diff options
author | Casey Schaufler <casey@schaufler-ca.com> | 2018-11-12 18:30:56 +0100 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2019-01-08 22:18:44 +0100 |
commit | bbd3662a834813730912a58efb44dd6df6d952e6 (patch) | |
tree | f4c0252814e717185845bde03fe88d341d5967b5 /security/selinux/include | |
parent | TOMOYO: Abstract use of cred security blob (diff) | |
download | linux-bbd3662a834813730912a58efb44dd6df6d952e6.tar.xz linux-bbd3662a834813730912a58efb44dd6df6d952e6.zip |
Infrastructure management of the cred security blob
Move management of the cred security blob out of the
security modules and into the security infrastructre.
Instead of allocating and freeing space the security
modules tell the infrastructure how much space they
require.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'security/selinux/include')
-rw-r--r-- | security/selinux/include/objsec.h | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index 734b6833bdff..c2974b031d05 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h @@ -25,6 +25,7 @@ #include <linux/binfmts.h> #include <linux/in.h> #include <linux/spinlock.h> +#include <linux/lsm_hooks.h> #include <net/net_namespace.h> #include "flask.h" #include "avc.h" @@ -158,9 +159,10 @@ struct bpf_security_struct { u32 sid; /*SID of bpf obj creater*/ }; +extern struct lsm_blob_sizes selinux_blob_sizes; static inline struct task_security_struct *selinux_cred(const struct cred *cred) { - return cred->security; + return cred->security + selinux_blob_sizes.lbs_cred; } #endif /* _SELINUX_OBJSEC_H_ */ |