提交 e5a3b95f 编写于 作者: T Tetsuo Handa 提交者: James Morris

TOMOYO: Don't create securityfs entries unless registered.

TOMOYO should not create /sys/kernel/security/tomoyo/ interface unless
TOMOYO is registered.
Signed-off-by: NKentaro Takeda <takedakn@nttdata.co.jp>
Signed-off-by: NTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: NToshiharu Harada <haradats@nttdata.co.jp>
Signed-off-by: NJames Morris <jmorris@namei.org>
上级 33043cbb
...@@ -2177,6 +2177,10 @@ static int __init tomoyo_initerface_init(void) ...@@ -2177,6 +2177,10 @@ static int __init tomoyo_initerface_init(void)
{ {
struct dentry *tomoyo_dir; struct dentry *tomoyo_dir;
/* Don't create securityfs entries unless registered. */
if (current_cred()->security != &tomoyo_kernel_domain)
return 0;
tomoyo_dir = securityfs_create_dir("tomoyo", NULL); tomoyo_dir = securityfs_create_dir("tomoyo", NULL);
tomoyo_create_entry("domain_policy", 0600, tomoyo_dir, tomoyo_create_entry("domain_policy", 0600, tomoyo_dir,
TOMOYO_DOMAINPOLICY); TOMOYO_DOMAINPOLICY);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册