TOMOYO: Don't create securityfs entries unless registered.
TOMOYO should not create /sys/kernel/security/tomoyo/ interface unless TOMOYO is registered. Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
parent
33043cbb9f
commit
e5a3b95f58
1 changed files with 4 additions and 0 deletions
|
@ -2177,6 +2177,10 @@ static int __init tomoyo_initerface_init(void)
|
|||
{
|
||||
struct dentry *tomoyo_dir;
|
||||
|
||||
/* Don't create securityfs entries unless registered. */
|
||||
if (current_cred()->security != &tomoyo_kernel_domain)
|
||||
return 0;
|
||||
|
||||
tomoyo_dir = securityfs_create_dir("tomoyo", NULL);
|
||||
tomoyo_create_entry("domain_policy", 0600, tomoyo_dir,
|
||||
TOMOYO_DOMAINPOLICY);
|
||||
|
|
Loading…
Reference in a new issue