summaryrefslogtreecommitdiffstats
path: root/security/selinux/include
diff options
context:
space:
mode:
authorCasey Schaufler <casey@schaufler-ca.com>2018-11-12 18:30:56 +0100
committerKees Cook <keescook@chromium.org>2019-01-08 22:18:44 +0100
commitbbd3662a834813730912a58efb44dd6df6d952e6 (patch)
treef4c0252814e717185845bde03fe88d341d5967b5 /security/selinux/include
parentTOMOYO: Abstract use of cred security blob (diff)
downloadlinux-bbd3662a834813730912a58efb44dd6df6d952e6.tar.xz
linux-bbd3662a834813730912a58efb44dd6df6d952e6.zip
Infrastructure management of the cred security blob
Move management of the cred security blob out of the security modules and into the security infrastructre. Instead of allocating and freeing space the security modules tell the infrastructure how much space they require. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: Kees Cook <keescook@chromium.org> [kees: adjusted for ordered init series] Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'security/selinux/include')
-rw-r--r--security/selinux/include/objsec.h4
1 files changed, 3 insertions, 1 deletions
diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h
index 734b6833bdff..c2974b031d05 100644
--- a/security/selinux/include/objsec.h
+++ b/security/selinux/include/objsec.h
@@ -25,6 +25,7 @@
#include <linux/binfmts.h>
#include <linux/in.h>
#include <linux/spinlock.h>
+#include <linux/lsm_hooks.h>
#include <net/net_namespace.h>
#include "flask.h"
#include "avc.h"
@@ -158,9 +159,10 @@ struct bpf_security_struct {
u32 sid; /*SID of bpf obj creater*/
};
+extern struct lsm_blob_sizes selinux_blob_sizes;
static inline struct task_security_struct *selinux_cred(const struct cred *cred)
{
- return cred->security;
+ return cred->security + selinux_blob_sizes.lbs_cred;
}
#endif /* _SELINUX_OBJSEC_H_ */