On Wed, Sep 26, 2018 at 2:57 PM, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote: > lsm_early_cred()/lsm_early_task() are called from only __init functions. > > lsm_cred_alloc()/lsm_file_alloc() are called from only security/security.c . > > lsm_early_inode() should be avoided because it is not appropriate to > call panic() when lsm_early_inode() is called after __init phase. > > Since all free hooks are called when one of init hooks failed, each > free hook needs to check whether init hook was called. > > The original changes are from Tetsuo Handa. I have made minor > changes in some places, but this is mostly his code. > > Signed-off-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx> > --- > include/linux/lsm_hooks.h | 6 ++---- > security/security.c | 27 ++++----------------------- > security/selinux/hooks.c | 5 ++++- > security/selinux/include/objsec.h | 2 ++ > security/smack/smack_lsm.c | 8 +++++++- > 5 files changed, 19 insertions(+), 29 deletions(-) I've split this across the various commits they touch: Infrastructure management of the cred security blob LSM: Infrastructure management of the file security LSM: Infrastructure management of the inode security LSM: Infrastructure management of the task security LSM: Blob sharing support for S.A.R.A and LandLock Based on these changes, I've uploaded the "v4.1", or "Casey is on vacation", tree here: https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/log/?h=lsm/blob-sharing-v4.1 I'm going to work on a merged series for the "arbitrary ordering" and "blob-sharing" trees next... -Kees -- Kees Cook Pixel Security
