LSM: Infrastructure management of the file security

Move management of the file->f_security blob out of the individual security modules and into the infrastructure. The modules no longer allocate or free the data, instead they tell the infrastructure how much space they require. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: Kees Cook <keescook@chromium.org> [kees: adjusted for ordered init series] Signed-off-by: Kees Cook <keescook@chromium.org>
author: Casey Schaufler <casey@schaufler-ca.com> 2018-11-12 12:02:49 -0800
committer: Kees Cook <keescook@chromium.org> 2019-01-08 13:18:44 -0800
commit: 33bf60cabcc7687b194a689b068b65e9ecd556be (patch)
tree: f8bbf4c27ce73e33ab5f1efa7e99448ab9755373 /security/apparmor/include
parent: f28952ac900822a189fc383a5b73631e72c69356 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/security/apparmor/include/file.h b/security/apparmor/include/file.h
index 4c2c8ac8842f..8be09208cf7c 100644
--- a/security/apparmor/include/file.h
+++ b/security/apparmor/include/file.h
@@ -32,7 +32,10 @@ struct path;
 				 AA_MAY_CHMOD | AA_MAY_CHOWN | AA_MAY_LOCK | \
 				 AA_EXEC_MMAP | AA_MAY_LINK)
 
-#define file_ctx(X) ((struct aa_file_ctx *)(X)->f_security)
+static inline struct aa_file_ctx *file_ctx(struct file *file)
+{
+	return file->f_security + apparmor_blob_sizes.lbs_file;
+}
 
 /* struct aa_file_ctx - the AppArmor context the file was opened in
  * @lock: lock to update the ctx
author	Casey Schaufler <casey@schaufler-ca.com>	2018-11-12 12:02:49 -0800
committer	Kees Cook <keescook@chromium.org>	2019-01-08 13:18:44 -0800
commit	33bf60cabcc7687b194a689b068b65e9ecd556be (patch)
tree	f8bbf4c27ce73e33ab5f1efa7e99448ab9755373 /security/apparmor/include
parent	f28952ac900822a189fc383a5b73631e72c69356 (diff)