diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2010-10-21 12:41:19 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2010-10-21 12:41:19 -0700 |
| commit | a8fe1500986c32b46b36118aa250f6badca11bfc (patch) | |
| tree | d5517e16e633fa0c54248f27b5921e8ac4e4a459 /security/tomoyo/common.c | |
| parent | 94ebd235c493f43681f609b0e02733337053e8f0 (diff) | |
| parent | f0d3d9894e43fc68d47948e2c6f03e32da88b799 (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (26 commits)
selinux: include vmalloc.h for vmalloc_user
secmark: fix config problem when CONFIG_NF_CONNTRACK_SECMARK is not set
selinux: implement mmap on /selinux/policy
SELinux: allow userspace to read policy back out of the kernel
SELinux: drop useless (and incorrect) AVTAB_MAX_SIZE
SELinux: deterministic ordering of range transition rules
kernel: roundup should only reference arguments once
kernel: rounddown helper function
secmark: export secctx, drop secmark in procfs
conntrack: export lsm context rather than internal secid via netlink
security: secid_to_secctx returns len when data is NULL
secmark: make secmark object handling generic
secmark: do not return early if there was no error
AppArmor: Ensure the size of the copy is < the buffer allocated to hold it
TOMOYO: Print URL information before panic().
security: remove unused parameter from security_task_setscheduler()
tpm: change 'tpm_suspend_pcr' to be module parameter
selinux: fix up style problem on /selinux/status
selinux: change to new flag variable
selinux: really fix dependency causing parallel compile failure.
...
Diffstat (limited to 'security/tomoyo/common.c')
| -rw-r--r-- | security/tomoyo/common.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index c668b447c725..7556315c1978 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c @@ -768,8 +768,10 @@ static bool tomoyo_select_one(struct tomoyo_io_buffer *head, const char *data) return true; /* Do nothing if open(O_WRONLY). */ memset(&head->r, 0, sizeof(head->r)); head->r.print_this_domain_only = true; - head->r.eof = !domain; - head->r.domain = &domain->list; + if (domain) + head->r.domain = &domain->list; + else + head->r.eof = 1; tomoyo_io_printf(head, "# select %s\n", data); if (domain && domain->is_deleted) tomoyo_io_printf(head, "# This is a deleted domain.\n"); @@ -2051,13 +2053,22 @@ void tomoyo_check_profile(void) const u8 profile = domain->profile; if (tomoyo_profile_ptr[profile]) continue; + printk(KERN_ERR "You need to define profile %u before using it.\n", + profile); + printk(KERN_ERR "Please see http://tomoyo.sourceforge.jp/2.3/ " + "for more information.\n"); panic("Profile %u (used by '%s') not defined.\n", profile, domain->domainname->name); } tomoyo_read_unlock(idx); - if (tomoyo_profile_version != 20090903) + if (tomoyo_profile_version != 20090903) { + printk(KERN_ERR "You need to install userland programs for " + "TOMOYO 2.3 and initialize policy configuration.\n"); + printk(KERN_ERR "Please see http://tomoyo.sourceforge.jp/2.3/ " + "for more information.\n"); panic("Profile version %u is not supported.\n", tomoyo_profile_version); + } printk(KERN_INFO "TOMOYO: 2.3.0\n"); printk(KERN_INFO "Mandatory Access Control activated.\n"); } |