aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux/security.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux/security.h')
-rw-r--r--include/linux/security.h344
1 files changed, 164 insertions, 180 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index e3d4ecda2673..3416cb85e77b 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -37,6 +37,10 @@
37/* Maximum number of letters for an LSM name string */ 37/* Maximum number of letters for an LSM name string */
38#define SECURITY_NAME_MAX 10 38#define SECURITY_NAME_MAX 10
39 39
40/* If capable should audit the security request */
41#define SECURITY_CAP_NOAUDIT 0
42#define SECURITY_CAP_AUDIT 1
43
40struct ctl_table; 44struct ctl_table;
41struct audit_krule; 45struct audit_krule;
42 46
@@ -44,25 +48,25 @@ struct audit_krule;
44 * These functions are in security/capability.c and are used 48 * These functions are in security/capability.c and are used
45 * as the default capabilities functions 49 * as the default capabilities functions
46 */ 50 */
47extern int cap_capable(struct task_struct *tsk, int cap); 51extern int cap_capable(struct task_struct *tsk, int cap, int audit);
48extern int cap_settime(struct timespec *ts, struct timezone *tz); 52extern int cap_settime(struct timespec *ts, struct timezone *tz);
49extern int cap_ptrace_may_access(struct task_struct *child, unsigned int mode); 53extern int cap_ptrace_may_access(struct task_struct *child, unsigned int mode);
50extern int cap_ptrace_traceme(struct task_struct *parent); 54extern int cap_ptrace_traceme(struct task_struct *parent);
51extern int cap_capget(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); 55extern int cap_capget(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted);
52extern int cap_capset_check(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); 56extern int cap_capset(struct cred *new, const struct cred *old,
53extern void cap_capset_set(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); 57 const kernel_cap_t *effective,
54extern int cap_bprm_set_security(struct linux_binprm *bprm); 58 const kernel_cap_t *inheritable,
55extern void cap_bprm_apply_creds(struct linux_binprm *bprm, int unsafe); 59 const kernel_cap_t *permitted);
60extern int cap_bprm_set_creds(struct linux_binprm *bprm);
56extern int cap_bprm_secureexec(struct linux_binprm *bprm); 61extern int cap_bprm_secureexec(struct linux_binprm *bprm);
57extern int cap_inode_setxattr(struct dentry *dentry, const char *name, 62extern int cap_inode_setxattr(struct dentry *dentry, const char *name,
58 const void *value, size_t size, int flags); 63 const void *value, size_t size, int flags);
59extern int cap_inode_removexattr(struct dentry *dentry, const char *name); 64extern int cap_inode_removexattr(struct dentry *dentry, const char *name);
60extern int cap_inode_need_killpriv(struct dentry *dentry); 65extern int cap_inode_need_killpriv(struct dentry *dentry);
61extern int cap_inode_killpriv(struct dentry *dentry); 66extern int cap_inode_killpriv(struct dentry *dentry);
62extern int cap_task_post_setuid(uid_t old_ruid, uid_t old_euid, uid_t old_suid, int flags); 67extern int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags);
63extern void cap_task_reparent_to_init(struct task_struct *p);
64extern int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3, 68extern int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3,
65 unsigned long arg4, unsigned long arg5, long *rc_p); 69 unsigned long arg4, unsigned long arg5);
66extern int cap_task_setscheduler(struct task_struct *p, int policy, struct sched_param *lp); 70extern int cap_task_setscheduler(struct task_struct *p, int policy, struct sched_param *lp);
67extern int cap_task_setioprio(struct task_struct *p, int ioprio); 71extern int cap_task_setioprio(struct task_struct *p, int ioprio);
68extern int cap_task_setnice(struct task_struct *p, int nice); 72extern int cap_task_setnice(struct task_struct *p, int nice);
@@ -105,7 +109,7 @@ extern unsigned long mmap_min_addr;
105struct sched_param; 109struct sched_param;
106struct request_sock; 110struct request_sock;
107 111
108/* bprm_apply_creds unsafe reasons */ 112/* bprm->unsafe reasons */
109#define LSM_UNSAFE_SHARE 1 113#define LSM_UNSAFE_SHARE 1
110#define LSM_UNSAFE_PTRACE 2 114#define LSM_UNSAFE_PTRACE 2
111#define LSM_UNSAFE_PTRACE_CAP 4 115#define LSM_UNSAFE_PTRACE_CAP 4
@@ -149,36 +153,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
149 * 153 *
150 * Security hooks for program execution operations. 154 * Security hooks for program execution operations.
151 * 155 *
152 * @bprm_alloc_security: 156 * @bprm_set_creds:
153 * Allocate and attach a security structure to the @bprm->security field.
154 * The security field is initialized to NULL when the bprm structure is
155 * allocated.
156 * @bprm contains the linux_binprm structure to be modified.
157 * Return 0 if operation was successful.
158 * @bprm_free_security:
159 * @bprm contains the linux_binprm structure to be modified.
