diff options
author | David Howells <dhowells@redhat.com> | 2008-11-13 18:39:18 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-11-13 18:39:18 -0500 |
commit | 86a264abe542cfececb4df129bc45a0338d8cdb9 (patch) | |
tree | 30152f04ba847f311028d5ca697f864c16c7ebb3 /security/selinux | |
parent | f1752eec6145c97163dbce62d17cf5d928e28a27 (diff) |
CRED: Wrap current->cred and a few other accessors
Wrap current->cred and a few other accessors to hide their actual
implementation.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/exports.c | 8 | ||||
-rw-r--r-- | security/selinux/xfrm.c | 6 |
2 files changed, 9 insertions, 5 deletions
diff --git a/security/selinux/exports.c b/security/selinux/exports.c index cf02490cd1eb..c73aeaa008e8 100644 --- a/security/selinux/exports.c +++ b/security/selinux/exports.c | |||
@@ -39,9 +39,13 @@ EXPORT_SYMBOL_GPL(selinux_string_to_sid); | |||
39 | int selinux_secmark_relabel_packet_permission(u32 sid) | 39 | int selinux_secmark_relabel_packet_permission(u32 sid) |
40 | { | 40 | { |
41 | if (selinux_enabled) { | 41 | if (selinux_enabled) { |
42 | struct task_security_struct *tsec = current->cred->security; | 42 | const struct task_security_struct *__tsec; |
43 | u32 tsid; | ||
43 | 44 | ||
44 | return avc_has_perm(tsec->sid, sid, SECCLASS_PACKET, | 45 | __tsec = current_security(); |
46 | tsid = __tsec->sid; | ||
47 | |||
48 | return avc_has_perm(tsid, sid, SECCLASS_PACKET, | ||
45 | PACKET__RELABELTO, NULL); | 49 | PACKET__RELABELTO, NULL); |
46 | } | 50 | } |
47 | return 0; | 51 | return 0; |
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c index d7db76617b0e..c0eb72013d67 100644 --- a/security/selinux/xfrm.c +++ b/security/selinux/xfrm.c | |||
@@ -197,7 +197,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, | |||
197 | struct xfrm_user_sec_ctx *uctx, u32 sid) | 197 | struct xfrm_user_sec_ctx *uctx, u32 sid) |
198 | { | 198 | { |
199 | int rc = 0; | 199 | int rc = 0; |
200 | struct task_security_struct *tsec = current->cred->security; | 200 | const struct task_security_struct *tsec = current_security(); |
201 | struct xfrm_sec_ctx *ctx = NULL; | 201 | struct xfrm_sec_ctx *ctx = NULL; |
202 | char *ctx_str = NULL; | 202 | char *ctx_str = NULL; |
203 | u32 str_len; | 203 | u32 str_len; |
@@ -333,7 +333,7 @@ void selinux_xfrm_policy_free(struct xfrm_sec_ctx *ctx) | |||
333 | */ | 333 | */ |
334 | int selinux_xfrm_policy_delete(struct xfrm_sec_ctx *ctx) | 334 | int selinux_xfrm_policy_delete(struct xfrm_sec_ctx *ctx) |
335 | { | 335 | { |
336 | struct task_security_struct *tsec = current->cred->security; | 336 | const struct task_security_struct *tsec = current_security(); |
337 | int rc = 0; | 337 | int rc = 0; |
338 | 338 | ||
339 | if (ctx) { | 339 | if (ctx) { |
@@ -378,7 +378,7 @@ void selinux_xfrm_state_free(struct xfrm_state *x) | |||
378 | */ | 378 | */ |
379 | int selinux_xfrm_state_delete(struct xfrm_state *x) | 379 | int selinux_xfrm_state_delete(struct xfrm_state *x) |
380 | { | 380 | { |
381 | struct task_security_struct *tsec = current->cred->security; | 381 | const struct task_security_struct *tsec = current_security(); |
382 | struct xfrm_sec_ctx *ctx = x->security; | 382 | struct xfrm_sec_ctx *ctx = x->security; |
383 | int rc = 0; | 383 | int rc = 0; |
384 | 384 | ||