On Fri, 8 Feb 2008, David Howells wrote:
> Remove the temporarily embedded task security record from task_struct. Instead
> it is made to dangle from the task_struct::sec and task_struct::act_as pointers
> with references counted for each.
...
These patches are kind of huge.
> +static int selinux_task_dup_security(struct task_security *sec)
> +{
> + struct task_security_struct *tsec1, *tsec2;
> +
> + tsec1 = sec->security;
> +
> + tsec2 = kmemdup(tsec1, sizeof(*tsec1), GFP_KERNEL);
> + if (!tsec2)
> + return -ENOMEM;
> +
> + tsec2->osid = tsec1->osid;
> + tsec2->sid = tsec1->sid;
> +
> + tsec2->exec_sid = tsec1->exec_sid;
> + tsec2->create_sid = tsec1->create_sid;
> + tsec2->keycreate_sid = tsec1->keycreate_sid;
> + tsec2->sockcreate_sid = tsec1->sockcreate_sid;
> + tsec2->ptrace_sid = SECINITSID_UNLABELED;
> + sec->security = tsec2;
> +
> + return 0;
> }
Why manually copy these fields after a kmemdup?
What about the task backpointer? (i.e. tsec2->task)
--
James Morris
<jmorris@xxxxxxxxx>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
