commit 97fb35e413f256ded07b88c73b3d932ec31ea84e
author Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Fri Jul 08 13:25:53 2011 +0900
committer James Morris <jmorris@namei.org> Mon Jul 11 11:05:34 2011 +1000
tree d16cb1dcb6d16938aa01c071fdcd1cbbf85b5153
parent 5b636857fee642694e287e3a181b523b16098c93

TOMOYO: Enable conditional ACL.

Enable conditional ACL by passing object's pointers.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>

security/tomoyo/mount.c

diff --git a/security/tomoyo/mount.c b/security/tomoyo/mount.c
index 0bbba8b..4083853 100644
--- a/security/tomoyo/mount.c
+++ b/security/tomoyo/mount.c
@@ -75,6 +75,7 @@
 			    struct path *dir, const char *type,
 			    unsigned long flags)
 {
+	struct tomoyo_obj_info obj = { };
 	struct path path;
 	struct file_system_type *fstype = NULL;
 	const char *requested_type = NULL;
@@ -85,6 +86,7 @@
 	struct tomoyo_path_info rdir;
 	int need_dev = 0;
 	int error = -ENOMEM;
+	r->obj = &obj;
 
 	/* Get fstype. */
 	requested_type = tomoyo_encode(type);
@@ -94,6 +96,7 @@
 	tomoyo_fill_path_info(&rtype);
 
 	/* Get mount point. */
+	obj.path2 = *dir;
 	requested_dir_name = tomoyo_realpath_from_path(dir);
 	if (!requested_dir_name) {
 		error = -ENOMEM;
@@ -129,8 +132,8 @@
 			error = -ENOENT;
 			goto out;
 		}
+		obj.path1 = path;
 		requested_dev_name = tomoyo_realpath_from_path(&path);
-		path_put(&path);
 		if (!requested_dev_name) {
 			error = -ENOENT;
 			goto out;
@@ -163,6 +166,9 @@
 	if (fstype)
 		put_filesystem(fstype);
 	kfree(requested_type);
+	/* Drop refcount obtained by kern_path(). */
+	if (obj.path1.dentry)
+		path_put(&obj.path1);
 	return error;
 }