forked from ~ljy/RK356X_SDK_RELEASE

blame | history | patch | commit | commitdiff
hc
2024-01-31 f9004dbfff8a3fbbd7e2a88c8a4327c7f2f8e5b2 
 kernel/security/selinux/include/objsec.h
....@@ -1,3 +1,4 @@
1
+/* SPDX-License-Identifier: GPL-2.0-only */
12 /*
23  *  NSA Security-Enhanced Linux (SELinux) security module
34  *
....@@ -11,10 +12,6 @@
1112  *  Copyright (C) 2001,2002 Networks Associates Technology, Inc.
1213  *  Copyright (C) 2003 Red Hat, Inc., James Morris <jmorris@redhat.com>
1314  *  Copyright (C) 2016 Mellanox Technologies
14
- *
15
- *	This program is free software; you can redistribute it and/or modify
16
- *	it under the terms of the GNU General Public License version 2,
17
- *	as published by the Free Software Foundation.
1815  */
1916 #ifndef _SELINUX_OBJSEC_H_
2017 #define _SELINUX_OBJSEC_H_
....@@ -25,6 +22,8 @@
2522 #include <linux/binfmts.h>
2623 #include <linux/in.h>
2724 #include <linux/spinlock.h>
25
+#include <linux/lsm_hooks.h>
26
+#include <linux/msg.h>
2827 #include <net/net_namespace.h>
2928 #include "flask.h"
3029 #include "avc.h"
....@@ -36,17 +35,7 @@
3635 	u32 create_sid;		/* fscreate SID */
3736 	u32 keycreate_sid;	/* keycreate SID */
3837 	u32 sockcreate_sid;	/* fscreate SID */
39
-};
40
-
41
-/*
42
- * get the subjective security ID of the current task
43
- */
44
-static inline u32 current_sid(void)
45
-{
46
-	const struct task_security_struct *tsec = current_security();
47
-
48
-	return tsec->sid;
49
-}
38
+} __randomize_layout;
5039 
5140 enum label_initialized {
5241 	LABEL_INVALID,		/* invalid or not initialized */
....@@ -56,10 +45,7 @@
5645 
5746 struct inode_security_struct {
5847 	struct inode *inode;	/* back pointer to inode object */
59
-	union {
60
-		struct list_head list;	/* list of inode_security_struct */
61
-		struct rcu_head rcu;	/* for freeing the inode_security_struct */
62
-	};
48
+	struct list_head list;	/* list of inode_security_struct */
6349 	u32 task_sid;		/* SID of creating task */
6450 	u32 sid;		/* SID of this object */
6551 	u16 sclass;		/* security class of this object */
....@@ -162,4 +148,45 @@
162148 	u32 sid;  /* SID of perf_event obj creator */
163149 };
164150 
151
+extern struct lsm_blob_sizes selinux_blob_sizes;
152
+static inline struct task_security_struct *selinux_cred(const struct cred *cred)
153
+{
154
+	return cred->security + selinux_blob_sizes.lbs_cred;
155
+}
156
+
157
+static inline struct file_security_struct *selinux_file(const struct file *file)
158
+{
159
+	return file->f_security + selinux_blob_sizes.lbs_file;
160
+}
161
+
162
+static inline struct inode_security_struct *selinux_inode(
163
+						const struct inode *inode)
164
+{
165
+	if (unlikely(!inode->i_security))
166
+		return NULL;
167
+	return inode->i_security + selinux_blob_sizes.lbs_inode;
168
+}
169
+
170
+static inline struct msg_security_struct *selinux_msg_msg(
171
+						const struct msg_msg *msg_msg)
172
+{
173
+	return msg_msg->security + selinux_blob_sizes.lbs_msg_msg;
174
+}
175
+
176
+static inline struct ipc_security_struct *selinux_ipc(
177
+						const struct kern_ipc_perm *ipc)
178
+{
179
+	return ipc->security + selinux_blob_sizes.lbs_ipc;
180
+}
181
+
182
+/*
183
+ * get the subjective security ID of the current task
184
+ */
185
+static inline u32 current_sid(void)
186
+{
187
+	const struct task_security_struct *tsec = selinux_cred(current_cred());
188
+
189
+	return tsec->sid;
190
+}
191
+
165192 #endif /* _SELINUX_OBJSEC_H_ */