summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--security/selinux/hooks.c2
-rw-r--r--security/smack/smack_lsm.c13
2 files changed, 4 insertions, 11 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 81fbfa5b80d4..67baa487cf7a 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -6720,7 +6720,7 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer)
#ifdef CONFIG_KEY_NOTIFICATIONS
static int selinux_watch_key(struct key *key)
{
- struct key_security_struct *ksec = key->security;
+ struct key_security_struct *ksec = selinux_key(key);
u32 sid = current_sid();
return avc_has_perm(sid, ksec->sid, SECCLASS_KEY, KEY__VIEW, NULL);
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index da0c2bffbd08..563fb404f659 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -4629,16 +4629,9 @@ static int smack_watch_key(struct key *key)
{
struct smk_audit_info ad;
struct smack_known *tkp = smk_of_current();
+ struct smack_known **blob = smack_key(key);
int rc;
- if (key == NULL)
- return -EINVAL;
- /*
- * If the key hasn't been initialized give it access so that
- * it may do so.
- */
- if (key->security == NULL)
- return 0;
/*
* This should not occur
*/
@@ -4653,8 +4646,8 @@ static int smack_watch_key(struct key *key)
ad.a.u.key_struct.key = key->serial;
ad.a.u.key_struct.key_desc = key->description;
#endif
- rc = smk_access(tkp, key->security, MAY_READ, &ad);
- rc = smk_bu_note("key watch", tkp, key->security, MAY_READ, rc);
+ rc = smk_access(tkp, *blob, MAY_READ, &ad);
+ rc = smk_bu_note("key watch", tkp, *blob, MAY_READ, rc);
return rc;
}
#endif /* CONFIG_KEY_NOTIFICATIONS */