[11/25] Smack: Abstract the file security blob

Message ID	74e22e74-4584-ad0c-7f7c-6d0d638fabd2@schaufler-ca.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-security-module-owner@kernel.org> Subject: [PATCH 11/25] Smack: Abstract the file security blob To: LSM <linux-security-module@vger.kernel.org>, James Morris <jmorris@namei.org> References: <801ef9a9-e594-387c-f285-8d90879ee2bf@schaufler-ca.com> Cc: John Johansen <john.johansen@canonical.com>, Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>, Paul Moore <paul@paul-moore.com>, Stephen Smalley <sds@tycho.nsa.gov> From: Casey Schaufler <casey@schaufler-ca.com> Message-ID: <74e22e74-4584-ad0c-7f7c-6d0d638fabd2@schaufler-ca.com> Date: Sat, 13 Aug 2016 13:36:27 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <801ef9a9-e594-387c-f285-8d90879ee2bf@schaufler-ca.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk

Message ID

74e22e74-4584-ad0c-7f7c-6d0d638fabd2@schaufler-ca.com (mailing list archive)

State

New, archived

Headers

Subject: [PATCH 11/25] Smack: Abstract the file security blob
To: LSM <linux-security-module@vger.kernel.org>,
	James Morris <jmorris@namei.org>
References: <801ef9a9-e594-387c-f285-8d90879ee2bf@schaufler-ca.com>
Cc: John Johansen <john.johansen@canonical.com>,
	Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
	Paul Moore <paul@paul-moore.com>, Stephen Smalley <sds@tycho.nsa.gov>
From: Casey Schaufler <casey@schaufler-ca.com>
Message-ID: <74e22e74-4584-ad0c-7f7c-6d0d638fabd2@schaufler-ca.com>
Date: Sat, 13 Aug 2016 13:36:27 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101
	Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <801ef9a9-e594-387c-f285-8d90879ee2bf@schaufler-ca.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Sender: owner-linux-security-module@vger.kernel.org
Precedence: bulk

Commit Message

Casey Schaufler Aug. 13, 2016, 8:36 p.m. UTC

Subject: [PATCH 11/25] Smack: Abstract the file security blob

Abstract reading the file security blob.
Remove abstraction when writing the file security blob.
There is no change in the behavior of the code.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>

---
 security/smack/smack.h     | 5 +++++
 security/smack/smack_lsm.c | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/security/smack/smack.h b/security/smack/smack.h
index 8849706..d95c56d 100644
--- a/security/smack/smack.h
+++ b/security/smack/smack.h
@@ -349,6 +349,11 @@  static inline struct task_smack *smack_cred(const struct cred *cred)
 	return cred->security;
 }
 
+static inline struct smack_known *smack_file(const struct file *file)
+{
+	return file->f_security;
+}
+
 /*
  * Is the directory transmuting?
  */
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index d45dfde..be7b3e6 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -1847,7 +1847,7 @@  static int smack_file_send_sigiotask(struct task_struct *tsk,
 	file = container_of(fown, struct file, f_owner);
 
 	/* we don't log here as rc can be overriden */
-	skp = file->f_security;
+	skp = smack_file(file);
 	rc = smk_access(skp, tkp, MAY_WRITE, NULL);
 	rc = smk_bu_note("sigiotask", skp, tkp, MAY_WRITE, rc);
 	if (rc != 0 && has_capability(tsk, CAP_MAC_OVERRIDE))

[11/25] Smack: Abstract the file security blob

Commit Message

Patch