diff options
| author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2011-08-25 08:15:00 -0400 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2011-09-09 19:08:48 -0400 |
| commit | 852584157c55c1689bcf3809ea44b79870c3e409 (patch) | |
| tree | 9965e2ceb8fbb7ffaec131eb7c1963f9a32e1c0c /security | |
| parent | 403d1d0319ad73b5ccf251745af4c7000331a76b (diff) | |
TOMOYO: Fix incorrect enforce mode.
In tomoyo_get_mode() since 2.6.36, CONFIG::file::execute was by error used in
place of CONFIG::file if CONFIG::file::execute was set to other than default.
As a result, enforcing mode was not applied in a way documentation says.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/tomoyo/util.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c index c36bd1107fc8..6a4195a4b93c 100644 --- a/security/tomoyo/util.c +++ b/security/tomoyo/util.c | |||
| @@ -925,7 +925,8 @@ int tomoyo_get_mode(const struct tomoyo_policy_namespace *ns, const u8 profile, | |||
| 925 | return TOMOYO_CONFIG_DISABLED; | 925 | return TOMOYO_CONFIG_DISABLED; |
| 926 | mode = tomoyo_profile(ns, profile)->config[index]; | 926 | mode = tomoyo_profile(ns, profile)->config[index]; |
| 927 | if (mode == TOMOYO_CONFIG_USE_DEFAULT) | 927 | if (mode == TOMOYO_CONFIG_USE_DEFAULT) |
| 928 | mode = tomoyo_profile(ns, profile)->config[category]; | 928 | mode = tomoyo_profile(ns, profile)->config |
| 929 | [category + TOMOYO_MAX_MAC_INDEX]; | ||
| 929 | if (mode == TOMOYO_CONFIG_USE_DEFAULT) | 930 | if (mode == TOMOYO_CONFIG_USE_DEFAULT) |
| 930 | mode = tomoyo_profile(ns, profile)->default_config; | 931 | mode = tomoyo_profile(ns, profile)->default_config; |
| 931 | return mode & 3; | 932 | return mode & 3; |