xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Vork 0
Code Kwesties Pull-aanvragen Actions Packages Projecten Publicaties Wiki Activiteit

TOMOYO: Allow using executable's realpath and symlink's target as conditions.

Bladeren bron 
This patch adds support for permission checks using executable file's realpath
upon execve() and symlink's target upon symlink(). Hooks are in the last patch
of this pathset.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Tetsuo Handa
2011-07-08 13:23:44 +09:00
gecommit door James Morris
bovenliggende 8761afd49e
commit 2ca9bf453b
5 gewijzigde bestanden met toevoegingen van 228 en 4 verwijderingen
Download Patch-bestand Download Diff-bestand Expand all files Collapse all files

5
security/tomoyo/gc.c
Bestand weergeven

@@ -357,13 +357,18 @@ void tomoyo_del_condition(struct list_head *element)
head.list);
const u16 condc = cond->condc;
const u16 numbers_count = cond->numbers_count;
const u16 names_count = cond->names_count;
unsigned int i;
const struct tomoyo_condition_element *condp
= (const struct tomoyo_condition_element *) (cond + 1);
struct tomoyo_number_union *numbers_p
= (struct tomoyo_number_union *) (condp + condc);
struct tomoyo_name_union *names_p
= (struct tomoyo_name_union *) (numbers_p + numbers_count);
for (i = 0; i < numbers_count; i++)
tomoyo_put_number_union(numbers_p++);
for (i = 0; i < names_count; i++)
tomoyo_put_name_union(names_p++);
}
/**