On Wed, 13 Nov 2019, Casey Schaufler wrote: > Change the secid parameter of security_audit_rule_match > to a lsmblob structure pointer. Pass the entry from the > lsmblob structure for the approprite slot to the LSM hook. > > Change the users of security_audit_rule_match to use the > lsmblob instead of a u32. In some cases this requires a > temporary conversion using lsmblob_init() that will go > away when other interfaces get converted. > > Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> > Reviewed-by: John Johansen <john.johansen@xxxxxxxxxxxxx> > Signed-off-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx> > --- > include/linux/security.h | 7 ++++--- > kernel/auditfilter.c | 7 +++++-- > kernel/auditsc.c | 14 ++++++++++---- > security/integrity/ima/ima.h | 4 ++-- > security/integrity/ima/ima_policy.c | 7 +++++-- > security/security.c | 18 +++++++++++++++--- > 6 files changed, 41 insertions(+), 16 deletions(-) IMA changes will also need review from Mimi. -- James Morris <jmorris@xxxxxxxxx>
