diff options
| author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2011-07-08 00:25:53 -0400 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2011-07-10 21:05:34 -0400 |
| commit | 97fb35e413f256ded07b88c73b3d932ec31ea84e (patch) | |
| tree | d16cb1dcb6d16938aa01c071fdcd1cbbf85b5153 | |
| parent | 5b636857fee642694e287e3a181b523b16098c93 (diff) | |
TOMOYO: Enable conditional ACL.
Enable conditional ACL by passing object's pointers.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
| -rw-r--r-- | security/tomoyo/common.h | 3 | ||||
| -rw-r--r-- | security/tomoyo/domain.c | 53 | ||||
| -rw-r--r-- | security/tomoyo/file.c | 35 | ||||
| -rw-r--r-- | security/tomoyo/mount.c | 8 | ||||
| -rw-r--r-- | security/tomoyo/tomoyo.c | 14 |
5 files changed, 80 insertions, 33 deletions
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 6c013b177791..f7fbaa66e443 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h | |||
| @@ -836,7 +836,8 @@ int tomoyo_path2_perm(const u8 operation, struct path *path1, | |||
| 836 | struct path *path2); | 836 | struct path *path2); |
| 837 | int tomoyo_path_number_perm(const u8 operation, struct path *path, | 837 | int tomoyo_path_number_perm(const u8 operation, struct path *path, |
| 838 | unsigned long number); | 838 | unsigned long number); |
| 839 | int tomoyo_path_perm(const u8 operation, struct path *path); | 839 | int tomoyo_path_perm(const u8 operation, struct path *path, |
| 840 | const char *target); | ||
| 840 | int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation, | 841 | int tomoyo_path_permission(struct tomoyo_request_info *r, u8 operation, |
| 841 | const struct tomoyo_path_info *filename); | 842 | const struct tomoyo_path_info *filename); |
| 842 | int tomoyo_poll_control(struct file *file, poll_table *wait); | 843 | int tomoyo_poll_control(struct file *file, poll_table *wait); |
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index 565249c42e39..878d0206f43e 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c | |||
| @@ -575,23 +575,27 @@ out: | |||
| 575 | */ | 575 | */ |
| 576 | int tomoyo_find_next_domain(struct linux_binprm *bprm) | 576 | int tomoyo_find_next_domain(struct linux_binprm *bprm) |
| 577 | { | 577 | { |
| 578 | struct tomoyo_request_info r; | ||
| 579 | char *tmp = kzalloc(TOMOYO_EXEC_TMPSIZE, GFP_NOFS); | ||
| 580 | struct tomoyo_domain_info *old_domain = tomoyo_domain(); | 578 | struct tomoyo_domain_info *old_domain = tomoyo_domain(); |
| 581 | struct tomoyo_domain_info *domain = NULL; | 579 | struct tomoyo_domain_info *domain = NULL; |
| 582 | const char *original_name = bprm->filename; | 580 | const char *original_name = bprm->filename; |
| 583 | u8 mode; | ||
| 584 | bool is_enforce; | ||
| 585 | int retval = -ENOMEM; | 581 | int retval = -ENOMEM; |
| 586 | bool need_kfree = false; | 582 | bool need_kfree = false; |
| 587 | bool reject_on_transition_failure = false; | 583 | bool reject_on_transition_failure = false; |
| 588 | struct tomoyo_path_info rn = { }; /* real name */ | 584 | struct tomoyo_path_info rn = { }; /* real name */ |
| 589 | 585 | struct tomoyo_execve *ee = kzalloc(sizeof(*ee), GFP_NOFS); | |
| 590 | mode = tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE); | 586 | if (!ee) |
| 591 | is_enforce = (mode == TOMOYO_CONFIG_ENFORCING); | 587 | return -ENOMEM; |
