diff options
-rw-r--r-- | fs/namei.c | 2 | ||||
-rw-r--r-- | include/linux/fs.h | 2 | ||||
-rw-r--r-- | security/tomoyo/tomoyo.c | 7 |
3 files changed, 3 insertions, 8 deletions
@@ -1620,7 +1620,7 @@ struct file *do_filp_open(int dfd, const char *pathname, open_flag |= O_DSYNC; if (!acc_mode) - acc_mode = MAY_OPEN | ACC_MODE(flag); + acc_mode = MAY_OPEN | ACC_MODE(open_flag); /* O_TRUNC implies we need access checks for write permissions */ if (flag & O_TRUNC) diff --git a/include/linux/fs.h b/include/linux/fs.h index 9147ca8..b1bcb27 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -2463,7 +2463,7 @@ int proc_nr_files(struct ctl_table *table, int write, int __init get_filesystem_list(char *buf); -#define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE]) +#define ACC_MODE(x) ("\004\002\006\006"[(x)&O_ACCMODE]) #define OPEN_FMODE(flag) ((__force fmode_t)((flag + 1) & O_ACCMODE)) #endif /* __KERNEL__ */ diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 8a00ade..2aceebf 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -80,9 +80,8 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm) return tomoyo_find_next_domain(bprm); /* * Read permission is checked against interpreters using next domain. - * '1' is the result of open_to_namei_flags(O_RDONLY). */ - return tomoyo_check_open_permission(domain, &bprm->file->f_path, 1); + return tomoyo_check_open_permission(domain, &bprm->file->f_path, O_RDONLY); } static int tomoyo_path_truncate(struct path *path, loff_t length, @@ -184,10 +183,6 @@ static int tomoyo_file_fcntl(struct file *file, unsigned int cmd, static int tomoyo_dentry_open(struct file *f, const struct cred *cred) { int flags = f->f_flags; - - if ((flags + 1) & O_ACCMODE) - flags++; - flags |= f->f_flags & (O_APPEND | O_TRUNC); /* Don't check read permission here if called from do_execve(). */ if (current->in_execve) return 0; |