diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2009-02-14 11:46:56 +0900 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-02-16 09:01:48 +1100 |
commit | e5a3b95f581da62e2054ef79d3be2d383e9ed664 (patch) | |
tree | 6a55bf40033c92b2c82fa0643c2511dbe7124b32 /security/tomoyo | |
parent | 33043cbb9fd49a957089f5948fe814764d7abbd6 (diff) |
TOMOYO: Don't create securityfs entries unless registered.
TOMOYO should not create /sys/kernel/security/tomoyo/ interface unless
TOMOYO is registered.
Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo')
-rw-r--r-- | security/tomoyo/common.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 8bedfb1992e5..92cea656ad21 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c @@ -2177,6 +2177,10 @@ static int __init tomoyo_initerface_init(void) { struct dentry *tomoyo_dir; + /* Don't create securityfs entries unless registered. */ + if (current_cred()->security != &tomoyo_kernel_domain) + return 0; + tomoyo_dir = securityfs_create_dir("tomoyo", NULL); tomoyo_create_entry("domain_policy", 0600, tomoyo_dir, TOMOYO_DOMAINPOLICY); |