| 592 | if (!tmp) | 588 | ee->tmp = kzalloc(TOMOYO_EXEC_TMPSIZE, GFP_NOFS); |
| 593 | goto out; | 589 | if (!ee->tmp) { |
| 594 | 590 | kfree(ee); | |
| 591 | return -ENOMEM; | ||
| 592 | } | ||
| 593 | /* ee->dump->data is allocated by tomoyo_dump_page(). */ | ||
| 594 | tomoyo_init_request_info(&ee->r, NULL, TOMOYO_MAC_FILE_EXECUTE); | ||
| 595 | ee->r.ee = ee; | ||
| 596 | ee->bprm = bprm; | ||
| 597 | ee->r.obj = &ee->obj; | ||
| 598 | ee->obj.path1 = bprm->file->f_path; | ||
| 595 | retry: | 599 | retry: |
| 596 | if (need_kfree) { | 600 | if (need_kfree) { |
| 597 | kfree(rn.name); | 601 | kfree(rn.name); |
| @@ -625,7 +629,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
| 625 | } | 629 | } |
| 626 | 630 | ||
| 627 | /* Check execute permission. */ | 631 | /* Check execute permission. */ |
| 628 | retval = tomoyo_path_permission(&r, TOMOYO_TYPE_EXECUTE, &rn); | 632 | retval = tomoyo_path_permission(&ee->r, TOMOYO_TYPE_EXECUTE, &rn); |
| 629 | if (retval == TOMOYO_RETRY_REQUEST) | 633 | if (retval == TOMOYO_RETRY_REQUEST) |
| 630 | goto retry; | 634 | goto retry; |
| 631 | if (retval < 0) | 635 | if (retval < 0) |
| @@ -636,12 +640,12 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
| 636 | * wildcard) rather than the pathname passed to execve() | 640 | * wildcard) rather than the pathname passed to execve() |
| 637 | * (which never contains wildcard). | 641 | * (which never contains wildcard). |
| 638 | */ | 642 | */ |
| 639 | if (r.param.path.matched_path) { | 643 | if (ee->r.param.path.matched_path) { |
| 640 | if (need_kfree) | 644 | if (need_kfree) |
| 641 | kfree(rn.name); | 645 | kfree(rn.name); |
| 642 | need_kfree = false; | 646 | need_kfree = false; |
| 643 | /* This is OK because it is read only. */ | 647 | /* This is OK because it is read only. */ |
| 644 | rn = *r.param.path.matched_path; | 648 | rn = *ee->r.param.path.matched_path; |
| 645 | } | 649 | } |
| 646 | 650 | ||
| 647 | /* Calculate domain to transit to. */ | 651 | /* Calculate domain to transit to. */ |
| @@ -649,7 +653,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
| 649 | &rn)) { | 653 | &rn)) { |
| 650 | case TOMOYO_TRANSITION_CONTROL_RESET: | 654 | case TOMOYO_TRANSITION_CONTROL_RESET: |
| 651 | /* Transit to the root of specified namespace. */ | 655 | /* Transit to the root of specified namespace. */ |
| 652 | snprintf(tmp, TOMOYO_EXEC_TMPSIZE - 1, "<%s>", rn.name); | 656 | snprintf(ee->tmp, TOMOYO_EXEC_TMPSIZE - 1, "<%s>", rn.name); |
| 653 | /* | 657 | /* |
| 654 | * Make do_execve() fail if domain transition across namespaces | 658 | * Make do_execve() fail if domain transition across namespaces |
| 655 | * has failed. | 659 | * has failed. |
| @@ -658,7 +662,7 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
| 658 | break; | 662 | break; |
| 659 | case TOMOYO_TRANSITION_CONTROL_INITIALIZE: | 663 | case TOMOYO_TRANSITION_CONTROL_INITIALIZE: |
| 660 | /* Transit to the child of current namespace's root. */ | 664 | /* Transit to the child of current namespace's root. */ |
| 661 | snprintf(tmp, TOMOYO_EXEC_TMPSIZE - 1, "%s %s", | 665 | snprintf(ee->tmp, TOMOYO_EXEC_TMPSIZE - 1, "%s %s", |
| 662 | old_domain->ns->name, rn.name); | 666 | old_domain->ns->name, rn.name); |
| 663 | break; | 667 | break; |
