diff options
| author | Casey Schaufler <casey@schaufler-ca.com> | 2015-05-02 18:11:36 -0400 |
|---|---|---|
| committer | James Morris <james.l.morris@oracle.com> | 2015-05-12 01:00:36 -0400 |
| commit | e20b043a6902ecb61c2c84355c3bae5149f391db (patch) | |
| tree | f5268475bb8b4bee2fbfafb063c41b02b9769af1 /security/selinux | |
| parent | f25fce3e8f1f15d6d2a22620ebf98a68a4641f06 (diff) | |
LSM: Add security module hook list heads
Add a list header for each security hook. They aren't used until
later in the patch series. They are grouped together in a structure
so that there doesn't need to be an external address for each.
Macro-ize the initialization of the security_operations
for each security module in anticipation of changing out
the security_operations structure.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'security/selinux')
| -rw-r--r-- | security/selinux/hooks.c | 398 |
1 files changed, 201 insertions, 197 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 40e3f7757ec7..0cf105f346d4 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -5841,211 +5841,215 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) | |||
| 5841 | #endif | 5841 | #endif |
| 5842 | 5842 | ||
| 5843 | static struct security_operations selinux_ops = { | 5843 | static struct security_operations selinux_ops = { |
| 5844 | .name = "selinux", | 5844 | LSM_HOOK_INIT(name, "selinux"), |
| 5845 | 5845 | ||
| 5846 | .binder_set_context_mgr = selinux_binder_set_context_mgr, | 5846 | LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr), |
| 5847 | .binder_transaction = selinux_binder_transaction, | 5847 | LSM_HOOK_INIT(binder_transaction, selinux_binder_transaction), |
| 5848 | .binder_transfer_binder = selinux_binder_transfer_binder, | 5848 | LSM_HOOK_INIT(binder_transfer_binder, selinux_binder_transfer_binder), |
| 5849 | .binder_transfer_file = selinux_binder_transfer_file, | 5849 | LSM_HOOK_INIT(binder_transfer_file, selinux_binder_transfer_file), |
| 5850 | 5850 | ||
| 5851 | .ptrace_access_check = selinux_ptrace_access_check, | 5851 | LSM_HOOK_INIT(ptrace_access_check, selinux_ptrace_access_check), |
| 5852 | .ptrace_traceme = selinux_ptrace_traceme, | 5852 | LSM_HOOK_INIT(ptrace_traceme, selinux_ptrace_traceme), |
| 5853 | .capget = selinux_capget, | 5853 | LSM_HOOK_INIT(capget, selinux_capget), |
| 5854 | .capset = selinux_capset, | 5854 | LSM_HOOK_INIT(capset, selinux_capset), |
| 5855 | .capable = selinux_capable, | 5855 | LSM_HOOK_INIT(capable, selinux_capable), |
| 5856 | .quotactl = selinux_quotactl, | 5856 | LSM_HOOK_INIT(quotactl, selinux_quotactl), |
| 5857 | .quota_on = selinux_quota_on, | 5857 | LSM_HOOK_INIT(quota_on, selinux_quota_on), |
| 5858 | .syslog = selinux_syslog, | 5858 | LSM_HOOK_INIT(syslog, selinux_syslog), |
| 5859 | .vm_enough_memory = selinux_vm_enough_memory, | 5859 | LSM_HOOK_INIT(vm_enough_memory, selinux_vm_enough_memory), |
| 5860 | 5860 | ||
| 5861 | .netlink_send = selinux_netlink_send, | 5861 | LSM_HOOK_INIT(netlink_send, selinux_netlink_send), |
| 5862 | 5862 | ||
| 5863 | .bprm_set_creds = selinux_bprm_set_creds, | 5863 | LSM_HOOK_INIT(bprm_set_creds, selinux_bprm_set_creds), |
| 5864 | .bprm_committing_creds = selinux_bprm_committing_creds, | 5864 | LSM_HOOK_INIT(bprm_committing_creds, selinux_bprm_committing_creds), |
| 5865 | .bprm_committed_creds = selinux_bprm_committed_creds, | 5865 | LSM_HOOK_INIT(bprm_committed_creds, selinux_bprm_committed_creds), |
| 5866 | .bprm_secureexec = selinux_bprm_secureexec, | 5866 | LSM_HOOK_INIT(bprm_secureexec, selinux_bprm_secureexec), |
| 5867 | 5867 | ||
| 5868 | .sb_alloc_security = selinux_sb_alloc_security, | 5868 | LSM_HOOK_INIT(sb_alloc_security, selinux_sb_alloc_security), |
| 5869 | .sb_free_security = selinux_sb_free_security, | 5869 | LSM_HOOK_INIT(sb_free_security, selinux_sb_free_security), |
| 5870 | .sb_copy_data = selinux_sb_copy_data, | 5870 | LSM_HOOK_INIT(sb_copy_data, selinux_sb_copy_data), |
| 5871 | .sb_remount = selinux_sb_remount, | 5871 | LSM_HOOK_INIT(sb_remount, selinux_sb_remount), |
| 5872 | .sb_kern_mount = selinux_sb_kern_mount, | 5872 | LSM_HOOK_INIT(sb_kern_mount, selinux_sb_kern_mount), |
| 5873 | .sb_show_options = selinux_sb_show_options, | 5873 | LSM_HOOK_INIT(sb_show_options, selinux_sb_show_options), |
| 5874 | .sb_statfs = selinux_sb_statfs, | 5874 | LSM_HOOK_INIT(sb_statfs, selinux_sb_statfs), |
| 5875 | .sb_mount = selinux_mount, | 5875 | LSM_HOOK_INIT(sb_mount, selinux_mount), |
| 5876 | .sb_umount = selinux_umount, | 5876 | LSM_HOOK_INIT(sb_umount, selinux_umount), |
| 5877 | .sb_set_mnt_opts = selinux_set_mnt_opts, | 5877 | LSM_HOOK_INIT(sb_set_mnt_opts, selinux_set_mnt_opts), |
| 5878 | .sb_clone_mnt_opts = selinux_sb_clone_mnt_opts, | 5878 | LSM_HOOK_INIT(sb_clone_mnt_opts, selinux_sb_clone_mnt_opts), |
| 5879 | .sb_parse_opts_str = selinux_parse_opts_str, | 5879 | LSM_HOOK_INIT(sb_parse_opts_str, selinux_parse_opts_str), |
| 5880 | 5880 | ||
| 5881 | .dentry_init_security = selinux_dentry_init_security, | 5881 | LSM_HOOK_INIT(dentry_init_security, selinux_dentry_init_security), |
| 5882 | 5882 | ||
| 5883 | .inode_alloc_security = selinux_inode_alloc_security, | 5883 | LSM_HOOK_INIT(inode_alloc_security, selinux_inode_alloc_security), |
| 5884 | .inode_free_security = selinux_inode_free_security, | 5884 | LSM_HOOK_INIT(inode_free_security, selinux_inode_free_security), |
| 5885 | .inode_init_security = selinux_inode_init_security, | 5885 | LSM_HOOK_INIT(inode_init_security, selinux_inode_init_security), |
| 5886 | .inode_create = selinux_inode_create, | 5886 | LSM_HOOK_INIT(inode_create, selinux_inode_create), |
| 5887 | .inode_link = selinux_inode_link, | 5887 | LSM_HOOK_INIT(inode_link, selinux_inode_link), |
| 5888 | .inode_unlink = selinux_inode_unlink, | 5888 | LSM_HOOK_INIT(inode_unlink, selinux_inode_unlink), |
| 5889 | .inode_symlink = selinux_inode_symlink, | 5889 | LSM_HOOK_INIT(inode_symlink, selinux_inode_symlink), |
