mirros/rockchip-kernel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

smack: differentiate between subjective and objective task credentials

Browse Source 
With the split of the security_task_getsecid() into subjective and
objective variants it's time to update Smack to ensure it is using
the correct task creds.

Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
Reviewed-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Paul Moore
2021-02-19 15:04:58 -05:00
parent eb1231f73c
commit 1fb057dcde
2 changed files with 44 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
security/smack/smack.h
View File

@@ -383,7 +383,23 @@ static inline struct smack_known *smk_of_task(const struct task_smack *tsp)
return tsp->smk_task;
}
static inline struct smack_known *smk_of_task_struct(
static inline struct smack_known *smk_of_task_struct_subj(
const struct task_struct *t)
{
struct smack_known *skp;
const struct cred *cred;
rcu_read_lock();
cred = rcu_dereference(t->cred);
skp = smk_of_task(smack_cred(cred));
rcu_read_unlock();
return skp;
}
static inline struct smack_known *smk_of_task_struct_obj(
const struct task_struct *t)
{
struct smack_known *skp;