summaryrefslogtreecommitdiff
path: root/security/tomoyo/securityfs_if.c
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2019-01-19 23:11:40 +0900
committerJames Morris <james.morris@microsoft.com>2019-01-23 11:36:15 -0800
commit8c6cb983cd52d78ab4e4c0191c73a11dcb60b866 (patch)
treec79c9274855fa8dcb1a7fa0da75c710036351c25 /security/tomoyo/securityfs_if.c
parent23711df7f4a268dce2adba379ad77ded8220d097 (diff)
tomoyo: Swicth from cred->security to task_struct->security.
TOMOYO security module is designed to use "struct task_struct"->security in order to allow per "struct task_struct" tracking without being disturbed by unable to update "struct cred"->security due to override mechanism. Now that infrastructure-managed security blob is ready, this patch updates TOMOYO to use "struct task_struct"->security. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <james.morris@microsoft.com>
Diffstat (limited to 'security/tomoyo/securityfs_if.c')
-rw-r--r--security/tomoyo/securityfs_if.c21
1 files changed, 7 insertions, 14 deletions
diff --git a/security/tomoyo/securityfs_if.c b/security/tomoyo/securityfs_if.c
index 768dff9608b1..338872fa3d06 100644
--- a/security/tomoyo/securityfs_if.c
+++ b/security/tomoyo/securityfs_if.c
@@ -67,21 +67,14 @@ static ssize_t tomoyo_write_self(struct file *file, const char __user *buf,
if (!new_domain) {
error = -ENOENT;
} else {
- struct cred *cred = prepare_creds();
- if (!cred) {
- error = -ENOMEM;
- } else {
- struct tomoyo_domain_info **blob;
- struct tomoyo_domain_info *old_domain;
+ struct tomoyo_task *s = tomoyo_task(current);
+ struct tomoyo_domain_info *old_domain =
+ s->domain_info;
- blob = tomoyo_cred(cred);
- old_domain = *blob;
- *blob = new_domain;
- atomic_inc(&new_domain->users);
- atomic_dec(&old_domain->users);
- commit_creds(cred);
- error = 0;
- }
+ s->domain_info = new_domain;
+ atomic_inc(&new_domain->users);
+ atomic_dec(&old_domain->users);
+ error = 0;
}
}
tomoyo_read_unlock(idx);