git.proxmox.com Git - mirror_ubuntu-hirsute-kernel.git/commit

author	Casey Schaufler <casey@schaufler-ca.com>
	Fri, 3 Jul 2020 16:59:12 +0000 (09:59 -0700)
committer	Andrea Righi <andrea.righi@canonical.com>
	Mon, 15 Feb 2021 07:25:59 +0000 (08:25 +0100)
commit	e5881044b2e856b2d790eceaf9e24e24d80d45f9
tree	46f7f82dde9251d606f7dabc93877c3d12d61350	tree
parent	8cad47194212be7616ac673eadbfb3fc2828de9d	commit \| diff

UBUNTU: SAUCE: LSM: Use lsmblob in security_secctx_to_secid

Change security_secctx_to_secid() to fill in a lsmblob instead
of a u32 secid. Multiple LSMs may be able to interpret the
string, and this allows for setting whichever secid is
appropriate. Change security_secmark_relabel_packet() to use a
lsmblob instead of a u32 secid. In some other cases there is
scaffolding where interfaces have yet to be converted.

Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Cc: netdev@vger.kernel.org
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Andrea Righi <andrea.righi@canonical.com>
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>

include/linux/security.h		diff \| blob \| blame \| history
include/net/scm.h		diff \| blob \| blame \| history
kernel/cred.c		diff \| blob \| blame \| history
net/ipv4/ip_sockglue.c		diff \| blob \| blame \| history
net/netfilter/nft_meta.c		diff \| blob \| blame \| history
net/netfilter/xt_SECMARK.c		diff \| blob \| blame \| history
net/netlabel/netlabel_unlabeled.c		diff \| blob \| blame \| history
security/security.c		diff \| blob \| blame \| history