[PATCH 37/59] LSM: Create a data structure for a security context
Casey Schaufler
casey at schaufler-ca.com
Tue Apr 9 19:59:02 UTC 2019
A "security context" is the text representation of
the information used by LSMs. This provides a structure
so that the use can be made consistant.
Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>
---
include/linux/security.h | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/include/linux/security.h b/include/linux/security.h
index 6c44aca19c65..8dd21133ede8 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -119,6 +119,17 @@ static inline bool lsm_export_equal(struct lsm_export *l, struct lsm_export *m)
extern struct lsm_export *lsm_export_skb(struct sk_buff *skb);
+/* Text representation of LSM specific security information - a "context" */
+struct lsm_context {
+ char *context;
+ u32 len;
+};
+
+static inline void lsm_context_init(struct lsm_context *cp)
+{
+ memset(cp, 0, sizeof(*cp));
+}
+
/* These functions are in security/commoncap.c */
extern int cap_capable(const struct cred *cred, struct user_namespace *ns,
int cap, unsigned int opts);
--
2.19.1
More information about the Linux-security-module-archive
mailing list