| /* |
| * security/tomoyo/domain.c |
| * |
| * Domain transition functions for TOMOYO. |
| * |
| * Copyright (C) 2005-2010 NTT DATA CORPORATION |
| */ |
| |
| #include "common.h" |
| #include <linux/binfmts.h> |
| #include <linux/slab.h> |
| |
| /* Variables definitions.*/ |
| |
| /* The initial domain. */ |
| struct tomoyo_domain_info tomoyo_kernel_domain; |
| |
| /** |
| * tomoyo_update_policy - Update an entry for exception policy. |
| * |
| * @new_entry: Pointer to "struct tomoyo_acl_info". |
| * @size: Size of @new_entry in bytes. |
| * @param: Pointer to "struct tomoyo_acl_param". |
| * @check_duplicate: Callback function to find duplicated entry. |
| * |
| * Returns 0 on success, negative value otherwise. |
| * |
| * Caller holds tomoyo_read_lock(). |
| */ |
| int tomoyo_update_policy(struct tomoyo_acl_head *new_entry, const int size, |
| struct tomoyo_acl_param *param, |
| bool (*check_duplicate) (const struct tomoyo_acl_head |
| *, |
| const struct tomoyo_acl_head |
| *)) |
| { |
| int error = param->is_delete ? -ENOENT : -ENOMEM; |
| struct tomoyo_acl_head *entry; |
| struct list_head *list = param->list; |
| |
| if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| return -ENOMEM; |
| list_for_each_entry_rcu(entry, list, list) { |
| if (!check_duplicate(entry, new_entry)) |
| continue; |
| entry->is_deleted = param->is_delete; |
| error = 0; |
| break; |
| } |
| if (error && !param->is_delete) { |
| entry = tomoyo_commit_ok(new_entry, size); |
| if (entry) { |
| list_add_tail_rcu(&entry->list, list); |
| error = 0; |
| } |
| } |
| mutex_unlock(&tomoyo_policy_lock); |
| return error; |
| } |
| |
| /** |
| * tomoyo_same_acl_head - Check for duplicated "struct tomoyo_acl_info" entry. |
| * |
| * @a: Pointer to "struct tomoyo_acl_info". |
| * @b: Pointer to "struct tomoyo_acl_info". |
| * |
| * Returns true if @a == @b, false otherwise. |
| */ |
| static inline bool tomoyo_same_acl_head(const struct tomoyo_acl_info *a, |
| const struct tomoyo_acl_info *b) |
| { |
| return a->type == b->type; |
| } |
| |
| /** |
| * tomoyo_update_domain - Update an entry for domain policy. |
| * |
| * @new_entry: Pointer to "struct tomoyo_acl_info". |
| * @size: Size of @new_entry in bytes. |
| * @param: Pointer to "struct tomoyo_acl_param". |
| * @check_duplicate: Callback function to find duplicated entry. |
| * @merge_duplicate: Callback function to merge duplicated entry. |
| * |
| * Returns 0 on success, negative value otherwise. |
| * |
| * Caller holds tomoyo_read_lock(). |
| */ |
| int tomoyo_update_domain(struct tomoyo_acl_info *new_entry, const int size, |
| struct tomoyo_acl_param *param, |
| bool (*check_duplicate) (const struct tomoyo_acl_info |
| *, |
| const struct tomoyo_acl_info |
| *), |
| bool (*merge_duplicate) (struct tomoyo_acl_info *, |
| struct tomoyo_acl_info *, |
| const bool)) |
| { |
| const bool is_delete = param->is_delete; |
| int error = is_delete ? -ENOENT : -ENOMEM; |
| struct tomoyo_acl_info *entry; |
| struct list_head * const list = param->list; |
| |
| if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| return error; |
| list_for_each_entry_rcu(entry, list, list) { |
| if (!tomoyo_same_acl_head(entry, new_entry) || |
| !check_duplicate(entry, new_entry)) |
| continue; |
| if (merge_duplicate) |
| entry->is_deleted = merge_duplicate(entry, new_entry, |
| is_delete); |
| else |
| entry->is_deleted = is_delete; |
| error = 0; |
| break; |
| } |
| if (error && !is_delete) { |
| entry = tomoyo_commit_ok(new_entry, size); |
| if (entry) { |
| list_add_tail_rcu(&entry->list, list); |
