diff options
Diffstat (limited to 'security/tomoyo/common.c')
-rw-r--r-- | security/tomoyo/common.c | 18 |
1 files changed, 4 insertions, 14 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index ffcf02450560..30dd1c68a647 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
@@ -179,14 +179,12 @@ static void tomoyo_normalize_line(unsigned char *buffer) | |||
179 | * 1 = must / -1 = must not / 0 = don't care | 179 | * 1 = must / -1 = must not / 0 = don't care |
180 | * @end_type: Should the pathname end with '/'? | 180 | * @end_type: Should the pathname end with '/'? |
181 | * 1 = must / -1 = must not / 0 = don't care | 181 | * 1 = must / -1 = must not / 0 = don't care |
182 | * @function: The name of function calling me. | ||
183 | * | 182 | * |
184 | * Check whether the given filename follows the naming rules. | 183 | * Check whether the given filename follows the naming rules. |
185 | * Returns true if @filename follows the naming rules, false otherwise. | 184 | * Returns true if @filename follows the naming rules, false otherwise. |
186 | */ | 185 | */ |
187 | bool tomoyo_is_correct_path(const char *filename, const s8 start_type, | 186 | bool tomoyo_is_correct_path(const char *filename, const s8 start_type, |
188 | const s8 pattern_type, const s8 end_type, | 187 | const s8 pattern_type, const s8 end_type) |
189 | const char *function) | ||
190 | { | 188 | { |
191 | const char *const start = filename; | 189 | const char *const start = filename; |
192 | bool in_repetition = false; | 190 | bool in_repetition = false; |
@@ -194,7 +192,6 @@ bool tomoyo_is_correct_path(const char *filename, const s8 start_type, | |||
194 | unsigned char c; | 192 | unsigned char c; |
195 | unsigned char d; | 193 | unsigned char d; |
196 | unsigned char e; | 194 | unsigned char e; |
197 | const char *original_filename = filename; | ||
198 | 195 | ||
199 | if (!filename) | 196 | if (!filename) |
200 | goto out; | 197 | goto out; |
@@ -283,25 +280,20 @@ bool tomoyo_is_correct_path(const char *filename, const s8 start_type, | |||
283 | goto out; | 280 | goto out; |
284 | return true; | 281 | return true; |
285 | out: | 282 | out: |
286 | printk(KERN_DEBUG "%s: Invalid pathname '%s'\n", function, | ||
287 | original_filename); | ||
288 | return false; | 283 | return false; |
289 | } | 284 | } |
290 | 285 | ||
291 | /** | 286 | /** |
292 | * tomoyo_is_correct_domain - Check whether the given domainname follows the naming rules. | 287 | * tomoyo_is_correct_domain - Check whether the given domainname follows the naming rules. |
293 | * @domainname: The domainname to check. | 288 | * @domainname: The domainname to check. |
294 | * @function: The name of function calling me. | ||
295 | * | 289 | * |
296 | * Returns true if @domainname follows the naming rules, false otherwise. | 290 | * Returns true if @domainname follows the naming rules, false otherwise. |
297 | */ | 291 | */ |
298 | bool tomoyo_is_correct_domain(const unsigned char *domainname, | 292 | bool tomoyo_is_correct_domain(const unsigned char *domainname) |
299 | const char *function) | ||
300 | { | 293 | { |
301 | unsigned char c; | 294 | unsigned char c; |
302 | unsigned char d; | 295 | unsigned char d; |
303 | unsigned char e; | 296 | unsigned char e; |
304 | const char *org_domainname = domainname; | ||
305 | 297 | ||
306 | if (!domainname || strncmp(domainname, TOMOYO_ROOT_NAME, | 298 | if (!domainname || strncmp(domainname, TOMOYO_ROOT_NAME, |
307 | TOMOYO_ROOT_NAME_LEN)) | 299 | TOMOYO_ROOT_NAME_LEN)) |
@@ -344,8 +336,6 @@ bool tomoyo_is_correct_domain(const unsigned char *domainname, | |||
344 | } while (*domainname); | 336 | } while (*domainname); |
345 | return true; | 337 | return true; |
346 | out: | 338 | out: |
347 | printk(KERN_DEBUG "%s: Invalid domainname '%s'\n", function, | ||
348 | org_domainname); | ||
349 | return false; | 339 | return false; |
350 | } | 340 | } |
351 | 341 | ||
@@ -1086,11 +1076,11 @@ static int tomoyo_update_manager_entry(const char *manager, | |||
1086 | bool is_domain = false; | 1076 | bool is_domain = false; |
1087 | 1077 | ||
1088 | if (tomoyo_is_domain_def(manager)) { | 1078 | if (tomoyo_is_domain_def(manager)) { |
1089 | if (!tomoyo_is_correct_domain(manager, __func__)) | 1079 | if (!tomoyo_is_correct_domain(manager)) |
1090 | return -EINVAL; | 1080 | return -EINVAL; |
1091 | is_domain = true; | 1081 | is_domain = true; |
1092 | } else { | 1082 | } else { |
1093 | if (!tomoyo_is_correct_path(manager, 1, -1, -1, __func__)) | 1083 | if (!tomoyo_is_correct_path(manager, 1, -1, -1)) |
1094 | return -EINVAL; | 1084 | return -EINVAL; |
1095 | } | 1085 | } |
1096 | saved_manager = tomoyo_get_name(manager); | 1086 | saved_manager = tomoyo_get_name(manager); |