AppArmor: Abstract use of cred security blob

Don't use the cred->security pointer directly. Provide a helper function that provides the security blob pointer. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: Kees Cook <keescook@chromium.org> [kees: adjusted for ordered init series] Signed-off-by: Kees Cook <keescook@chromium.org>
2018-09-21 17:17:59 -07:00 · 2018-09-21 17:17:59 -07:00 · 69b5a44a95
parent 3d25252948
commit 69b5a44a95
4 changed files with 24 additions and 10 deletions
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@ -975,7 +975,7 @@ int apparmor_bprm_set_creds(struct linux_binprm *bprm)
 	}
 	aa_put_label(cred_label(bprm->cred));
 	/* transfer reference, released when cred is freed */
-	cred_label(bprm->cred) = new;
+	set_cred_label(bprm->cred, new);
 done:
 	aa_put_label(label);
--- a/security/apparmor/include/cred.h
+++ b/security/apparmor/include/cred.h
@ -23,8 +23,22 @@
 #include "policy_ns.h"
 #include "task.h"
-#define cred_label(X) ((X)->security)
+static inline struct aa_label *cred_label(const struct cred *cred)
 {
 	struct aa_label **blob = cred->security;
 	AA_BUG(!blob);
 	return *blob;
 }
 static inline void set_cred_label(const struct cred *cred,
 				  struct aa_label *label)
 {
 	struct aa_label **blob = cred->security;
 	AA_BUG(!blob);
 	*blob = label;
 }
 /**
 * aa_cred_raw_label - obtain cred's label
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@ -60,7 +60,7 @@ DEFINE_PER_CPU(struct aa_buffers, aa_buffers);
 static void apparmor_cred_free(struct cred *cred)
 {
 	aa_put_label(cred_label(cred));
-	cred_label(cred) = NULL;
+	set_cred_label(cred, NULL);
 }
 /*
@ -68,7 +68,7 @@ static void apparmor_cred_free(struct cred *cred)
 */
 static int apparmor_cred_alloc_blank(struct cred *cred, gfp_t gfp)
 {
-	cred_label(cred) = NULL;
+	set_cred_label(cred, NULL);
 	return 0;
 }
@ -78,7 +78,7 @@ static int apparmor_cred_alloc_blank(struct cred *cred, gfp_t gfp)
 static int apparmor_cred_prepare(struct cred *new, const struct cred *old,
 				 gfp_t gfp)
 {
-	cred_label(new) = aa_get_newest_label(cred_label(old));
+	set_cred_label(new, aa_get_newest_label(cred_label(old)));
 	return 0;
 }
@ -87,7 +87,7 @@ static int apparmor_cred_prepare(struct cred *new, const struct cred *old,
 */
 static void apparmor_cred_transfer(struct cred *new, const struct cred *old)
 {
-	cred_label(new) = aa_get_newest_label(cred_label(old));
+	set_cred_label(new, aa_get_newest_label(cred_label(old)));
 }
 static void apparmor_task_free(struct task_struct *task)
@ -1485,7 +1485,7 @@ static int __init set_init_ctx(void)
 	if (!ctx)
 		return -ENOMEM;
-	cred_label(cred) = aa_get_label(ns_unconfined(root_ns));
+	set_cred_label(cred, aa_get_label(ns_unconfined(root_ns)));
 	task_ctx(current) = ctx;
 	return 0;
--- a/security/apparmor/task.c
+++ b/security/apparmor/task.c
@ -81,7 +81,7 @@ int aa_replace_current_label(struct aa_label *label)
 	 */
 	aa_get_label(label);
 	aa_put_label(cred_label(new));
-	cred_label(new) = label;
+	set_cred_label(new, label);
 	commit_creds(new);
 	return 0;
@ -138,7 +138,7 @@ int aa_set_current_hat(struct aa_label *label, u64 token)
 		return -EACCES;
 	}
-	cred_label(new) = aa_get_newest_label(label);
+	set_cred_label(new, aa_get_newest_label(label));
 	/* clear exec on switching context */
 	aa_put_label(ctx->onexec);
 	ctx->onexec = NULL;
@ -172,7 +172,7 @@ int aa_restore_previous_label(u64 token)
 		return -ENOMEM;
 	aa_put_label(cred_label(new));
-	cred_label(new) = aa_get_newest_label(ctx->previous);
+	set_cred_label(new, aa_get_newest_label(ctx->previous));
 	AA_BUG(!cred_label(new));
 	/* clear exec && prev information when restoring to previous context */
 	aa_clear_task_ctx_trans(ctx);