diff options
author | Casey Schaufler <casey@schaufler-ca.com> | 2018-09-22 02:19:37 +0200 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2019-01-08 22:18:45 +0100 |
commit | f4ad8f2c40769b3cc9497ba0883bbaf823f7752f (patch) | |
tree | ae8e8bfc5a3abfaa5ea3c90908efd941a230bbdf /security/apparmor/include/task.h | |
parent | LSM: Infrastructure management of the inode security (diff) | |
download | linux-f4ad8f2c40769b3cc9497ba0883bbaf823f7752f.tar.xz linux-f4ad8f2c40769b3cc9497ba0883bbaf823f7752f.zip |
LSM: Infrastructure management of the task security
Move management of the task_struct->security blob out
of the individual security modules and into the security
infrastructure. Instead of allocating the blobs from within
the modules the modules tell the infrastructure how much
space is required, and the space is allocated there.
The only user of this blob is AppArmor. The AppArmor use
is abstracted to avoid future conflict.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'security/apparmor/include/task.h')
-rw-r--r-- | security/apparmor/include/task.h | 18 |
1 files changed, 4 insertions, 14 deletions
diff --git a/security/apparmor/include/task.h b/security/apparmor/include/task.h index 55edaa1d83f8..039c1e60887a 100644 --- a/security/apparmor/include/task.h +++ b/security/apparmor/include/task.h @@ -14,7 +14,10 @@ #ifndef __AA_TASK_H #define __AA_TASK_H -#define task_ctx(X) ((X)->security) +static inline struct aa_task_ctx *task_ctx(struct task_struct *task) +{ + return task->security; +} /* * struct aa_task_ctx - information for current task label change @@ -37,17 +40,6 @@ int aa_restore_previous_label(u64 cookie); struct aa_label *aa_get_task_label(struct task_struct *task); /** - * aa_alloc_task_ctx - allocate a new task_ctx - * @flags: gfp flags for allocation - * - * Returns: allocated buffer or NULL on failure - */ -static inline struct aa_task_ctx *aa_alloc_task_ctx(gfp_t flags) -{ - return kzalloc(sizeof(struct aa_task_ctx), flags); -} - -/** * aa_free_task_ctx - free a task_ctx * @ctx: task_ctx to free (MAYBE NULL) */ @@ -57,8 +49,6 @@ static inline void aa_free_task_ctx(struct aa_task_ctx *ctx) aa_put_label(ctx->nnp); aa_put_label(ctx->previous); aa_put_label(ctx->onexec); - - kzfree(ctx); } } |