160 * Deallocate and clear the @bprm->security field.
161 * @bprm_apply_creds:
162 * Compute and set the security attributes of a process being transformed
163 * by an execve operation based on the old attributes (current->security)
164 * and the information saved in @bprm->security by the set_security hook.
165 * Since this hook function (and its caller) are void, this hook can not
166 * return an error. However, it can leave the security attributes of the
167 * process unchanged if an access failure occurs at this point.
168 * bprm_apply_creds is called under task_lock. @unsafe indicates various
169 * reasons why it may be unsafe to change security state.
170 * @bprm contains the linux_binprm structure.
171 * @bprm_post_apply_creds:
172 * Runs after bprm_apply_creds with the task_lock dropped, so that
173 * functions which cannot be called safely under the task_lock can
174 * be used. This hook is a good place to perform state changes on
175 * the process such as closing open file descriptors to which access
176 * is no longer granted if the attributes were changed.
177 * Note that a security module might need to save state between
178 * bprm_apply_creds and bprm_post_apply_creds to store the decision
179 * on whether the process may proceed.
180 * @bprm contains the linux_binprm structure.
181 * @bprm_set_security:
182 * Save security information in the bprm->security field, typically based 157 * Save security information in the bprm->security field, typically based
183 * on information about the bprm->file, for later use by the apply_creds 158 * on information about the bprm->file, for later use by the apply_creds
184 * hook. This hook may also optionally check permissions (e.g. for 159 * hook. This hook may also optionally check permissions (e.g. for
@@ -191,15 +166,30 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
191 * @bprm contains the linux_binprm structure. 166 * @bprm contains the linux_binprm structure.
192 * Return 0 if the hook is successful and permission is granted. 167 * Return 0 if the hook is successful and permission is granted.
193 * @bprm_check_security: 168 * @bprm_check_security:
194 * This hook mediates the point when a search for a binary handler will 169 * This hook mediates the point when a search for a binary handler will
195 * begin. It allows a check the @bprm->security value which is set in 170 * begin. It allows a check the @bprm->security value which is set in the
196 * the preceding set_security call. The primary difference from 171 * preceding set_creds call. The primary difference from set_creds is
197 * set_security is that the argv list and envp list are reliably 172 * that the argv list and envp list are reliably available in @bprm. This
198 * available in @bprm. This hook may be called multiple times 173 * hook may be called multiple times during a single execve; and in each
199 * during a single execve; and in each pass set_security is called 174 * pass set_creds is called first.
200 * first.
201 * @bprm contains the linux_binprm structure. 175 * @bprm contains the linux_binprm structure.
202 * Return 0 if the hook is successful and permission is granted. 176 * Return 0 if the hook is successful and permission is granted.
177 * @bprm_committing_creds:
178 * Prepare to install the new security attributes of a process being
179 * transformed by an execve operation, based on the old credentials
180 * pointed to by @current->cred and the information set in @bprm->cred by
181 * the bprm_set_creds hook. @bprm points to the linux_binprm structure.
182 * This hook is a good place to perform state changes on the process such
183 * as closing open file descriptors to which access will no longer be
184 * granted when the attributes are changed. This is called immediately
185 * before commit_creds().
186 * @bprm_committed_creds:
187 * Tidy up after the installation of the new security attributes of a
188 * process being transformed by an execve operation. The new credentials
189 * have, by this point, been set to @current->cred. @bprm points to the
190 * linux_binprm structure. This hook is a good place to perform state
191 * changes on the process such as clearing out non-inheritable signal
192 * state. This is called immediately after commit_creds().
203 * @bprm_secureexec: 193 * @bprm_secureexec:
204 * Return a boolean value (0 or 1) indicating whether a "secure exec" 194 * Return a boolean value (0 or 1) indicating whether a "secure exec"
205 * is required. The flag is passed in the auxiliary table 195 * is required. The flag is passed in the auxiliary table
@@ -585,15 +575,31 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
585 * manual page for definitions of the @clone_flags. 575 * manual page for definitions of the @clone_flags.
586 * @clone_flags contains the flags indicating what should be shared. 576 * @clone_flags contains the flags indicating what should be shared.
587 * Return 0 if permission is granted. 577 * Return 0 if permission is granted.
588 * @task_alloc_security: 578 * @cred_free:
589 * @p contains the task_struct for child process. 579 * @cred points to the credentials.
590 * Allocate and attach a security structure to the p->security field. The 580 * Deallocate and clear the cred->security field in a set of credentials.
591 * security field is initialized to NULL when the task structure is 581 * @cred_prepare:
592 * allocated. 582 * @new points to the new credentials.
593 * Return 0 if operation was successful. 583 * @old points to the original credentials.
594 * @task_free_security: 584 * @gfp indicates the atomicity of any memory allocations.
595 * @p contains the task_struct for process. 585 * Prepare a new set of credentials by copying the data from the old set.
596 * Deallocate and clear the p->security field. 586 * @cred_commit:
587 * @new points to the new credentials.