| 5890 | .inode_mkdir = selinux_inode_mkdir, | 5890 | LSM_HOOK_INIT(inode_mkdir, selinux_inode_mkdir), |
| 5891 | .inode_rmdir = selinux_inode_rmdir, | 5891 | LSM_HOOK_INIT(inode_rmdir, selinux_inode_rmdir), |
| 5892 | .inode_mknod = selinux_inode_mknod, | 5892 | LSM_HOOK_INIT(inode_mknod, selinux_inode_mknod), |
| 5893 | .inode_rename = selinux_inode_rename, | 5893 | LSM_HOOK_INIT(inode_rename, selinux_inode_rename), |
| 5894 | .inode_readlink = selinux_inode_readlink, | 5894 | LSM_HOOK_INIT(inode_readlink, selinux_inode_readlink), |
| 5895 | .inode_follow_link = selinux_inode_follow_link, | 5895 | LSM_HOOK_INIT(inode_follow_link, selinux_inode_follow_link), |
| 5896 | .inode_permission = selinux_inode_permission, | 5896 | LSM_HOOK_INIT(inode_permission, selinux_inode_permission), |
| 5897 | .inode_setattr = selinux_inode_setattr, | 5897 | LSM_HOOK_INIT(inode_setattr, selinux_inode_setattr), |
| 5898 | .inode_getattr = selinux_inode_getattr, | 5898 | LSM_HOOK_INIT(inode_getattr, selinux_inode_getattr), |
| 5899 | .inode_setxattr = selinux_inode_setxattr, | 5899 | LSM_HOOK_INIT(inode_setxattr, selinux_inode_setxattr), |
| 5900 | .inode_post_setxattr = selinux_inode_post_setxattr, | 5900 | LSM_HOOK_INIT(inode_post_setxattr, selinux_inode_post_setxattr), |
| 5901 | .inode_getxattr = selinux_inode_getxattr, | 5901 | LSM_HOOK_INIT(inode_getxattr, selinux_inode_getxattr), |
| 5902 | .inode_listxattr = selinux_inode_listxattr, | 5902 | LSM_HOOK_INIT(inode_listxattr, selinux_inode_listxattr), |
| 5903 | .inode_removexattr = selinux_inode_removexattr, | 5903 | LSM_HOOK_INIT(inode_removexattr, selinux_inode_removexattr), |
| 5904 | .inode_getsecurity = selinux_inode_getsecurity, | 5904 | LSM_HOOK_INIT(inode_getsecurity, selinux_inode_getsecurity), |
| 5905 | .inode_setsecurity = selinux_inode_setsecurity, | 5905 | LSM_HOOK_INIT(inode_setsecurity, selinux_inode_setsecurity), |
| 5906 | .inode_listsecurity = selinux_inode_listsecurity, | 5906 | LSM_HOOK_INIT(inode_listsecurity, selinux_inode_listsecurity), |
| 5907 | .inode_getsecid = selinux_inode_getsecid, | 5907 | LSM_HOOK_INIT(inode_getsecid, selinux_inode_getsecid), |
| 5908 | 5908 | ||
| 5909 | .file_permission = selinux_file_permission, | 5909 | LSM_HOOK_INIT(file_permission, selinux_file_permission), |
| 5910 | .file_alloc_security = selinux_file_alloc_security, | 5910 | LSM_HOOK_INIT(file_alloc_security, selinux_file_alloc_security), |
| 5911 | .file_free_security = selinux_file_free_security, | 5911 | LSM_HOOK_INIT(file_free_security, selinux_file_free_security), |
| 5912 | .file_ioctl = selinux_file_ioctl, | 5912 | LSM_HOOK_INIT(file_ioctl, selinux_file_ioctl), |
| 5913 | .mmap_file = selinux_mmap_file, | 5913 | LSM_HOOK_INIT(mmap_file, selinux_mmap_file), |
| 5914 | .mmap_addr = selinux_mmap_addr, | 5914 | LSM_HOOK_INIT(mmap_addr, selinux_mmap_addr), |
