OpenCloudOS-Kernel/security/selinux
Stephen Smalley 169ce0c081 selinux: fix residual uses of current_security() for the SELinux blob
We need to use selinux_cred() to fetch the SELinux cred blob instead
of directly using current->security or current_security().  There
were a couple of lingering uses of current_security() in the SELinux code
that were apparently missed during the earlier conversions. IIUC, this
would only manifest as a bug if multiple security modules including
SELinux are enabled and SELinux is not first in the lsm order. After
this change, there appear to be no other users of current_security()
in-tree; perhaps we should remove it altogether.

Fixes: bbd3662a83 ("Infrastructure management of the cred security blob")
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: James Morris <jamorris@linux.microsoft.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
2019-09-04 18:41:12 -04:00
..
include selinux: fix residual uses of current_security() for the SELinux blob 2019-09-04 18:41:12 -04:00
ss selinux: avoid atomic_t usage in sidtab 2019-08-27 13:26:13 -04:00
.gitignore SELinux: add .gitignore files for dynamic classes 2009-10-24 09:42:27 +08:00
Kconfig selinux: Remove SECURITY_SELINUX_BOOTPARAM_VALUE 2019-01-08 13:18:43 -08:00
Makefile SELinux: Remove unused selinux_is_enabled 2019-01-08 13:18:44 -08:00
avc.c selinux: fix avc audit messages 2019-02-05 12:34:33 -05:00
hooks.c selinux: fix residual uses of current_security() for the SELinux blob 2019-09-04 18:41:12 -04:00
ibpkey.c selinux: wrap global selinux state 2018-03-01 18:48:02 -05:00
netif.c selinux: always return a secid from the network caches if we find one 2019-08-05 16:49:55 -04:00
netlabel.c selinux: avoid uninitialized variable warning 2019-03-25 10:34:35 -04:00
netlink.c selinux: Cleanup printk logging in netlink 2018-06-19 13:33:05 -04:00
netnode.c selinux: always return a secid from the network caches if we find one 2019-08-05 16:49:55 -04:00
netport.c selinux: always return a secid from the network caches if we find one 2019-08-05 16:49:55 -04:00
nlmsgtab.c selinux: add support for RTM_NEWCHAIN, RTM_DELCHAIN, and RTM_GETCHAIN 2018-11-29 11:32:02 -05:00
selinuxfs.c SELinux: Abstract use of inode security blob 2019-01-08 13:18:44 -08:00
xfrm.c SELinux: Abstract use of cred security blob 2019-01-08 13:18:44 -08:00