summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/smack/smack_lsm.c33
1 files changed, 15 insertions, 18 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index d8b59480a01c..336e855e7ab2 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -307,7 +307,7 @@ static struct smack_known *smk_fetch(const char *name, struct inode *ip,
307 307
308/** 308/**
309 * init_inode_smack - initialize an inode security blob 309 * init_inode_smack - initialize an inode security blob
310 * @isp: the blob to initialize 310 * @inode: inode to extract the info from
311 * @skp: a pointer to the Smack label entry to use in the blob 311 * @skp: a pointer to the Smack label entry to use in the blob
312 * 312 *
313 */ 313 */
@@ -509,7 +509,7 @@ static int smack_ptrace_traceme(struct task_struct *ptp)
509 509
510/** 510/**
511 * smack_syslog - Smack approval on syslog 511 * smack_syslog - Smack approval on syslog
512 * @type: message type 512 * @typefrom_file: unused
513 * 513 *
514 * Returns 0 on success, error code otherwise. 514 * Returns 0 on success, error code otherwise.
515 */ 515 */
@@ -765,7 +765,7 @@ static int smack_sb_eat_lsm_opts(char *options, void **mnt_opts)
765/** 765/**
766 * smack_set_mnt_opts - set Smack specific mount options 766 * smack_set_mnt_opts - set Smack specific mount options
767 * @sb: the file system superblock 767 * @sb: the file system superblock
768 * @opts: Smack mount options 768 * @mnt_opts: Smack mount options
769 * @kern_flags: mount option from kernel space or user space 769 * @kern_flags: mount option from kernel space or user space
770 * @set_kern_flags: where to store converted mount opts 770 * @set_kern_flags: where to store converted mount opts
771 * 771 *
@@ -959,7 +959,7 @@ static int smack_bprm_set_creds(struct linux_binprm *bprm)
959 * smack_inode_alloc_security - allocate an inode blob 959 * smack_inode_alloc_security - allocate an inode blob
960 * @inode: the inode in need of a blob 960 * @inode: the inode in need of a blob
961 * 961 *
962 * Returns 0 if it gets a blob, -ENOMEM otherwise 962 * Returns 0
963 */ 963 */
964static int smack_inode_alloc_security(struct inode *inode) 964static int smack_inode_alloc_security(struct inode *inode)
965{ 965{
@@ -1165,7 +1165,7 @@ static int smack_inode_rename(struct inode *old_inode,
1165 * 1165 *
1166 * This is the important Smack hook. 1166 * This is the important Smack hook.
1167 * 1167 *
1168 * Returns 0 if access is permitted, -EACCES otherwise 1168 * Returns 0 if access is permitted, an error code otherwise
1169 */ 1169 */
1170static int smack_inode_permission(struct inode *inode, int mask) 1170static int smack_inode_permission(struct inode *inode, int mask)
1171{ 1171{
@@ -1223,8 +1223,7 @@ static int smack_inode_setattr(struct dentry *dentry, struct iattr *iattr)
1223 1223
1224/** 1224/**
1225 * smack_inode_getattr - Smack check for getting attributes 1225 * smack_inode_getattr - Smack check for getting attributes
1226 * @mnt: vfsmount of the object 1226 * @path: path to extract the info from
1227 * @dentry: the object
1228 * 1227 *
1229 * Returns 0 if access is permitted, an error code otherwise 1228 * Returns 0 if access is permitted, an error code otherwise
1230 */ 1229 */
@@ -1871,14 +1870,13 @@ static int smack_file_receive(struct file *file)
1871/** 1870/**
1872 * smack_file_open - Smack dentry open processing 1871 * smack_file_open - Smack dentry open processing
1873 * @file: the object 1872 * @file: the object
1874 * @cred: task credential
1875 * 1873 *
1876 * Set the security blob in the file structure. 1874 * Set the security blob in the file structure.
1877 * Allow the open only if the task has read access. There are 1875 * Allow the open only if the task has read access. There are
1878 * many read operations (e.g. fstat) that you can do with an 1876 * many read operations (e.g. fstat) that you can do with an
1879 * fd even if you have the file open write-only. 1877 * fd even if you have the file open write-only.
