summaryrefslogtreecommitdiffstats
path: root/security/tomoyo/common.c
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2010-06-03 20:38:03 +0900
committerJames Morris <jmorris@namei.org>2010-08-02 15:33:42 +1000
commit1084307ca097745ed6e40a192329b133a49271ac (patch)
treef3b2e81705afb4ca3006ebb931aa0aad426ace02 /security/tomoyo/common.c
parent3f629636320dfa65804779a3fc333f3147f3b064 (diff)
TOMOYO: Add pathname aggregation support.
This patch allows users to aggregate programs which provide similar functionality (e.g. /usr/bin/vi and /usr/bin/emacs ). Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/common.c')
-rw-r--r--security/tomoyo/common.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 3f94011c641..bdf1ed7ca45 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -1141,6 +1141,8 @@ static int tomoyo_write_exception_policy(struct tomoyo_io_buffer *head)
if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_NO_INITIALIZE_DOMAIN))
return tomoyo_write_domain_initializer_policy(data, true,
is_delete);
+ if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_AGGREGATOR))
+ return tomoyo_write_aggregator_policy(data, is_delete);
if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_ALIAS))
return tomoyo_write_alias_policy(data, is_delete);
if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_ALLOW_READ))
@@ -1196,6 +1198,8 @@ static int tomoyo_read_exception_policy(struct tomoyo_io_buffer *head)
head->read_var2 = NULL;
head->read_step = 6;
case 6:
+ if (!tomoyo_read_aggregator_policy(head))
+ break;
head->read_var2 = NULL;
head->read_step = 7;
case 7: