lsm: infrastructure management of the sock security

Move management of the sock->sk_security blob out of the individual security modules and into the security infrastructure. Instead of allocating the blobs from within the modules the modules tell the infrastructure how much space is required, and the space is allocated there. Acked-by: Paul Moore <paul@paul-moore.com> Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: John Johansen <john.johansen@canonical.com> Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> [PM: subject tweak] Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Casey Schaufler <casey@schaufler-ca.com> 2024-07-10 14:32:25 -0700
committer: Paul Moore <paul@paul-moore.com> 2024-07-29 16:54:50 -0400
commit: 2aff9d20d50ac45dd13a013ef5231f4fb8912356 (patch)
tree: c9fd24e54e311830f16c354d86a1c574ac196bb2 /security/smack/smack.h
parent: 8400291e289ee6b2bf9779ff1c83a291501f017b (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/security/smack/smack.h b/security/smack/smack.h
index 041688e5a77a..297f21446f45 100644
--- a/security/smack/smack.h
+++ b/security/smack/smack.h
@@ -355,6 +355,11 @@ static inline struct superblock_smack *smack_superblock(
 	return superblock->s_security + smack_blob_sizes.lbs_superblock;
 }
 
+static inline struct socket_smack *smack_sock(const struct sock *sock)
+{
+	return sock->sk_security + smack_blob_sizes.lbs_sock;
+}
+
 /*
  * Is the directory transmuting?
  */
author	Casey Schaufler <casey@schaufler-ca.com>	2024-07-10 14:32:25 -0700
committer	Paul Moore <paul@paul-moore.com>	2024-07-29 16:54:50 -0400
commit	2aff9d20d50ac45dd13a013ef5231f4fb8912356 (patch)
tree	c9fd24e54e311830f16c354d86a1c574ac196bb2 /security/smack/smack.h
parent	8400291e289ee6b2bf9779ff1c83a291501f017b (diff)