On Thu, May 13, 2021 at 4:16 PM Casey Schaufler <[email protected]> wrote: > > Change the security_secctx_to_secid interface to use a lsmblob > structure in place of the single u32 secid in support of > module stacking. Change its callers to do the same. > > The security module hook is unchanged, still passing back a secid. > The infrastructure passes the correct entry from the lsmblob. > > Signed-off-by: Casey Schaufler <[email protected]> > Cc: [email protected] > Cc: [email protected] > To: Pablo Neira Ayuso <[email protected]> > --- > include/linux/security.h | 26 ++++++++++++++++++-- > kernel/cred.c | 4 +--- > net/netfilter/nft_meta.c | 10 ++++---- > net/netfilter/xt_SECMARK.c | 7 +++++- > net/netlabel/netlabel_unlabeled.c | 23 +++++++++++------- > security/security.c | 40 ++++++++++++++++++++++++++----- > 6 files changed, 85 insertions(+), 25 deletions(-)
Acked-by: Paul Moore <[email protected]> -- paul moore www.paul-moore.com -- Linux-audit mailing list [email protected] https://listman.redhat.com/mailman/listinfo/linux-audit
