From 2ca9bf453bdd478bcb6c01aa2d0bd4c2f4350563 Mon Sep 17 00:00:00 2001 From: Tetsuo Handa Date: Fri, 8 Jul 2011 13:23:44 +0900 Subject: TOMOYO: Allow using executable's realpath and symlink's target as conditions. This patch adds support for permission checks using executable file's realpath upon execve() and symlink's target upon symlink(). Hooks are in the last patch of this pathset. Signed-off-by: Tetsuo Handa Signed-off-by: James Morris --- security/tomoyo/gc.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'security/tomoyo/gc.c') diff --git a/security/tomoyo/gc.c b/security/tomoyo/gc.c index 21fccd67c255..e0502b6d5866 100644 --- a/security/tomoyo/gc.c +++ b/security/tomoyo/gc.c @@ -357,13 +357,18 @@ void tomoyo_del_condition(struct list_head *element) head.list); const u16 condc = cond->condc; const u16 numbers_count = cond->numbers_count; + const u16 names_count = cond->names_count; unsigned int i; const struct tomoyo_condition_element *condp = (const struct tomoyo_condition_element *) (cond + 1); struct tomoyo_number_union *numbers_p = (struct tomoyo_number_union *) (condp + condc); + struct tomoyo_name_union *names_p + = (struct tomoyo_name_union *) (numbers_p + numbers_count); for (i = 0; i < numbers_count; i++) tomoyo_put_number_union(numbers_p++); + for (i = 0; i < names_count; i++) + tomoyo_put_name_union(names_p++); } /** -- cgit v1.2.3