Re: [PATCH v5 03/12] S.A.R.A.: cred blob management

[PATCH v5 00/12] S.A.R.A. a new stacked LSM · Salvatore Mesoraca <hidden> · 2019-07-06
[PATCH v5 01/12] S.A.R.A.: add documentation · Salvatore Mesoraca <hidden> · 2019-07-06
Re: [PATCH v5 01/12] S.A.R.A.: add documentation · Randy Dunlap <hidden> · 2019-07-06
Re: [PATCH v5 01/12] S.A.R.A.: add documentation · Salvatore Mesoraca <hidden> · 2019-07-06
Re: [PATCH v5 01/12] S.A.R.A.: add documentation · James Morris <jmorris@namei.org> · 2019-07-13
[PATCH v5 02/12] S.A.R.A.: create framework · Salvatore Mesoraca <hidden> · 2019-07-06
Re: [PATCH v5 02/12] S.A.R.A.: create framework · Randy Dunlap <hidden> · 2019-07-06
[PATCH v5 06/12] S.A.R.A.: WX protection · Salvatore Mesoraca <hidden> · 2019-07-06
Re: [PATCH v5 06/12] S.A.R.A.: WX protection · Randy Dunlap <hidden> · 2019-07-06
Re: [PATCH v5 06/12] S.A.R.A.: WX protection · Al Viro <viro@zeniv.linux.org.uk> · 2019-07-06
Re: [PATCH v5 06/12] S.A.R.A.: WX protection · Salvatore Mesoraca <hidden> · 2019-07-07
Re: [PATCH v5 06/12] S.A.R.A.: WX protection · Kees Cook <hidden> · 2019-07-09
RE: [PATCH v5 06/12] S.A.R.A.: WX protection · David Laight <hidden> · 2019-07-08
[PATCH v5 08/12] S.A.R.A.: trampoline emulation · Salvatore Mesoraca <hidden> · 2019-07-06
Re: [PATCH v5 08/12] S.A.R.A.: trampoline emulation · Randy Dunlap <hidden> · 2019-07-06
[PATCH v5 09/12] S.A.R.A.: WX protection procattr interface · Salvatore Mesoraca <hidden> · 2019-07-06
[PATCH v5 10/12] S.A.R.A.: XATTRs support · Salvatore Mesoraca <hidden> · 2019-07-06
[PATCH v5 12/12] MAINTAINERS: take maintainership for S.A.R.A. · Salvatore Mesoraca <hidden> · 2019-07-06
[PATCH v5 11/12] S.A.R.A.: /proc/*/mem write limitation · Salvatore Mesoraca <hidden> · 2019-07-06
Re: [PATCH v5 11/12] S.A.R.A.: /proc/*/mem write limitation · Jann Horn <jannh@google.com> · 2019-07-06
Re: [PATCH v5 11/12] S.A.R.A.: /proc/*/mem write limitation · Salvatore Mesoraca <hidden> · 2019-07-07
[PATCH v5 05/12] LSM: creation of "check_vmflags" LSM hook · Salvatore Mesoraca <hidden> · 2019-07-06
[PATCH v5 07/12] LSM: creation of "pagefault_handler" LSM hook · Salvatore Mesoraca <hidden> · 2019-07-06
[PATCH v5 03/12] S.A.R.A.: cred blob management · Salvatore Mesoraca <hidden> · 2019-07-06
Re: [PATCH v5 03/12] S.A.R.A.: cred blob management · James Morris <jmorris@namei.org> · 2019-07-12
[PATCH v5 04/12] S.A.R.A.: generic DFA for string matching · Salvatore Mesoraca <hidden> · 2019-07-06
Re: [PATCH v5 04/12] S.A.R.A.: generic DFA for string matching · Jann Horn <jannh@google.com> · 2019-07-06
Re: [PATCH v5 04/12] S.A.R.A.: generic DFA for string matching · Salvatore Mesoraca <hidden> · 2019-07-07
Re: [PATCH v5 04/12] S.A.R.A.: generic DFA for string matching · Jann Horn <jannh@google.com> · 2019-07-08
Re: [PATCH v5 04/12] S.A.R.A.: generic DFA for string matching · Salvatore Mesoraca <hidden> · 2019-10-06
Re: [PATCH v5 04/12] S.A.R.A.: generic DFA for string matching · Jann Horn <jannh@google.com> · 2019-10-07
Re: [PATCH v5 00/12] S.A.R.A. a new stacked LSM · Jordan Glover <hidden> · 2019-07-06
Re: [PATCH v5 00/12] S.A.R.A. a new stacked LSM · Salvatore Mesoraca <hidden> · 2019-07-06
Re: [PATCH v5 00/12] S.A.R.A. a new stacked LSM · James Morris <jmorris@namei.org> · 2019-07-07
Re: [PATCH v5 00/12] S.A.R.A. a new stacked LSM · Salvatore Mesoraca <hidden> · 2019-07-07

From: James Morris <jmorris@namei.org>
Date: 2019-07-12 23:37:25
Also in: linux-mm, lkml

On Sat, 6 Jul 2019, Salvatore Mesoraca wrote:

Creation of the S.A.R.A. cred blob management "API".
In order to allow S.A.R.A. to be stackable with other LSMs, it doesn't use
the "security" field of struct cred, instead it uses an ad hoc field named
security_sara.
This solution is probably not acceptable for upstream, so this part will
be modified as soon as the LSM stackable cred blob management will be
available.

This description is out of date wrt cred blob sharing.

+	if (sara_data_init()) {
+		pr_crit("impossible to initialize creds.\n");
+		goto error;
+	}
+

+int __init sara_data_init(void)
+{
+	security_add_hooks(data_hooks, ARRAY_SIZE(data_hooks), "sara");
+	return 0;
+}

This can't fail so make it return void and simplify the caller.



-- 
James Morris
[off-list ref]

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help