aboutsummaryrefslogtreecommitdiffstats
path: root/security/smack
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2008-11-13 18:39:17 -0500
committerJames Morris <jmorris@namei.org>2008-11-13 18:39:17 -0500
commitf1752eec6145c97163dbce62d17cf5d928e28a27 (patch)
tree16bc51166d38815092de36a461b845b0b4b522f9 /security/smack
parentb6dff3ec5e116e3af6f537d4caedcad6b9e5082a (diff)
CRED: Detach the credentials from task_struct
Detach the credentials from task_struct, duplicating them in copy_process() and releasing them in __put_task_struct(). Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/smack')
-rw-r--r--security/smack/smack_lsm.c20
1 files changed, 10 insertions, 10 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 791da238d049..cc837314fb0e 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -975,8 +975,8 @@ static int smack_file_receive(struct file *file)
975 */ 975 */
976 976
977/** 977/**
978 * smack_task_alloc_security - "allocate" a task blob 978 * smack_cred_alloc_security - "allocate" a task cred blob
979 * @tsk: the task in need of a blob 979 * @cred: the task creds in need of a blob
980 * 980 *
981 * Smack isn't using copies of blobs. Everyone 981 * Smack isn't using copies of blobs. Everyone
982 * points to an immutable list. No alloc required. 982 * points to an immutable list. No alloc required.
@@ -984,24 +984,24 @@ static int smack_file_receive(struct file *file)
984 * 984 *
985 * Always returns 0 985 * Always returns 0
986 */ 986 */
987static int smack_task_alloc_security(struct task_struct *tsk) 987static int smack_cred_alloc_security(struct cred *cred)
988{ 988{
989 tsk->cred->security = current->cred->security; 989 cred->security = current->cred->security;
990 990
991 return 0; 991 return 0;
992} 992}
993 993
994/** 994/**
995 * smack_task_free_security - "free" a task blob 995 * smack_cred_free - "free" task-level security credentials
996 * @task: the task with the blob 996 * @cred: the credentials in question
997 * 997 *
998 * Smack isn't using copies of blobs. Everyone 998 * Smack isn't using copies of blobs. Everyone
999 * points to an immutable list. The blobs never go away. 999 * points to an immutable list. The blobs never go away.
1000 * There is no leak here. 1000 * There is no leak here.
1001 */ 1001 */
1002static void smack_task_free_security(struct task_struct *task) 1002static void smack_cred_free(struct cred *cred)
1003{ 1003{
1004 task->cred->security = NULL; 1004 cred->security = NULL;
1005} 1005}
1006 1006
1007/** 1007/**
@@ -2630,8 +2630,8 @@ struct security_operations smack_ops = {
2630 .file_send_sigiotask = smack_file_send_sigiotask, 2630 .file_send_sigiotask = smack_file_send_sigiotask,
2631 .file_receive = smack_file_receive, 2631 .file_receive = smack_file_receive,
2632 2632
2633 .task_alloc_security = smack_task_alloc_security, 2633 .cred_alloc_security = smack_cred_alloc_security,
2634 .task_free_security = smack_task_free_security, 2634 .cred_free = smack_cred_free,
2635 .task_post_setuid = cap_task_post_setuid, 2635 .task_post_setuid = cap_task_post_setuid,
2636 .task_setpgid = smack_task_setpgid, 2636 .task_setpgid = smack_task_setpgid,
2637 .task_getpgid = smack_task_getpgid, 2637 .task_getpgid = smack_task_getpgid,