From: "Ahmed S. Darwish" <darwish.07@gmail.com>
To: Chris Wright <chrisw@sous-sol.org>,
Stephen Smalley <sds@tycho.nsa.gov>,
James Morris <jmorris@namei.org>,
Eric Paris <eparis@parisplace.org>,
Casey Schaufler <casey@schaufler-ca.com>,
David Woodhouse <dwmw2@infradead.org>
Cc: linux-security-module@vger.kernel.org,
LKML <linux-kernel@vger.kernel.org>,
akpm <akpm@linux-foundation.org>
Subject: [PATCH -mm 4/4] Netlink: Use LSM interface instead of SELinux one
Date: Wed, 27 Feb 2008 01:31:48 +0200
Message-ID: <20080226233148.GE12059@ubuntu> (raw)
In-Reply-To: <20080226232229.GA12059@ubuntu>
Don't use SELinux exported selinux_get_task_sid symbol.
Use the generic LSM equivalent instead.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
---
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 1ab0da2..61fd277 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -54,7 +54,6 @@
#include <linux/mm.h>
#include <linux/types.h>
#include <linux/audit.h>
-#include <linux/selinux.h>
#include <linux/mutex.h>
#include <net/net_namespace.h>
@@ -1239,7 +1238,7 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock,
NETLINK_CB(skb).pid = nlk->pid;
NETLINK_CB(skb).dst_group = dst_group;
NETLINK_CB(skb).loginuid = audit_get_loginuid(current);
- selinux_get_task_sid(current, &(NETLINK_CB(skb).sid));
+ security_task_getsecid(current, &(NETLINK_CB(skb).sid));
memcpy(NETLINK_CREDS(skb), &siocb->scm->creds, sizeof(struct ucred));
/* What can I do? Netlink is asynchronous, so that
--
"Better to light a candle, than curse the darkness"
Ahmed S. Darwish
Homepage: http://darwish.07.googlepages.com
Blog: http://darwish-07.blogspot.com
prev parent reply index
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-26 23:22 [PATCH -mm 0/4] LSM interfaced Audit (SELinux audit separation) Ahmed S. Darwish
2008-02-26 23:24 ` [PATCH -mm 1/4] LSM: Introduce inode_getsecid and ipc_getsecid hooks Ahmed S. Darwish
2008-02-27 16:04 ` Paul Moore
2008-02-27 16:45 ` Ahmed S. Darwish
2008-02-26 23:25 ` [PATCH -mm 2/4] SELinux: Remove various exported symbols Ahmed S. Darwish
2008-02-26 23:42 ` Paul Moore
2008-02-26 23:28 ` [PATCH -mm 3/4] Audit: start not to use SELinux " Ahmed S. Darwish
2008-02-27 16:00 ` Paul Moore
2008-02-27 17:11 ` Ahmed S. Darwish
2008-02-27 22:25 ` James Morris
2008-02-26 23:31 ` Ahmed S. Darwish [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080226233148.GE12059@ubuntu \
--to=darwish.07@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=casey@schaufler-ca.com \
--cc=chrisw@sous-sol.org \
--cc=dwmw2@infradead.org \
--cc=eparis@parisplace.org \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=sds@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
LKML Archive on lore.kernel.org
Archives are clonable:
git clone --mirror https://lkml.kernel.org/lkml/0 lkml/git/0.git
git clone --mirror https://lkml.kernel.org/lkml/1 lkml/git/1.git
git clone --mirror https://lkml.kernel.org/lkml/2 lkml/git/2.git
git clone --mirror https://lkml.kernel.org/lkml/3 lkml/git/3.git
git clone --mirror https://lkml.kernel.org/lkml/4 lkml/git/4.git
git clone --mirror https://lkml.kernel.org/lkml/5 lkml/git/5.git
git clone --mirror https://lkml.kernel.org/lkml/6 lkml/git/6.git
git clone --mirror https://lkml.kernel.org/lkml/7 lkml/git/7.git
git clone --mirror https://lkml.kernel.org/lkml/8 lkml/git/8.git
git clone --mirror https://lkml.kernel.org/lkml/9 lkml/git/9.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 lkml lkml/ https://lkml.kernel.org/lkml \
linux-kernel@vger.kernel.org
public-inbox-index lkml
Example config snippet for mirrors
Newsgroup available over NNTP:
nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git