| 5915 | .file_mprotect = selinux_file_mprotect, | 5915 | LSM_HOOK_INIT(file_mprotect, selinux_file_mprotect), |
| 5916 | .file_lock = selinux_file_lock, | 5916 | LSM_HOOK_INIT(file_lock, selinux_file_lock), |
| 5917 | .file_fcntl = selinux_file_fcntl, | 5917 | LSM_HOOK_INIT(file_fcntl, selinux_file_fcntl), |
| 5918 | .file_set_fowner = selinux_file_set_fowner, | 5918 | LSM_HOOK_INIT(file_set_fowner, selinux_file_set_fowner), |
| 5919 | .file_send_sigiotask = selinux_file_send_sigiotask, | 5919 | LSM_HOOK_INIT(file_send_sigiotask, selinux_file_send_sigiotask), |
| 5920 | .file_receive = selinux_file_receive, | 5920 | LSM_HOOK_INIT(file_receive, selinux_file_receive), |
| 5921 | 5921 | ||
| 5922 | .file_open = selinux_file_open, | 5922 | LSM_HOOK_INIT(file_open, selinux_file_open), |
| 5923 | 5923 | ||
| 5924 | .task_create = selinux_task_create, | 5924 | LSM_HOOK_INIT(task_create, selinux_task_create), |
| 5925 | .cred_alloc_blank = selinux_cred_alloc_blank, | 5925 | LSM_HOOK_INIT(cred_alloc_blank, selinux_cred_alloc_blank), |
| 5926 | .cred_free = selinux_cred_free, | 5926 | LSM_HOOK_INIT(cred_free, selinux_cred_free), |
| 5927 | .cred_prepare = selinux_cred_prepare, | 5927 | LSM_HOOK_INIT(cred_prepare, selinux_cred_prepare), |
| 5928 | .cred_transfer = selinux_cred_transfer, | 5928 | LSM_HOOK_INIT(cred_transfer, selinux_cred_transfer), |
| 5929 | .kernel_act_as = selinux_kernel_act_as, | 5929 | LSM_HOOK_INIT(kernel_act_as, selinux_kernel_act_as), |
| 5930 | .kernel_create_files_as = selinux_kernel_create_files_as, | 5930 | LSM_HOOK_INIT(kernel_create_files_as, selinux_kernel_create_files_as), |
| 5931 | .kernel_module_request = selinux_kernel_module_request, | 5931 | LSM_HOOK_INIT(kernel_module_request, selinux_kernel_module_request), |
| 5932 | .task_setpgid = selinux_task_setpgid, | 5932 | LSM_HOOK_INIT(task_setpgid, selinux_task_setpgid), |
| 5933 | .task_getpgid = selinux_task_getpgid, | 5933 | LSM_HOOK_INIT(task_getpgid, selinux_task_getpgid), |
| 5934 | .task_getsid = selinux_task_getsid, | 5934 | LSM_HOOK_INIT(task_getsid, selinux_task_getsid), |
| 5935 | .task_getsecid = selinux_task_getsecid, | 5935 | LSM_HOOK_INIT(task_getsecid, selinux_task_getsecid), |
| 5936 | .task_setnice = selinux_task_setnice, | 5936 | LSM_HOOK_INIT(task_setnice, selinux_task_setnice), |
| 5937 | .task_setioprio = selinux_task_setioprio, | 5937 | LSM_HOOK_INIT(task_setioprio, selinux_task_setioprio), |
| 5938 | .task_getioprio = selinux_task_getioprio, | 5938 | LSM_HOOK_INIT(task_getioprio, selinux_task_getioprio), |
| 5939 | .task_setrlimit = selinux_task_setrlimit, | 5939 | LSM_HOOK_INIT(task_setrlimit, selinux_task_setrlimit), |
| 5940 | .task_setscheduler = selinux_task_setscheduler, | 5940 | LSM_HOOK_INIT(task_setscheduler, selinux_task_setscheduler), |
| 5941 | .task_getscheduler = selinux_task_getscheduler, | 5941 | LSM_HOOK_INIT(task_getscheduler, selinux_task_getscheduler), |
| 5942 | .task_movememory = selinux_task_movememory, | 5942 | LSM_HOOK_INIT(task_movememory, selinux_task_movememory), |