| error = 0; |
| } |
| } |
| mutex_unlock(&tomoyo_policy_lock); |
| return error; |
| } |
| |
| /** |
| * tomoyo_check_acl - Do permission check. |
| * |
| * @r: Pointer to "struct tomoyo_request_info". |
| * @check_entry: Callback function to check type specific parameters. |
| * |
| * Returns 0 on success, negative value otherwise. |
| * |
| * Caller holds tomoyo_read_lock(). |
| */ |
| void tomoyo_check_acl(struct tomoyo_request_info *r, |
| bool (*check_entry) (struct tomoyo_request_info *, |
| const struct tomoyo_acl_info *)) |
| { |
| const struct tomoyo_domain_info *domain = r->domain; |
| struct tomoyo_acl_info *ptr; |
| bool retried = false; |
| const struct list_head *list = &domain->acl_info_list; |
| |
| retry: |
| list_for_each_entry_rcu(ptr, list, list) { |
| if (ptr->is_deleted || ptr->type != r->param_type) |
| continue; |
| if (check_entry(r, ptr)) { |
| r->granted = true; |
| return; |
| } |
| } |
| if (!retried) { |
| retried = true; |
| list = &domain->ns->acl_group[domain->group]; |
| goto retry; |
| } |
| r->granted = false; |
| } |
| |
| /* The list for "struct tomoyo_domain_info". */ |
| LIST_HEAD(tomoyo_domain_list); |
| |
| /** |
| * tomoyo_last_word - Get last component of a domainname. |
| * |
| * @name: Domainname to check. |
| * |
| * Returns the last word of @domainname. |
| */ |
| static const char *tomoyo_last_word(const char *name) |
| { |
| const char *cp = strrchr(name, ' '); |
| if (cp) |
| return cp + 1; |
| return name; |
| } |
| |
| /** |
| * tomoyo_same_transition_control - Check for duplicated "struct tomoyo_transition_control" entry. |
| * |
| * @a: Pointer to "struct tomoyo_acl_head". |
| * @b: Pointer to "struct tomoyo_acl_head". |
| * |
| * Returns true if @a == @b, false otherwise. |
| */ |
| static bool tomoyo_same_transition_control(const struct tomoyo_acl_head *a, |
| const struct tomoyo_acl_head *b) |
| { |
| const struct tomoyo_transition_control *p1 = container_of(a, |
| typeof(*p1), |
| head); |
| const struct tomoyo_transition_control *p2 = container_of(b, |
| typeof(*p2), |
| head); |
| return p1->type == p2->type && p1->is_last_name == p2->is_last_name |
| && p1->domainname == p2->domainname |
| && p1->program == p2->program; |
| } |
| |
| /** |
| * tomoyo_write_transition_control - Write "struct tomoyo_transition_control" list. |
| * |
| * @param: Pointer to "struct tomoyo_acl_param". |
| * @type: Type of this entry. |
| * |
| * Returns 0 on success, negative value otherwise. |
| */ |
| int tomoyo_write_transition_control(struct tomoyo_acl_param *param, |
| const u8 type) |
| { |
| struct tomoyo_transition_control e = { .type = type }; |
| int error = param->is_delete ? -ENOENT : -ENOMEM; |
| char *program = param->data; |
| char *domainname = strstr(program, " from "); |
| if (domainname) { |
| *domainname = '\0'; |
| domainname += 6; |
| } else if (type == TOMOYO_TRANSITION_CONTROL_NO_KEEP || |
| type == TOMOYO_TRANSITION_CONTROL_KEEP) { |
| domainname = program; |
| program = NULL; |
| } |
| if (program && strcmp(program, "any")) { |
| if (!tomoyo_correct_path(program)) |
| return -EINVAL; |
| e.program = tomoyo_get_name(program); |
| if (!e.program) |
| goto out; |
| } |
| if (domainname && strcmp(domainname, "any")) { |
| if (!tomoyo_correct_domain(domainname)) { |
| if (!tomoyo_correct_path(domainname)) |
| goto out; |
| e.is_last_name = true; |
| } |
| e.domainname = tomoyo_get_name(domainname); |
| if (!e.domainname) |
| goto out; |
| } |
| param->list = ¶m->ns->policy_list[TOMOYO_ID_TRANSITION_CONTROL]; |
