[PATCH 3/9] Audit: use new LSM hooks instead of SELinux exports
James Morris
jmorris at namei.org
Mon Mar 3 21:19:37 UTC 2008
On Sat, 1 Mar 2008, Ahmed S. Darwish wrote:
> Stop using the following exported SELinux interfaces:
> selinux_get_inode_sid(inode, sid)
> selinux_get_ipc_sid(ipcp, sid)
> selinux_get_task_sid(tsk, sid)
> selinux_sid_to_string(sid, ctx, len)
> kfree(ctx)
>
> and use following generic LSM equivalents respectively:
> security_inode_getsecid(inode, secid)
> security_ipc_getsecid*(ipcp, secid)
> security_task_getsecid(tsk, secid)
> security_sid_to_secctx(sid, ctx, len)
> security_release_secctx(ctx, len)
>
> Call security_release_secctx only if security_secid_to_secctx
> succeeded.
>
> Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>
> Signed-off-by: Ahmed S. Darwish <darwish.07 at gmail.com>
Acked-by: James Morris <jmorris at namei.org>
--
James Morris
<jmorris at namei.org>
More information about the Linux-audit
mailing list