diff options
author | Casey Schaufler <casey@schaufler-ca.com> | 2018-09-22 02:18:07 +0200 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2019-01-08 22:18:44 +0100 |
commit | 43fc460907dc56a3450654efc6ba1dfbcd4594eb (patch) | |
tree | db944e38f3908e790d8d577e10d23a0f7bf02b68 /security/tomoyo/domain.c | |
parent | AppArmor: Abstract use of cred security blob (diff) | |
download | linux-43fc460907dc56a3450654efc6ba1dfbcd4594eb.tar.xz linux-43fc460907dc56a3450654efc6ba1dfbcd4594eb.zip |
TOMOYO: Abstract use of cred security blob
Don't use the cred->security pointer directly.
Provide helper functions that provide the security blob pointer.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'security/tomoyo/domain.c')
-rw-r--r-- | security/tomoyo/domain.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index f6758dad981f..b7469fdbff01 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c @@ -678,6 +678,7 @@ out: */ int tomoyo_find_next_domain(struct linux_binprm *bprm) { + struct tomoyo_domain_info **blob; struct tomoyo_domain_info *old_domain = tomoyo_domain(); struct tomoyo_domain_info *domain = NULL; const char *original_name = bprm->filename; @@ -843,7 +844,8 @@ force_jump_domain: domain = old_domain; /* Update reference count on "struct tomoyo_domain_info". */ atomic_inc(&domain->users); - bprm->cred->security = domain; + blob = tomoyo_cred(bprm->cred); + *blob = domain; kfree(exename.name); if (!retval) { ee->r.domain = domain; |