| error = tomoyo_update_policy(&e.head, sizeof(e), param, |
| tomoyo_same_transition_control); |
| out: |
| tomoyo_put_name(e.domainname); |
| tomoyo_put_name(e.program); |
| return error; |
| } |
| |
| /** |
| * tomoyo_scan_transition - Try to find specific domain transition type. |
| * |
| * @list: Pointer to "struct list_head". |
| * @domainname: The name of current domain. |
| * @program: The name of requested program. |
| * @last_name: The last component of @domainname. |
| * @type: One of values in "enum tomoyo_transition_type". |
| * |
| * Returns true if found one, false otherwise. |
| * |
| * Caller holds tomoyo_read_lock(). |
| */ |
| static inline bool tomoyo_scan_transition |
| (const struct list_head *list, const struct tomoyo_path_info *domainname, |
| const struct tomoyo_path_info *program, const char *last_name, |
| const enum tomoyo_transition_type type) |
| { |
| const struct tomoyo_transition_control *ptr; |
| list_for_each_entry_rcu(ptr, list, head.list) { |
| if (ptr->head.is_deleted || ptr->type != type) |
| continue; |
| if (ptr->domainname) { |
| if (!ptr->is_last_name) { |
| if (ptr->domainname != domainname) |
| continue; |
| } else { |
| /* |
| * Use direct strcmp() since this is |
| * unlikely used. |
| */ |
| if (strcmp(ptr->domainname->name, last_name)) |
| continue; |
| } |
| } |
| if (ptr->program && tomoyo_pathcmp(ptr->program, program)) |
| continue; |
| return true; |
| } |
| return false; |
| } |
| |
| /** |
| * tomoyo_transition_type - Get domain transition type. |
| * |
| * @ns: Pointer to "struct tomoyo_policy_namespace". |
| * @domainname: The name of current domain. |
| * @program: The name of requested program. |
| * |
| * Returns TOMOYO_TRANSITION_CONTROL_TRANSIT if executing @program causes |
| * domain transition across namespaces, TOMOYO_TRANSITION_CONTROL_INITIALIZE if |
| * executing @program reinitializes domain transition within that namespace, |
| * TOMOYO_TRANSITION_CONTROL_KEEP if executing @program stays at @domainname , |
| * others otherwise. |
| * |
| * Caller holds tomoyo_read_lock(). |
| */ |
| static enum tomoyo_transition_type tomoyo_transition_type |
| (const struct tomoyo_policy_namespace *ns, |
| const struct tomoyo_path_info *domainname, |
| const struct tomoyo_path_info *program) |
| { |
| const char *last_name = tomoyo_last_word(domainname->name); |
| enum tomoyo_transition_type type = TOMOYO_TRANSITION_CONTROL_NO_RESET; |
| while (type < TOMOYO_MAX_TRANSITION_TYPE) { |
| const struct list_head * const list = |
| &ns->policy_list[TOMOYO_ID_TRANSITION_CONTROL]; |
| if (!tomoyo_scan_transition(list, domainname, program, |
| last_name, type)) { |
| type++; |
| continue; |
| } |
| if (type != TOMOYO_TRANSITION_CONTROL_NO_RESET && |
| type != TOMOYO_TRANSITION_CONTROL_NO_INITIALIZE) |
| break; |
| /* |
| * Do not check for reset_domain if no_reset_domain matched. |
| * Do not check for initialize_domain if no_initialize_domain |
| * matched. |
| */ |
| type++; |
| type++; |
| } |
| return type; |
| } |
| |
| /** |
| * tomoyo_same_aggregator - Check for duplicated "struct tomoyo_aggregator" entry. |
| * |
| * @a: Pointer to "struct tomoyo_acl_head". |
| * @b: Pointer to "struct tomoyo_acl_head". |
| * |
| * Returns true if @a == @b, false otherwise. |
| */ |
| static bool tomoyo_same_aggregator(const struct tomoyo_acl_head *a, |
| const struct tomoyo_acl_head *b) |
| { |
| const struct tomoyo_aggregator *p1 = container_of(a, typeof(*p1), |
| head); |
| const struct tomoyo_aggregator *p2 = container_of(b, typeof(*p2), |
| head); |
| return p1->original_name == p2->original_name && |
