[PATCH] lsm: use unrcu_pointer() for current->cred in security_init()
Paul Moore
paul at paul-moore.com
Wed Nov 19 00:28:09 UTC 2025
We need to directly allocate the cred's LSM state for the initial task
when we initialize the LSM framework. Unfortunately, this results in a
RCU related type mismatch, use the unrcu_pointer() macro to handle this
a bit more elegantly.
The explicit type casting still remains as we need to work around the
constification of current->cred in this particular case.
Signed-off-by: Paul Moore <paul at paul-moore.com>
---
security/lsm_init.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/security/lsm_init.c b/security/lsm_init.c
index 6bb67d41ce52..4dec9199e4c2 100644
--- a/security/lsm_init.c
+++ b/security/lsm_init.c
@@ -467,7 +467,8 @@ int __init security_init(void)
blob_sizes.lbs_inode, 0,
SLAB_PANIC, NULL);
- if (lsm_cred_alloc((struct cred __rcu *)current->cred, GFP_KERNEL))
+ if (lsm_cred_alloc(unrcu_pointer((struct cred __rcu *)current->cred),
+ GFP_KERNEL))
panic("early LSM cred alloc failed\n");
if (lsm_task_alloc(current))
panic("early LSM task alloc failed\n");
--
2.52.0
More information about the Linux-security-module-archive
mailing list