diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2009-02-13 21:46:56 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-02-15 17:01:48 -0500 |
commit | e5a3b95f581da62e2054ef79d3be2d383e9ed664 (patch) | |
tree | 6a55bf40033c92b2c82fa0643c2511dbe7124b32 | |
parent | 33043cbb9fd49a957089f5948fe814764d7abbd6 (diff) |
TOMOYO: Don't create securityfs entries unless registered.
TOMOYO should not create /sys/kernel/security/tomoyo/ interface unless
TOMOYO is registered.
Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/tomoyo/common.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 8bedfb1992e5..92cea656ad21 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
@@ -2177,6 +2177,10 @@ static int __init tomoyo_initerface_init(void) | |||
2177 | { | 2177 | { |
2178 | struct dentry *tomoyo_dir; | 2178 | struct dentry *tomoyo_dir; |
2179 | 2179 | ||
2180 | /* Don't create securityfs entries unless registered. */ | ||
2181 | if (current_cred()->security != &tomoyo_kernel_domain) | ||
2182 | return 0; | ||
2183 | |||
2180 | tomoyo_dir = securityfs_create_dir("tomoyo", NULL); | 2184 | tomoyo_dir = securityfs_create_dir("tomoyo", NULL); |
2181 | tomoyo_create_entry("domain_policy", 0600, tomoyo_dir, | 2185 | tomoyo_create_entry("domain_policy", 0600, tomoyo_dir, |
2182 | TOMOYO_DOMAINPOLICY); | 2186 | TOMOYO_DOMAINPOLICY); |