diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/inode.c | 11 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 2 | ||||
| -rw-r--r-- | security/tomoyo/tomoyo.c | 7 |
3 files changed, 4 insertions, 16 deletions
diff --git a/security/inode.c b/security/inode.c index f7496c6a022b..c3a793881d04 100644 --- a/security/inode.c +++ b/security/inode.c | |||
| @@ -156,15 +156,8 @@ static int create_by_name(const char *name, mode_t mode, | |||
| 156 | * block. A pointer to that is in the struct vfsmount that we | 156 | * block. A pointer to that is in the struct vfsmount that we |
| 157 | * have around. | 157 | * have around. |
| 158 | */ | 158 | */ |
| 159 | if (!parent ) { | 159 | if (!parent) |
| 160 | if (mount && mount->mnt_sb) { | 160 | parent = mount->mnt_sb->s_root; |
| 161 | parent = mount->mnt_sb->s_root; | ||
| 162 | } | ||
| 163 | } | ||
| 164 | if (!parent) { | ||
| 165 | pr_debug("securityfs: Ah! can not find a parent!\n"); | ||
| 166 | return -EFAULT; | ||
| 167 | } | ||
| 168 | 161 | ||
| 169 | mutex_lock(&parent->d_inode->i_mutex); | 162 | mutex_lock(&parent->d_inode->i_mutex); |
| 170 | *dentry = lookup_one_len(name, parent, strlen(name)); | 163 | *dentry = lookup_one_len(name, parent, strlen(name)); |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 7a374c2eb043..9a2ee845e9d4 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -2365,7 +2365,7 @@ static void selinux_bprm_committing_creds(struct linux_binprm *bprm) | |||
| 2365 | initrlim = init_task.signal->rlim + i; | 2365 | initrlim = init_task.signal->rlim + i; |
| 2366 | rlim->rlim_cur = min(rlim->rlim_max, initrlim->rlim_cur); | 2366 | rlim->rlim_cur = min(rlim->rlim_max, initrlim->rlim_cur); |
| 2367 | } | 2367 | } |
| 2368 | update_rlimit_cpu(rlim->rlim_cur); | 2368 | update_rlimit_cpu(current->signal->rlim[RLIMIT_CPU].rlim_cur); |
| 2369 | } | 2369 | } |
| 2370 | } | 2370 | } |
| 2371 | 2371 | ||
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 8a00ade85166..2aceebf5f354 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c | |||
| @@ -80,9 +80,8 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm) | |||
| 80 | return tomoyo_find_next_domain(bprm); | 80 | return tomoyo_find_next_domain(bprm); |
| 81 | /* | 81 | /* |
| 82 | * Read permission is checked against interpreters using next domain. | 82 | * Read permission is checked against interpreters using next domain. |
| 83 | * '1' is the result of open_to_namei_flags(O_RDONLY). | ||
| 84 | */ | 83 | */ |
| 85 | return tomoyo_check_open_permission(domain, &bprm->file->f_path, 1); | 84 | return tomoyo_check_open_permission(domain, &bprm->file->f_path, O_RDONLY); |
| 86 | } | 85 | } |
| 87 | 86 | ||
| 88 | static int tomoyo_path_truncate(struct path *path, loff_t length, | 87 | static int tomoyo_path_truncate(struct path *path, loff_t length, |
| @@ -184,10 +183,6 @@ static int tomoyo_file_fcntl(struct file *file, unsigned int cmd, | |||
| 184 | static int tomoyo_dentry_open(struct file *f, const struct cred *cred) | 183 | static int tomoyo_dentry_open(struct file *f, const struct cred *cred) |
| 185 | { | 184 | { |
| 186 | int flags = f->f_flags; | 185 | int flags = f->f_flags; |
| 187 | |||
| 188 | if ((flags + 1) & O_ACCMODE) | ||
| 189 | flags++; | ||
| 190 | flags |= f->f_flags & (O_APPEND | O_TRUNC); | ||
| 191 | /* Don't check read permission here if called from do_execve(). */ | 186 | /* Don't check read permission here if called from do_execve(). */ |
| 192 | if (current->in_execve) | 187 | if (current->in_execve) |
| 193 | return 0; | 188 | return 0; |