From patchwork Sat Aug 13 20:36:27 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 9279361 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 8E7D360780 for ; Sun, 14 Aug 2016 11:52:44 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7F5B828A06 for ; Sun, 14 Aug 2016 11:52:44 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 73CEB28A57; Sun, 14 Aug 2016 11:52:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 042DD28A06 for ; Sun, 14 Aug 2016 11:52:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S965498AbcHNLwk (ORCPT ); Sun, 14 Aug 2016 07:52:40 -0400 Received: from nm20.bullet.mail.bf1.yahoo.com ([98.139.212.179]:51667 "EHLO nm20.bullet.mail.bf1.yahoo.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S965307AbcHNLwj (ORCPT ); Sun, 14 Aug 2016 07:52:39 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1471120589; bh=tN1bLQKQSjT2Rv4zt1Sw3olSON514+Fe1OthegQpSDs=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From:Subject; b=fX36gZFyes2oKfCxWWHvjGxrQVWlh6s0jJwitN3NduPSJrxfcze9aeore6ONbAl1IAnVfwit3W6F0z6DWXmvKba5mykIi4sJ/T3LlR4YslHatdLQyEwEEwQMk/Dl+DbH0DnK7JR/DaWhOihYRsRhhG7QCYPQiH/GrbZTEQeeuLAX5OP3DkXcOHn5kQ49wg2J8oK3iYWo9hVBZ1lAVcASBcuErVsX3eSquNTgg5DgLYcg4kBj7RqRpohTHFIpp7PmmzzPAp2wZU9Nz9tbH84Dk/blrKNNU35J+zHcDEoWV7d3d73WBydNiw8VCi2gnQEWAjN07Vf65mSR73r7CQYjHA== Received: from [66.196.81.171] by nm20.bullet.mail.bf1.yahoo.com with NNFMP; 13 Aug 2016 20:36:29 -0000 Received: from [68.142.230.65] by tm17.bullet.mail.bf1.yahoo.com with NNFMP; 13 Aug 2016 20:36:29 -0000 Received: from [127.0.0.1] by smtp222.mail.bf1.yahoo.com with NNFMP; 13 Aug 2016 20:36:29 -0000 X-Yahoo-Newman-Id: 270677.49989.bm@smtp222.mail.bf1.yahoo.com X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: nLFx_ksVM1mVzH9DHhC5pF04rdeZQvFDoOBJiJv74gShpv3 dvJVaZyiZJhXTTtmL0DNUQhb9lUnS65Ya_s6OvEQ.1hWIkCWelQxqJJG7iQg vbH1rg8vmA5FJ73iUX7h1WRK3DF.QqcTHTIeqQa19uj5Iv8DF8om3TnDA.Qa 7jj7fRAW82jhkJabtn3p2mYW7QG_QU5ioHl6COOlwfWJu7rFeFuVl1hSg84h .4rvhoYe04wraqeqJG2t0giW9CqbYzmKDTK8SOZExUKx0D6KO7VIDuQXqm9N 2FUXqCkUq2Sr0crLImliDoVFyZdzH9czUMmNfoulQk8p2hLKlLo4RNkD48JI 9SHJqKOpibPftKTvMJVccL491vW8wCAZmjVKAP4HaJQ6L3lvxdJMiGncyM4t q0vQ54g6NXnHBDUYwrv8.56RFybGmkIfozPPBfun7In2QE9g.oLlSx28llyg Bw_oTYsfXS0_DH8QY3EaHj9KKaCMwnUwlakihmIVlbcckY4vn8tKRltcsa3l DSeumNSsxxpddBA6ILDliDFgcnBDB5928BjRo156ZSdpQvFqAorGkelGUzML bn8r0mcE.P_hT X-Yahoo-SMTP: OIJXglSswBDfgLtXluJ6wiAYv6_cnw-- Subject: [PATCH 11/25] Smack: Abstract the file security blob To: LSM , James Morris References: <801ef9a9-e594-387c-f285-8d90879ee2bf@schaufler-ca.com> Cc: John Johansen , Tetsuo Handa , Paul Moore , Stephen Smalley From: Casey Schaufler Message-ID: <74e22e74-4584-ad0c-7f7c-6d0d638fabd2@schaufler-ca.com> Date: Sat, 13 Aug 2016 13:36:27 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <801ef9a9-e594-387c-f285-8d90879ee2bf@schaufler-ca.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Subject: [PATCH 11/25] Smack: Abstract the file security blob Abstract reading the file security blob. Remove abstraction when writing the file security blob. There is no change in the behavior of the code. Signed-off-by: Casey Schaufler --- security/smack/smack.h | 5 +++++ security/smack/smack_lsm.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/security/smack/smack.h b/security/smack/smack.h index 8849706..d95c56d 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -349,6 +349,11 @@ static inline struct task_smack *smack_cred(const struct cred *cred) return cred->security; } +static inline struct smack_known *smack_file(const struct file *file) +{ + return file->f_security; +} + /* * Is the directory transmuting? */ diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index d45dfde..be7b3e6 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1847,7 +1847,7 @@ static int smack_file_send_sigiotask(struct task_struct *tsk, file = container_of(fown, struct file, f_owner); /* we don't log here as rc can be overriden */ - skp = file->f_security; + skp = smack_file(file); rc = smk_access(skp, tkp, MAY_WRITE, NULL); rc = smk_bu_note("sigiotask", skp, tkp, MAY_WRITE, rc); if (rc != 0 && has_capability(tsk, CAP_MAC_OVERRIDE))