| 664 | case TOMOYO_TRANSITION_CONTROL_KEEP: | 668 | case TOMOYO_TRANSITION_CONTROL_KEEP: |
| @@ -677,29 +681,30 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
| 677 | domain = old_domain; | 681 | domain = old_domain; |
| 678 | } else { | 682 | } else { |
| 679 | /* Normal domain transition. */ | 683 | /* Normal domain transition. */ |
| 680 | snprintf(tmp, TOMOYO_EXEC_TMPSIZE - 1, "%s %s", | 684 | snprintf(ee->tmp, TOMOYO_EXEC_TMPSIZE - 1, "%s %s", |
| 681 | old_domain->domainname->name, rn.name); | 685 | old_domain->domainname->name, rn.name); |
| 682 | } | 686 | } |
| 683 | break; | 687 | break; |
| 684 | } | 688 | } |
| 685 | if (!domain) | 689 | if (!domain) |
| 686 | domain = tomoyo_assign_domain(tmp, true); | 690 | domain = tomoyo_assign_domain(ee->tmp, true); |
| 687 | if (domain) | 691 | if (domain) |
| 688 | retval = 0; | 692 | retval = 0; |
| 689 | else if (reject_on_transition_failure) { | 693 | else if (reject_on_transition_failure) { |
| 690 | printk(KERN_WARNING "ERROR: Domain '%s' not ready.\n", tmp); | 694 | printk(KERN_WARNING "ERROR: Domain '%s' not ready.\n", |
| 695 | ee->tmp); | ||
| 691 | retval = -ENOMEM; | 696 | retval = -ENOMEM; |
| 692 | } else if (r.mode == TOMOYO_CONFIG_ENFORCING) | 697 | } else if (ee->r.mode == TOMOYO_CONFIG_ENFORCING) |
| 693 | retval = -ENOMEM; | 698 | retval = -ENOMEM; |
| 694 | else { | 699 | else { |
| 695 | retval = 0; | 700 | retval = 0; |
| 696 | if (!old_domain->flags[TOMOYO_DIF_TRANSITION_FAILED]) { | 701 | if (!old_domain->flags[TOMOYO_DIF_TRANSITION_FAILED]) { |
| 697 | old_domain->flags[TOMOYO_DIF_TRANSITION_FAILED] = true; | 702 | old_domain->flags[TOMOYO_DIF_TRANSITION_FAILED] = true; |
| 698 | r.granted = false; | 703 | ee->r.granted = false; |
| 699 | tomoyo_write_log(&r, "%s", tomoyo_dif | 704 | tomoyo_write_log(&ee->r, "%s", tomoyo_dif |
| 700 | [TOMOYO_DIF_TRANSITION_FAILED]); | 705 | [TOMOYO_DIF_TRANSITION_FAILED]); |
| 701 | printk(KERN_WARNING | 706 | printk(KERN_WARNING |
| 702 | "ERROR: Domain '%s' not defined.\n", tmp); | 707 | "ERROR: Domain '%s' not defined.\n", ee->tmp); |
| 703 | } | 708 | } |
| 704 | } | 709 | } |
| 705 | out: | 710 | out: |
| @@ -710,7 +715,9 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm) | |||
| 710 | bprm->cred->security = domain; | 715 | bprm->cred->security = domain; |
| 711 | if (need_kfree) | 716 | if (need_kfree) |
| 712 | kfree(rn.name); | 717 | kfree(rn.name); |
| 713 | kfree(tmp); | 718 | kfree(ee->tmp); |
| 719 | kfree(ee->dump.data); | ||
| 720 | kfree(ee); | ||
| 714 | return retval; | 721 | return retval; |
| 715 | } | 722 | } |
| 716 | 723 | ||
diff --git a/security/tomoyo/file.c b/security/tomoyo/file.c index 6ab9e4cdd61f..31a9a4ab7af9 100644 --- a/security/tomoyo/file.c +++ b/security/tomoyo/file.c | |||
| @@ -667,6 +667,9 @@ int tomoyo_path_number_perm(const u8 type, struct path *path, | |||
| 667 | unsigned long number) | 667 | unsigned long number) |
| 668 | { | 668 | { |
| 669 | struct tomoyo_request_info r; | 669 | struct tomoyo_request_info r; |
| 670 | struct tomoyo_obj_info obj = { | ||
| 671 | .path1 = *path, | ||
| 672 | }; | ||
| 670 | int error = -ENOMEM; | 673 | int error = -ENOMEM; |
| 671 | struct tomoyo_path_info buf; | 674 | struct tomoyo_path_info buf; |
| 672 | int idx; | 675 | int idx; |
