TOMOYO: Don't create securityfs entries unless registered. TOMOYO should not create /sys/kernel/security/tomoyo/ interface unless TOMOYO is registered. Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp> Signed-off-by: James Morris <jmorris@namei.org>

commit: e5a3b95f581da62e2054ef79d3be2d383e9ed664 [log] [tgz]
author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Sat Feb 14 11:46:56 2009 +0900
committer: James Morris <jmorris@namei.org> Mon Feb 16 09:01:48 2009 +1100
tree: 6a55bf40033c92b2c82fa0643c2511dbe7124b32
parent: 33043cbb9fd49a957089f5948fe814764d7abbd6 [diff] [blame]
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 8bedfb1..92cea65 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c

@@ -2177,6 +2177,10 @@
 {
 	struct dentry *tomoyo_dir;
 
+	/* Don't create securityfs entries unless registered. */
+	if (current_cred()->security != &tomoyo_kernel_domain)
+		return 0;
+
 	tomoyo_dir = securityfs_create_dir("tomoyo", NULL);
 	tomoyo_create_entry("domain_policy",    0600, tomoyo_dir,
 			    TOMOYO_DOMAINPOLICY);
commit	e5a3b95f581da62e2054ef79d3be2d383e9ed664	[log] [tgz]
author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>	Sat Feb 14 11:46:56 2009 +0900
committer	James Morris <jmorris@namei.org>	Mon Feb 16 09:01:48 2009 +1100
tree	6a55bf40033c92b2c82fa0643c2511dbe7124b32
parent	33043cbb9fd49a957089f5948fe814764d7abbd6 [diff] [blame]