Merge tag 'fsdax-for-5.1' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm

[linux.git] / security / tomoyo / securityfs_if.c

diff --git a/security/tomoyo/securityfs_if.c b/security/tomoyo/securityfs_if.c
index 1d3d7e7a1f055a187aac486506ca3d13cba7da20..546281c5b233afb4a91968d524bffceeba9f96d4 100644 (file)
--- a/security/tomoyo/securityfs_if.c
+++ b/security/tomoyo/securityfs_if.c
@@ -21,6 +21,7 @@ static bool tomoyo_check_task_acl(struct tomoyo_request_info *r,
 {
        const struct tomoyo_task_acl *acl = container_of(ptr, typeof(*acl),
                                                         head);
+
        return !tomoyo_pathcmp(r->param.task.domainname, acl->domainname);
 }
 
@@ -42,6 +43,7 @@ static ssize_t tomoyo_write_self(struct file *file, const char __user *buf,
 {
        char *data;
        int error;
+
        if (!count || count >= TOMOYO_EXEC_TMPSIZE - 10)
                return -ENOMEM;
        data = memdup_user_nul(buf, count);
@@ -52,6 +54,7 @@ static ssize_t tomoyo_write_self(struct file *file, const char __user *buf,
                const int idx = tomoyo_read_lock();
                struct tomoyo_path_info name;
                struct tomoyo_request_info r;
+
                name.name = data;
                tomoyo_fill_path_info(&name);
                /* Check "task manual_domain_transition" permission. */
@@ -67,18 +70,14 @@ static ssize_t tomoyo_write_self(struct file *file, const char __user *buf,
                        if (!new_domain) {
                                error = -ENOENT;
                        } else {
-                               struct cred *cred = prepare_creds();
-                               if (!cred) {
-                                       error = -ENOMEM;
-                               } else {
-                                       struct tomoyo_domain_info *old_domain =
-                                               cred->security;
-                                       cred->security = new_domain;
-                                       atomic_inc(&new_domain->users);
-                                       atomic_dec(&old_domain->users);
-                                       commit_creds(cred);
-                                       error = 0;
-                               }
+                               struct tomoyo_task *s = tomoyo_task(current);
+                               struct tomoyo_domain_info *old_domain =
+                                       s->domain_info;
+
+                               s->domain_info = new_domain;
+                               atomic_inc(&new_domain->users);
+                               atomic_dec(&old_domain->users);
+                               error = 0;
                        }
                }
                tomoyo_read_unlock(idx);
@@ -104,6 +103,7 @@ static ssize_t tomoyo_read_self(struct file *file, char __user *buf,
        const char *domain = tomoyo_domain()->domainname->name;
        loff_t len = strlen(domain);
        loff_t pos = *ppos;
+
        if (pos >= len || !count)
                return 0;
        len -= pos;
@@ -234,10 +234,14 @@ static void __init tomoyo_create_entry(const char *name, const umode_t mode,
  */
 static int __init tomoyo_initerface_init(void)
 {
+       struct tomoyo_domain_info *domain;
        struct dentry *tomoyo_dir;
 
+       if (!tomoyo_enabled)
+               return 0;
+       domain = tomoyo_domain();
        /* Don't create securityfs entries unless registered. */
-       if (current_cred()->security != &tomoyo_kernel_domain)
+       if (domain != &tomoyo_kernel_domain)
                return 0;
 
        tomoyo_dir = securityfs_create_dir("tomoyo", NULL);