tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

AppArmor: Abstract use of cred security blob

Don't use the cred->security pointer directly.
Provide a helper function that provides the security blob pointer.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
[kees: adjusted for ordered init series]
Signed-off-by: Kees Cook <keescook@chromium.org>

authored by

Casey Schaufler and committed by
Kees Cook 69b5a44a 3d252529

+24 -10
+1 -1
security/apparmor/domain.c
··· 975 975 } 976 976 aa_put_label(cred_label(bprm->cred)); 977 977 /* transfer reference, released when cred is freed */ 978 - cred_label(bprm->cred) = new; 978 + set_cred_label(bprm->cred, new); 979 979 980 980 done: 981 981 aa_put_label(label);
+15 -1
security/apparmor/include/cred.h
··· 23 23 #include "policy_ns.h" 24 24 #include "task.h" 25 25 26 - #define cred_label(X) ((X)->security) 26 + static inline struct aa_label *cred_label(const struct cred *cred) 27 + { 28 + struct aa_label **blob = cred->security; 27 29 30 + AA_BUG(!blob); 31 + return *blob; 32 + } 33 + 34 + static inline void set_cred_label(const struct cred *cred, 35 + struct aa_label *label) 36 + { 37 + struct aa_label **blob = cred->security; 38 + 39 + AA_BUG(!blob); 40 + *blob = label; 41 + } 28 42 29 43 /** 30 44 * aa_cred_raw_label - obtain cred's label
+5 -5
security/apparmor/lsm.c
··· 60 60 static void apparmor_cred_free(struct cred *cred) 61 61 { 62 62 aa_put_label(cred_label(cred)); 63 - cred_label(cred) = NULL; 63 + set_cred_label(cred, NULL); 64 64 } 65 65 66 66 /* ··· 68 68 */ 69 69 static int apparmor_cred_alloc_blank(struct cred *cred, gfp_t gfp) 70 70 { 71 - cred_label(cred) = NULL; 71 + set_cred_label(cred, NULL); 72 72 return 0; 73 73 } 74 74 ··· 78 78 static int apparmor_cred_prepare(struct cred *new, const struct cred *old, 79 79 gfp_t gfp) 80 80 { 81 - cred_label(new) = aa_get_newest_label(cred_label(old)); 81 + set_cred_label(new, aa_get_newest_label(cred_label(old))); 82 82 return 0; 83 83 } 84 84 ··· 87 87 */ 88 88 static void apparmor_cred_transfer(struct cred *new, const struct cred *old) 89 89 { 90 - cred_label(new) = aa_get_newest_label(cred_label(old)); 90 + set_cred_label(new, aa_get_newest_label(cred_label(old))); 91 91 } 92 92 93 93 static void apparmor_task_free(struct task_struct *task) ··· 1485 1485 if (!ctx) 1486 1486 return -ENOMEM; 1487 1487 1488 - cred_label(cred) = aa_get_label(ns_unconfined(root_ns)); 1488 + set_cred_label(cred, aa_get_label(ns_unconfined(root_ns))); 1489 1489 task_ctx(current) = ctx; 1490 1490 1491 1491 return 0;
+3 -3
security/apparmor/task.c
··· 81 81 */ 82 82 aa_get_label(label); 83 83 aa_put_label(cred_label(new)); 84 - cred_label(new) = label; 84 + set_cred_label(new, label); 85 85 86 86 commit_creds(new); 87 87 return 0; ··· 138 138 return -EACCES; 139 139 } 140 140 141 - cred_label(new) = aa_get_newest_label(label); 141 + set_cred_label(new, aa_get_newest_label(label)); 142 142 /* clear exec on switching context */ 143 143 aa_put_label(ctx->onexec); 144 144 ctx->onexec = NULL; ··· 172 172 return -ENOMEM; 173 173 174 174 aa_put_label(cred_label(new)); 175 - cred_label(new) = aa_get_newest_label(ctx->previous); 175 + set_cred_label(new, aa_get_newest_label(ctx->previous)); 176 176 AA_BUG(!cred_label(new)); 177 177 /* clear exec && prev information when restoring to previous context */ 178 178 aa_clear_task_ctx_trans(ctx);