Commit e5a3b95f authored Feb 14, 2009 by Tetsuo Handa Committed by James Morris Feb 16, 2009

TOMOYO: Don't create securityfs entries unless registered.



TOMOYO should not create /sys/kernel/security/tomoyo/ interface unless
TOMOYO is registered.

Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp>
Signed-off-by: James Morris <jmorris@namei.org>

parent 33043cbb

security/tomoyo/common.c

+4 −0

Original line number	Diff line number	Diff line
		@@ -2177,6 +2177,10 @@ static int __init tomoyo_initerface_init(void)
		{
		struct dentry *tomoyo_dir;

		/* Don't create securityfs entries unless registered. */
		if (current_cred()->security != &tomoyo_kernel_domain)
		return 0;

		tomoyo_dir = securityfs_create_dir("tomoyo", NULL);
		tomoyo_create_entry("domain_policy", 0600, tomoyo_dir,
		TOMOYO_DOMAINPOLICY);