lsm: use lsm_prop in security_current_getsecid

LSM_HOOK(int, 0, task_setpgid, struct task_struct *p, pid_t pgid)

LSM_HOOK(int, 0, task_getpgid, struct task_struct *p)

LSM_HOOK(int, 0, task_getsid, struct task_struct *p)

LSM_HOOK(void, LSM_RET_VOID, current_getsecid_subj, u32 *secid)

LSM_HOOK(void, LSM_RET_VOID, task_getsecid_obj,

	 struct task_struct *p, u32 *secid)

LSM_HOOK(void, LSM_RET_VOID, current_getlsmprop_subj, struct lsm_prop *prop)

LSM_HOOK(void, LSM_RET_VOID, task_getlsmprop_obj,

	 struct task_struct *p, struct lsm_prop *prop)

LSM_HOOK(int, 0, task_setnice, struct task_struct *p, int nice)

LSM_HOOK(int, 0, task_setioprio, struct task_struct *p, int ioprio)

LSM_HOOK(int, 0, task_getioprio, struct task_struct *p)

int security_task_setpgid(struct task_struct *p, pid_t pgid);

int security_task_getpgid(struct task_struct *p);

int security_task_getsid(struct task_struct *p);

void security_current_getsecid_subj(u32 *secid);

void security_task_getsecid_obj(struct task_struct *p, u32 *secid);

void security_current_getlsmprop_subj(struct lsm_prop *prop);

void security_task_getlsmprop_obj(struct task_struct *p, struct lsm_prop *prop);

int security_task_setnice(struct task_struct *p, int nice);

int security_task_setioprio(struct task_struct *p, int ioprio);

int security_task_getioprio(struct task_struct *p);

	return 0;

}

static inline void security_current_getsecid_subj(u32 *secid)

static inline void security_current_getlsmprop_subj(struct lsm_prop *prop)

{

	*secid = 0;

	lsmprop_init(prop);

}

static inline void security_task_getsecid_obj(struct task_struct *p, u32 *secid)

static inline void security_task_getlsmprop_obj(struct task_struct *p,

						struct lsm_prop *prop)

{

	*secid = 0;

	lsmprop_init(prop);

}

static inline int security_task_setnice(struct task_struct *p, int nice)

int audit_log_task_context(struct audit_buffer *ab)

{

	struct lsm_prop prop;

	char *ctx = NULL;

	unsigned len;

	int error;

	u32 sid;

	security_current_getsecid_subj(&sid);

	if (!sid)

	security_current_getlsmprop_subj(&prop);

	if (!lsmprop_is_set(&prop))

		return 0;

	error = security_secid_to_secctx(sid, &ctx, &len);

	error = security_lsmprop_to_secctx(&prop, &ctx, &len);

	if (error) {

		if (error != -EINVAL)

			goto error_path;

			audit_sig_uid = auid;

		else

			audit_sig_uid = uid;

		/* scaffolding */

		security_current_getsecid_subj(&audit_sig_lsm.scaffold.secid);

		security_current_getlsmprop_subj(&audit_sig_lsm);

	}

	return audit_signal_info_syscall(t);

			case AUDIT_SUBJ_CLR:

				if (f->lsm_rule) {

					/* scaffolding */

					security_current_getsecid_subj(

							&prop.scaffold.secid);

					security_current_getlsmprop_subj(&prop);

					result = security_audit_rule_match(

						   &prop, f->type, f->op,

						   f->lsm_rule);

{

	const struct cred *cred;

	int i, need_sid = 1;

	u32 sid;

	struct lsm_prop prop = { };

	unsigned int sessionid;

					 * fork()/copy_process() in which case

					 * the new @tsk creds are still a dup

					 * of @current's creds so we can still

					 * use security_current_getsecid_subj()

					 * use

					 * security_current_getlsmprop_subj()

					 * here even though it always refs

					 * @current's creds

					 */

					security_current_getsecid_subj(&sid);

					security_current_getlsmprop_subj(&prop);

					need_sid = 0;

				}

				/* scaffolding */

				prop.scaffold.secid = sid;

				result = security_audit_rule_match(&prop,

								   f->type,

								   f->op,

void __audit_ptrace(struct task_struct *t)

{

	struct audit_context *context = audit_context();

	struct lsm_prop prop;

	context->target_pid = task_tgid_nr(t);

	context->target_auid = audit_get_loginuid(t);

	context->target_uid = task_uid(t);

	context->target_sessionid = audit_get_sessionid(t);

	security_task_getsecid_obj(t, &context->target_sid);

	security_task_getlsmprop_obj(t, &prop);

	/* scaffolding */

	context->target_sid = prop.scaffold.secid;

	memcpy(context->target_comm, t->comm, TASK_COMM_LEN);

}

	struct audit_aux_data_pids *axp;

	struct audit_context *ctx = audit_context();

	kuid_t t_uid = task_uid(t);

	struct lsm_prop prop;

	if (!audit_signals || audit_dummy_context())

		return 0;

		ctx->target_auid = audit_get_loginuid(t);

		ctx->target_uid = t_uid;

		ctx->target_sessionid = audit_get_sessionid(t);

		security_task_getsecid_obj(t, &ctx->target_sid);

		security_task_getlsmprop_obj(t, &prop);

		/* scaffolding */

		ctx->target_sid = prop.scaffold.secid;

		memcpy(ctx->target_comm, t->comm, TASK_COMM_LEN);

		return 0;

	}

	axp->target_auid[axp->pid_count] = audit_get_loginuid(t);

	axp->target_uid[axp->pid_count] = t_uid;

	axp->target_sessionid[axp->pid_count] = audit_get_sessionid(t);

	security_task_getsecid_obj(t, &axp->target_sid[axp->pid_count]);

	security_task_getlsmprop_obj(t, &prop);

	/* scaffolding */

	axp->target_sid[axp->pid_count] = prop.scaffold.secid;

	memcpy(axp->target_comm[axp->pid_count], t->comm, TASK_COMM_LEN);

	axp->pid_count++;