| p1->aggregated_name == p2->aggregated_name; |
| } |
| |
| /** |
| * tomoyo_write_aggregator - Write "struct tomoyo_aggregator" list. |
| * |
| * @param: Pointer to "struct tomoyo_acl_param". |
| * |
| * Returns 0 on success, negative value otherwise. |
| * |
| * Caller holds tomoyo_read_lock(). |
| */ |
| int tomoyo_write_aggregator(struct tomoyo_acl_param *param) |
| { |
| struct tomoyo_aggregator e = { }; |
| int error = param->is_delete ? -ENOENT : -ENOMEM; |
| const char *original_name = tomoyo_read_token(param); |
| const char *aggregated_name = tomoyo_read_token(param); |
| if (!tomoyo_correct_word(original_name) || |
| !tomoyo_correct_path(aggregated_name)) |
| return -EINVAL; |
| e.original_name = tomoyo_get_name(original_name); |
| e.aggregated_name = tomoyo_get_name(aggregated_name); |
| if (!e.original_name || !e.aggregated_name || |
| e.aggregated_name->is_patterned) /* No patterns allowed. */ |
| goto out; |
| param->list = ¶m->ns->policy_list[TOMOYO_ID_AGGREGATOR]; |
| error = tomoyo_update_policy(&e.head, sizeof(e), param, |
| tomoyo_same_aggregator); |
| out: |
| tomoyo_put_name(e.original_name); |
| tomoyo_put_name(e.aggregated_name); |
| return error; |
| } |
| |
| /** |
| * tomoyo_find_namespace - Find specified namespace. |
| * |
| * @name: Name of namespace to find. |
| * @len: Length of @name. |
| * |
| * Returns pointer to "struct tomoyo_policy_namespace" if found, |
| * NULL otherwise. |
| * |
| * Caller holds tomoyo_read_lock(). |
| */ |
| static struct tomoyo_policy_namespace *tomoyo_find_namespace |
| (const char *name, const unsigned int len) |
| { |
| struct tomoyo_policy_namespace *ns; |
| list_for_each_entry(ns, &tomoyo_namespace_list, namespace_list) { |
| if (strncmp(name, ns->name, len) || |
| (name[len] && name[len] != ' ')) |
| continue; |
| return ns; |
| } |
| return NULL; |
| } |
| |
| /** |
| * tomoyo_assign_namespace - Create a new namespace. |
| * |
| * @domainname: Name of namespace to create. |
| * |
| * Returns pointer to "struct tomoyo_policy_namespace" on success, |
| * NULL otherwise. |
| * |
| * Caller holds tomoyo_read_lock(). |
| */ |
| struct tomoyo_policy_namespace *tomoyo_assign_namespace(const char *domainname) |
| { |
| struct tomoyo_policy_namespace *ptr; |
| struct tomoyo_policy_namespace *entry; |
| const char *cp = domainname; |
| unsigned int len = 0; |
| while (*cp && *cp++ != ' ') |
| len++; |
| ptr = tomoyo_find_namespace(domainname, len); |
| if (ptr) |
| return ptr; |
| if (len >= TOMOYO_EXEC_TMPSIZE - 10 || !tomoyo_domain_def(domainname)) |
| return NULL; |
| entry = kzalloc(sizeof(*entry) + len + 1, GFP_NOFS); |
| if (!entry) |
| return NULL; |
| if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| goto out; |
| ptr = tomoyo_find_namespace(domainname, len); |
| if (!ptr && tomoyo_memory_ok(entry)) { |
| char *name = (char *) (entry + 1); |
| ptr = entry; |
| memmove(name, domainname, len); |
| name[len] = '\0'; |
| entry->name = name; |
| tomoyo_init_policy_namespace(entry); |
| entry = NULL; |
| } |
| mutex_unlock(&tomoyo_policy_lock); |
| out: |
| kfree(entry); |
| return ptr; |
| } |
| |
| /** |
| * tomoyo_namespace_jump - Check for namespace jump. |
| * |
| * @domainname: Name of domain. |
| * |
| * Returns true if namespace differs, false otherwise. |
| */ |
| static bool tomoyo_namespace_jump(const char *domainname) |
| { |
| const char *namespace = tomoyo_current_namespace()->name; |
| const int len = strlen(namespace); |
| return strncmp(domainname, namespace, len) || |
| (domainname[len] && domainname[len] != ' '); |
