[PATCH v2] lsm: use unrcu_pointer() for current->cred in security_init()
Xiu Jianfeng
xiujianfeng at huawei.com
Thu Nov 20 07:48:25 UTC 2025
On 11/19/2025 11:36 PM, Paul Moore wrote:
> We need to directly allocate the cred's LSM state for the initial task
> when we initialize the LSM framework. Unfortunately, this results in a
> RCU related type mismatch, use the unrcu_pointer() macro to handle this
> a bit more elegantly.
>
> The explicit type casting still remains as we need to work around the
> constification of current->cred in this particular case.
>
> Signed-off-by: Paul Moore <paul at paul-moore.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng at huawei.com>
> ---
> security/lsm_init.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/security/lsm_init.c b/security/lsm_init.c
> index 6bb67d41ce52..05bd52e6b1f2 100644
> --- a/security/lsm_init.c
> +++ b/security/lsm_init.c
> @@ -467,7 +467,8 @@ int __init security_init(void)
> blob_sizes.lbs_inode, 0,
> SLAB_PANIC, NULL);
>
> - if (lsm_cred_alloc((struct cred __rcu *)current->cred, GFP_KERNEL))
> + if (lsm_cred_alloc((struct cred *)unrcu_pointer(current->cred),
> + GFP_KERNEL))
> panic("early LSM cred alloc failed\n");
> if (lsm_task_alloc(current))
> panic("early LSM task alloc failed\n");
More information about the Linux-security-module-archive
mailing list