588 * @old points to the original credentials.
589 * Install a new set of credentials.
590 * @kernel_act_as:
591 * Set the credentials for a kernel service to act as (subjective context).
592 * @new points to the credentials to be modified.
593 * @secid specifies the security ID to be set
594 * The current task must be the one that nominated @secid.
595 * Return 0 if successful.
596 * @kernel_create_files_as:
597 * Set the file creation context in a set of credentials to be the same as
598 * the objective context of the specified inode.
599 * @new points to the credentials to be modified.
600 * @inode points to the inode to use as a reference.
601 * The current task must be the one that nominated @inode.
602 * Return 0 if successful.
597 * @task_setuid: 603 * @task_setuid:
598 * Check permission before setting one or more of the user identity 604 * Check permission before setting one or more of the user identity
599 * attributes of the current process. The @flags parameter indicates 605 * attributes of the current process. The @flags parameter indicates
@@ -606,15 +612,13 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
606 * @id2 contains a uid. 612 * @id2 contains a uid.
607 * @flags contains one of the LSM_SETID_* values. 613 * @flags contains one of the LSM_SETID_* values.
608 * Return 0 if permission is granted. 614 * Return 0 if permission is granted.
609 * @task_post_setuid: 615 * @task_fix_setuid:
610 * Update the module's state after setting one or more of the user 616 * Update the module's state after setting one or more of the user
611 * identity attributes of the current process. The @flags parameter 617 * identity attributes of the current process. The @flags parameter
612 * indicates which of the set*uid system calls invoked this hook. If 618 * indicates which of the set*uid system calls invoked this hook. If
613 * @flags is LSM_SETID_FS, then @old_ruid is the old fs uid and the other 619 * @new is the set of credentials that will be installed. Modifications
614 * parameters are not used. 620 * should be made to this rather than to @current->cred.
615 * @old_ruid contains the old real uid (or fs uid if LSM_SETID_FS). 621 * @old is the set of credentials that are being replaces
616 * @old_euid contains the old effective uid (or -1 if LSM_SETID_FS).
617 * @old_suid contains the old saved uid (or -1 if LSM_SETID_FS).
618 * @flags contains one of the LSM_SETID_* values. 622 * @flags contains one of the LSM_SETID_* values.
619 * Return 0 on success. 623 * Return 0 on success.
620 * @task_setgid: 624 * @task_setgid:
@@ -717,13 +721,8 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
717 * @arg3 contains a argument. 721 * @arg3 contains a argument.
718 * @arg4 contains a argument. 722 * @arg4 contains a argument.
719 * @arg5 contains a argument. 723 * @arg5 contains a argument.
720 * @rc_p contains a pointer to communicate back the forced return code 724 * Return -ENOSYS if no-one wanted to handle this op, any other value to
721 * Return 0 if permission is granted, and non-zero if the security module 725 * cause prctl() to return immediately with that value.
722 * has taken responsibility (setting *rc_p) for the prctl call.
723 * @task_reparent_to_init:
724 * Set the security attributes in @p->security for a kernel thread that
725 * is being reparented to the init task.
726 * @p contains the task_struct for the kernel thread.
727 * @task_to_inode: 726 * @task_to_inode:
728 * Set the security attributes for an inode based on an associated task's 727 * Set the security attributes for an inode based on an associated task's
729 * security attributes, e.g. for /proc/pid inodes. 728 * security attributes, e.g. for /proc/pid inodes.
@@ -1000,7 +999,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1000 * See whether a specific operational right is granted to a process on a 999 * See whether a specific operational right is granted to a process on a
1001 * key. 1000 * key.
1002 * @key_ref refers to the key (key pointer + possession attribute bit). 1001 * @key_ref refers to the key (key pointer + possession attribute bit).
1003 * @context points to the process to provide the context against which to 1002 * @cred points to the credentials to provide the context against which to
1004 * evaluate the security data on the key. 1003 * evaluate the security data on the key.
1005 * @perm describes the combination of permissions required of this key. 1004 * @perm describes the combination of permissions required of this key.
1006 * Return 1 if permission granted, 0 if permission denied and -ve it the 1005 * Return 1 if permission granted, 0 if permission denied and -ve it the
@@ -1162,6 +1161,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1162 * @child process. 1161 * @child process.
1163 * Security modules may also want to perform a process tracing check 1162 * Security modules may also want to perform a process tracing check
1164 * during an execve in the set_security or apply_creds hooks of 1163 * during an execve in the set_security or apply_creds hooks of
1164 * tracing check during an execve in the bprm_set_creds hook of
1165 * binprm_security_ops if the process is being traced and its security 1165 * binprm_security_ops if the process is being traced and its security
1166 * attributes would be changed by the execve. 1166 * attributes would be changed by the execve.
1167 * @child contains the task_struct structure for the target process. 1167 * @child contains the task_struct structure for the target process.
@@ -1185,29 +1185,15 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1185 * @inheritable contains the inheritable capability set. 1185 * @inheritable contains the inheritable capability set.
