From 484ca79c653121d3c79fffb86e1deea724f2e20b Mon Sep 17 00:00:00 2001
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Date: Thu, 29 Jul 2010 14:29:55 +0900
Subject: TOMOYO: Use pathname specified by policy rather than execve()

Commit c9e69318 "TOMOYO: Allow wildcard for execute permission." changed execute
permission and domainname to accept wildcards. But tomoyo_find_next_domain()
was using pathname passed to execve() rather than pathname specified by the
execute permission. As a result, processes were not able to transit to domains
which contain wildcards in their domainnames.

This patch passes pathname specified by the execute permission back to
tomoyo_find_next_domain() so that processes can transit to domains which
contain wildcards in their domainnames.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/tomoyo/mount.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'security/tomoyo/mount.c')

diff --git a/security/tomoyo/mount.c b/security/tomoyo/mount.c
index cfeff87..82bf8c2 100644
--- a/security/tomoyo/mount.c
+++ b/security/tomoyo/mount.c
@@ -60,7 +60,7 @@ static int tomoyo_audit_mount_log(struct tomoyo_request_info *r)
 				 flags);
 }
 
-static bool tomoyo_check_mount_acl(const struct tomoyo_request_info *r,
+static bool tomoyo_check_mount_acl(struct tomoyo_request_info *r,
 				   const struct tomoyo_acl_info *ptr)
 {
 	const struct tomoyo_mount_acl *acl =
-- 
cgit v1.1