[RFC PATCH v1 6/6] selinux: Use current_security() when possible

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Paul Moore <paul.moore@hp.com>
To: selinux@tycho.nsa.gov
Subject: [RFC PATCH v1 6/6] selinux: Use current_security() when possible
Date: Mon, 03 May 2010 18:11:53 -0400	[thread overview]
Message-ID: <20100503221153.8177.49205.stgit@flek.lan> (raw)
In-Reply-To: <20100503220455.8177.91177.stgit@flek.lan>

There were a number of places using the following code pattern:

  struct cred *cred = current_cred();
  struct task_security_struct *tsec = cred->security;

... which were simplified to the following:

  struct task_security_struct *tsec = current_security();

Signed-off-by: XXX
---
 security/selinux/hooks.c |   17 ++++++-----------
 1 files changed, 6 insertions(+), 11 deletions(-)

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 4f2c9ec..ccc8e0e 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -193,7 +193,7 @@ static inline u32 task_sid(const struct task_struct *task)
  */
 static inline u32 current_sid(void)
 {
-	const struct task_security_struct *tsec = current_cred()->security;
+	const struct task_security_struct *tsec = current_security();
 
 	return tsec->sid;
 }
@@ -1580,8 +1580,7 @@ static int may_create(struct inode *dir,
 		      struct dentry *dentry,
 		      u16 tclass)
 {
-	const struct cred *cred = current_cred();
-	const struct task_security_struct *tsec = cred->security;
+	const struct task_security_struct *tsec = current_security();
 	struct inode_security_struct *dsec;
 	struct superblock_security_struct *sbsec;
 	u32 sid, newsid;
@@ -2179,8 +2178,7 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm)
 
 static int selinux_bprm_secureexec(struct linux_binprm *bprm)
 {
-	const struct cred *cred = current_cred();
-	const struct task_security_struct *tsec = cred->security;
+	const struct task_security_struct *tsec = current_security();
 	u32 sid, osid;
 	int atsecure = 0;
 
@@ -2555,8 +2553,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
 				       char **name, void **value,
 				       size_t *len)
 {
-	const struct cred *cred = current_cred();
-	const struct task_security_struct *tsec = cred->security;
+	const struct task_security_struct *tsec = current_security();
 	struct inode_security_struct *dsec;
 	struct superblock_security_struct *sbsec;
 	u32 sid, newsid, clen;
@@ -3728,8 +3725,7 @@ static int socket_has_perm(struct task_struct *task, struct sock *sk, u32 perms)
 static int selinux_socket_create(int family, int type,
 				 int protocol, int kern)
 {
-	const struct cred *cred = current_cred();
-	const struct task_security_struct *tsec = cred->security;
+	const struct task_security_struct *tsec = current_security();
 	u32 newsid;
 	u16 secclass;
 
@@ -3744,8 +3740,7 @@ static int selinux_socket_create(int family, int type,
 static int selinux_socket_post_create(struct socket *sock, int family,
 				      int type, int protocol, int kern)
 {
-	const struct cred *cred = current_cred();
-	const struct task_security_struct *tsec = cred->security;
+	const struct task_security_struct *tsec = current_security();
 	struct inode_security_struct *isec = SOCK_INODE(sock)->i_security;
 	struct sk_security_struct *sksec;
 	int err = 0;


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

     prev parent reply	other threads:[~2010-05-03 22:11 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-05-03 22:11 [RFC PATCH v1 0/6] UNIX domain socket fixes and other cleanups Paul Moore
2010-05-03 22:11 ` [RFC PATCH v1 1/6] selinux: Update socket's label alongside inode's label Paul Moore
2010-05-04 13:03   ` Stephen Smalley
2010-05-04 15:29     ` Paul Moore
2010-05-03 22:11 ` [RFC PATCH v1 2/6] selinux: Set the peer label correctly on connected UNIX domain sockets Paul Moore
2010-05-04 14:05   ` Stephen Smalley
2010-05-04 14:27     ` Eric Paris
2010-05-04 15:34       ` Paul Moore
2010-05-04 19:47         ` Stephen Smalley
2010-05-05 15:46           ` Paul Moore
2010-05-03 22:11 ` [RFC PATCH v1 3/6] selinux: Consolidate sockcreate_sid logic Paul Moore
2010-05-04 13:52   ` Stephen Smalley
2010-05-04 15:31     ` Paul Moore
2010-05-04 19:44       ` Stephen Smalley
2010-05-05 15:48         ` Paul Moore
2010-05-03 22:11 ` [RFC PATCH v1 4/6] selinux: Shuffle the sk_security_struct alloc and free routines Paul Moore
2010-05-03 22:11 ` [RFC PATCH v1 5/6] selinux: Convert socket related access controls to use socket labels Paul Moore
2010-05-04 14:30   ` Eric Paris
2010-05-04 15:38     ` Paul Moore
2010-05-03 22:11 ` Paul Moore [this message]

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:4f2c9ec dfblob:ccc8e0e )
 OR (
bs:"[RFC PATCH v1 6/6] selinux: Use current_security() when possible" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20100503221153.8177.49205.stgit@flek.lan \
    --to=paul.moore@hp.com \
    --cc=selinux@tycho.nsa.gov \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.