From 545a7260343bbaf11c7f1a4b8c3d9660bb9266e5 Mon Sep 17 00:00:00 2001 From: Tetsuo Handa Date: Tue, 11 Oct 2011 14:06:41 +0900 Subject: TOMOYO: Fix quota and garbage collector. Commit 059d84db "TOMOYO: Add socket operation restriction support" and commit 731d37aa "TOMOYO: Allow domain transition without execve()." forgot to update tomoyo_domain_quota_is_ok() and tomoyo_del_acl() which results in incorrect quota counting and memory leak. Signed-off-by: Tetsuo Handa Signed-off-by: James Morris --- security/tomoyo/util.c | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'security/tomoyo/util.c') diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c index 50e9b4c73ceb..4a9b4b2eb755 100644 --- a/security/tomoyo/util.c +++ b/security/tomoyo/util.c @@ -1057,6 +1057,17 @@ bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r) perm = container_of(ptr, struct tomoyo_mkdev_acl, head)->perm; break; + case TOMOYO_TYPE_INET_ACL: + perm = container_of(ptr, struct tomoyo_inet_acl, + head)->perm; + break; + case TOMOYO_TYPE_UNIX_ACL: + perm = container_of(ptr, struct tomoyo_unix_acl, + head)->perm; + break; + case TOMOYO_TYPE_MANUAL_TASK_ACL: + perm = 0; + break; default: perm = 1; } -- cgit v1.2.3