1 files changed, 30 insertions, 0 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index c243a2b25832..969f5fee1906 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -1080,6 +1080,22 @@ static int smack_file_receive(struct file *file)
 */
 /**
+ * smack_cred_alloc_blank - "allocate" blank task-level security credentials
+ * @new: the new credentials
+ * @gfp: the atomicity of any memory allocations
+ *
+ * Prepare a blank set of credentials for modification.  This must allocate all
+ * the memory the LSM module might require such that cred_transfer() can
+ * complete without error.
+ */
+static int smack_cred_alloc_blank(struct cred *cred, gfp_t gfp)
+{
+        cred->security = NULL;
+        return 0;
+}
+/**
 * smack_cred_free - "free" task-level security credentials
 * @cred: the credentials in question
 *
@@ -1117,6 +1133,18 @@ static void smack_cred_commit(struct cred *new, const struct cred *old)
 }
 /**
+ * smack_cred_transfer - Transfer the old credentials to the new credentials
+ * @new: the new credentials
+ * @old: the original credentials
+ *
+ * Fill in a set of blank credentials from another set of credentials.
+ */
+static void smack_cred_transfer(struct cred *new, const struct cred *old)
+{
+        new->security = old->security;
+}
+/**
 * smack_kernel_act_as - Set the subjective context in a set of credentials
 * @new: points to the set of credentials to be modified.
 * @secid: specifies the security ID to be set
@@ -3073,9 +3101,11 @@ struct security_operations smack_ops = {
        .file_send_sigiotask =          smack_file_send_sigiotask,
        .file_receive =                 smack_file_receive,
+        .cred_alloc_blank =             smack_cred_alloc_blank,
        .cred_free =                    smack_cred_free,
        .cred_prepare =                 smack_cred_prepare,
        .cred_commit =                  smack_cred_commit,
+        .cred_transfer =                smack_cred_transfer,
        .kernel_act_as =                smack_kernel_act_as,
        .kernel_create_files_as =       smack_kernel_create_files_as,
        .task_setpgid =                 smack_task_setpgid,

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index c243a2b25832..969f5fee1906 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c
@@ -1080,6 +1080,22 @@ static int smack_file_receive(struct file *file)
1080	*/	1080	*/
1081		1081
1082	/**	1082	/**
		1083	* smack_cred_alloc_blank - "allocate" blank task-level security credentials
		1084	* @new: the new credentials
		1085	* @gfp: the atomicity of any memory allocations
		1086	*
		1087	* Prepare a blank set of credentials for modification. This must allocate all
		1088	* the memory the LSM module might require such that cred_transfer() can
		1089	* complete without error.
		1090	*/
		1091	static int smack_cred_alloc_blank(struct cred *cred, gfp_t gfp)
		1092	{
		1093	cred->security = NULL;
		1094	return 0;
		1095	}
		1096
		1097
		1098	/**
1083	* smack_cred_free - "free" task-level security credentials	1099	* smack_cred_free - "free" task-level security credentials
1084	* @cred: the credentials in question	1100	* @cred: the credentials in question
1085	*	1101	*
@@ -1117,6 +1133,18 @@ static void smack_cred_commit(struct cred new, const struct cred old)
1117	}	1133	}
1118		1134
1119	/**	1135	/**
		1136	* smack_cred_transfer - Transfer the old credentials to the new credentials
		1137	* @new: the new credentials
		1138	* @old: the original credentials
		1139	*
		1140	* Fill in a set of blank credentials from another set of credentials.
		1141	*/
		1142	static void smack_cred_transfer(struct cred new, const struct cred old)
		1143	{
		1144	new->security = old->security;
		1145	}
		1146
		1147	/**
1120	* smack_kernel_act_as - Set the subjective context in a set of credentials	1148	* smack_kernel_act_as - Set the subjective context in a set of credentials
1121	* @new: points to the set of credentials to be modified.	1149	* @new: points to the set of credentials to be modified.
1122	* @secid: specifies the security ID to be set	1150	* @secid: specifies the security ID to be set
@@ -3073,9 +3101,11 @@ struct security_operations smack_ops = {
3073	.file_send_sigiotask = smack_file_send_sigiotask,	3101	.file_send_sigiotask = smack_file_send_sigiotask,
3074	.file_receive = smack_file_receive,	3102	.file_receive = smack_file_receive,
3075		3103
		3104	.cred_alloc_blank = smack_cred_alloc_blank,
3076	.cred_free = smack_cred_free,	3105	.cred_free = smack_cred_free,
3077	.cred_prepare = smack_cred_prepare,	3106	.cred_prepare = smack_cred_prepare,
3078	.cred_commit = smack_cred_commit,	3107	.cred_commit = smack_cred_commit,
		3108	.cred_transfer = smack_cred_transfer,
3079	.kernel_act_as = smack_kernel_act_as,	3109	.kernel_act_as = smack_kernel_act_as,
3080	.kernel_create_files_as = smack_kernel_create_files_as,	3110	.kernel_create_files_as = smack_kernel_create_files_as,
3081	.task_setpgid = smack_task_setpgid,	3111	.task_setpgid = smack_task_setpgid,