TOMOYO: Cleanup part 1.
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Sun, 26 Jun 2011 14:15:31 +0000 (23:15 +0900)
committerJames Morris <jmorris@namei.org>
Tue, 28 Jun 2011 23:31:19 +0000 (09:31 +1000)
commit7c75964f432d14062d8eccfc916aa290f56b5aab
tree8aecdb96f9f079dd36735c3acccb79f3d10d6559
parent1252cc3b232e582e887623dc5f70979418caaaa2
TOMOYO: Cleanup part 1.

In order to synchronize with TOMOYO 1.8's syntax,

(1) Remove special handling for allow_read/write permission.
(2) Replace deny_rewrite/allow_rewrite permission with allow_append permission.
(3) Remove file_pattern keyword.
(4) Remove allow_read permission from exception policy.
(5) Allow creating domains in enforcing mode without calling supervisor.
(6) Add permission check for opening directory for reading.
(7) Add permission check for stat() operation.
(8) Make "cat < /sys/kernel/security/tomoyo/self_domain" behave as if
    "cat /sys/kernel/security/tomoyo/self_domain".

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
security/tomoyo/common.c
security/tomoyo/common.h
security/tomoyo/domain.c
security/tomoyo/file.c
security/tomoyo/gc.c
security/tomoyo/mount.c
security/tomoyo/tomoyo.c
security/tomoyo/util.c