| @@ -677,6 +680,7 @@ int tomoyo_path_number_perm(const u8 type, struct path *path, | |||
| 677 | idx = tomoyo_read_lock(); | 680 | idx = tomoyo_read_lock(); |
| 678 | if (!tomoyo_get_realpath(&buf, path)) | 681 | if (!tomoyo_get_realpath(&buf, path)) |
| 679 | goto out; | 682 | goto out; |
| 683 | r.obj = &obj; | ||
| 680 | if (type == TOMOYO_TYPE_MKDIR) | 684 | if (type == TOMOYO_TYPE_MKDIR) |
| 681 | tomoyo_add_slash(&buf); | 685 | tomoyo_add_slash(&buf); |
| 682 | r.param_type = TOMOYO_TYPE_PATH_NUMBER_ACL; | 686 | r.param_type = TOMOYO_TYPE_PATH_NUMBER_ACL; |
| @@ -711,6 +715,9 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, | |||
| 711 | int error = 0; | 715 | int error = 0; |
| 712 | struct tomoyo_path_info buf; | 716 | struct tomoyo_path_info buf; |
| 713 | struct tomoyo_request_info r; | 717 | struct tomoyo_request_info r; |
| 718 | struct tomoyo_obj_info obj = { | ||
| 719 | .path1 = *path, | ||
| 720 | }; | ||
| 714 | int idx; | 721 | int idx; |
| 715 | 722 | ||
| 716 | buf.name = NULL; | 723 | buf.name = NULL; |
| @@ -723,6 +730,7 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, | |||
| 723 | error = -ENOMEM; | 730 | error = -ENOMEM; |
| 724 | goto out; | 731 | goto out; |
| 725 | } | 732 | } |
| 733 | r.obj = &obj; | ||
| 726 | if (acc_mode & MAY_READ) | 734 | if (acc_mode & MAY_READ) |
| 727 | error = tomoyo_path_permission(&r, TOMOYO_TYPE_READ, | 735 | error = tomoyo_path_permission(&r, TOMOYO_TYPE_READ, |
| 728 | &buf); | 736 | &buf); |
| @@ -745,15 +753,21 @@ int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, | |||
| 745 | * | 753 | * |
| 746 | * @operation: Type of operation. | 754 | * @operation: Type of operation. |
| 747 | * @path: Pointer to "struct path". | 755 | * @path: Pointer to "struct path". |
| 756 | * @target: Symlink's target if @operation is TOMOYO_TYPE_SYMLINK, | ||
| 757 | * NULL otherwise. | ||
| 748 | * | 758 | * |
| 749 | * Returns 0 on success, negative value otherwise. | 759 | * Returns 0 on success, negative value otherwise. |
| 750 | */ | 760 | */ |
| 751 | int tomoyo_path_perm(const u8 operation, struct path *path) | 761 | int tomoyo_path_perm(const u8 operation, struct path *path, const char *target) |
| 752 | { | 762 | { |
| 753 | struct tomoyo_request_info r; | 763 | struct tomoyo_request_info r; |
| 764 | struct tomoyo_obj_info obj = { | ||
| 765 | .path1 = *path, | ||
| 766 | }; | ||
| 754 | int error; | 767 | int error; |
| 755 | struct tomoyo_path_info buf; | 768 | struct tomoyo_path_info buf; |
| 756 | bool is_enforce; | 769 | bool is_enforce; |
| 770 | struct tomoyo_path_info symlink_target; | ||
| 757 | int idx; | 771 | int idx; |
| 758 | 772 | ||
| 759 | if (tomoyo_init_request_info(&r, NULL, tomoyo_p2mac[operation]) | 773 | if (tomoyo_init_request_info(&r, NULL, tomoyo_p2mac[operation]) |
| @@ -765,13 +779,23 @@ int tomoyo_path_perm(const u8 operation, struct path *path) | |||
| 765 | idx = tomoyo_read_lock(); | 779 | idx = tomoyo_read_lock(); |
| 766 | if (!tomoyo_get_realpath(&buf, path)) | 780 | if (!tomoyo_get_realpath(&buf, path)) |
| 767 | goto out; | 781 | goto out; |
| 782 | r.obj = &obj; | ||
| 768 | switch (operation) { | 783 | switch (operation) { |
| 769 | case TOMOYO_TYPE_RMDIR: | 784 | case TOMOYO_TYPE_RMDIR: |