1186 * @permitted contains the permitted capability set. 1186 * @permitted contains the permitted capability set.
1187 * Return 0 if the capability sets were successfully obtained. 1187 * Return 0 if the capability sets were successfully obtained.
1188 * @capset_check: 1188 * @capset:
1189 * Check permission before setting the @effective, @inheritable, and
1190 * @permitted capability sets for the @target process.
1191 * Caveat: @target is also set to current if a set of processes is
1192 * specified (i.e. all processes other than current and init or a
1193 * particular process group). Hence, the capset_set hook may need to
1194 * revalidate permission to the actual target process.
1195 * @target contains the task_struct structure for target process.
1196 * @effective contains the effective capability set.
1197 * @inheritable contains the inheritable capability set.
1198 * @permitted contains the permitted capability set.
1199 * Return 0 if permission is granted.
1200 * @capset_set:
1201 * Set the @effective, @inheritable, and @permitted capability sets for 1189 * Set the @effective, @inheritable, and @permitted capability sets for
1202 * the @target process. Since capset_check cannot always check permission 1190 * the current process.
1203 * to the real @target process, this hook may also perform permission 1191 * @new contains the new credentials structure for target process.
1204 * checking to determine if the current process is allowed to set the 1192 * @old contains the current credentials structure for target process.
1205 * capability sets of the @target process. However, this hook has no way
1206 * of returning an error due to the structure of the sys_capset code.
1207 * @target contains the task_struct structure for target process.
1208 * @effective contains the effective capability set. 1193 * @effective contains the effective capability set.
1209 * @inheritable contains the inheritable capability set. 1194 * @inheritable contains the inheritable capability set.
1210 * @permitted contains the permitted capability set. 1195 * @permitted contains the permitted capability set.
1196 * Return 0 and update @new if permission is granted.
1211 * @capable: 1197 * @capable:
1212 * Check whether the @tsk process has the @cap capability. 1198 * Check whether the @tsk process has the @cap capability.
1213 * @tsk contains the task_struct for the process. 1199 * @tsk contains the task_struct for the process.
@@ -1299,15 +1285,12 @@ struct security_operations {
1299 int (*capget) (struct task_struct *target, 1285 int (*capget) (struct task_struct *target,
1300 kernel_cap_t *effective, 1286 kernel_cap_t *effective,
1301 kernel_cap_t *inheritable, kernel_cap_t *permitted); 1287 kernel_cap_t *inheritable, kernel_cap_t *permitted);
1302 int (*capset_check) (struct task_struct *target, 1288 int (*capset) (struct cred *new,
1303 kernel_cap_t *effective, 1289 const struct cred *old,
1304 kernel_cap_t *inheritable, 1290 const kernel_cap_t *effective,
1305 kernel_cap_t *permitted); 1291 const kernel_cap_t *inheritable,
1306 void (*capset_set) (struct task_struct *target, 1292 const kernel_cap_t *permitted);
1307 kernel_cap_t *effective, 1293 int (*capable) (struct task_struct *tsk, int cap, int audit);
1308 kernel_cap_t *inheritable,
1309 kernel_cap_t *permitted);
1310 int (*capable) (struct task_struct *tsk, int cap);
1311 int (*acct) (struct file *file); 1294 int (*acct) (struct file *file);
1312 int (*sysctl) (struct ctl_table *table, int op); 1295 int (*sysctl) (struct ctl_table *table, int op);
1313 int (*quotactl) (int cmds, int type, int id, struct super_block *sb); 1296 int (*quotactl) (int cmds, int type, int id, struct super_block *sb);
@@ -1316,18 +1299,16 @@ struct security_operations {
1316 int (*settime) (struct timespec *ts, struct timezone *tz); 1299 int (*settime) (struct timespec *ts, struct timezone *tz);
1317 int (*vm_enough_memory) (struct mm_struct *mm, long pages); 1300 int (*vm_enough_memory) (struct mm_struct *mm, long pages);
1318 1301
1319 int (*bprm_alloc_security) (struct linux_binprm *bprm); 1302 int (*bprm_set_creds) (struct linux_binprm *bprm);
1320 void (*bprm_free_security) (struct linux_binprm *bprm);
1321 void (*bprm_apply_creds) (struct linux_binprm *bprm, int unsafe);
1322 void (*bprm_post_apply_creds) (struct linux_binprm *bprm);
1323 int (*bprm_set_security) (struct linux_binprm *bprm);
1324 int (*bprm_check_security) (struct linux_binprm *bprm); 1303 int (*bprm_check_security) (struct linux_binprm *bprm);
