Commit 93ede7a2 authored by Simon Ruderich's avatar Simon Ruderich
Browse files

slsm: use current_security() and current_cred()

cred uses RCU which requires appropriate locking which are handled by
current_security() and current_cred().
parent 1b7ac9fa
......@@ -144,7 +144,7 @@ cleanup:
}
static void passt_bprm_committing_creds(struct linux_binprm *bprm) {
struct passt_task *old_pt = current_cred()->security;
struct passt_task *old_pt = current_security();
struct passt_task *new_pt = bprm->cred->security;
/* both smack and apparmor do this, I have no idea why */
......@@ -207,7 +207,7 @@ static int passt_file_open(struct file *file, const struct cred *cred) {
static int passt_path_link(struct dentry *old_dentry, struct path *new_dir,
struct dentry *new_dentry) {
const struct cred *cred = current->cred;
const struct cred *cred = current_cred();
const struct passt_task *pt = cred->security;
struct path link = { new_dir->mnt, new_dentry };
/* TODO: is the mountpoint always the same for new_ and old_dentry?
......@@ -218,7 +218,7 @@ static int passt_path_link(struct dentry *old_dentry, struct path *new_dir,
const char *link_name, *target_name;
int ret;
if (passt_path_common(new_dir, current->cred, SLSM_PERMS_W))
if (passt_path_common(new_dir, cred, SLSM_PERMS_W))
return -EACCES;
target_name = passt_get_path(&target, &target_buffer);
......@@ -247,41 +247,41 @@ static int passt_path_symlink(struct path *dir, struct dentry *dentry,
const char *old_name) {
/* Symlinks are always followed so there's no need to verify the
* target here. */
return passt_path_common(dir, current->cred, SLSM_PERMS_W);
return passt_path_common(dir, current_cred(), SLSM_PERMS_W);
}
static int passt_path_unlink(struct path *dir, struct dentry *dentry) {
return passt_path_common(dir, current->cred, SLSM_PERMS_W);
return passt_path_common(dir, current_cred(), SLSM_PERMS_W);
}
static int passt_path_rename(struct path *old_dir, struct dentry *old_dentry,
struct path *new_dir, struct dentry *new_dentry) {
if (passt_path_common(old_dir, current->cred, SLSM_PERMS_W) ||
passt_path_common(new_dir, current->cred, SLSM_PERMS_W))
if (passt_path_common(old_dir, current_cred(), SLSM_PERMS_W) ||
passt_path_common(new_dir, current_cred(), SLSM_PERMS_W))
return -EACCES;
return 0;
}
static int passt_path_mkdir(struct path *dir, struct dentry *dentry,
umode_t mode) {
return passt_path_common(dir, current->cred, SLSM_PERMS_W);
return passt_path_common(dir, current_cred(), SLSM_PERMS_W);
}
static int passt_path_rmdir(struct path *dir, struct dentry *dentry) {
return passt_path_common(dir, current->cred, SLSM_PERMS_W);
return passt_path_common(dir, current_cred(), SLSM_PERMS_W);
}
static int passt_path_mknod(struct path *dir, struct dentry *dentry,
umode_t mode, unsigned int dev) {
return passt_path_common(dir, current->cred, SLSM_PERMS_W);
return passt_path_common(dir, current_cred(), SLSM_PERMS_W);
}
static int passt_path_chmod(struct path *path, umode_t mode) {
return passt_path_common(path, current->cred, SLSM_PERMS_W);
return passt_path_common(path, current_cred(), SLSM_PERMS_W);
}
static int passt_path_chown(struct path *path, kuid_t uid, kgid_t gid) {
return passt_path_common(path, current->cred, SLSM_PERMS_W);
return passt_path_common(path, current_cred(), SLSM_PERMS_W);
}
......@@ -291,7 +291,7 @@ static int passt_unix_common(struct sock *other) {
if (!u_other->addr || !u_other->addr->name->sun_path[0])
return 0;
return passt_path_common(&u_other->path, current->cred, SLSM_PERMS_RW);
return passt_path_common(&u_other->path, current_cred(), SLSM_PERMS_RW);
}
static int passt_unix_stream_connect(struct sock *sock, struct sock *other,
......@@ -366,7 +366,7 @@ static __init int passt_init(void) {
if (!pt)
/* TODO: panic? */
return -ENOMEM;
cred = (struct cred *)current->cred;
cred = (struct cred *)current_cred();
cred->security = pt;
security_add_hooks(passt_hooks, ARRAY_SIZE(passt_hooks));
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment