| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20231215221636.105680-33-casey@schaufler-ca.com>
Date: Fri, 15 Dec 2023 14:16:26 -0800
From: Casey Schaufler <casey@...aufler-ca.com>
To: casey@...aufler-ca.com,
paul@...l-moore.com,
linux-security-module@...r.kernel.org
Cc: jmorris@...ei.org,
serge@...lyn.com,
keescook@...omium.org,
john.johansen@...onical.com,
penguin-kernel@...ove.sakura.ne.jp,
stephen.smalley.work@...il.com,
linux-kernel@...r.kernel.org,
mic@...ikod.net
Subject: [PATCH v39 32/42] LSM: Identify which LSM handles the context string
The security_secctx_to_secid() call can only interpret the
context string for a single LSM. Use the first LSM that supplies a hook.
Signed-off-by: Casey Schaufler <casey@...aufler-ca.com>
---
security/security.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/security/security.c b/security/security.c
index 8469816c0472..8576121fadb9 100644
--- a/security/security.c
+++ b/security/security.c
@@ -4248,8 +4248,13 @@ EXPORT_SYMBOL(security_lsmblob_to_secctx);
*/
int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid)
{
+ struct security_hook_list *hp;
+
*secid = 0;
- return call_int_hook(secctx_to_secid, 0, secdata, seclen, secid);
+ hlist_for_each_entry(hp, &security_hook_heads.secctx_to_secid, list)
+ return hp->hook.secctx_to_secid(secdata, seclen, secid);
+
+ return LSM_RET_DEFAULT(secctx_to_secid);
}
EXPORT_SYMBOL(security_secctx_to_secid);
--
2.41.0
Powered by blists - more mailing lists