[PATCH 57/90] SELinux: Use blob offset in current_sid
Casey Schaufler
casey at schaufler-ca.com
Fri Apr 19 00:45:44 UTC 2019
Replace the use of current_security() with a call to current_cred()
so that the blob offset can be correctly applied.
Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>
---
security/selinux/include/objsec.h | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h
index 59a3b1cd5ba9..c9a88b7a96a7 100644
--- a/security/selinux/include/objsec.h
+++ b/security/selinux/include/objsec.h
@@ -31,6 +31,8 @@
#include "flask.h"
#include "avc.h"
+extern struct lsm_blob_sizes selinux_blob_sizes;
+
struct task_security_struct {
u32 osid; /* SID prior to last execve */
u32 sid; /* current SID */
@@ -45,7 +47,9 @@ struct task_security_struct {
*/
static inline u32 current_sid(void)
{
- const struct task_security_struct *tsec = current_security();
+ const struct task_security_struct *tsec;
+
+ tsec = current_cred()->security + selinux_blob_sizes.lbs_cred;
return tsec->sid;
}
@@ -174,7 +178,6 @@ struct bpf_security_struct {
u32 sid; /*SID of bpf obj creater*/
};
-extern struct lsm_blob_sizes selinux_blob_sizes;
static inline struct task_security_struct *selinux_cred(const struct cred *cred)
{
return cred->security + selinux_blob_sizes.lbs_cred;
--
2.19.1
More information about the Linux-security-module-archive
mailing list