diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2011-09-27 11:48:53 +0900 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-09-28 11:53:15 +1000 |
commit | e00fb3f7af111d1b3252f7d622213d2e22be65f5 (patch) | |
tree | 387b90728d0a1657e94d530c81e69c9b197f1c1c | |
parent | c6cb56fc94f4efaec2d4ad74bed2be7883179ccd (diff) |
TOMOYO: Fix domain transition failure warning.
Commit bd03a3e4 "TOMOYO: Add policy namespace support." introduced policy
namespace. But as of /sbin/modprobe is executed from initramfs/initrd, profiles
for target domain's namespace is not defined because /sbin/tomoyo-init is not
yet called.
Reported-by: Jamie Nguyen <jamie@tomoyolinux.co.uk>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/tomoyo/domain.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index da16dfeed72..9027ac1534a 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c @@ -515,7 +515,8 @@ struct tomoyo_domain_info *tomoyo_assign_domain(const char *domainname, * that domain. Do not perform domain transition if * profile for that domain is not yet created. */ - if (!entry->ns->profile_ptr[entry->profile]) + if (tomoyo_policy_loaded && + !entry->ns->profile_ptr[entry->profile]) return NULL; } return entry; |