Fix ACC_MODE() for real

[net-next-2.6.git] / security / tomoyo / tomoyo.c

diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c
index 8a00ade85166615a67fc768f595e00ac782b0863..2aceebf5f3546f1dffa2594d04fa12cc0702923b 100644 (file)
--- a/security/tomoyo/tomoyo.c
+++ b/security/tomoyo/tomoyo.c
@@ -80,9 +80,8 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm)
                return tomoyo_find_next_domain(bprm);
        /*
         * Read permission is checked against interpreters using next domain.
-        * '1' is the result of open_to_namei_flags(O_RDONLY).
         */
-       return tomoyo_check_open_permission(domain, &bprm->file->f_path, 1);
+       return tomoyo_check_open_permission(domain, &bprm->file->f_path, O_RDONLY);
 }
 
 static int tomoyo_path_truncate(struct path *path, loff_t length,
@@ -184,10 +183,6 @@ static int tomoyo_file_fcntl(struct file *file, unsigned int cmd,
 static int tomoyo_dentry_open(struct file *f, const struct cred *cred)
 {
        int flags = f->f_flags;
-
-       if ((flags + 1) & O_ACCMODE)
-               flags++;
-       flags |= f->f_flags & (O_APPEND | O_TRUNC);
        /* Don't check read permission here if called from do_execve(). */
        if (current->in_execve)
                return 0;