| 770 | case TOMOYO_TYPE_CHROOT: | 785 | case TOMOYO_TYPE_CHROOT: |
| 771 | tomoyo_add_slash(&buf); | 786 | tomoyo_add_slash(&buf); |
| 772 | break; | 787 | break; |
| 788 | case TOMOYO_TYPE_SYMLINK: | ||
| 789 | symlink_target.name = tomoyo_encode(target); | ||
| 790 | if (!symlink_target.name) | ||
| 791 | goto out; | ||
| 792 | tomoyo_fill_path_info(&symlink_target); | ||
| 793 | obj.symlink_target = &symlink_target; | ||
| 794 | break; | ||
| 773 | } | 795 | } |
| 774 | error = tomoyo_path_permission(&r, operation, &buf); | 796 | error = tomoyo_path_permission(&r, operation, &buf); |
| 797 | if (operation == TOMOYO_TYPE_SYMLINK) | ||
| 798 | kfree(symlink_target.name); | ||
| 775 | out: | 799 | out: |
| 776 | kfree(buf.name); | 800 | kfree(buf.name); |
| 777 | tomoyo_read_unlock(idx); | 801 | tomoyo_read_unlock(idx); |
| @@ -794,6 +818,9 @@ int tomoyo_mkdev_perm(const u8 operation, struct path *path, | |||
| 794 | const unsigned int mode, unsigned int dev) | 818 | const unsigned int mode, unsigned int dev) |
| 795 | { | 819 | { |
| 796 | struct tomoyo_request_info r; | 820 | struct tomoyo_request_info r; |
| 821 | struct tomoyo_obj_info obj = { | ||
| 822 | .path1 = *path, | ||
| 823 | }; | ||
| 797 | int error = -ENOMEM; | 824 | int error = -ENOMEM; |
| 798 | struct tomoyo_path_info buf; | 825 | struct tomoyo_path_info buf; |
| 799 | int idx; | 826 | int idx; |
| @@ -804,6 +831,7 @@ int tomoyo_mkdev_perm(const u8 operation, struct path *path, | |||
| 804 | idx = tomoyo_read_lock(); | 831 | idx = tomoyo_read_lock(); |
| 805 | error = -ENOMEM; | 832 | error = -ENOMEM; |
| 806 | if (tomoyo_get_realpath(&buf, path)) { | 833 | if (tomoyo_get_realpath(&buf, path)) { |
| 834 | r.obj = &obj; | ||
| 807 | dev = new_decode_dev(dev); | 835 | dev = new_decode_dev(dev); |
| 808 | r.param_type = TOMOYO_TYPE_MKDEV_ACL; | 836 | r.param_type = TOMOYO_TYPE_MKDEV_ACL; |
| 809 | r.param.mkdev.filename = &buf; | 837 | r.param.mkdev.filename = &buf; |
| @@ -837,6 +865,10 @@ int tomoyo_path2_perm(const u8 operation, struct path *path1, | |||
| 837 | struct tomoyo_path_info buf1; | 865 | struct tomoyo_path_info buf1; |
| 838 | struct tomoyo_path_info buf2; | 866 | struct tomoyo_path_info buf2; |
| 839 | struct tomoyo_request_info r; | 867 | struct tomoyo_request_info r; |
| 868 | struct tomoyo_obj_info obj = { | ||
| 869 | .path1 = *path1, | ||
| 870 | .path2 = *path2, | ||
| 871 | }; | ||
| 840 | int idx; | 872 | int idx; |
| 841 | 873 | ||
| 842 | if (tomoyo_init_request_info(&r, NULL, tomoyo_pp2mac[operation]) | 874 | if (tomoyo_init_request_info(&r, NULL, tomoyo_pp2mac[operation]) |
| @@ -861,6 +893,7 @@ int tomoyo_path2_perm(const u8 operation, struct path *path1, | |||
| 861 | tomoyo_add_slash(&buf2); | 893 | tomoyo_add_slash(&buf2); |
| 862 | break; | 894 | break; |
| 863 | } | 895 | } |
| 896 | r.obj = &obj; | ||
| 864 | r.param_type = TOMOYO_TYPE_PATH2_ACL; | 897 | r.param_type = TOMOYO_TYPE_PATH2_ACL; |
| 865 | r.param.path2.operation = operation; | 898 | r.param.path2.operation = operation; |
| 866 | r.param.path2.filename1 = &buf1; | 899 | r.param.path2.filename1 = &buf1; |
diff --git a/security/tomoyo/mount.c b/security/tomoyo/mount.c index 0bbba8b67821..408385307470 100644 --- a/security/tomoyo/mount.c +++ b/security/tomoyo/mount.c | |||
