[PATCH] selinux, smack: properly reference the LSM blob in security_watch_key()

[Paul Moore]

On Thu, Sep 19, 2024 at 12:34 PM Casey Schaufler <casey at schaufler-ca.com> wrote:
> On 9/19/2024 8:57 AM, Paul Moore wrote:
> > Unfortunately when we migrated the lifecycle management of the key LSM
> > blob to the LSM framework we forgot to convert the security_watch_key()
> > callbacks for SELinux and Smack.  This patch corrects this by making use
> > of the selinux_key() and smack_key() helper functions respectively.
> >
> > This patch also removes some input checking in the Smack callback as it
> > is no longer needed.
> >
> > Reported-by: syzbot+044fdf24e96093584232 at syzkaller.appspotmail.com
> > Fixes: 5f8d28f6d7d5 ("lsm: infrastructure management of the key security blob")
> > Signed-off-by: Paul Moore <paul at paul-moore.com>
>
> Reviewed-by: Casey Schaufler <casey at schaufler-ca.com>

Thanks for the quick review, it looks like syzbot was happy with the
patch too so I've merged this into lsm/stable-6.12 and I'll send it up
to Linus soon.

-- 
paul-moore.com