• Tetsuo Handa's avatar
    TOMOYO: Change pathname for non-rename()able filesystems. · 5625f2e3
    Tetsuo Handa authored
    TOMOYO wants to use /proc/self/ rather than /proc/$PID/ if $PID matches current
    thread's process ID in order to prevent current thread from accessing other
    process's information unless needed.
    
    But since procfs can be mounted on various locations (e.g. /proc/ /proc2/ /p/
    /tmp/foo/100/p/ ), TOMOYO cannot tell that whether the numeric part in the
    string returned by __d_path() represents process ID or not.
    
    Therefore, to be able to convert from $PID to self no matter where procfs is
    mounted, this patch changes pathname representations for filesystems which do
    not support rename() operation (e.g. proc, sysfs, securityfs).
    
    Examples:
      /proc/self/mounts => proc:/self/mounts
      /sys/kernel/security/ => sys:/kernel/security/
      /dev/pts/0 => devpts:/0
    Signed-off-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
    Signed-off-by: default avatarJames Morris <jmorris@namei.org>
    5625f2e3
file.c 28.7 KB