1325 int (*bprm_secureexec) (struct linux_binprm *bprm); 1304 int (*bprm_secureexec) (struct linux_binprm *bprm);
1305 void (*bprm_committing_creds) (struct linux_binprm *bprm);
1306 void (*bprm_committed_creds) (struct linux_binprm *bprm);
1326 1307
1327 int (*sb_alloc_security) (struct super_block *sb); 1308 int (*sb_alloc_security) (struct super_block *sb);
1328 void (*sb_free_security) (struct super_block *sb); 1309 void (*sb_free_security) (struct super_block *sb);
1329 int (*sb_copy_data) (char *orig, char *copy); 1310 int (*sb_copy_data) (char *orig, char *copy);
1330 int (*sb_kern_mount) (struct super_block *sb, void *data); 1311 int (*sb_kern_mount) (struct super_block *sb, int flags, void *data);
1331 int (*sb_show_options) (struct seq_file *m, struct super_block *sb); 1312 int (*sb_show_options) (struct seq_file *m, struct super_block *sb);
1332 int (*sb_statfs) (struct dentry *dentry); 1313 int (*sb_statfs) (struct dentry *dentry);
1333 int (*sb_mount) (char *dev_name, struct path *path, 1314 int (*sb_mount) (char *dev_name, struct path *path,
@@ -1406,14 +1387,18 @@ struct security_operations {
1406 int (*file_send_sigiotask) (struct task_struct *tsk, 1387 int (*file_send_sigiotask) (struct task_struct *tsk,
1407 struct fown_struct *fown, int sig); 1388 struct fown_struct *fown, int sig);
1408 int (*file_receive) (struct file *file); 1389 int (*file_receive) (struct file *file);
1409 int (*dentry_open) (struct file *file); 1390 int (*dentry_open) (struct file *file, const struct cred *cred);
1410 1391
1411 int (*task_create) (unsigned long clone_flags); 1392 int (*task_create) (unsigned long clone_flags);
1412 int (*task_alloc_security) (struct task_struct *p); 1393 void (*cred_free) (struct cred *cred);
1413 void (*task_free_security) (struct task_struct *p); 1394 int (*cred_prepare)(struct cred *new, const struct cred *old,
1395 gfp_t gfp);
1396 void (*cred_commit)(struct cred *new, const struct cred *old);
1397 int (*kernel_act_as)(struct cred *new, u32 secid);
1398 int (*kernel_create_files_as)(struct cred *new, struct inode *inode);
1414 int (*task_setuid) (uid_t id0, uid_t id1, uid_t id2, int flags); 1399 int (*task_setuid) (uid_t id0, uid_t id1, uid_t id2, int flags);
1415 int (*task_post_setuid) (uid_t old_ruid /* or fsuid */ , 1400 int (*task_fix_setuid) (struct cred *new, const struct cred *old,
1416 uid_t old_euid, uid_t old_suid, int flags); 1401 int flags);
1417 int (*task_setgid) (gid_t id0, gid_t id1, gid_t id2, int flags); 1402 int (*task_setgid) (gid_t id0, gid_t id1, gid_t id2, int flags);
1418 int (*task_setpgid) (struct task_struct *p, pid_t pgid); 1403 int (*task_setpgid) (struct task_struct *p, pid_t pgid);
1419 int (*task_getpgid) (struct task_struct *p); 1404 int (*task_getpgid) (struct task_struct *p);
@@ -1433,8 +1418,7 @@ struct security_operations {
1433 int (*task_wait) (struct task_struct *p); 1418 int (*task_wait) (struct task_struct *p);
1434 int (*task_prctl) (int option, unsigned long arg2, 1419 int (*task_prctl) (int option, unsigned long arg2,
1435 unsigned long arg3, unsigned long arg4, 1420 unsigned long arg3, unsigned long arg4,
1436 unsigned long arg5, long *rc_p); 1421 unsigned long arg5);
1437 void (*task_reparent_to_init) (struct task_struct *p);
1438 void (*task_to_inode) (struct task_struct *p, struct inode *inode); 1422 void (*task_to_inode) (struct task_struct *p, struct inode *inode);
1439 1423
1440 int (*ipc_permission) (struct kern_ipc_perm *ipcp, short flag); 1424 int (*ipc_permission) (struct kern_ipc_perm *ipcp, short flag);
@@ -1539,10 +1523,10 @@ struct security_operations {
1539 1523
1540 /* key management security hooks */ 1524 /* key management security hooks */
1541#ifdef CONFIG_KEYS 1525#ifdef CONFIG_KEYS
1542 int (*key_alloc) (struct key *key, struct task_struct *tsk, unsigned long flags); 1526 int (*key_alloc) (struct key *key, const struct cred *cred, unsigned long flags);
1543 void (*key_free) (struct key *key); 1527 void (*key_free) (struct key *key);
1544 int (*key_permission) (key_ref_t key_ref, 1528 int (*key_permission) (key_ref_t key_ref,
1545 struct task_struct *context, 1529 const struct cred *cred,
1546 key_perm_t perm); 1530 key_perm_t perm);
1547 int (*key_getsecurity)(struct key *key, char **_buffer); 1531 int (*key_getsecurity)(struct key *key, char **_buffer);
1548#endif /* CONFIG_KEYS */ 1532#endif /* CONFIG_KEYS */
@@ -1568,15 +1552,12 @@ int security_capget(struct task_struct *target,
1568 kernel_cap_t *effective, 1552 kernel_cap_t *effective,
1569 kernel_cap_t *inheritable, 1553 kernel_cap_t *inheritable,
