summaryrefslogtreecommitdiffstats
path: root/security/apparmor/include/task.h
diff options
context:
space:
mode:
authorCasey Schaufler <casey@schaufler-ca.com>2018-09-22 02:19:37 +0200
committerKees Cook <keescook@chromium.org>2019-01-08 22:18:45 +0100
commitf4ad8f2c40769b3cc9497ba0883bbaf823f7752f (patch)
treeae8e8bfc5a3abfaa5ea3c90908efd941a230bbdf /security/apparmor/include/task.h
parentLSM: Infrastructure management of the inode security (diff)
downloadlinux-f4ad8f2c40769b3cc9497ba0883bbaf823f7752f.tar.xz
linux-f4ad8f2c40769b3cc9497ba0883bbaf823f7752f.zip
LSM: Infrastructure management of the task security
Move management of the task_struct->security blob out of the individual security modules and into the security infrastructure. Instead of allocating the blobs from within the modules the modules tell the infrastructure how much space is required, and the space is allocated there. The only user of this blob is AppArmor. The AppArmor use is abstracted to avoid future conflict. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: Kees Cook <keescook@chromium.org> [kees: adjusted for ordered init series] Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'security/apparmor/include/task.h')
-rw-r--r--security/apparmor/include/task.h18
1 files changed, 4 insertions, 14 deletions
diff --git a/security/apparmor/include/task.h b/security/apparmor/include/task.h
index 55edaa1d83f8..039c1e60887a 100644
--- a/security/apparmor/include/task.h
+++ b/security/apparmor/include/task.h
@@ -14,7 +14,10 @@
#ifndef __AA_TASK_H
#define __AA_TASK_H
-#define task_ctx(X) ((X)->security)
+static inline struct aa_task_ctx *task_ctx(struct task_struct *task)
+{
+ return task->security;
+}
/*
* struct aa_task_ctx - information for current task label change
@@ -37,17 +40,6 @@ int aa_restore_previous_label(u64 cookie);
struct aa_label *aa_get_task_label(struct task_struct *task);
/**
- * aa_alloc_task_ctx - allocate a new task_ctx
- * @flags: gfp flags for allocation
- *
- * Returns: allocated buffer or NULL on failure
- */
-static inline struct aa_task_ctx *aa_alloc_task_ctx(gfp_t flags)
-{
- return kzalloc(sizeof(struct aa_task_ctx), flags);
-}
-
-/**
* aa_free_task_ctx - free a task_ctx
* @ctx: task_ctx to free (MAYBE NULL)
*/
@@ -57,8 +49,6 @@ static inline void aa_free_task_ctx(struct aa_task_ctx *ctx)
aa_put_label(ctx->nnp);
aa_put_label(ctx->previous);
aa_put_label(ctx->onexec);
-
- kzfree(ctx);
}
}