git.proxmox.com Git - mirror_ubuntu-hirsute-kernel.git/commit

author	Casey Schaufler <casey@schaufler-ca.com>
	Tue, 18 Aug 2020 17:12:56 +0000 (10:12 -0700)
committer	Andrea Righi <andrea.righi@canonical.com>
	Mon, 15 Feb 2021 07:25:59 +0000 (08:25 +0100)
commit	83741abe60d3cf0a037dbd789b1bb2d7f5ec697f
tree	a476b8a8a939d10d4a6d076fc1e54ef30c74029b	tree
parent	dc9ac6d801a022b41975d43fa4b66646ff9d6add	commit \| diff

UBUNTU: SAUCE: LSM: Use lsmblob in security_kernel_act_as

Change the security_kernel_act_as interface to use a lsmblob
structure in place of the single u32 secid in support of
module stacking. Change its only caller, set_security_override,
to do the same. Change that one's only caller,
set_security_override_from_ctx, to call it with the new
parameter type.

The security module hook is unchanged, still taking a secid.
The infrastructure passes the correct entry from the lsmblob.
lsmblob_init() is used to fill the lsmblob structure, however
this will be removed later in the series when security_secctx_to_secid()
is undated to provide a lsmblob instead of a secid.

Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: John Johansen <john.johansen@canonical.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Andrea Righi <andrea.righi@canonical.com>
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>

include/linux/cred.h		diff \| blob \| blame \| history
include/linux/security.h		diff \| blob \| blame \| history
kernel/cred.c		diff \| blob \| blame \| history
security/security.c		diff \| blob \| blame \| history