• Paul Moore's avatar
    lsm: separate security_task_getsecid() into subjective and objective variants · 4ebd7651
    Paul Moore authored
    Of the three LSMs that implement the security_task_getsecid() LSM
    hook, all three LSMs provide the task's objective security
    credentials.  This turns out to be unfortunate as most of the hook's
    callers seem to expect the task's subjective credentials, although
    a small handful of callers do correctly expect the objective
    credentials.
    
    This patch is the first step towards fixing the problem: it splits
    the existing security_task_getsecid() hook into two variants, one
    for the subjective creds, one for the objective creds.
    
      void security_task_getsecid_subj(struct task_struct *p,
    				   u32 *secid);
      void security_task_getsecid_obj(struct task_struct *p,
    				  u32 *secid);
    
    While this patch does fix all of the callers to use the correct
    variant, in order to keep this patch focused on the callers and to
    ease review, the LSMs continue to use the same implementation for
    both hooks.  The net effect is that this patch should not change
    the behavior of the kernel in any way, it will be up to the latter
    LSM specific patches in this series to change the hook
    implementations and return the correct credentials.
    
    Acked-by: Mimi Zohar <zohar@linux.ibm.com> (IMA)
    Acked-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
    Reviewed-by: default avatarRichard Guy Briggs <rgb@redhat.com>
    Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
    4ebd7651
auditfilter.c 34.1 KB