summaryrefslogtreecommitdiffstats
path: root/security/tomoyo/domain.c
diff options
context:
space:
mode:
authorCasey Schaufler <casey@schaufler-ca.com>2018-09-22 02:18:07 +0200
committerKees Cook <keescook@chromium.org>2019-01-08 22:18:44 +0100
commit43fc460907dc56a3450654efc6ba1dfbcd4594eb (patch)
treedb944e38f3908e790d8d577e10d23a0f7bf02b68 /security/tomoyo/domain.c
parentAppArmor: Abstract use of cred security blob (diff)
downloadlinux-43fc460907dc56a3450654efc6ba1dfbcd4594eb.tar.xz
linux-43fc460907dc56a3450654efc6ba1dfbcd4594eb.zip
TOMOYO: Abstract use of cred security blob
Don't use the cred->security pointer directly. Provide helper functions that provide the security blob pointer. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: Kees Cook <keescook@chromium.org> [kees: adjusted for ordered init series] Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'security/tomoyo/domain.c')
-rw-r--r--security/tomoyo/domain.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index f6758dad981f..b7469fdbff01 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -678,6 +678,7 @@ out:
*/
int tomoyo_find_next_domain(struct linux_binprm *bprm)
{
+ struct tomoyo_domain_info **blob;
struct tomoyo_domain_info *old_domain = tomoyo_domain();
struct tomoyo_domain_info *domain = NULL;
const char *original_name = bprm->filename;
@@ -843,7 +844,8 @@ force_jump_domain:
domain = old_domain;
/* Update reference count on "struct tomoyo_domain_info". */
atomic_inc(&domain->users);
- bprm->cred->security = domain;
+ blob = tomoyo_cred(bprm->cred);
+ *blob = domain;
kfree(exename.name);
if (!retval) {
ee->r.domain = domain;