summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2011-09-27 11:48:53 +0900
committerJames Morris <jmorris@namei.org>2011-09-28 11:53:15 +1000
commite00fb3f7af111d1b3252f7d622213d2e22be65f5 (patch)
tree387b90728d0a1657e94d530c81e69c9b197f1c1c
parentc6cb56fc94f4efaec2d4ad74bed2be7883179ccd (diff)
TOMOYO: Fix domain transition failure warning.
Commit bd03a3e4 "TOMOYO: Add policy namespace support." introduced policy namespace. But as of /sbin/modprobe is executed from initramfs/initrd, profiles for target domain's namespace is not defined because /sbin/tomoyo-init is not yet called. Reported-by: Jamie Nguyen <jamie@tomoyolinux.co.uk> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--security/tomoyo/domain.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index da16dfeed72..9027ac1534a 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -515,7 +515,8 @@ struct tomoyo_domain_info *tomoyo_assign_domain(const char *domainname,
* that domain. Do not perform domain transition if
* profile for that domain is not yet created.
*/
- if (!entry->ns->profile_ptr[entry->profile])
+ if (tomoyo_policy_loaded &&
+ !entry->ns->profile_ptr[entry->profile])
return NULL;
}
return entry;