git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/commit

author	Casey Schaufler <casey@schaufler-ca.com>
	Tue, 18 Aug 2020 00:15:27 +0000 (17:15 -0700)
committer	Paolo Pisati <paolo.pisati@canonical.com>
	Tue, 2 Nov 2021 07:24:51 +0000 (08:24 +0100)
commit	eb18219493485bff565141fd6ca581bebfaf7b77
tree	4051da053e3009ffb875e4e5bedde4b9e5ee6e8e	tree
parent	f17b27a2790e72198d2aaf45242453e5a9043049	commit \| diff

UBUNTU: SAUCE: LSM: Use lsmblob in security_audit_rule_match

Change the secid parameter of security_audit_rule_match
to a lsmblob structure pointer. Pass the entry from the
lsmblob structure for the approprite slot to the LSM hook.

Change the users of security_audit_rule_match to use the
lsmblob instead of a u32. The scaffolding function lsmblob_init()
fills the blob with the value of the old secid, ensuring that
it is available to the appropriate module hook. The sources of
the secid, security_task_getsecid() and security_inode_getsecid(),
will be converted to use the blob structure later in the series.
At the point the use of lsmblob_init() is dropped.

Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: John Johansen <john.johansen@canonical.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Andrea Righi <andrea.righi@canonical.com>
[ saf: resolve conflicts ]
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>

include/linux/security.h		diff \| blob \| blame \| history
kernel/auditfilter.c		diff \| blob \| blame \| history
kernel/auditsc.c		diff \| blob \| blame \| history
security/integrity/ima/ima.h		diff \| blob \| blame \| history
security/integrity/ima/ima_policy.c		diff \| blob \| blame \| history
security/security.c		diff \| blob \| blame \| history