| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251022072729.14820-2-xion.wang@mediatek.com>
Date: Wed, 22 Oct 2025 15:27:18 +0800
From: <xion.wang@...iatek.com>
To: Paul Moore <paul@...l-moore.com>, Stephen Smalley
<stephen.smalley.work@...il.com>, Ondrej Mosnacek <omosnace@...hat.com>,
Matthias Brugger <matthias.bgg@...il.com>, AngeloGioacchino Del Regno
<angelogioacchino.delregno@...labora.com>
CC: <wsd_upstream@...iatek.com>, <huadian.liu@...iatek.com>, Xion Wang
<xion.wang@...iatek.com>, <selinux@...r.kernel.org>,
<linux-kernel@...r.kernel.org>, <linux-arm-kernel@...ts.infradead.org>,
<linux-mediatek@...ts.infradead.org>
Subject: [PATCH 1/1] selinux: export current_sid API for use in other kernel modules
From: Xion Wang <xion.wang@...iatek.com>
Convert current_sid from static inline to a global
function and export it with EXPORT_SYMBOL.
This allows other kernel modules to retrieve
the SELinux security ID of the current task.
Signed-off-by: Xion Wang <xion.wang@...iatek.com>
---
security/selinux/hooks.c | 11 +++++++++++
security/selinux/include/objsec.h | 12 ++----------
2 files changed, 13 insertions(+), 10 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index dfc22da42f30..0c128f323332 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -229,6 +229,17 @@ static inline u32 cred_sid(const struct cred *cred)
return tsec->sid;
}
+/*
+ * get the subjective security ID of the current task
+ */
+u32 current_sid(void)
+{
+ const struct task_security_struct *tsec = selinux_cred(current_cred());
+
+ return tsec->sid;
+}
+EXPORT_SYMBOL(current_sid);
+
static void __ad_net_init(struct common_audit_data *ad,
struct lsm_network_audit *net,
int ifindex, struct sock *sk, u16 family)
diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h
index 2d5139c6d45b..787a0cd74ff0 100644
--- a/security/selinux/include/objsec.h
+++ b/security/selinux/include/objsec.h
@@ -202,16 +202,6 @@ selinux_ipc(const struct kern_ipc_perm *ipc)
return ipc->security + selinux_blob_sizes.lbs_ipc;
}
-/*
- * get the subjective security ID of the current task
- */
-static inline u32 current_sid(void)
-{
- const struct task_security_struct *tsec = selinux_cred(current_cred());
-
- return tsec->sid;
-}
-
static inline struct superblock_security_struct *
selinux_superblock(const struct super_block *superblock)
{
@@ -265,4 +255,6 @@ selinux_bpf_token_security(struct bpf_token *token)
return token->security + selinux_blob_sizes.lbs_bpf_token;
}
#endif /* CONFIG_BPF_SYSCALL */
+
+u32 current_sid(void);
#endif /* _SELINUX_OBJSEC_H_ */
--
2.45.2
Powered by blists - more mailing lists