xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Infrastructure management of the cred security blob

Browse Source 
Move management of the cred security blob out of the
security modules and into the security infrastructre.
Instead of allocating and freeing space the security
modules tell the infrastructure how much space they
require.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook <keescook@chromium.org>
This commit is contained in:
Casey Schaufler
2018-11-12 09:30:56 -08:00
committed by Kees Cook
parent 43fc460907
commit bbd3662a83
11 changed files with 162 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
security/smack/smack.h
View File

@@ -336,6 +336,7 @@ extern struct smack_known *smack_syslog_label;
extern struct smack_known *smack_unconfined;
#endif
extern int smack_ptrace_rule;
extern struct lsm_blob_sizes smack_blob_sizes;
extern struct smack_known smack_known_floor;
extern struct smack_known smack_known_hat;
@@ -358,7 +359,7 @@ extern struct hlist_head smack_known_hash[SMACK_HASH_SLOTS];
static inline struct task_smack *smack_cred(const struct cred *cred)
{
return cred->security;
return cred->security + smack_blob_sizes.lbs_cred;
}
/*