From: Paul Moore <paul.moore@hp.com>
To: selinux@tycho.nsa.gov
Subject: [PATCH 6/6] selinux: Use current_security() when possible
Date: Sat, 29 May 2010 17:53:56 -0400 [thread overview]
Message-ID: <20100529215356.4042.16646.stgit@flek.lan> (raw)
In-Reply-To: <20100529214628.4042.88276.stgit@flek.lan>
There were a number of places using the following code pattern:
struct cred *cred = current_cred();
struct task_security_struct *tsec = cred->security;
... which were simplified to the following:
struct task_security_struct *tsec = current_security();
Signed-off-by: Paul Moore <paul.moore@hp.com>
---
security/selinux/hooks.c | 17 ++++++-----------
1 files changed, 6 insertions(+), 11 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 409839d..fe84364 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -188,7 +188,7 @@ static inline u32 task_sid(const struct task_struct *task)
*/
static inline u32 current_sid(void)
{
- const struct task_security_struct *tsec = current_cred()->security;
+ const struct task_security_struct *tsec = current_security();
return tsec->sid;
}
@@ -1558,8 +1558,7 @@ static int may_create(struct inode *dir,
struct dentry *dentry,
u16 tclass)
{
- const struct cred *cred = current_cred();
- const struct task_security_struct *tsec = cred->security;
+ const struct task_security_struct *tsec = current_security();
struct inode_security_struct *dsec;
struct superblock_security_struct *sbsec;
u32 sid, newsid;
@@ -2157,8 +2156,7 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm)
static int selinux_bprm_secureexec(struct linux_binprm *bprm)
{
- const struct cred *cred = current_cred();
- const struct task_security_struct *tsec = cred->security;
+ const struct task_security_struct *tsec = current_security();
u32 sid, osid;
int atsecure = 0;
@@ -2533,8 +2531,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
char **name, void **value,
size_t *len)
{
- const struct cred *cred = current_cred();
- const struct task_security_struct *tsec = cred->security;
+ const struct task_security_struct *tsec = current_security();
struct inode_security_struct *dsec;
struct superblock_security_struct *sbsec;
u32 sid, newsid, clen;
@@ -3710,8 +3707,7 @@ static int sock_has_perm(struct task_struct *task, struct sock *sk, u32 perms)
static int selinux_socket_create(int family, int type,
int protocol, int kern)
{
- const struct cred *cred = current_cred();
- const struct task_security_struct *tsec = cred->security;
+ const struct task_security_struct *tsec = current_security();
u32 newsid;
u16 secclass;
@@ -3726,8 +3722,7 @@ static int selinux_socket_create(int family, int type,
static int selinux_socket_post_create(struct socket *sock, int family,
int type, int protocol, int kern)
{
- const struct cred *cred = current_cred();
- const struct task_security_struct *tsec = cred->security;
+ const struct task_security_struct *tsec = current_security();
struct inode_security_struct *isec = SOCK_INODE(sock)->i_security;
struct sk_security_struct *sksec;
int err = 0;
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2010-05-29 21:53 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-29 21:53 [PATCH 0/6] SELinux UNIX domain socket fixes/cleanup Paul Moore
2010-05-29 21:53 ` [PATCH 1/6] selinux: Update socket's label alongside inode's label Paul Moore
2010-05-29 21:53 ` [PATCH 2/6] selinux: Set the peer label correctly on connected UNIX domain sockets Paul Moore
2010-05-29 21:53 ` [PATCH 3/6] selinux: Consolidate sockcreate_sid logic Paul Moore
2010-05-29 21:53 ` [PATCH 4/6] selinux: Shuffle the sk_security_struct alloc and free routines Paul Moore
2010-05-29 21:53 ` [PATCH 5/6] selinux: Convert socket related access controls to use socket labels Paul Moore
2010-05-29 21:53 ` Paul Moore [this message]
2010-06-03 20:52 ` [PATCH 0/6] SELinux UNIX domain socket fixes/cleanup Paul Moore
2010-06-03 21:12 ` Eric Paris
2010-06-03 21:44 ` Paul Moore
2010-06-09 21:39 ` Paul Moore
2010-06-21 18:32 ` Paul Moore
2010-06-21 19:13 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100529215356.4042.16646.stgit@flek.lan \
--to=paul.moore@hp.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.