[PATCH 03/10] SELinux: Abstract use of cred security blob

Kees Cook keescook at chromium.org
Wed Sep 12 23:10:25 UTC 2018


On Tue, Sep 11, 2018 at 9:41 AM, Casey Schaufler <casey at schaufler-ca.com> wrote:
> Don't use the cred->security pointer directly.
> Provide a helper function that provides the security blob pointer.
>
> Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>

Like smack, this seems to be largely:

s/$identifier->security/selinux_cred($identifier)/
s/current_security()/selinux_cred(current_cred())/

Is that right? The one __task_cred() use seemed to be fully contained
under rcu read lock.

Reviewed-by: Kees Cook <keescook at chromium.org>

-Kees

-- 
Kees Cook
Pixel Security



More information about the Linux-security-module-archive mailing list