TOMOYO: Fix incorrect enforce mode.

In tomoyo_get_mode() since 2.6.36, CONFIG::file::execute was by error used in place of CONFIG::file if CONFIG::file::execute was set to other than default. As a result, enforcing mode was not applied in a way documentation says. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>

TOMOYO: Fix incorrect enforce mode.
In tomoyo_get_mode() since 2.6.36, CONFIG::file::execute was by error used in place of CONFIG::file if CONFIG::file::execute was set to other than default. As a result, enforcing mode was not applied in a way documentation says. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
85258415 · Tetsuo Handa · James Morris · 403d1d03 · 85258415
Commit 85258415 authored Aug 25, 2011 by Tetsuo Handa Committed by James Morris Sep 09, 2011
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletion

security/tomoyo/util.c security/tomoyo/util.c +2 -1

No files found.
--- a/security/tomoyo/util.c
+++ b/security/tomoyo/util.c
@@ -925,7 +925,8 @@ int tomoyo_get_mode(const struct tomoyo_policy_namespace *ns, const u8 profile,
 		return TOMOYO_CONFIG_DISABLED;
 	mode = tomoyo_profile(ns, profile)->config[index];
 	if (mode == TOMOYO_CONFIG_USE_DEFAULT)
-		mode = tomoyo_profile(ns, profile)->config[category];
+		mode = tomoyo_profile(ns, profile)->config
+			[category + TOMOYO_MAX_MAC_INDEX];
 	if (mode == TOMOYO_CONFIG_USE_DEFAULT)
 		mode = tomoyo_profile(ns, profile)->default_config;
 	return mode & 3;