| 5943 | .task_kill = selinux_task_kill, | 5943 | LSM_HOOK_INIT(task_kill, selinux_task_kill), |
| 5944 | .task_wait = selinux_task_wait, | 5944 | LSM_HOOK_INIT(task_wait, selinux_task_wait), |
| 5945 | .task_to_inode = selinux_task_to_inode, | 5945 | LSM_HOOK_INIT(task_to_inode, selinux_task_to_inode), |
| 5946 | 5946 | ||
| 5947 | .ipc_permission = selinux_ipc_permission, | 5947 | LSM_HOOK_INIT(ipc_permission, selinux_ipc_permission), |
| 5948 | .ipc_getsecid = selinux_ipc_getsecid, | 5948 | LSM_HOOK_INIT(ipc_getsecid, selinux_ipc_getsecid), |
| 5949 | 5949 | ||
| 5950 | .msg_msg_alloc_security = selinux_msg_msg_alloc_security, | 5950 | LSM_HOOK_INIT(msg_msg_alloc_security, selinux_msg_msg_alloc_security), |
| 5951 | .msg_msg_free_security = selinux_msg_msg_free_security, | 5951 | LSM_HOOK_INIT(msg_msg_free_security, selinux_msg_msg_free_security), |
| 5952 | 5952 | ||
| 5953 | .msg_queue_alloc_security = selinux_msg_queue_alloc_security, | 5953 | LSM_HOOK_INIT(msg_queue_alloc_security, |
| 5954 | .msg_queue_free_security = selinux_msg_queue_free_security, | 5954 | selinux_msg_queue_alloc_security), |
| 5955 | .msg_queue_associate = selinux_msg_queue_associate, | 5955 | LSM_HOOK_INIT(msg_queue_free_security, selinux_msg_queue_free_security), |
| 5956 | .msg_queue_msgctl = selinux_msg_queue_msgctl, | 5956 | LSM_HOOK_INIT(msg_queue_associate, selinux_msg_queue_associate), |
| 5957 | .msg_queue_msgsnd = selinux_msg_queue_msgsnd, | 5957 | LSM_HOOK_INIT(msg_queue_msgctl, selinux_msg_queue_msgctl), |
| 5958 | .msg_queue_msgrcv = selinux_msg_queue_msgrcv, | 5958 | LSM_HOOK_INIT(msg_queue_msgsnd, selinux_msg_queue_msgsnd), |
| 5959 | 5959 | LSM_HOOK_INIT(msg_queue_msgrcv, selinux_msg_queue_msgrcv), | |
| 5960 | .shm_alloc_security = selinux_shm_alloc_security, | 5960 | |
| 5961 | .shm_free_security = selinux_shm_free_security, | 5961 | LSM_HOOK_INIT(shm_alloc_security, selinux_shm_alloc_security), |
| 5962 | .shm_associate = selinux_shm_associate, | 5962 | LSM_HOOK_INIT(shm_free_security, selinux_shm_free_security), |
| 5963 | .shm_shmctl = selinux_shm_shmctl, | 5963 | LSM_HOOK_INIT(shm_associate, selinux_shm_associate), |
| 5964 | .shm_shmat = selinux_shm_shmat, | 5964 | LSM_HOOK_INIT(shm_shmctl, selinux_shm_shmctl), |
| 5965 | 5965 | LSM_HOOK_INIT(shm_shmat, selinux_shm_shmat), | |
| 5966 | .sem_alloc_security = selinux_sem_alloc_security, | 5966 | |
| 5967 | .sem_free_security = selinux_sem_free_security, | 5967 | LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security), |
| 5968 | .sem_associate = selinux_sem_associate, | 5968 | LSM_HOOK_INIT(sem_free_security, selinux_sem_free_security), |
| 5969 | .sem_semctl = selinux_sem_semctl, | 5969 | LSM_HOOK_INIT(sem_associate, selinux_sem_associate), |
| 5970 | .sem_semop = selinux_sem_semop, | 5970 | LSM_HOOK_INIT(sem_semctl, selinux_sem_semctl), |
| 5971 | 5971 | LSM_HOOK_INIT(sem_semop, selinux_sem_semop), | |
