SELinux: Abstract use of cred security blob

Don't use the cred->security pointer directly. Provide a helper function that provides the security blob pointer. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: Kees Cook <keescook@chromium.org> [kees: adjusted for ordered init series] Signed-off-by: Kees Cook <keescook@chromium.org>
author: Casey Schaufler <casey@schaufler-ca.com> 2018-09-22 03:17:16 +0300
committer: Kees Cook <keescook@chromium.org> 2019-01-09 00:18:44 +0300
commit: 0c6cfa622cf57109607f3416b286b6b55561a2ea (patch)
tree: b19919a635083c0e7dd218e794d78cf536ffb194 /security/selinux/xfrm.c
parent: b17103a8b8ae9c9ecc5e1e6501b1478ee2dc6fe4 (diff)
download: linux-0c6cfa622cf57109607f3416b286b6b55561a2ea.tar.xz
1 files changed, 2 insertions, 2 deletions
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c
index bd7d18bdb147..7c57cb7e4146 100644
--- a/security/selinux/xfrm.c
+++ b/security/selinux/xfrm.c
@@ -79,7 +79,7 @@ static int selinux_xfrm_alloc_user(struct xfrm_sec_ctx **ctxp,
 				   gfp_t gfp)
 {
 	int rc;
-	const struct task_security_struct *tsec = current_security();
+	const struct task_security_struct *tsec = selinux_cred(current_cred());
 	struct xfrm_sec_ctx *ctx = NULL;
 	u32 str_len;
 
@@ -138,7 +138,7 @@ static void selinux_xfrm_free(struct xfrm_sec_ctx *ctx)
  */
 static int selinux_xfrm_delete(struct xfrm_sec_ctx *ctx)
 {
-	const struct task_security_struct *tsec = current_security();
+	const struct task_security_struct *tsec = selinux_cred(current_cred());
 
 	if (!ctx)
 		return 0;
author	Casey Schaufler <casey@schaufler-ca.com>	2018-09-22 03:17:16 +0300
committer	Kees Cook <keescook@chromium.org>	2019-01-09 00:18:44 +0300
commit	0c6cfa622cf57109607f3416b286b6b55561a2ea (patch)
tree	b19919a635083c0e7dd218e794d78cf536ffb194 /security/selinux/xfrm.c
parent	b17103a8b8ae9c9ecc5e1e6501b1478ee2dc6fe4 (diff)
download	linux-0c6cfa622cf57109607f3416b286b6b55561a2ea.tar.xz