1570 kernel_cap_t *permitted); 1554 kernel_cap_t *permitted);
1571int security_capset_check(struct task_struct *target, 1555int security_capset(struct cred *new, const struct cred *old,
1572 kernel_cap_t *effective, 1556 const kernel_cap_t *effective,
1573 kernel_cap_t *inheritable, 1557 const kernel_cap_t *inheritable,
1574 kernel_cap_t *permitted); 1558 const kernel_cap_t *permitted);
1575void security_capset_set(struct task_struct *target,
1576 kernel_cap_t *effective,
1577 kernel_cap_t *inheritable,
1578 kernel_cap_t *permitted);
1579int security_capable(struct task_struct *tsk, int cap); 1559int security_capable(struct task_struct *tsk, int cap);
1560int security_capable_noaudit(struct task_struct *tsk, int cap);
1580int security_acct(struct file *file); 1561int security_acct(struct file *file);
1581int security_sysctl(struct ctl_table *table, int op); 1562int security_sysctl(struct ctl_table *table, int op);
1582int security_quotactl(int cmds, int type, int id, struct super_block *sb); 1563int security_quotactl(int cmds, int type, int id, struct super_block *sb);
@@ -1586,17 +1567,15 @@ int security_settime(struct timespec *ts, struct timezone *tz);
1586int security_vm_enough_memory(long pages); 1567int security_vm_enough_memory(long pages);
1587int security_vm_enough_memory_mm(struct mm_struct *mm, long pages); 1568int security_vm_enough_memory_mm(struct mm_struct *mm, long pages);
1588int security_vm_enough_memory_kern(long pages); 1569int security_vm_enough_memory_kern(long pages);
1589int security_bprm_alloc(struct linux_binprm *bprm); 1570int security_bprm_set_creds(struct linux_binprm *bprm);
1590void security_bprm_free(struct linux_binprm *bprm);
1591void security_bprm_apply_creds(struct linux_binprm *bprm, int unsafe);
1592void security_bprm_post_apply_creds(struct linux_binprm *bprm);
1593int security_bprm_set(struct linux_binprm *bprm);
1594int security_bprm_check(struct linux_binprm *bprm); 1571int security_bprm_check(struct linux_binprm *bprm);
1572void security_bprm_committing_creds(struct linux_binprm *bprm);
1573void security_bprm_committed_creds(struct linux_binprm *bprm);
1595int security_bprm_secureexec(struct linux_binprm *bprm); 1574int security_bprm_secureexec(struct linux_binprm *bprm);
1596int security_sb_alloc(struct super_block *sb); 1575int security_sb_alloc(struct super_block *sb);
1597void security_sb_free(struct super_block *sb); 1576void security_sb_free(struct super_block *sb);
1598int security_sb_copy_data(char *orig, char *copy); 1577int security_sb_copy_data(char *orig, char *copy);
1599int security_sb_kern_mount(struct super_block *sb, void *data); 1578int security_sb_kern_mount(struct super_block *sb, int flags, void *data);
1600int security_sb_show_options(struct seq_file *m, struct super_block *sb); 1579int security_sb_show_options(struct seq_file *m, struct super_block *sb);
1601int security_sb_statfs(struct dentry *dentry); 1580int security_sb_statfs(struct dentry *dentry);
1602int security_sb_mount(char *dev_name, struct path *path, 1581int security_sb_mount(char *dev_name, struct path *path,
@@ -1663,13 +1642,16 @@ int security_file_set_fowner(struct file *file);
1663int security_file_send_sigiotask(struct task_struct *tsk, 1642int security_file_send_sigiotask(struct task_struct *tsk,
1664 struct fown_struct *fown, int sig); 1643 struct fown_struct *fown, int sig);
1665int security_file_receive(struct file *file); 1644int security_file_receive(struct file *file);
1666int security_dentry_open(struct file *file); 1645int security_dentry_open(struct file *file, const struct cred *cred);
1667int security_task_create(unsigned long clone_flags); 1646int security_task_create(unsigned long clone_flags);
1668int security_task_alloc(struct task_struct *p); 1647void security_cred_free(struct cred *cred);
1669void security_task_free(struct task_struct *p); 1648int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp);
1649void security_commit_creds(struct cred *new, const struct cred *old);
1650int security_kernel_act_as(struct cred *new, u32 secid);
1651int security_kernel_create_files_as(struct cred *new, struct inode *inode);
1670int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags); 1652int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags);
1671int security_task_post_setuid(uid_t old_ruid, uid_t old_euid, 1653int security_task_fix_setuid(struct cred *new, const struct cred *old,
1672 uid_t old_suid, int flags); 1654 int flags);