| 5972 | .d_instantiate = selinux_d_instantiate, | 5972 | |
| 5973 | 5973 | LSM_HOOK_INIT(d_instantiate, selinux_d_instantiate), | |
| 5974 | .getprocattr = selinux_getprocattr, | 5974 | |
| 5975 | .setprocattr = selinux_setprocattr, | 5975 | LSM_HOOK_INIT(getprocattr, selinux_getprocattr), |
| 5976 | 5976 | LSM_HOOK_INIT(setprocattr, selinux_setprocattr), | |
| 5977 | .ismaclabel = selinux_ismaclabel, | 5977 | |
| 5978 | .secid_to_secctx = selinux_secid_to_secctx, | 5978 | LSM_HOOK_INIT(ismaclabel, selinux_ismaclabel), |
| 5979 | .secctx_to_secid = selinux_secctx_to_secid, | 5979 | LSM_HOOK_INIT(secid_to_secctx, selinux_secid_to_secctx), |
| 5980 | .release_secctx = selinux_release_secctx, | 5980 | LSM_HOOK_INIT(secctx_to_secid, selinux_secctx_to_secid), |
| 5981 | .inode_notifysecctx = selinux_inode_notifysecctx, | 5981 | LSM_HOOK_INIT(release_secctx, selinux_release_secctx), |
| 5982 | .inode_setsecctx = selinux_inode_setsecctx, | 5982 | LSM_HOOK_INIT(inode_notifysecctx, selinux_inode_notifysecctx), |
| 5983 | .inode_getsecctx = selinux_inode_getsecctx, | 5983 | LSM_HOOK_INIT(inode_setsecctx, selinux_inode_setsecctx), |
| 5984 | 5984 | LSM_HOOK_INIT(inode_getsecctx, selinux_inode_getsecctx), | |
| 5985 | .unix_stream_connect = selinux_socket_unix_stream_connect, | 5985 | |
| 5986 | .unix_may_send = selinux_socket_unix_may_send, | 5986 | LSM_HOOK_INIT(unix_stream_connect, selinux_socket_unix_stream_connect), |
| 5987 | 5987 | LSM_HOOK_INIT(unix_may_send, selinux_socket_unix_may_send), | |
| 5988 | .socket_create = selinux_socket_create, | 5988 | |
| 5989 | .socket_post_create = selinux_socket_post_create, | 5989 | LSM_HOOK_INIT(socket_create, selinux_socket_create), |
| 5990 | .socket_bind = selinux_socket_bind, | 5990 | LSM_HOOK_INIT(socket_post_create, selinux_socket_post_create), |
| 5991 | .socket_connect = selinux_socket_connect, | 5991 | LSM_HOOK_INIT(socket_bind, selinux_socket_bind), |
| 5992 | .socket_listen = selinux_socket_listen, | 5992 | LSM_HOOK_INIT(socket_connect, selinux_socket_connect), |
| 5993 | .socket_accept = selinux_socket_accept, | 5993 | LSM_HOOK_INIT(socket_listen, selinux_socket_listen), |
| 5994 | .socket_sendmsg = selinux_socket_sendmsg, | 5994 | LSM_HOOK_INIT(socket_accept, selinux_socket_accept), |
| 5995 | .socket_recvmsg = selinux_socket_recvmsg, | 5995 | LSM_HOOK_INIT(socket_sendmsg, selinux_socket_sendmsg), |
| 5996 | .socket_getsockname = selinux_socket_getsockname, | 5996 | LSM_HOOK_INIT(socket_recvmsg, selinux_socket_recvmsg), |
| 5997 | .socket_getpeername = selinux_socket_getpeername, | 5997 | LSM_HOOK_INIT(socket_getsockname, selinux_socket_getsockname), |
| 5998 | .socket_getsockopt = selinux_socket_getsockopt, | 5998 | LSM_HOOK_INIT(socket_getpeername, selinux_socket_getpeername), |
| 5999 | .socket_setsockopt = selinux_socket_setsockopt, | 5999 | LSM_HOOK_INIT(socket_getsockopt, selinux_socket_getsockopt), |
