From: Tetsuo Handa Date: Sat, 14 Feb 2009 02:46:56 +0000 (+0900) Subject: TOMOYO: Don't create securityfs entries unless registered. X-Git-Tag: firefly_0821_release~15205^2~23 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=e5a3b95f581da62e2054ef79d3be2d383e9ed664;p=firefly-linux-kernel-4.4.55.git TOMOYO: Don't create securityfs entries unless registered. TOMOYO should not create /sys/kernel/security/tomoyo/ interface unless TOMOYO is registered. Signed-off-by: Kentaro Takeda Signed-off-by: Tetsuo Handa Signed-off-by: Toshiharu Harada Signed-off-by: James Morris --- diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 8bedfb1992e5..92cea656ad21 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c @@ -2177,6 +2177,10 @@ static int __init tomoyo_initerface_init(void) { struct dentry *tomoyo_dir; + /* Don't create securityfs entries unless registered. */ + if (current_cred()->security != &tomoyo_kernel_domain) + return 0; + tomoyo_dir = securityfs_create_dir("tomoyo", NULL); tomoyo_create_entry("domain_policy", 0600, tomoyo_dir, TOMOYO_DOMAINPOLICY);