TOMOYO: Fix domain transition failure warning.

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Commit bd03a3e4 "TOMOYO: Add policy namespace support." introduced policy
namespace. But as of /sbin/modprobe is executed from initramfs/initrd, profiles
for target domain's namespace is not defined because /sbin/tomoyo-init is not
yet called.

Reported-by: Jamie Nguyen <jamie@tomoyolinux.co.uk>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>

authored by

Tetsuo Handa and committed by

James Morris 14 years ago e00fb3f7 c6cb56fc

+2 -1

1 changed file

expand all

security

tomoyo

domain.c

+2 -1

security/tomoyo/domain.c

··· 515 515 * that domain. Do not perform domain transition if 516 516 * profile for that domain is not yet created. 517 517 */ 518 - if (!entry->ns->profile_ptr[entry->profile]) 518 + if (tomoyo_policy_loaded && 519 + !entry->ns->profile_ptr[entry->profile]) 519 520 return NULL; 520 521 } 521 522 return entry;