| 6000 | .socket_shutdown = selinux_socket_shutdown, | 6000 | LSM_HOOK_INIT(socket_setsockopt, selinux_socket_setsockopt), |
| 6001 | .socket_sock_rcv_skb = selinux_socket_sock_rcv_skb, | 6001 | LSM_HOOK_INIT(socket_shutdown, selinux_socket_shutdown), |
| 6002 | .socket_getpeersec_stream = selinux_socket_getpeersec_stream, | 6002 | LSM_HOOK_INIT(socket_sock_rcv_skb, selinux_socket_sock_rcv_skb), |
| 6003 | .socket_getpeersec_dgram = selinux_socket_getpeersec_dgram, | 6003 | LSM_HOOK_INIT(socket_getpeersec_stream, |
| 6004 | .sk_alloc_security = selinux_sk_alloc_security, | 6004 | selinux_socket_getpeersec_stream), |
| 6005 | .sk_free_security = selinux_sk_free_security, | 6005 | LSM_HOOK_INIT(socket_getpeersec_dgram, selinux_socket_getpeersec_dgram), |
| 6006 | .sk_clone_security = selinux_sk_clone_security, | 6006 | LSM_HOOK_INIT(sk_alloc_security, selinux_sk_alloc_security), |
| 6007 | .sk_getsecid = selinux_sk_getsecid, | 6007 | LSM_HOOK_INIT(sk_free_security, selinux_sk_free_security), |
| 6008 | .sock_graft = selinux_sock_graft, | 6008 | LSM_HOOK_INIT(sk_clone_security, selinux_sk_clone_security), |
| 6009 | .inet_conn_request = selinux_inet_conn_request, | 6009 | LSM_HOOK_INIT(sk_getsecid, selinux_sk_getsecid), |
| 6010 | .inet_csk_clone = selinux_inet_csk_clone, | 6010 | LSM_HOOK_INIT(sock_graft, selinux_sock_graft), |
| 6011 | .inet_conn_established = selinux_inet_conn_established, | 6011 | LSM_HOOK_INIT(inet_conn_request, selinux_inet_conn_request), |
| 6012 | .secmark_relabel_packet = selinux_secmark_relabel_packet, | 6012 | LSM_HOOK_INIT(inet_csk_clone, selinux_inet_csk_clone), |
| 6013 | .secmark_refcount_inc = selinux_secmark_refcount_inc, | 6013 | LSM_HOOK_INIT(inet_conn_established, selinux_inet_conn_established), |
| 6014 | .secmark_refcount_dec = selinux_secmark_refcount_dec, | 6014 | LSM_HOOK_INIT(secmark_relabel_packet, selinux_secmark_relabel_packet), |
| 6015 | .req_classify_flow = selinux_req_classify_flow, | 6015 | LSM_HOOK_INIT(secmark_refcount_inc, selinux_secmark_refcount_inc), |
| 6016 | .tun_dev_alloc_security = selinux_tun_dev_alloc_security, | 6016 | LSM_HOOK_INIT(secmark_refcount_dec, selinux_secmark_refcount_dec), |
| 6017 | .tun_dev_free_security = selinux_tun_dev_free_security, | 6017 | LSM_HOOK_INIT(req_classify_flow, selinux_req_classify_flow), |
| 6018 | .tun_dev_create = selinux_tun_dev_create, | 6018 | LSM_HOOK_INIT(tun_dev_alloc_security, selinux_tun_dev_alloc_security), |
| 6019 | .tun_dev_attach_queue = selinux_tun_dev_attach_queue, | 6019 | LSM_HOOK_INIT(tun_dev_free_security, selinux_tun_dev_free_security), |
| 6020 | .tun_dev_attach = selinux_tun_dev_attach, | 6020 | LSM_HOOK_INIT(tun_dev_create, selinux_tun_dev_create), |
| 6021 | .tun_dev_open = selinux_tun_dev_open, | 6021 | LSM_HOOK_INIT(tun_dev_attach_queue, selinux_tun_dev_attach_queue), |
| 6022 | LSM_HOOK_INIT(tun_dev_attach, selinux_tun_dev_attach), | ||
| 6023 | LSM_HOOK_INIT(tun_dev_open, selinux_tun_dev_open), | ||
