summaryrefslogtreecommitdiff
path: root/security/tomoyo
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2009-02-14 11:46:56 +0900
committerJames Morris <jmorris@namei.org>2009-02-16 09:01:48 +1100
commite5a3b95f581da62e2054ef79d3be2d383e9ed664 (patch)
tree6a55bf40033c92b2c82fa0643c2511dbe7124b32 /security/tomoyo
parent33043cbb9fd49a957089f5948fe814764d7abbd6 (diff)
TOMOYO: Don't create securityfs entries unless registered.
TOMOYO should not create /sys/kernel/security/tomoyo/ interface unless TOMOYO is registered. Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo')
-rw-r--r--security/tomoyo/common.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 8bedfb1992e5..92cea656ad21 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -2177,6 +2177,10 @@ static int __init tomoyo_initerface_init(void)
{
struct dentry *tomoyo_dir;
+ /* Don't create securityfs entries unless registered. */
+ if (current_cred()->security != &tomoyo_kernel_domain)
+ return 0;
+
tomoyo_dir = securityfs_create_dir("tomoyo", NULL);
tomoyo_create_entry("domain_policy", 0600, tomoyo_dir,
TOMOYO_DOMAINPOLICY);