Why is there an alignment from cred->security?
Denis Obrezkov
denisobrezkov at gmail.com
Tue Jan 18 11:33:50 UTC 2022
I am digging through the SMACK code. There are the lines:
static inline struct task_smack *smack_cred(const struct cred *cred)
{
return cred->security + smack_blob_sizes.lbs_cred;
}
and smack_blob_sizes are defined as:
struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = {
.lbs_cred = sizeof(struct task_smack),
.lbs_file = sizeof(struct smack_known *),
.lbs_inode = sizeof(struct inode_smack),
.lbs_ipc = sizeof(struct smack_known *),
.lbs_msg_msg = sizeof(struct smack_known *),
};
So, basically, to get a struct we take the size of the struct as an
offset for cred->security, right? I can't understand why. So, we have
the following memory layout:
|_________(zeroes)__________|_____task_smack content____|
^ ^ ^
cred->security cred->security + cred->security +
sizeof(struct task_smack) 2*sizeof(struct task_smack)
Do I misunderstand something?
--
Regards, Denis Obrezkov
More information about the Linux-security-module-archive
mailing list