1673int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags); 1655int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags);
1674int security_task_setpgid(struct task_struct *p, pid_t pgid); 1656int security_task_setpgid(struct task_struct *p, pid_t pgid);
1675int security_task_getpgid(struct task_struct *p); 1657int security_task_getpgid(struct task_struct *p);
@@ -1688,8 +1670,7 @@ int security_task_kill(struct task_struct *p, struct siginfo *info,
1688 int sig, u32 secid); 1670 int sig, u32 secid);
1689int security_task_wait(struct task_struct *p); 1671int security_task_wait(struct task_struct *p);
1690int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, 1672int security_task_prctl(int option, unsigned long arg2, unsigned long arg3,
1691 unsigned long arg4, unsigned long arg5, long *rc_p); 1673 unsigned long arg4, unsigned long arg5);
1692void security_task_reparent_to_init(struct task_struct *p);
1693void security_task_to_inode(struct task_struct *p, struct inode *inode); 1674void security_task_to_inode(struct task_struct *p, struct inode *inode);
1694int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag); 1675int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag);
1695void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid); 1676void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid);
@@ -1764,25 +1745,23 @@ static inline int security_capget(struct task_struct *target,
1764 return cap_capget(target, effective, inheritable, permitted); 1745 return cap_capget(target, effective, inheritable, permitted);
1765} 1746}
1766 1747
1767static inline int security_capset_check(struct task_struct *target, 1748static inline int security_capset(struct cred *new,
1768 kernel_cap_t *effective, 1749 const struct cred *old,
1769 kernel_cap_t *inheritable, 1750 const kernel_cap_t *effective,
1770 kernel_cap_t *permitted) 1751 const kernel_cap_t *inheritable,
1752 const kernel_cap_t *permitted)
1771{ 1753{
1772 return cap_capset_check(target, effective, inheritable, permitted); 1754 return cap_capset(new, old, effective, inheritable, permitted);
1773} 1755}
1774 1756
1775static inline void security_capset_set(struct task_struct *target, 1757static inline int security_capable(struct task_struct *tsk, int cap)
1776 kernel_cap_t *effective,
1777 kernel_cap_t *inheritable,
1778 kernel_cap_t *permitted)
1779{ 1758{
1780 cap_capset_set(target, effective, inheritable, permitted); 1759 return cap_capable(tsk, cap, SECURITY_CAP_AUDIT);
1781} 1760}
1782 1761
1783static inline int security_capable(struct task_struct *tsk, int cap) 1762static inline int security_capable_noaudit(struct task_struct *tsk, int cap)
1784{ 1763{
1785 return cap_capable(tsk, cap); 1764 return cap_capable(tsk, cap, SECURITY_CAP_NOAUDIT);
1786} 1765}
1787 1766
1788static inline int security_acct(struct file *file) 1767static inline int security_acct(struct file *file)
@@ -1835,32 +1814,22 @@ static inline int security_vm_enough_memory_kern(long pages)
1835 return cap_vm_enough_memory(current->mm, pages); 1814 return cap_vm_enough_memory(current->mm, pages);
1836} 1815}
1837 1816
1838static inline int security_bprm_alloc(struct linux_binprm *bprm) 1817static inline int security_bprm_set_creds(struct linux_binprm *bprm)
1839{
1840 return 0;
1841}
1842
1843static inline void security_bprm_free(struct linux_binprm *bprm)
1844{ }
1845
1846static inline void security_bprm_apply_creds(struct linux_binprm *bprm, int unsafe)
1847{ 1818{
1848 cap_bprm_apply_creds(bprm, unsafe); 1819 return cap_bprm_set_creds(bprm);
1849} 1820}
1850 1821
1851static inline void security_bprm_post_apply_creds(struct linux_binprm *bprm) 1822static inline int security_bprm_check(struct linux_binprm *bprm)
1852{ 1823{
1853 return; 1824 return 0;
1854} 1825}
1855 1826
1856static inline int security_bprm_set(struct linux_binprm *bprm) 1827static inline void security_bprm_committing_creds(struct linux_binprm *bprm)
1857{ 1828{
1858 return cap_bprm_set_security(bprm);
1859} 1829}
1860 1830
1861static inline int security_bprm_check(struct linux_binprm *bprm) 1831static inline void security_bprm_committed_creds(struct linux_binprm *bprm)
1862{ 1832{
1863 return 0;
1864} 1833}
1865 1834
1866static inline int security_bprm_secureexec(struct linux_binprm *bprm) 1835static inline int security_bprm_secureexec(struct linux_binprm *bprm)
@@ -1881,7 +1850,7 @@ static inline int security_sb_copy_data(char *orig, char *copy)
1881 return 0; 1850 return 0;
1882} 1851}
1883 1852
1884static inline int security_sb_kern_mount(struct super_block *sb, void *data) 1853static inline int security_sb_kern_mount(struct super_block *sb, int flags, void *data)
