From 1084307ca097745ed6e40a192329b133a49271ac Mon Sep 17 00:00:00 2001
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Date: Thu, 3 Jun 2010 20:38:03 +0900
Subject: TOMOYO: Add pathname aggregation support.

This patch allows users to aggregate programs which provide similar
functionality (e.g. /usr/bin/vi and /usr/bin/emacs ).

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/tomoyo/common.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'security/tomoyo/common.c')

diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 3f94011c6411..bdf1ed7ca45b 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -1141,6 +1141,8 @@ static int tomoyo_write_exception_policy(struct tomoyo_io_buffer *head)
 	if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_NO_INITIALIZE_DOMAIN))
 		return tomoyo_write_domain_initializer_policy(data, true,
 							      is_delete);
+	if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_AGGREGATOR))
+		return tomoyo_write_aggregator_policy(data, is_delete);
 	if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_ALIAS))
 		return tomoyo_write_alias_policy(data, is_delete);
 	if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_ALLOW_READ))
@@ -1196,6 +1198,8 @@ static int tomoyo_read_exception_policy(struct tomoyo_io_buffer *head)
 			head->read_var2 = NULL;
 			head->read_step = 6;
 		case 6:
+			if (!tomoyo_read_aggregator_policy(head))
+				break;
 			head->read_var2 = NULL;
 			head->read_step = 7;
 		case 7:
-- 
cgit v1.2.3