| @@ -75,6 +75,7 @@ static int tomoyo_mount_acl(struct tomoyo_request_info *r, char *dev_name, | |||
| 75 | struct path *dir, const char *type, | 75 | struct path *dir, const char *type, |
| 76 | unsigned long flags) | 76 | unsigned long flags) |
| 77 | { | 77 | { |
| 78 | struct tomoyo_obj_info obj = { }; | ||
| 78 | struct path path; | 79 | struct path path; |
| 79 | struct file_system_type *fstype = NULL; | 80 | struct file_system_type *fstype = NULL; |
| 80 | const char *requested_type = NULL; | 81 | const char *requested_type = NULL; |
| @@ -85,6 +86,7 @@ static int tomoyo_mount_acl(struct tomoyo_request_info *r, char *dev_name, | |||
| 85 | struct tomoyo_path_info rdir; | 86 | struct tomoyo_path_info rdir; |
| 86 | int need_dev = 0; | 87 | int need_dev = 0; |
| 87 | int error = -ENOMEM; | 88 | int error = -ENOMEM; |
| 89 | r->obj = &obj; | ||
| 88 | 90 | ||
| 89 | /* Get fstype. */ | 91 | /* Get fstype. */ |
| 90 | requested_type = tomoyo_encode(type); | 92 | requested_type = tomoyo_encode(type); |
| @@ -94,6 +96,7 @@ static int tomoyo_mount_acl(struct tomoyo_request_info *r, char *dev_name, | |||
| 94 | tomoyo_fill_path_info(&rtype); | 96 | tomoyo_fill_path_info(&rtype); |
| 95 | 97 | ||
| 96 | /* Get mount point. */ | 98 | /* Get mount point. */ |
| 99 | obj.path2 = *dir; | ||
| 97 | requested_dir_name = tomoyo_realpath_from_path(dir); | 100 | requested_dir_name = tomoyo_realpath_from_path(dir); |
| 98 | if (!requested_dir_name) { | 101 | if (!requested_dir_name) { |
| 99 | error = -ENOMEM; | 102 | error = -ENOMEM; |
| @@ -129,8 +132,8 @@ static int tomoyo_mount_acl(struct tomoyo_request_info *r, char *dev_name, | |||
| 129 | error = -ENOENT; | 132 | error = -ENOENT; |
| 130 | goto out; | 133 | goto out; |
| 131 | } | 134 | } |
| 135 | obj.path1 = path; | ||
| 132 | requested_dev_name = tomoyo_realpath_from_path(&path); | 136 | requested_dev_name = tomoyo_realpath_from_path(&path); |
| 133 | path_put(&path); | ||
| 134 | if (!requested_dev_name) { | 137 | if (!requested_dev_name) { |
| 135 | error = -ENOENT; | 138 | error = -ENOENT; |
| 136 | goto out; | 139 | goto out; |
| @@ -163,6 +166,9 @@ static int tomoyo_mount_acl(struct tomoyo_request_info *r, char *dev_name, | |||
| 163 | if (fstype) | 166 | if (fstype) |
| 164 | put_filesystem(fstype); | 167 | put_filesystem(fstype); |
| 165 | kfree(requested_type); | 168 | kfree(requested_type); |
| 169 | /* Drop refcount obtained by kern_path(). */ | ||
| 170 | if (obj.path1.dentry) | ||
| 171 | path_put(&obj.path1); | ||
| 166 | return error; | 172 | return error; |
| 167 | } | 173 | } |
| 168 | 174 | ||
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index d6f68a0ec2dc..a536cb182c05 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c | |||
| @@ -98,18 +98,18 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm) | |||
| 98 | static int tomoyo_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) | 98 | static int tomoyo_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) |
| 99 | { | 99 | { |
| 100 | struct path path = { mnt, dentry }; | 100 | struct path path = { mnt, dentry }; |
| 101 | return tomoyo_path_perm(TOMOYO_TYPE_GETATTR, &path); | 101 | return tomoyo_path_perm(TOMOYO_TYPE_GETATTR, &path, NULL); |
| 102 | } | 102 | } |
| 103 | 103 | ||
