audit: maintain an lsm_prop in audit_context

Replace the secid value stored in struct audit_context with a struct lsm_prop. Change the code that uses this value to accommodate the change. security_audit_rule_match() expects a lsm_prop, so existing scaffolding can be removed. A call to security_secid_to_secctx() is changed to security_lsmprop_to_secctx(). The call to security_ipc_getsecid() is scaffolded. A new function lsmprop_is_set() is introduced to identify whether an lsm_prop contains a non-zero value. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> [PM: subject line tweak, fix lsmprop_is_set() typo] Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Casey Schaufler <casey@schaufler-ca.com> 2024-10-09 10:32:12 -0700
committer: Paul Moore <paul@paul-moore.com> 2024-10-11 14:34:13 -0400
commit: 7183abccd8ac2c486363e267b5d84032818eb725 (patch)
tree: 1b68bbb04a93a257085dda538edfcbfaf435ac6f /kernel/audit.h
parent: 6f2f724f0e116d9ea960ff3dd645add12e60e176 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/kernel/audit.h b/kernel/audit.h
index a60d2840559e..d14924a887c9 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -11,6 +11,7 @@
 
 #include <linux/fs.h>
 #include <linux/audit.h>
+#include <linux/security.h>
 #include <linux/skbuff.h>
 #include <uapi/linux/mqueue.h>
 #include <linux/tty.h>
@@ -160,7 +161,7 @@ struct audit_context {
 			kuid_t			uid;
 			kgid_t			gid;
 			umode_t			mode;
-			u32			osid;
+			struct lsm_prop		oprop;
 			int			has_perm;
 			uid_t			perm_uid;
 			gid_t			perm_gid;
author	Casey Schaufler <casey@schaufler-ca.com>	2024-10-09 10:32:12 -0700
committer	Paul Moore <paul@paul-moore.com>	2024-10-11 14:34:13 -0400
commit	7183abccd8ac2c486363e267b5d84032818eb725 (patch)
tree	1b68bbb04a93a257085dda538edfcbfaf435ac6f /kernel/audit.h
parent	6f2f724f0e116d9ea960ff3dd645add12e60e176 (diff)