Re: [PATCH 3/5] selinux: Pass security pointer to determine_inode_label()

From: Vivek Goyal
Date: Tue Jul 05 2016 - 17:09:29 EST


On Tue, Jul 05, 2016 at 01:25:22PM -0700, Casey Schaufler wrote:
> On 7/5/2016 8:50 AM, Vivek Goyal wrote:
> > Right now selinux_determine_inode_label() works on security pointer of
> > current task. Soon I need this to work on a security pointer retrieved
> > from a set of creds. So start passing in a pointer and caller can decide
> > where to fetch security pointer from.
> >
> > Signed-off-by: Vivek Goyal <vgoyal@xxxxxxxxxx>
> > ---
> > security/selinux/hooks.c | 17 +++++++++--------
> > 1 file changed, 9 insertions(+), 8 deletions(-)
> >
> > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> > index c68223c..86a07ed 100644
> > --- a/security/selinux/hooks.c
> > +++ b/security/selinux/hooks.c
> > @@ -1785,13 +1785,13 @@ out:
> > /*
> > * Determine the label for an inode that might be unioned.
> > */
> > -static int selinux_determine_inode_label(struct inode *dir,
> > - const struct qstr *name,
> > - u16 tclass,
> > +static int selinux_determine_inode_label(const void *security,
>
> You know the type. Why not use it?
>
> static int selinux_determine_inode_label(const struct task_security_struct *tsec,

Will change it. All callers use current_security() to fetch this pointer
and it returns void * and I guess I assumed that compiler will complain
but it does not seem to complain.

Vivek