| 6022 | 6024 | ||
| 6023 | #ifdef CONFIG_SECURITY_NETWORK_XFRM | 6025 | #ifdef CONFIG_SECURITY_NETWORK_XFRM |
| 6024 | .xfrm_policy_alloc_security = selinux_xfrm_policy_alloc, | 6026 | LSM_HOOK_INIT(xfrm_policy_alloc_security, selinux_xfrm_policy_alloc), |
| 6025 | .xfrm_policy_clone_security = selinux_xfrm_policy_clone, | 6027 | LSM_HOOK_INIT(xfrm_policy_clone_security, selinux_xfrm_policy_clone), |
| 6026 | .xfrm_policy_free_security = selinux_xfrm_policy_free, | 6028 | LSM_HOOK_INIT(xfrm_policy_free_security, selinux_xfrm_policy_free), |
| 6027 | .xfrm_policy_delete_security = selinux_xfrm_policy_delete, | 6029 | LSM_HOOK_INIT(xfrm_policy_delete_security, selinux_xfrm_policy_delete), |
| 6028 | .xfrm_state_alloc = selinux_xfrm_state_alloc, | 6030 | LSM_HOOK_INIT(xfrm_state_alloc, selinux_xfrm_state_alloc), |
| 6029 | .xfrm_state_alloc_acquire = selinux_xfrm_state_alloc_acquire, | 6031 | LSM_HOOK_INIT(xfrm_state_alloc_acquire, |
| 6030 | .xfrm_state_free_security = selinux_xfrm_state_free, | 6032 | selinux_xfrm_state_alloc_acquire), |
| 6031 | .xfrm_state_delete_security = selinux_xfrm_state_delete, | 6033 | LSM_HOOK_INIT(xfrm_state_free_security, selinux_xfrm_state_free), |
| 6032 | .xfrm_policy_lookup = selinux_xfrm_policy_lookup, | 6034 | LSM_HOOK_INIT(xfrm_state_delete_security, selinux_xfrm_state_delete), |
| 6033 | .xfrm_state_pol_flow_match = selinux_xfrm_state_pol_flow_match, | 6035 | LSM_HOOK_INIT(xfrm_policy_lookup, selinux_xfrm_policy_lookup), |
| 6034 | .xfrm_decode_session = selinux_xfrm_decode_session, | 6036 | LSM_HOOK_INIT(xfrm_state_pol_flow_match, |
| 6037 | selinux_xfrm_state_pol_flow_match), | ||
| 6038 | LSM_HOOK_INIT(xfrm_decode_session, selinux_xfrm_decode_session), | ||
| 6035 | #endif | 6039 | #endif |
| 6036 | 6040 | ||
| 6037 | #ifdef CONFIG_KEYS | 6041 | #ifdef CONFIG_KEYS |
| 6038 | .key_alloc = selinux_key_alloc, | 6042 | LSM_HOOK_INIT(key_alloc, selinux_key_alloc), |
| 6039 | .key_free = selinux_key_free, | 6043 | LSM_HOOK_INIT(key_free, selinux_key_free), |
| 6040 | .key_permission = selinux_key_permission, | 6044 | LSM_HOOK_INIT(key_permission, selinux_key_permission), |
| 6041 | .key_getsecurity = selinux_key_getsecurity, | 6045 | LSM_HOOK_INIT(key_getsecurity, selinux_key_getsecurity), |
| 6042 | #endif | 6046 | #endif |
| 6043 | 6047 | ||
| 6044 | #ifdef CONFIG_AUDIT | 6048 | #ifdef CONFIG_AUDIT |
| 6045 | .audit_rule_init = selinux_audit_rule_init, | 6049 | LSM_HOOK_INIT(audit_rule_init, selinux_audit_rule_init), |
| 6046 | .audit_rule_known = selinux_audit_rule_known, | 6050 | LSM_HOOK_INIT(audit_rule_known, selinux_audit_rule_known), |
| 6047 | .audit_rule_match = selinux_audit_rule_match, | 6051 | LSM_HOOK_INIT(audit_rule_match, selinux_audit_rule_match), |
| 6048 | .audit_rule_free = selinux_audit_rule_free, | 6052 | LSM_HOOK_INIT(audit_rule_free, selinux_audit_rule_free), |
| 6049 | #endif | 6053 | #endif |
| 6050 | }; | 6054 | }; |
| 6051 | 6055 | ||