linux.git/security/tomoyo, branch v2.6.31 Linux kernel source tree TOMOYO: Add description of lists and structures. 2009-06-08T23:30:24+00:00 Tetsuo Handa penguin-kernel@i-love.sakura.ne.jp 2009-06-08T03:37:39+00:00 c3fa109a5894077d1eaf8731ea741a15dd117b3c This patch adds some descriptions of lists and structures. This patch contains no code changes. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org> 
This patch adds some descriptions of lists and structures.
This patch contains no code changes.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
TOMOYO: Remove unused field. 2009-06-08T23:30:21+00:00 Tetsuo Handa penguin-kernel@i-love.sakura.ne.jp 2009-06-05T05:44:58+00:00 5bf1692f65c12a8aa359dc883468284ffc3c4587 TOMOYO 2.2.0 is not using total_len field of "struct tomoyo_path_info". Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org> 
TOMOYO 2.2.0 is not using total_len field of "struct tomoyo_path_info".

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Merge branch 'master' into next 2009-06-08T23:27:53+00:00 James Morris jmorris@namei.org 2009-06-08T23:27:53+00:00 0b4ec6e4e01d98e55ae325a41304cccd87fa4c0f 






TOMOYO: Remove unused parameter.
2009-06-04T07:35:18+00:00

Tetsuo Handa
penguin-kernel@i-love.sakura.ne.jp

2009-06-04T06:14:34+00:00

bcb86975dbcc24f820f1a37918d53914af29ace7

TOMOYO 2.2.0 does not check argv[] and envp[] upon execve().
We don't need to pass "struct tomoyo_page_buffer".

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>





TOMOYO 2.2.0 does not check argv[] and envp[] upon execve().
We don't need to pass "struct tomoyo_page_buffer".

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>







TOMOYO: Simplify policy reader.
2009-06-02T21:51:51+00:00

Tetsuo Handa
penguin-kernel@I-love.SAKURA.ne.jp

2009-06-02T11:42:24+00:00

7d2948b1248109dbc7f4aaf9867c54b1912d494c

We can directly assign the result of tomoyo_io_printf() to done flag.

Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp>
Signed-off-by: James Morris <jmorris@namei.org>





We can directly assign the result of tomoyo_io_printf() to done flag.

Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp>
Signed-off-by: James Morris <jmorris@namei.org>







TOMOYO: Remove redundant markers.
2009-06-02T21:50:06+00:00

Tetsuo Handa
penguin-kernel@i-love.sakura.ne.jp

2009-06-02T05:23:39+00:00

ab588ccadc80f6ef5495e83e176e88c5c0fc2d0e

Remove '/***** START/STOP *****/' markers.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>





Remove '/***** START/STOP *****/' markers.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>







TOMOYO: Remove unused mutex.
2009-06-02T11:19:54+00:00

Tetsuo Handa
penguin-kernel@i-love.sakura.ne.jp

2009-06-02T08:00:45+00:00

fe67e6f2d6df371b58ba721954d45a196df5e8b8

I forgot to remove on TOMOYO's 15th posting.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>





I forgot to remove on TOMOYO's 15th posting.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>







tomoyo: avoid get+put of task_struct
2009-06-02T05:13:13+00:00

Serge E. Hallyn
serue@us.ibm.com

2009-06-02T03:47:19+00:00

fbeb4a9c20d00e2550156f9e5a34473fbde59de2

Use task_cred_xxx(task, security) in tomoyo_real_domain() to
avoid a get+put of the target cred.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>





Use task_cred_xxx(task, security) in tomoyo_real_domain() to
avoid a get+put of the target cred.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>







tomoyo: add missing call to cap_bprm_set_creds
2009-05-26T23:46:48+00:00

Herton Ronaldo Krzesinski
herton@mandriva.com.br

2009-05-26T03:15:53+00:00

b1338d199dda6681d9af0297928af0a7eb9cba7b

cap_bprm_set_creds() has to be called from security_bprm_set_creds().
TOMOYO forgot to call cap_bprm_set_creds() from tomoyo_bprm_set_creds()
and suid executables were not being working.

Make sure we call cap_bprm_set_creds() with TOMOYO, to set credentials
properly inside tomoyo_bprm_set_creds().

Signed-off-by: Herton Ronaldo Krzesinski <herton@mandriva.com.br>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>





cap_bprm_set_creds() has to be called from security_bprm_set_creds().
TOMOYO forgot to call cap_bprm_set_creds() from tomoyo_bprm_set_creds()
and suid executables were not being working.

Make sure we call cap_bprm_set_creds() with TOMOYO, to set credentials
properly inside tomoyo_bprm_set_creds().

Signed-off-by: Herton Ronaldo Krzesinski <herton@mandriva.com.br>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>







Reduce path_lookup() abuses
2009-05-09T14:49:42+00:00

Al Viro
viro@zeniv.linux.org.uk

2009-04-03T01:17:03+00:00

e24977d45f45d1675e050dc1a0aaf4bfc4ca9866

... use kern_path() where possible

[folded a fix from rdd]

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>





... use kern_path() where possible

[folded a fix from rdd]

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>