[PATCH V3 1/2] security: Add a cred_getsecid hook

[PATCH V3 1/2] security: Add a cred_getsecid hook · Matthew Garrett <hidden> · 2017-10-26
[PATCH V3 2/2] IMA: Support using new creds in appraisal policy · Matthew Garrett <hidden> · 2017-10-26
Re: [PATCH V3 2/2] IMA: Support using new creds in appraisal policy · James Morris <hidden> · 2017-10-26
Re: [PATCH V3 2/2] IMA: Support using new creds in appraisal policy · Mimi Zohar <hidden> · 2017-11-28
Re: [PATCH V3 2/2] IMA: Support using new creds in appraisal policy · Matthew Garrett <hidden> · 2017-11-28
Re: [PATCH V3 2/2] IMA: Support using new creds in appraisal policy · Mimi Zohar <hidden> · 2017-11-28
Re: [PATCH V3 2/2] IMA: Support using new creds in appraisal policy · Matthew Garrett <hidden> · 2017-11-28
Re: [PATCH V3 2/2] IMA: Support using new creds in appraisal policy · Mimi Zohar <hidden> · 2017-11-28
Re: [PATCH V3 2/2] IMA: Support using new creds in appraisal policy · Matthew Garrett <hidden> · 2017-12-15
Re: [PATCH V3 2/2] IMA: Support using new creds in appraisal policy · Matthew Garrett <hidden> · 2017-12-15
Re: [PATCH V3 2/2] IMA: Support using new creds in appraisal policy · Mimi Zohar <hidden> · 2017-12-18
Re: [PATCH V3 1/2] security: Add a cred_getsecid hook · James Morris <hidden> · 2017-10-26
Re: [PATCH V3 1/2] security: Add a cred_getsecid hook · Casey Schaufler <casey@schaufler-ca.com> · 2017-10-26
Re: [PATCH V3 1/2] security: Add a cred_getsecid hook · Matthew Garrett <hidden> · 2017-10-30
Re: [PATCH V3 1/2] security: Add a cred_getsecid hook · Stephen Smalley <hidden> · 2017-10-26
Re: [PATCH V3 1/2] security: Add a cred_getsecid hook · Matthew Garrett <hidden> · 2017-10-30
Re: [PATCH V3 1/2] security: Add a cred_getsecid hook · Stephen Smalley <hidden> · 2017-10-30
Re: [PATCH V3 1/2] security: Add a cred_getsecid hook · Matthew Garrett <hidden> · 2017-11-14

From: Matthew Garrett <hidden>
Date: 2017-10-30 10:57:12
Also in: linux-integrity, selinux

On Thu, Oct 26, 2017 at 3:20 PM, Stephen Smalley [off-list ref] wrote:

On Thu, 2017-10-26 at 01:40 -0700, Matthew Garrett via Selinux wrote:

quoted

+static void selinux_cred_getsecid(const struct cred *c, u32 *secid)
+{
+     rcu_read_lock();
+     *secid = cred_sid(c);
+     rcu_read_unlock();

Is rcu_read_lock() necessary here? Seems like we use cred_sid() in many
places without it.

Ah, I thought it was based on task_sid(), but I guess that's actually
protecting the __task_cred()?
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help