On Mon, Oct 30, 2017 at 10:03 AM, Stephen Smalley wrote:
> On Mon, 2017-10-30 at 10:57 +, Matthew Garrett via Selinux wrote:
>> On Thu, Oct 26, 2017 at 3:20 PM, Stephen Smalley
>> wrote:
>> > On Thu, 2017-10-26 at 01:40 -0700, Matthew Garrett via
On Mon, 2017-10-30 at 10:57 +, Matthew Garrett via Selinux wrote:
> On Thu, Oct 26, 2017 at 3:20 PM, Stephen Smalley
> wrote:
> > On Thu, 2017-10-26 at 01:40 -0700, Matthew Garrett via Selinux
> > wrote:
> > > +static void selinux_cred_getsecid(const struct cred *c, u32
>
On Thu, Oct 26, 2017 at 3:20 PM, Stephen Smalley wrote:
> On Thu, 2017-10-26 at 01:40 -0700, Matthew Garrett via Selinux wrote:
>> +static void selinux_cred_getsecid(const struct cred *c, u32 *secid)
>> +{
>> + rcu_read_lock();
>> + *secid = cred_sid(c);
>> +
On Thu, Oct 26, 2017 at 2:21 PM, Casey Schaufler wrote:
> On 10/26/2017 1:40 AM, Matthew Garrett wrote:
>> V3: Fix smack_cred_getsecid()
>
> Much better. Have you tried this with Smack?
I'm afraid not - I have zero expertise with Smack and no easy way to
set it up. I can
On 10/26/2017 1:40 AM, Matthew Garrett wrote:
> For IMA purposes, we want to be able to obtain the prepared secid in the
> bprm structure before the credentials are committed. Add a cred_getsecid
> hook that makes this possible.
>
> Signed-off-by: Matthew Garrett
> Acked-by:
On Thu, 26 Oct 2017, Matthew Garrett wrote:
> For IMA purposes, we want to be able to obtain the prepared secid in the
> bprm structure before the credentials are committed. Add a cred_getsecid
> hook that makes this possible.
>
> Signed-off-by: Matthew Garrett
> Acked-by:
For IMA purposes, we want to be able to obtain the prepared secid in the
bprm structure before the credentials are committed. Add a cred_getsecid
hook that makes this possible.
Signed-off-by: Matthew Garrett
Acked-by: Paul Moore
Cc: Paul Moore