| 104 | static int tomoyo_path_truncate(struct path *path) | 104 | static int tomoyo_path_truncate(struct path *path) |
| 105 | { | 105 | { |
| 106 | return tomoyo_path_perm(TOMOYO_TYPE_TRUNCATE, path); | 106 | return tomoyo_path_perm(TOMOYO_TYPE_TRUNCATE, path, NULL); |
| 107 | } | 107 | } |
| 108 | 108 | ||
| 109 | static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) | 109 | static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) |
| 110 | { | 110 | { |
| 111 | struct path path = { parent->mnt, dentry }; | 111 | struct path path = { parent->mnt, dentry }; |
| 112 | return tomoyo_path_perm(TOMOYO_TYPE_UNLINK, &path); | 112 | return tomoyo_path_perm(TOMOYO_TYPE_UNLINK, &path, NULL); |
| 113 | } | 113 | } |
| 114 | 114 | ||
| 115 | static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, | 115 | static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, |
| @@ -123,14 +123,14 @@ static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, | |||
| 123 | static int tomoyo_path_rmdir(struct path *parent, struct dentry *dentry) | 123 | static int tomoyo_path_rmdir(struct path *parent, struct dentry *dentry) |
| 124 | { | 124 | { |
| 125 | struct path path = { parent->mnt, dentry }; | 125 | struct path path = { parent->mnt, dentry }; |
| 126 | return tomoyo_path_perm(TOMOYO_TYPE_RMDIR, &path); | 126 | return tomoyo_path_perm(TOMOYO_TYPE_RMDIR, &path, NULL); |
| 127 | } | 127 | } |
| 128 | 128 | ||
| 129 | static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, | 129 | static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, |
| 130 | const char *old_name) | 130 | const char *old_name) |
| 131 | { | 131 | { |
| 132 | struct path path = { parent->mnt, dentry }; | 132 | struct path path = { parent->mnt, dentry }; |
| 133 | return tomoyo_path_perm(TOMOYO_TYPE_SYMLINK, &path); | 133 | return tomoyo_path_perm(TOMOYO_TYPE_SYMLINK, &path, old_name); |
| 134 | } | 134 | } |
| 135 | 135 | ||
| 136 | static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, | 136 | static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, |
| @@ -225,7 +225,7 @@ static int tomoyo_path_chown(struct path *path, uid_t uid, gid_t gid) | |||
| 225 | 225 | ||
| 226 | static int tomoyo_path_chroot(struct path *path) | 226 | static int tomoyo_path_chroot(struct path *path) |
| 227 | { | 227 | { |
| 228 | return tomoyo_path_perm(TOMOYO_TYPE_CHROOT, path); | 228 | return tomoyo_path_perm(TOMOYO_TYPE_CHROOT, path, NULL); |
| 229 | } | 229 | } |
| 230 | 230 | ||
| 231 | static int tomoyo_sb_mount(char *dev_name, struct path *path, | 231 | static int tomoyo_sb_mount(char *dev_name, struct path *path, |
| @@ -237,7 +237,7 @@ static int tomoyo_sb_mount(char *dev_name, struct path *path, | |||
| 237 | static int tomoyo_sb_umount(struct vfsmount *mnt, int flags) | 237 | static int tomoyo_sb_umount(struct vfsmount *mnt, int flags) |
| 238 | { | 238 | { |
| 239 | struct path path = { mnt, mnt->mnt_root }; | 239 | struct path path = { mnt, mnt->mnt_root }; |
| 240 | return tomoyo_path_perm(TOMOYO_TYPE_UMOUNT, &path); | 240 | return tomoyo_path_perm(TOMOYO_TYPE_UMOUNT, &path, NULL); |
| 241 | } | 241 | } |
| 242 | 242 | ||
| 243 | static int tomoyo_sb_pivotroot(struct path *old_path, struct path *new_path) | 243 | static int tomoyo_sb_pivotroot(struct path *old_path, struct path *new_path) |