diff options
author | Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp> | 2009-06-19 14:13:27 +0900 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-06-19 18:48:18 +1000 |
commit | 56f8c9bc410deb55f21698e6a0d59f559ae1d794 (patch) | |
tree | 57536190ade898da7449eb8c369c32c80019cef5 /security/tomoyo | |
parent | ccf135f509abdbf607e9a68f08ddeee2c66dc36e (diff) | |
download | op-kernel-dev-56f8c9bc410deb55f21698e6a0d59f559ae1d794.zip op-kernel-dev-56f8c9bc410deb55f21698e6a0d59f559ae1d794.tar.gz |
TOMOYO: Remove next_domain from tomoyo_find_next_domain().
We can update bprm->cred->security inside tomoyo_find_next_domain().
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo')
-rw-r--r-- | security/tomoyo/domain.c | 10 | ||||
-rw-r--r-- | security/tomoyo/tomoyo.c | 10 | ||||
-rw-r--r-- | security/tomoyo/tomoyo.h | 3 |
3 files changed, 8 insertions, 15 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index e68b105..fcf52ac 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c @@ -786,13 +786,11 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char * /** * tomoyo_find_next_domain - Find a domain. * - * @bprm: Pointer to "struct linux_binprm". - * @next_domain: Pointer to pointer to "struct tomoyo_domain_info". + * @bprm: Pointer to "struct linux_binprm". * * Returns 0 on success, negative value otherwise. */ -int tomoyo_find_next_domain(struct linux_binprm *bprm, - struct tomoyo_domain_info **next_domain) +int tomoyo_find_next_domain(struct linux_binprm *bprm) { /* * This function assumes that the size of buffer returned by @@ -914,9 +912,11 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm, tomoyo_set_domain_flag(old_domain, false, TOMOYO_DOMAIN_FLAGS_TRANSITION_FAILED); out: + if (!domain) + domain = old_domain; + bprm->cred->security = domain; tomoyo_free(real_program_name); tomoyo_free(symlink_program_name); - *next_domain = domain ? domain : old_domain; tomoyo_free(tmp); return retval; } diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 3194d09..35a13e7 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -61,14 +61,8 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm) * Execute permission is checked against pathname passed to do_execve() * using current domain. */ - if (!domain) { - struct tomoyo_domain_info *next_domain = NULL; - int retval = tomoyo_find_next_domain(bprm, &next_domain); - - if (!retval) - bprm->cred->security = next_domain; - return retval; - } + if (!domain) + return tomoyo_find_next_domain(bprm); /* * Read permission is checked against interpreters using next domain. * '1' is the result of open_to_namei_flags(O_RDONLY). diff --git a/security/tomoyo/tomoyo.h b/security/tomoyo/tomoyo.h index 0fd588a..cd6ba0b 100644 --- a/security/tomoyo/tomoyo.h +++ b/security/tomoyo/tomoyo.h @@ -31,8 +31,7 @@ int tomoyo_check_2path_perm(struct tomoyo_domain_info *domain, struct path *path2); int tomoyo_check_rewrite_permission(struct tomoyo_domain_info *domain, struct file *filp); -int tomoyo_find_next_domain(struct linux_binprm *bprm, - struct tomoyo_domain_info **next_domain); +int tomoyo_find_next_domain(struct linux_binprm *bprm); /* Index numbers for Access Controls. */ |