Am 16.03.2012 19:55, schrieb santosh nayak: > From: Santosh Nayak <santoshprasadnayak@xxxxxxxxx> > > Call sequence: > tomoyo_write_domain() --> tomoyo_delete_domain() > > In 'tomoyo_delete_domain', return -EINTR if locking attempt is > interrupted by signal. > > At present it returns success to its caller 'tomoyo_write_domain()' > even though domain is not deleted. 'tomoyo_write_domain()' assumes > domain is deleted and returns success to its caller. This is > wrong behaviour. > > 'tomoyo_write_domain' should return error '-EAGAIN' to its caller if > tomoyo_delete_domain() returns -EINTR. > > Signed-off-by: Santosh Nayak <santoshprasadnayak@xxxxxxxxx> > --- > security/tomoyo/common.c | 12 ++++++++---- > 1 files changed, 8 insertions(+), 4 deletions(-) > > diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c > index c47d3ce..3ee1c3a 100644 > --- a/security/tomoyo/common.c > +++ b/security/tomoyo/common.c > @@ -1081,7 +1081,7 @@ static int tomoyo_delete_domain(char *domainname) > name.name = domainname; > tomoyo_fill_path_info(&name); > if (mutex_lock_interruptible(&tomoyo_policy_lock)) > - return 0; > + return -EINTR; > /* Is there an active domain? */ > list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { > /* Never delete tomoyo_kernel_domain */ > @@ -1163,16 +1163,20 @@ static int tomoyo_write_domain(struct tomoyo_io_buffer *head) > const bool is_delete = head->w.is_delete; > bool is_select = !is_delete && tomoyo_str_starts(&data, "select "); > unsigned int profile; > + int ret = 0; > if (*data == '<') { > domain = NULL; > - if (is_delete) > - tomoyo_delete_domain(data); > + if (is_delete) { > + ret = tomoyo_delete_domain(data); > + if (ret) > + return -EAGAIN; > + } > else if (is_select) > domain = tomoyo_find_domain(data); > else > domain = tomoyo_assign_domain(data, false); > head->w.domain = domain; > - return 0; > + return ret; hi all, does domain anything useful here ? re, wh > } > if (!domain) > return -EINVAL; -- To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html