diff options
| author |   Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2011-06-26 23:20:23 +0900 |
|---|---|---|
| committer |   James Morris <jmorris@namei.org> | 2011-06-29 09:31:21 +1000 |
| commit | 5625f2e3266319fd29fe4f1c76ccd3f550c79ac4 (patch) | |
| tree | 190e96d956213b22da705872094ebdf5272af972 /security/tomoyo/common.c | |
| parent | TOMOYO: Add policy namespace support. (diff) | |
| download | linux-dev-5625f2e3266319fd29fe4f1c76ccd3f550c79ac4.tar.xz linux-dev-5625f2e3266319fd29fe4f1c76ccd3f550c79ac4.zip | |
TOMOYO: Change pathname for non-rename()able filesystems.
TOMOYO wants to use /proc/self/ rather than /proc/$PID/ if $PID matches current
thread's process ID in order to prevent current thread from accessing other
process's information unless needed.
But since procfs can be mounted on various locations (e.g. /proc/ /proc2/ /p/
/tmp/foo/100/p/ ), TOMOYO cannot tell that whether the numeric part in the
string returned by __d_path() represents process ID or not.
Therefore, to be able to convert from $PID to self no matter where procfs is
mounted, this patch changes pathname representations for filesystems which do
not support rename() operation (e.g. proc, sysfs, securityfs).
Examples:
/proc/self/mounts => proc:/self/mounts
/sys/kernel/security/ => sys:/kernel/security/
/dev/pts/0 => devpts:/0
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/common.c')
0 files changed, 0 insertions, 0 deletions