diff options
Diffstat (limited to 'security/tomoyo')
| -rw-r--r-- | security/tomoyo/.gitignore | 2 | ||||
| -rw-r--r-- | security/tomoyo/audit.c | 4 | ||||
| -rw-r--r-- | security/tomoyo/common.h | 4 | ||||
| -rw-r--r-- | security/tomoyo/realpath.c | 9 | ||||
| -rw-r--r-- | security/tomoyo/securityfs_if.c | 2 | ||||
| -rw-r--r-- | security/tomoyo/tomoyo.c | 15 | ||||
| -rw-r--r-- | security/tomoyo/util.c | 6 |
7 files changed, 17 insertions, 25 deletions
diff --git a/security/tomoyo/.gitignore b/security/tomoyo/.gitignore new file mode 100644 index 00000000000..5caf1a6f590 --- /dev/null +++ b/security/tomoyo/.gitignore @@ -0,0 +1,2 @@ +builtin-policy.h +policy/ diff --git a/security/tomoyo/audit.c b/security/tomoyo/audit.c index 075c3a6d164..5ca47ea3049 100644 --- a/security/tomoyo/audit.c +++ b/security/tomoyo/audit.c @@ -112,7 +112,7 @@ out: * * Returns file type string. */ -static inline const char *tomoyo_filetype(const mode_t mode) +static inline const char *tomoyo_filetype(const umode_t mode) { switch (mode & S_IFMT) { case S_IFREG: @@ -180,7 +180,7 @@ static char *tomoyo_print_header(struct tomoyo_request_info *r) for (i = 0; i < TOMOYO_MAX_PATH_STAT; i++) { struct tomoyo_mini_stat *stat; unsigned int dev; - mode_t mode; + umode_t mode; if (!obj->stat_valid[i]) continue; stat = &obj->stat[i]; diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index ed311d7a8ce..9512222d558 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h @@ -564,7 +564,7 @@ struct tomoyo_mini_stat { uid_t uid; gid_t gid; ino_t ino; - mode_t mode; + umode_t mode; dev_t dev; dev_t rdev; }; @@ -1122,7 +1122,7 @@ static inline pid_t tomoyo_sys_getppid(void) { pid_t pid; rcu_read_lock(); - pid = task_tgid_vnr(current->real_parent); + pid = task_tgid_vnr(rcu_dereference(current->real_parent)); rcu_read_unlock(); return pid; } diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c index d9f3ced8756..80a09c37cac 100644 --- a/security/tomoyo/realpath.c +++ b/security/tomoyo/realpath.c @@ -4,15 +4,8 @@ * Copyright (C) 2005-2011 NTT DATA CORPORATION */ -#include <linux/types.h> -#include <linux/mount.h> -#include <linux/mnt_namespace.h> -#include <linux/fs_struct.h> -#include <linux/magic.h> -#include <linux/slab.h> -#include <net/sock.h> #include "common.h" -#include "../../fs/internal.h" +#include <linux/magic.h> /** * tomoyo_encode2 - Encode binary string to ascii string. diff --git a/security/tomoyo/securityfs_if.c b/security/tomoyo/securityfs_if.c index 2672ac4f3be..482b2a5f48f 100644 --- a/security/tomoyo/securityfs_if.c +++ b/security/tomoyo/securityfs_if.c @@ -224,7 +224,7 @@ static const struct file_operations tomoyo_operations = { * * Returns nothing. */ -static void __init tomoyo_create_entry(const char *name, const mode_t mode, +static void __init tomoyo_create_entry(const char *name, const umode_t mode, struct dentry *parent, const u8 key) { securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key, diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 4b327b69174..620d37c159a 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -186,7 +186,7 @@ static int tomoyo_path_unlink(struct path *parent, struct dentry *dentry) * Returns 0 on success, negative value otherwise. */ static int tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, - int mode) + umode_t mode) { struct path path = { parent->mnt, dentry }; return tomoyo_path_number_perm(TOMOYO_TYPE_MKDIR, &path, @@ -234,7 +234,7 @@ static int tomoyo_path_symlink(struct path *parent, struct dentry *dentry, * Returns 0 on success, negative value otherwise. */ static int tomoyo_path_mknod(struct path *parent, struct dentry *dentry, - int mode, unsigned int dev) + umode_t mode, unsigned int dev) { struct path path = { parent->mnt, dentry }; int type = TOMOYO_TYPE_CREATE; @@ -353,17 +353,14 @@ static int tomoyo_file_ioctl(struct file *file, unsigned int cmd, /** * tomoyo_path_chmod - Target for security_path_chmod(). * - * @dentry: Pointer to "struct dentry". - * @mnt: Pointer to "struct vfsmount". - * @mode: DAC permission mode. + * @path: Pointer to "struct path". + * @mode: DAC permission mode. * * Returns 0 on success, negative value otherwise. */ -static int tomoyo_path_chmod(struct dentry *dentry, struct vfsmount *mnt, - mode_t mode) +static int tomoyo_path_chmod(struct path *path, umode_t mode) { - struct path path = { mnt, dentry }; - return tomoyo_path_number_perm(TOMOYO_TYPE_CHMOD, &path, + return tomoyo_path_number_perm(TOMOYO_TYPE_CHMOD, path, mode & S_IALLUGO); } diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c index 4a9b4b2eb75..867558c9833 100644 --- a/security/tomoyo/util.c +++ b/security/tomoyo/util.c @@ -492,13 +492,13 @@ static bool tomoyo_correct_word2(const char *string, size_t len) if (d < '0' || d > '7' || e < '0' || e > '7') break; c = tomoyo_make_byte(c, d, e); - if (tomoyo_invalid(c)) - continue; /* pattern is not \000 */ + if (c <= ' ' || c >= 127) + continue; } goto out; } else if (in_repetition && c == '/') { goto out; - } else if (tomoyo_invalid(c)) { + } else if (c <= ' ' || c >= 127) { goto out; } } |