lsm: use lsm_prop in security_inode_getsecid
Change the security_inode_getsecid() interface to fill in a lsm_prop structure instead of a u32 secid. This allows for its callers to gather data from all registered LSMs. Data is provided for IMA and audit. Change the name to security_inode_getlsmprop(). Cc: linux-integrity@vger.kernel.org Cc: selinux@vger.kernel.org Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> [PM: subj line tweak] Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Casey Schaufler
committed by
Paul Moore
Paul Moore
parent
37f670aacd
commit
07f9d2c113
@@ -1649,15 +1649,17 @@ static int smack_inode_listsecurity(struct inode *inode, char *buffer,
|
||||
}
|
||||
|
||||
/**
|
||||
* smack_inode_getsecid - Extract inode's security id
|
||||
* smack_inode_getlsmprop - Extract inode's security id
|
||||
* @inode: inode to extract the info from
|
||||
* @secid: where result will be saved
|
||||
* @prop: where result will be saved
|
||||
*/
|
||||
static void smack_inode_getsecid(struct inode *inode, u32 *secid)
|
||||
static void smack_inode_getlsmprop(struct inode *inode, struct lsm_prop *prop)
|
||||
{
|
||||
struct smack_known *skp = smk_of_inode(inode);
|
||||
|
||||
*secid = skp->smk_secid;
|
||||
prop->smack.skp = skp;
|
||||
/* scaffolding */
|
||||
prop->scaffold.secid = skp->smk_secid;
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -5110,7 +5112,7 @@ static struct security_hook_list smack_hooks[] __ro_after_init = {
|
||||
LSM_HOOK_INIT(inode_getsecurity, smack_inode_getsecurity),
|
||||
LSM_HOOK_INIT(inode_setsecurity, smack_inode_setsecurity),
|
||||
LSM_HOOK_INIT(inode_listsecurity, smack_inode_listsecurity),
|
||||
LSM_HOOK_INIT(inode_getsecid, smack_inode_getsecid),
|
||||
LSM_HOOK_INIT(inode_getlsmprop, smack_inode_getlsmprop),
|
||||
|
||||
LSM_HOOK_INIT(file_alloc_security, smack_file_alloc_security),
|
||||
LSM_HOOK_INIT(file_ioctl, smack_file_ioctl),
|
||||
|
||||
Reference in New Issue
Block a user