lsm: add lsmprop_to_secctx hook

Add a new hook security_lsmprop_to_secctx() and its LSM specific implementations. The LSM specific code will use the lsm_prop element allocated for that module. This allows for the possibility that more than one module may be called upon to translate a secid to a string, as can occur in the audit code. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> [PM: subject line tweak] Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Casey Schaufler <casey@schaufler-ca.com> 2024-10-09 10:32:11 -0700
committer: Paul Moore <paul@paul-moore.com> 2024-10-11 14:34:12 -0400
commit: 6f2f724f0e116d9ea960ff3dd645add12e60e176 (patch)
tree: 8f9ed2193bbc3eabb023168cc07cc4ba74db7a78 /security/apparmor/lsm.c
parent: 870b7fdc660b38c4e1bd8bf48e62aa352ddf8f42 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index f5d05297d59e..a58b72ed246c 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -1517,6 +1517,7 @@ static struct security_hook_list apparmor_hooks[] __ro_after_init = {
 #endif
 
 	LSM_HOOK_INIT(secid_to_secctx, apparmor_secid_to_secctx),
+	LSM_HOOK_INIT(lsmprop_to_secctx, apparmor_lsmprop_to_secctx),
 	LSM_HOOK_INIT(secctx_to_secid, apparmor_secctx_to_secid),
 	LSM_HOOK_INIT(release_secctx, apparmor_release_secctx),
author	Casey Schaufler <casey@schaufler-ca.com>	2024-10-09 10:32:11 -0700
committer	Paul Moore <paul@paul-moore.com>	2024-10-11 14:34:12 -0400
commit	6f2f724f0e116d9ea960ff3dd645add12e60e176 (patch)
tree	8f9ed2193bbc3eabb023168cc07cc4ba74db7a78 /security/apparmor/lsm.c
parent	870b7fdc660b38c4e1bd8bf48e62aa352ddf8f42 (diff)