1880 * 1878 *
1881 * Returns 0 1879 * Returns 0 if current has access, error code otherwise
1882 */ 1880 */
1883static int smack_file_open(struct file *file) 1881static int smack_file_open(struct file *file)
1884{ 1882{
@@ -1901,7 +1899,7 @@ static int smack_file_open(struct file *file)
1901 1899
1902/** 1900/**
1903 * smack_cred_alloc_blank - "allocate" blank task-level security credentials 1901 * smack_cred_alloc_blank - "allocate" blank task-level security credentials
1904 * @new: the new credentials 1902 * @cred: the new credentials
1905 * @gfp: the atomicity of any memory allocations 1903 * @gfp: the atomicity of any memory allocations
1906 * 1904 *
1907 * Prepare a blank set of credentials for modification. This must allocate all 1905 * Prepare a blank set of credentials for modification. This must allocate all
@@ -1984,7 +1982,7 @@ static void smack_cred_transfer(struct cred *new, const struct cred *old)
1984 1982
1985/** 1983/**
1986 * smack_cred_getsecid - get the secid corresponding to a creds structure 1984 * smack_cred_getsecid - get the secid corresponding to a creds structure
1987 * @c: the object creds 1985 * @cred: the object creds
1988 * @secid: where to put the result 1986 * @secid: where to put the result
1989 * 1987 *
1990 * Sets the secid to contain a u32 version of the smack label. 1988 * Sets the secid to contain a u32 version of the smack label.
@@ -2141,8 +2139,6 @@ static int smack_task_getioprio(struct task_struct *p)
2141/** 2139/**
2142 * smack_task_setscheduler - Smack check on setting scheduler 2140 * smack_task_setscheduler - Smack check on setting scheduler
2143 * @p: the task object 2141 * @p: the task object
2144 * @policy: unused
2145 * @lp: unused
2146 * 2142 *
2147 * Return 0 if read access is permitted 2143 * Return 0 if read access is permitted
2148 */ 2144 */
@@ -2612,8 +2608,9 @@ static void smk_ipv6_port_label(struct socket *sock, struct sockaddr *address)
2612 2608
2613/** 2609/**
2614 * smk_ipv6_port_check - check Smack port access 2610 * smk_ipv6_port_check - check Smack port access
2615 * @sock: socket 2611 * @sk: socket
2616 * @address: address 2612 * @address: address
2613 * @act: the action being taken
2617 * 2614 *
2618 * Create or update the port list entry 2615 * Create or update the port list entry
2619 */ 2616 */
@@ -2783,7 +2780,7 @@ static int smack_socket_post_create(struct socket *sock, int family,
2783 * 2780 *
2784 * Cross reference the peer labels for SO_PEERSEC 2781 * Cross reference the peer labels for SO_PEERSEC
2785 * 2782 *
2786 * Returns 0 on success, and error code otherwise 2783 * Returns 0
2787 */ 2784 */
2788static int smack_socket_socketpair(struct socket *socka, 2785static int smack_socket_socketpair(struct socket *socka,
2789 struct socket *sockb) 2786 struct socket *sockb)
@@ -3015,13 +3012,13 @@ static int smack_shm_shmctl(struct kern_ipc_perm *isp, int cmd)
3015 * 3012 *
3016 * Returns 0 if current has the requested access, error code otherwise 3013 * Returns 0 if current has the requested access, error code otherwise
3017 */ 3014 */
3018static int smack_shm_shmat(struct kern_ipc_perm *ipc, char __user *shmaddr, 3015static int smack_shm_shmat(struct kern_ipc_perm *isp, char __user *shmaddr,
3019 int shmflg) 3016 int shmflg)
3020{ 3017{
3021 int may; 3018 int may;
3022 3019
3023 may = smack_flags_to_may(shmflg); 3020 may = smack_flags_to_may(shmflg);
3024 return smk_curacc_shm(ipc, may); 3021 return smk_curacc_shm(isp, may);
3025} 3022}
3026 3023
3027/** 3024/**
@@ -4763,7 +4760,7 @@ static __init void init_smack_known_list(void)
4763/** 4760/**
4764 * smack_init - initialize the smack system 4761 * smack_init - initialize the smack system
4765 * 4762 *
4766 * Returns 0 4763 * Returns 0 on success, -ENOMEM is there's no memory
4767 */ 4764 */
4768static __init int smack_init(void) 4765static __init int smack_init(void)
4769{ 4766{
generated by cgit v1.2.2 (git 2.25.0) at 2026-01-19 13:34:14 -0500