On Wed, Sep 19, 2018 at 5:20 PM, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote: > @@ -539,13 +557,16 @@ DEFINE_SRCU(tomoyo_ss); > static int __init tomoyo_init(void) > { > struct cred *cred = (struct cred *) current_cred(); > + struct tomoyo_domain_info **blob; > > if (!security_module_enable("tomoyo")) > return 0; > + > /* register ourselves with the security framework */ > security_add_hooks(tomoyo_hooks, ARRAY_SIZE(tomoyo_hooks), "tomoyo"); > printk(KERN_INFO "TOMOYO Linux initialized\n"); > - cred->security = &tomoyo_kernel_domain; > + blob = tomoyo_cred(cred); > + *blob = &tomoyo_kernel_domain; > tomoyo_mm_init(); > return 0; > } This is missing "tomoyo_enabled = true;" which is included in the next patch but should be here. -Kees -- Kees Cook Pixel Security