Smack: Abstract use of file security blob (f28952ac) · Commits · 戴 / test

security/smack/smack.h

+5 −0

Original line number	Diff line number	Diff line
		@@ -362,6 +362,11 @@ static inline struct task_smack smack_cred(const struct cred cred)
		return cred->security + smack_blob_sizes.lbs_cred;
		}

		static inline struct smack_known *smack_file(const struct file file)
		{
		return (struct smack_known **)&file->f_security;
		}

		/*
		* Is the directory transmuting?
		*/

+8 −4

Original line number	Diff line number	Diff line
		@@ -1489,9 +1489,9 @@ static void smack_inode_getsecid(struct inode inode, u32 secid)
		*/
		static int smack_file_alloc_security(struct file *file)
		{
		struct smack_known *skp = smk_of_current();
		struct smack_known **blob = smack_file(file);

		file->f_security = skp;
		*blob = smk_of_current();
		return 0;
		}

		@@ -1731,7 +1731,9 @@ static int smack_mmap_file(struct file *file,
		*/
		static void smack_file_set_fowner(struct file *file)
		{
		file->f_security = smk_of_current();
		struct smack_known **blob = smack_file(file);

		*blob = smk_of_current();
		}

		/**
		@@ -1748,6 +1750,7 @@ static void smack_file_set_fowner(struct file *file)
		static int smack_file_send_sigiotask(struct task_struct *tsk,
		struct fown_struct *fown, int signum)
		{
		struct smack_known **blob;
		struct smack_known *skp;
		struct smack_known *tkp = smk_of_task(smack_cred(tsk->cred));
		const struct cred *tcred;
		@@ -1761,7 +1764,8 @@ static int smack_file_send_sigiotask(struct task_struct *tsk,
		file = container_of(fown, struct file, f_owner);

		/* we don't log here as rc can be overriden */
		skp = file->f_security;
		blob = smack_file(file);
		skp = *blob;
		rc = smk_access(skp, tkp, MAY_DELIVER, NULL);
		rc = smk_bu_note("sigiotask", skp, tkp, MAY_DELIVER, rc);