2552d29ba7ba Use shorter name in order to make it easier to fit 80 columns limit. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org> 
Use shorter name in order to make it easier to fit 80 columns limit.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>