From 7c75964f432d14062d8eccfc916aa290f56b5aab Mon Sep 17 00:00:00 2001 From: Tetsuo Handa Date: Sun, 26 Jun 2011 23:15:31 +0900 Subject: TOMOYO: Cleanup part 1. In order to synchronize with TOMOYO 1.8's syntax, (1) Remove special handling for allow_read/write permission. (2) Replace deny_rewrite/allow_rewrite permission with allow_append permission. (3) Remove file_pattern keyword. (4) Remove allow_read permission from exception policy. (5) Allow creating domains in enforcing mode without calling supervisor. (6) Add permission check for opening directory for reading. (7) Add permission check for stat() operation. (8) Make "cat < /sys/kernel/security/tomoyo/self_domain" behave as if "cat /sys/kernel/security/tomoyo/self_domain". Signed-off-by: Tetsuo Handa Signed-off-by: James Morris --- security/tomoyo/mount.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'security/tomoyo/mount.c') diff --git a/security/tomoyo/mount.c b/security/tomoyo/mount.c index 162a864dba24..f1d9e1a9eff4 100644 --- a/security/tomoyo/mount.c +++ b/security/tomoyo/mount.c @@ -55,9 +55,8 @@ static int tomoyo_audit_mount_log(struct tomoyo_request_info *r) flags); return tomoyo_supervisor(r, TOMOYO_KEYWORD_ALLOW_MOUNT "%s %s %s 0x%lX\n", - tomoyo_pattern(r->param.mount.dev), - tomoyo_pattern(r->param.mount.dir), type, - flags); + r->param.mount.dev->name, + r->param.mount.dir->name, type, flags); } static bool tomoyo_check_mount_acl(struct tomoyo_request_info *r, -- cgit v1.2.3