From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-fsdevel-owner@vger.kernel.org>
Received: from mail-yb1-f194.google.com ([209.85.219.194]:42359 "EHLO
        mail-yb1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725860AbeIVIi4 (ORCPT
        <rfc822;linux-fsdevel@vger.kernel.org>);
        Sat, 22 Sep 2018 04:38:56 -0400
Received: by mail-yb1-f194.google.com with SMTP id p74-v6so5669638ybc.9
        for <linux-fsdevel@vger.kernel.org>; Fri, 21 Sep 2018 19:47:07 -0700 (PDT)
Received: from mail-yb1-f175.google.com (mail-yb1-f175.google.com. [209.85.219.175])
        by smtp.gmail.com with ESMTPSA id p124-v6sm990641ywc.42.2018.09.21.19.47.04
        for <linux-fsdevel@vger.kernel.org>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Fri, 21 Sep 2018 19:47:04 -0700 (PDT)
Received: by mail-yb1-f175.google.com with SMTP id w80-v6so6250463ybe.10
        for <linux-fsdevel@vger.kernel.org>; Fri, 21 Sep 2018 19:47:04 -0700 (PDT)
MIME-Version: 1.0
In-Reply-To: <8ea966f7-924e-b805-56e8-9ad74e7f9d86@schaufler-ca.com>
References: <e9bfb2d5-d987-55ce-4011-9b32ff745d36@schaufler-ca.com> <8ea966f7-924e-b805-56e8-9ad74e7f9d86@schaufler-ca.com>
From: Kees Cook <keescook@chromium.org>
Date: Fri, 21 Sep 2018 19:47:03 -0700
Message-ID: <CAGXu5jKRmACSA0kdG1v==zaaNxh=K9ePi4TVFfD3Zq-vOChVfg@mail.gmail.com>
Subject: Re: [PATCH v4 07/19] TOMOYO: Abstract use of cred security blob
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: LSM <linux-security-module@vger.kernel.org>,
        James Morris <jmorris@namei.org>,
        SE Linux <selinux@tycho.nsa.gov>,
        LKLM <linux-kernel@vger.kernel.org>,
        John Johansen <john.johansen@canonical.com>,
        Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
        Paul Moore <paul@paul-moore.com>,
        Stephen Smalley <sds@tycho.nsa.gov>,
        "linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
        Alexey Dobriyan <adobriyan@gmail.com>,
        =?UTF-8?B?TWlja2HDq2wgU2FsYcO8bg==?= <mic@digikod.net>,
        Salvatore Mesoraca <s.mesoraca16@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>

On Fri, Sep 21, 2018 at 5:18 PM, Casey Schaufler <casey@schaufler-ca.com> wrote:
> Don't use the cred->security pointer directly.
> Provide helper functions that provide the security blob pointer.
>
> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>

Reviewed-by: Kees Cook <keescook@chromium.org>

-Kees

-- 
Kees Cook
Pixel Security