From 03870e6b9a808da16163c265c01de2b9ad9aeb2a Mon Sep 17 00:00:00 2001
From: Casey Schaufler <casey@schaufler-ca.com>
Date: Wed, 15 Nov 2023 16:41:08 -0800
Subject: [PATCH] UBUNTU: SAUCE: apparmor4.0.0 [32/90]: LSM stacking v39: LSM:
 Identify which LSM handles the context string

BugLink: http://bugs.launchpad.net/bugs/2028253

The security_secctx_to_secid() call can only interpret the
context string for a single LSM. Use the first LSM that supplies a hook.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
(cherry picked from commit 511160cd033a7b1d4caa080a465147b1e98913f4
https://git.launchpad.net/~apparmor-dev/ubuntu-kernel-next)
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
---
 security/security.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/security/security.c b/security/security.c
index 1d50b59ee656..e2804c6e2f72 100644
--- a/security/security.c
+++ b/security/security.c
@@ -4267,8 +4267,13 @@ EXPORT_SYMBOL(security_lsmblob_to_secctx);
  */
 int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid)
 {
+	struct security_hook_list *hp;
+
 	*secid = 0;
-	return call_int_hook(secctx_to_secid, 0, secdata, seclen, secid);
+	hlist_for_each_entry(hp, &security_hook_heads.secctx_to_secid, list)
+		return hp->hook.secctx_to_secid(secdata, seclen, secid);
+
+	return LSM_RET_DEFAULT(secctx_to_secid);
 }
 EXPORT_SYMBOL(security_secctx_to_secid);