| } |
| |
| /** |
| * tomoyo_assign_domain - Create a domain or a namespace. |
| * |
| * @domainname: The name of domain. |
| * @transit: True if transit to domain found or created. |
| * |
| * Returns pointer to "struct tomoyo_domain_info" on success, NULL otherwise. |
| * |
| * Caller holds tomoyo_read_lock(). |
| */ |
| struct tomoyo_domain_info *tomoyo_assign_domain(const char *domainname, |
| const bool transit) |
| { |
| struct tomoyo_domain_info e = { }; |
| struct tomoyo_domain_info *entry = tomoyo_find_domain(domainname); |
| bool created = false; |
| if (entry) { |
| if (transit) { |
| /* |
| * Since namespace is created at runtime, profiles may |
| * not be created by the moment the process transits to |
| * that domain. Do not perform domain transition if |
| * profile for that domain is not yet created. |
| */ |
| if (!entry->ns->profile_ptr[entry->profile]) |
| return NULL; |
| } |
| return entry; |
| } |
| /* Requested domain does not exist. */ |
| /* Don't create requested domain if domainname is invalid. */ |
| if (strlen(domainname) >= TOMOYO_EXEC_TMPSIZE - 10 || |
| !tomoyo_correct_domain(domainname)) |
| return NULL; |
| /* |
| * Since definition of profiles and acl_groups may differ across |
| * namespaces, do not inherit "use_profile" and "use_group" settings |
| * by automatically creating requested domain upon domain transition. |
| */ |
| if (transit && tomoyo_namespace_jump(domainname)) |
| return NULL; |
| e.ns = tomoyo_assign_namespace(domainname); |
| if (!e.ns) |
| return NULL; |
| /* |
| * "use_profile" and "use_group" settings for automatically created |
| * domains are inherited from current domain. These are 0 for manually |
| * created domains. |
| */ |
| if (transit) { |
| const struct tomoyo_domain_info *domain = tomoyo_domain(); |
| e.profile = domain->profile; |
| e.group = domain->group; |
| } |
| e.domainname = tomoyo_get_name(domainname); |
| if (!e.domainname) |
| return NULL; |
| if (mutex_lock_interruptible(&tomoyo_policy_lock)) |
| goto out; |
| entry = tomoyo_find_domain(domainname); |
| if (!entry) { |
| entry = tomoyo_commit_ok(&e, sizeof(e)); |
| if (entry) { |
| INIT_LIST_HEAD(&entry->acl_info_list); |
| list_add_tail_rcu(&entry->list, &tomoyo_domain_list); |
| created = true; |
| } |
| } |
| mutex_unlock(&tomoyo_policy_lock); |
| out: |
| tomoyo_put_name(e.domainname); |
| if (entry && transit) { |
| if (created) { |
| struct tomoyo_request_info r; |
| tomoyo_init_request_info(&r, entry, |
| TOMOYO_MAC_FILE_EXECUTE); |
| r.granted = false; |
| tomoyo_write_log(&r, "use_profile %u\n", |
| entry->profile); |
| tomoyo_write_log(&r, "use_group %u\n", entry->group); |
| } |
| } |
| return entry; |
| } |
| |
| /** |
| * tomoyo_find_next_domain - Find a domain. |
| * |
| * @bprm: Pointer to "struct linux_binprm". |
| * |
| * Returns 0 on success, negative value otherwise. |
| * |
| * Caller holds tomoyo_read_lock(). |
| */ |
| int tomoyo_find_next_domain(struct linux_binprm *bprm) |
| { |
| struct tomoyo_request_info r; |
| char *tmp = kzalloc(TOMOYO_EXEC_TMPSIZE, GFP_NOFS); |
| struct tomoyo_domain_info *old_domain = tomoyo_domain(); |
| struct tomoyo_domain_info *domain = NULL; |
| const char *original_name = bprm->filename; |
| u8 mode; |
| bool is_enforce; |
| int retval = -ENOMEM; |
| bool need_kfree = false; |
| bool reject_on_transition_failure = false; |
| struct tomoyo_path_info rn = { }; /* real name */ |
| |
| mode = tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE); |
| is_enforce = (mode == TOMOYO_CONFIG_ENFORCING); |
| if (!tmp) |
| goto out; |
