Re: [PATCH v20 03/23] LSM: Use lsmblob in security_audit_rule_match

Change the secid parameter of security_audit_rule_match to a lsmblob structure pointer. Pass the entry from the lsmblob structure for the approprite slot to the LSM hook. Change the users of security_audit_rule_match to use the lsmblob instead of a u32. The scaffolding function lsmblob_init() fills the blob with the value of the old secid, ensuring that it is available to the appropriate module hook. The sources of the secid, security_task_getsecid() and security_inode_getsecid(), will be converted to use the blob structure later in the series. At the point the use of lsmblob_init() is dropped. Reviewed-by: Kees Cook <keescook(a)chromium.org&gt; Reviewed-by: John Johansen <john.johansen(a)canonical.com&gt; Acked-by: Stephen Smalley <sds(a)tycho.nsa.gov&gt; Signed-off-by: Casey Schaufler <casey(a)schaufler-ca.com&gt; --- include/linux/security.h | 7 ++++--- kernel/auditfilter.c | 6 ++++-- kernel/auditsc.c | 14 ++++++++++---- security/integrity/ima/ima.h | 4 ++-- security/integrity/ima/ima_policy.c | 7 +++++-- security/security.c | 10 ++++++++-- 6 files changed, 33 insertions(+), 15 deletions(-)