UBUNTU: SAUCE: LSM: Use lsmblob in security_audit_rule_match

[mirror_ubuntu-jammy-kernel.git] / security / integrity / ima / ima_policy.c

diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index d85f2cf48e2c9fb694d2ec47ac1b5810cb87a060..918ac2959dfaa1be3eb86b43ac81c3c421a9485c 100644 (file)
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -607,6 +607,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
        for (i = 0; i < MAX_LSM_RULES; i++) {
                int rc = 0;
                u32 osid;
+               struct lsmblob lsmdata;
 
                if (!ima_lsm_isset(rule->lsm[i].rules)) {
                        if (!rule->lsm[i].args_p)
@@ -619,14 +620,16 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
                case LSM_OBJ_ROLE:
                case LSM_OBJ_TYPE:
                        security_inode_getsecid(inode, &osid);
-                       rc = ima_filter_rule_match(osid, rule->lsm[i].type,
+                       lsmblob_init(&lsmdata, osid);
+                       rc = ima_filter_rule_match(&lsmdata, rule->lsm[i].type,
                                                   Audit_equal,
                                                   rule->lsm[i].rules);
                        break;
                case LSM_SUBJ_USER:
                case LSM_SUBJ_ROLE:
                case LSM_SUBJ_TYPE:
-                       rc = ima_filter_rule_match(secid, rule->lsm[i].type,
+                       lsmblob_init(&lsmdata, secid);
+                       rc = ima_filter_rule_match(&lsmdata, rule->lsm[i].type,
                                                   Audit_equal,
                                                   rule->lsm[i].rules);
                        break;