| |
| retry: |
| if (need_kfree) { |
| kfree(rn.name); |
| need_kfree = false; |
| } |
| /* Get symlink's pathname of program. */ |
| retval = -ENOENT; |
| rn.name = tomoyo_realpath_nofollow(original_name); |
| if (!rn.name) |
| goto out; |
| tomoyo_fill_path_info(&rn); |
| need_kfree = true; |
| |
| /* Check 'aggregator' directive. */ |
| { |
| struct tomoyo_aggregator *ptr; |
| struct list_head *list = |
| &old_domain->ns->policy_list[TOMOYO_ID_AGGREGATOR]; |
| /* Check 'aggregator' directive. */ |
| list_for_each_entry_rcu(ptr, list, head.list) { |
| if (ptr->head.is_deleted || |
| !tomoyo_path_matches_pattern(&rn, |
| ptr->original_name)) |
| continue; |
| kfree(rn.name); |
| need_kfree = false; |
| /* This is OK because it is read only. */ |
| rn = *ptr->aggregated_name; |
| break; |
| } |
| } |
| |
| /* Check execute permission. */ |
| retval = tomoyo_path_permission(&r, TOMOYO_TYPE_EXECUTE, &rn); |
| if (retval == TOMOYO_RETRY_REQUEST) |
| goto retry; |
| if (retval < 0) |
| goto out; |
| /* |
| * To be able to specify domainnames with wildcards, use the |
| * pathname specified in the policy (which may contain |
| * wildcard) rather than the pathname passed to execve() |
| * (which never contains wildcard). |
| */ |
| if (r.param.path.matched_path) { |
| if (need_kfree) |
| kfree(rn.name); |
| need_kfree = false; |
| /* This is OK because it is read only. */ |
| rn = *r.param.path.matched_path; |
| } |
| |
| /* Calculate domain to transit to. */ |
| switch (tomoyo_transition_type(old_domain->ns, old_domain->domainname, |
| &rn)) { |
| case TOMOYO_TRANSITION_CONTROL_RESET: |
| /* Transit to the root of specified namespace. */ |
| snprintf(tmp, TOMOYO_EXEC_TMPSIZE - 1, "<%s>", rn.name); |
| /* |
| * Make do_execve() fail if domain transition across namespaces |
| * has failed. |
| */ |
| reject_on_transition_failure = true; |
| break; |
| case TOMOYO_TRANSITION_CONTROL_INITIALIZE: |
| /* Transit to the child of current namespace's root. */ |
| snprintf(tmp, TOMOYO_EXEC_TMPSIZE - 1, "%s %s", |
| old_domain->ns->name, rn.name); |
| break; |
| case TOMOYO_TRANSITION_CONTROL_KEEP: |
| /* Keep current domain. */ |
| domain = old_domain; |
| break; |
| default: |
| if (old_domain == &tomoyo_kernel_domain && |
| !tomoyo_policy_loaded) { |
| /* |
| * Needn't to transit from kernel domain before |
| * starting /sbin/init. But transit from kernel domain |
| * if executing initializers because they might start |
| * before /sbin/init. |
| */ |
| domain = old_domain; |
| } else { |
| /* Normal domain transition. */ |
| snprintf(tmp, TOMOYO_EXEC_TMPSIZE - 1, "%s %s", |
| old_domain->domainname->name, rn.name); |
| } |
| break; |
| } |
| if (!domain) |
| domain = tomoyo_assign_domain(tmp, true); |
| if (domain) |
| retval = 0; |
| else if (reject_on_transition_failure) { |
| printk(KERN_WARNING "ERROR: Domain '%s' not ready.\n", tmp); |
| retval = -ENOMEM; |
| } else if (r.mode == TOMOYO_CONFIG_ENFORCING) |
| retval = -ENOMEM; |
| else { |
| retval = 0; |
| if (!old_domain->flags[TOMOYO_DIF_TRANSITION_FAILED]) { |
| old_domain->flags[TOMOYO_DIF_TRANSITION_FAILED] = true; |
| r.granted = false; |
| tomoyo_write_log(&r, "%s", tomoyo_dif |
| [TOMOYO_DIF_TRANSITION_FAILED]); |
| printk(KERN_WARNING |
| "ERROR: Domain '%s' not defined.\n", tmp); |
| } |
| } |
| out: |
| if (!domain) |
| domain = old_domain; |
| /* Update reference count on "struct tomoyo_domain_info". */ |
| atomic_inc(&domain->users); |
| bprm->cred->security = domain; |
| if (need_kfree) |
| kfree(rn.name); |
| kfree(tmp); |
| return retval; |
| } |