diff options
Diffstat (limited to 'security/tomoyo')
| -rw-r--r-- | security/tomoyo/mount.c | 38 |
1 files changed, 20 insertions, 18 deletions
diff --git a/security/tomoyo/mount.c b/security/tomoyo/mount.c index bee09d062057..fe00cdfd0267 100644 --- a/security/tomoyo/mount.c +++ b/security/tomoyo/mount.c | |||
| @@ -199,30 +199,32 @@ int tomoyo_mount_permission(char *dev_name, struct path *path, | |||
| 199 | if (flags & MS_REMOUNT) { | 199 | if (flags & MS_REMOUNT) { |
| 200 | type = tomoyo_mounts[TOMOYO_MOUNT_REMOUNT]; | 200 | type = tomoyo_mounts[TOMOYO_MOUNT_REMOUNT]; |
| 201 | flags &= ~MS_REMOUNT; | 201 | flags &= ~MS_REMOUNT; |
| 202 | } | 202 | } else if (flags & MS_BIND) { |
| 203 | if (flags & MS_MOVE) { | ||
| 204 | type = tomoyo_mounts[TOMOYO_MOUNT_MOVE]; | ||
| 205 | flags &= ~MS_MOVE; | ||
| 206 | } | ||
| 207 | if (flags & MS_BIND) { | ||
| 208 | type = tomoyo_mounts[TOMOYO_MOUNT_BIND]; | 203 | type = tomoyo_mounts[TOMOYO_MOUNT_BIND]; |
| 209 | flags &= ~MS_BIND; | 204 | flags &= ~MS_BIND; |
| 210 | } | 205 | } else if (flags & MS_SHARED) { |
| 211 | if (flags & MS_UNBINDABLE) { | 206 | if (flags & (MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE)) |
| 212 | type = tomoyo_mounts[TOMOYO_MOUNT_MAKE_UNBINDABLE]; | 207 | return -EINVAL; |
| 213 | flags &= ~MS_UNBINDABLE; | 208 | type = tomoyo_mounts[TOMOYO_MOUNT_MAKE_SHARED]; |
| 214 | } | 209 | flags &= ~MS_SHARED; |
| 215 | if (flags & MS_PRIVATE) { | 210 | } else if (flags & MS_PRIVATE) { |
| 211 | if (flags & (MS_SHARED | MS_SLAVE | MS_UNBINDABLE)) | ||
| 212 | return -EINVAL; | ||
| 216 | type = tomoyo_mounts[TOMOYO_MOUNT_MAKE_PRIVATE]; | 213 | type = tomoyo_mounts[TOMOYO_MOUNT_MAKE_PRIVATE]; |
| 217 | flags &= ~MS_PRIVATE; | 214 | flags &= ~MS_PRIVATE; |
| 218 | } | 215 | } else if (flags & MS_SLAVE) { |
| 219 | if (flags & MS_SLAVE) { | 216 | if (flags & (MS_SHARED | MS_PRIVATE | MS_UNBINDABLE)) |
| 217 | return -EINVAL; | ||
| 220 | type = tomoyo_mounts[TOMOYO_MOUNT_MAKE_SLAVE]; | 218 | type = tomoyo_mounts[TOMOYO_MOUNT_MAKE_SLAVE]; |
| 221 | flags &= ~MS_SLAVE; | 219 | flags &= ~MS_SLAVE; |
| 222 | } | 220 | } else if (flags & MS_UNBINDABLE) { |
| 223 | if (flags & MS_SHARED) { | 221 | if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE)) |
| 224 | type = tomoyo_mounts[TOMOYO_MOUNT_MAKE_SHARED]; | 222 | return -EINVAL; |
| 225 | flags &= ~MS_SHARED; | 223 | type = tomoyo_mounts[TOMOYO_MOUNT_MAKE_UNBINDABLE]; |
| 224 | flags &= ~MS_UNBINDABLE; | ||
| 225 | } else if (flags & MS_MOVE) { | ||
| 226 | type = tomoyo_mounts[TOMOYO_MOUNT_MOVE]; | ||
| 227 | flags &= ~MS_MOVE; | ||
| 226 | } | 228 | } |
| 227 | if (!type) | 229 | if (!type) |
| 228 | type = "<NULL>"; | 230 | type = "<NULL>"; |