[PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx

Kees Cook keescook at chromium.org
Fri May 14 19:05:02 UTC 2021

On Thu, May 13, 2021 at 01:07:50PM -0700, Casey Schaufler wrote:
> Change security_secid_to_secctx() to take a lsmblob as input
> instead of a u32 secid. It will then call the LSM hooks
> using the lsmblob element allocated for that module. The
> callers have been updated as well. This allows for the
> possibility that more than one module may be called upon
> to translate a secid to a string, as can occur in the
> audit code.
> Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>

This looks sensible.

Reviewed-by: Kees Cook <keescook at chromium.org>

Kees Cook

More information about the Linux-security-module-archive mailing list