[PATCH 1/1] selinux: export current_sid API for use in other kernel modules
xion.wang at mediatek.com
xion.wang at mediatek.com
Wed Oct 22 00:27:18 PDT 2025
From: Xion Wang <xion.wang at mediatek.com>
Convert current_sid from static inline to a global
function and export it with EXPORT_SYMBOL.
This allows other kernel modules to retrieve
the SELinux security ID of the current task.
Signed-off-by: Xion Wang <xion.wang at mediatek.com>
---
security/selinux/hooks.c | 11 +++++++++++
security/selinux/include/objsec.h | 12 ++----------
2 files changed, 13 insertions(+), 10 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index dfc22da42f30..0c128f323332 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -229,6 +229,17 @@ static inline u32 cred_sid(const struct cred *cred)
return tsec->sid;
}
+/*
+ * get the subjective security ID of the current task
+ */
+u32 current_sid(void)
+{
+ const struct task_security_struct *tsec = selinux_cred(current_cred());
+
+ return tsec->sid;
+}
+EXPORT_SYMBOL(current_sid);
+
static void __ad_net_init(struct common_audit_data *ad,
struct lsm_network_audit *net,
int ifindex, struct sock *sk, u16 family)
diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h
index 2d5139c6d45b..787a0cd74ff0 100644
--- a/security/selinux/include/objsec.h
+++ b/security/selinux/include/objsec.h
@@ -202,16 +202,6 @@ selinux_ipc(const struct kern_ipc_perm *ipc)
return ipc->security + selinux_blob_sizes.lbs_ipc;
}
-/*
- * get the subjective security ID of the current task
- */
-static inline u32 current_sid(void)
-{
- const struct task_security_struct *tsec = selinux_cred(current_cred());
-
- return tsec->sid;
-}
-
static inline struct superblock_security_struct *
selinux_superblock(const struct super_block *superblock)
{
@@ -265,4 +255,6 @@ selinux_bpf_token_security(struct bpf_token *token)
return token->security + selinux_blob_sizes.lbs_bpf_token;
}
#endif /* CONFIG_BPF_SYSCALL */
+
+u32 current_sid(void);
#endif /* _SELINUX_OBJSEC_H_ */
--
2.45.2
More information about the Linux-mediatek
mailing list