1885{ 1854{
1886 return 0; 1855 return 0;
1887} 1856}
@@ -2177,7 +2146,8 @@ static inline int security_file_receive(struct file *file)
2177 return 0; 2146 return 0;
2178} 2147}
2179 2148
2180static inline int security_dentry_open(struct file *file) 2149static inline int security_dentry_open(struct file *file,
2150 const struct cred *cred)
2181{ 2151{
2182 return 0; 2152 return 0;
2183} 2153}
@@ -2187,13 +2157,31 @@ static inline int security_task_create(unsigned long clone_flags)
2187 return 0; 2157 return 0;
2188} 2158}
2189 2159
2190static inline int security_task_alloc(struct task_struct *p) 2160static inline void security_cred_free(struct cred *cred)
2161{ }
2162
2163static inline int security_prepare_creds(struct cred *new,
2164 const struct cred *old,
2165 gfp_t gfp)
2191{ 2166{
2192 return 0; 2167 return 0;
2193} 2168}
2194 2169
2195static inline void security_task_free(struct task_struct *p) 2170static inline void security_commit_creds(struct cred *new,
2196{ } 2171 const struct cred *old)
2172{
2173}
2174
2175static inline int security_kernel_act_as(struct cred *cred, u32 secid)
2176{
2177 return 0;
2178}
2179
2180static inline int security_kernel_create_files_as(struct cred *cred,
2181 struct inode *inode)
2182{
2183 return 0;
2184}
2197 2185
2198static inline int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, 2186static inline int security_task_setuid(uid_t id0, uid_t id1, uid_t id2,
2199 int flags) 2187 int flags)
@@ -2201,10 +2189,11 @@ static inline int security_task_setuid(uid_t id0, uid_t id1, uid_t id2,
2201 return 0; 2189 return 0;
2202} 2190}
2203 2191
2204static inline int security_task_post_setuid(uid_t old_ruid, uid_t old_euid, 2192static inline int security_task_fix_setuid(struct cred *new,
2205 uid_t old_suid, int flags) 2193 const struct cred *old,
2194 int flags)
2206{ 2195{
2207 return cap_task_post_setuid(old_ruid, old_euid, old_suid, flags); 2196 return cap_task_fix_setuid(new, old, flags);
2208} 2197}
2209 2198
2210static inline int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, 2199static inline int security_task_setgid(gid_t id0, gid_t id1, gid_t id2,
@@ -2291,14 +2280,9 @@ static inline int security_task_wait(struct task_struct *p)
2291static inline int security_task_prctl(int option, unsigned long arg2, 2280static inline int security_task_prctl(int option, unsigned long arg2,
2292 unsigned long arg3, 2281 unsigned long arg3,
2293 unsigned long arg4, 2282 unsigned long arg4,
2294 unsigned long arg5, long *rc_p) 2283 unsigned long arg5)
2295{
2296 return cap_task_prctl(option, arg2, arg3, arg3, arg5, rc_p);
2297}
2298
2299static inline void security_task_reparent_to_init(struct task_struct *p)
2300{ 2284{
2301 cap_task_reparent_to_init(p); 2285 return cap_task_prctl(option, arg2, arg3, arg3, arg5);
2302} 2286}
2303 2287
2304static inline void security_task_to_inode(struct task_struct *p, struct inode *inode) 2288static inline void security_task_to_inode(struct task_struct *p, struct inode *inode)
@@ -2724,16 +2708,16 @@ static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi
2724#ifdef CONFIG_KEYS 2708#ifdef CONFIG_KEYS
2725#ifdef CONFIG_SECURITY 2709#ifdef CONFIG_SECURITY
2726 2710
2727int security_key_alloc(struct key *key, struct task_struct *tsk, unsigned long flags); 2711int security_key_alloc(struct key *key, const struct cred *cred, unsigned long flags);
2728void security_key_free(struct key *key); 2712void security_key_free(struct key *key);
2729int security_key_permission(key_ref_t key_ref, 2713int security_key_permission(key_ref_t key_ref,
2730 struct task_struct *context, key_perm_t perm); 2714 const struct cred *cred, key_perm_t perm);
2731int security_key_getsecurity(struct key *key, char **_buffer); 2715int security_key_getsecurity(struct key *key, char **_buffer);
2732 2716
2733#else 2717#else
2734 2718
2735static inline int security_key_alloc(struct key *key, 2719static inline int security_key_alloc(struct key *key,
2736 struct task_struct *tsk, 2720 const struct cred *cred,
2737 unsigned long flags) 2721 unsigned long flags)
2738{ 2722{
2739 return 0; 2723 return 0;
@@ -2744,7 +2728,7 @@ static inline void security_key_free(struct key *key)
2744} 2728}
2745 2729
2746static inline int security_key_permission(key_ref_t key_ref, 2730static inline int security_key_permission(key_ref_t key_ref,
2747 struct task_struct *context, 2731 const struct cred *cred,
2748 key_perm_t perm) 2732 key_perm_t perm)
2749{ 2733{
2750 return 0; 2734 return 0;