提交 5fb49870 编写于 作者: P Paul Moore 提交者: James Morris

selinux: Use current_security() when possible

There were a number of places using the following code pattern:

  struct cred *cred = current_cred();
  struct task_security_struct *tsec = cred->security;

... which were simplified to the following:

  struct task_security_struct *tsec = current_security();
Signed-off-by: NPaul Moore <paul.moore@hp.com>
Acked-by: NEric Paris <eparis@redhat.com>
Signed-off-by: NJames Morris <jmorris@namei.org>
上级 253bfae6
...@@ -188,7 +188,7 @@ static inline u32 task_sid(const struct task_struct *task) ...@@ -188,7 +188,7 @@ static inline u32 task_sid(const struct task_struct *task)
*/ */
static inline u32 current_sid(void) static inline u32 current_sid(void)
{ {
const struct task_security_struct *tsec = current_cred()->security; const struct task_security_struct *tsec = current_security();
return tsec->sid; return tsec->sid;
} }
...@@ -1558,8 +1558,7 @@ static int may_create(struct inode *dir, ...@@ -1558,8 +1558,7 @@ static int may_create(struct inode *dir,
struct dentry *dentry, struct dentry *dentry,
u16 tclass) u16 tclass)
{ {
const struct cred *cred = current_cred(); const struct task_security_struct *tsec = current_security();
const struct task_security_struct *tsec = cred->security;
struct inode_security_struct *dsec; struct inode_security_struct *dsec;
struct superblock_security_struct *sbsec; struct superblock_security_struct *sbsec;
u32 sid, newsid; u32 sid, newsid;
...@@ -2157,8 +2156,7 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm) ...@@ -2157,8 +2156,7 @@ static int selinux_bprm_set_creds(struct linux_binprm *bprm)
static int selinux_bprm_secureexec(struct linux_binprm *bprm) static int selinux_bprm_secureexec(struct linux_binprm *bprm)
{ {
const struct cred *cred = current_cred(); const struct task_security_struct *tsec = current_security();
const struct task_security_struct *tsec = cred->security;
u32 sid, osid; u32 sid, osid;
int atsecure = 0; int atsecure = 0;
...@@ -2533,8 +2531,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir, ...@@ -2533,8 +2531,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
char **name, void **value, char **name, void **value,
size_t *len) size_t *len)
{ {
const struct cred *cred = current_cred(); const struct task_security_struct *tsec = current_security();
const struct task_security_struct *tsec = cred->security;
struct inode_security_struct *dsec; struct inode_security_struct *dsec;
struct superblock_security_struct *sbsec; struct superblock_security_struct *sbsec;
u32 sid, newsid, clen; u32 sid, newsid, clen;
...@@ -3669,8 +3666,7 @@ static int sock_has_perm(struct task_struct *task, struct sock *sk, u32 perms) ...@@ -3669,8 +3666,7 @@ static int sock_has_perm(struct task_struct *task, struct sock *sk, u32 perms)
static int selinux_socket_create(int family, int type, static int selinux_socket_create(int family, int type,
int protocol, int kern) int protocol, int kern)
{ {
const struct cred *cred = current_cred(); const struct task_security_struct *tsec = current_security();
const struct task_security_struct *tsec = cred->security;
u32 newsid; u32 newsid;
u16 secclass; u16 secclass;
...@@ -3685,8 +3681,7 @@ static int selinux_socket_create(int family, int type, ...@@ -3685,8 +3681,7 @@ static int selinux_socket_create(int family, int type,
static int selinux_socket_post_create(struct socket *sock, int family, static int selinux_socket_post_create(struct socket *sock, int family,
int type, int protocol, int kern) int type, int protocol, int kern)
{ {
const struct cred *cred = current_cred(); const struct task_security_struct *tsec = current_security();
const struct task_security_struct *tsec = cred->security;
struct inode_security_struct *isec = SOCK_INODE(sock)->i_security; struct inode_security_struct *isec = SOCK_INODE(sock)->i_security;
struct sk_security_struct *sksec; struct sk_security_struct *sksec;
int err = 0; int err = 0;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册