From 8c6cb983cd52d78ab4e4c0191c73a11dcb60b866 Mon Sep 17 00:00:00 2001 From: Tetsuo Handa Date: Sat, 19 Jan 2019 23:11:40 +0900 Subject: tomoyo: Swicth from cred->security to task_struct->security. TOMOYO security module is designed to use "struct task_struct"->security in order to allow per "struct task_struct" tracking without being disturbed by unable to update "struct cred"->security due to override mechanism. Now that infrastructure-managed security blob is ready, this patch updates TOMOYO to use "struct task_struct"->security. Signed-off-by: Tetsuo Handa Signed-off-by: James Morris --- security/tomoyo/securityfs_if.c | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) (limited to 'security/tomoyo/securityfs_if.c') diff --git a/security/tomoyo/securityfs_if.c b/security/tomoyo/securityfs_if.c index 768dff9608b1..338872fa3d06 100644 --- a/security/tomoyo/securityfs_if.c +++ b/security/tomoyo/securityfs_if.c @@ -67,21 +67,14 @@ static ssize_t tomoyo_write_self(struct file *file, const char __user *buf, if (!new_domain) { error = -ENOENT; } else { - struct cred *cred = prepare_creds(); - if (!cred) { - error = -ENOMEM; - } else { - struct tomoyo_domain_info **blob; - struct tomoyo_domain_info *old_domain; + struct tomoyo_task *s = tomoyo_task(current); + struct tomoyo_domain_info *old_domain = + s->domain_info; - blob = tomoyo_cred(cred); - old_domain = *blob; - *blob = new_domain; - atomic_inc(&new_domain->users); - atomic_dec(&old_domain->users); - commit_creds(cred); - error = 0; - } + s->domain_info = new_domain; + atomic_inc(&new_domain->users); + atomic_dec(&old_domain->users); + error = 0; } } tomoyo_read_unlock(idx); -- cgit v1.2.3