diff options
| author | Russell King <rmk+kernel@arm.linux.org.uk> | 2013-02-04 09:51:49 -0500 |
|---|---|---|
| committer | Russell King <rmk+kernel@arm.linux.org.uk> | 2013-02-04 09:51:49 -0500 |
| commit | 2fb20e2e35cd1455d022ab7a553d7f1663ffbdeb (patch) | |
| tree | 4b3bb0f76c15264fe7d4cced91127f3d96ff31f5 /include/linux/security.h | |
| parent | 9cb543124a2d31af42ce61a4c30765ecc8e5f1fa (diff) | |
| parent | 5b91ab0abc957145c3ff6be03eb9a3901797019f (diff) | |
Merge branch 'for-rmk/broadcast' of git://git.kernel.org/pub/scm/linux/kernel/git/will/linux into devel-stable
Diffstat (limited to 'include/linux/security.h')
| -rw-r--r-- | include/linux/security.h | 59 |
1 files changed, 46 insertions, 13 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index 0f6afc657f77..eee7478cda70 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
| @@ -989,17 +989,29 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |||
| 989 | * tells the LSM to decrement the number of secmark labeling rules loaded | 989 | * tells the LSM to decrement the number of secmark labeling rules loaded |
| 990 | * @req_classify_flow: | 990 | * @req_classify_flow: |
| 991 | * Sets the flow's sid to the openreq sid. | 991 | * Sets the flow's sid to the openreq sid. |
| 992 | * @tun_dev_alloc_security: | ||
| 993 | * This hook allows a module to allocate a security structure for a TUN | ||
| 994 | * device. | ||
| 995 | * @security pointer to a security structure pointer. | ||
| 996 | * Returns a zero on success, negative values on failure. | ||
| 997 | * @tun_dev_free_security: | ||
| 998 | * This hook allows a module to free the security structure for a TUN | ||
| 999 | * device. | ||
| 1000 | * @security pointer to the TUN device's security structure | ||
| 992 | * @tun_dev_create: | 1001 | * @tun_dev_create: |
| 993 | * Check permissions prior to creating a new TUN device. | 1002 | * Check permissions prior to creating a new TUN device. |
| 994 | * @tun_dev_post_create: | 1003 | * @tun_dev_attach_queue: |
| 995 | * This hook allows a module to update or allocate a per-socket security | 1004 | * Check permissions prior to attaching to a TUN device queue. |
| 996 | * structure. | 1005 | * @security pointer to the TUN device's security structure. |
| 997 | * @sk contains the newly created sock structure. | ||
| 998 | * @tun_dev_attach: | 1006 | * @tun_dev_attach: |
| 999 | * Check permissions prior to attaching to a persistent TUN device. This | 1007 | * This hook can be used by the module to update any security state |
| 1000 | * hook can also be used by the module to update any security state | ||
| 1001 | * associated with the TUN device's sock structure. | 1008 | * associated with the TUN device's sock structure. |
| 1002 | * @sk contains the existing sock structure. | 1009 | * @sk contains the existing sock structure. |
| 1010 | * @security pointer to the TUN device's security structure. | ||
| 1011 | * @tun_dev_open: | ||
| 1012 | * This hook can be used by the module to update any security state | ||
| 1013 | * associated with the TUN device's security structure. | ||
| 1014 | * @security pointer to the TUN devices's security structure. | ||
| 1003 | * | 1015 | * |
| 1004 | * Security hooks for XFRM operations. | 1016 | * Security hooks for XFRM operations. |
| 1005 | * | 1017 | * |
| @@ -1620,9 +1632,12 @@ struct security_operations { | |||
| 1620 | void (*secmark_refcount_inc) (void); | 1632 | void (*secmark_refcount_inc) (void); |
| 1621 | void (*secmark_refcount_dec) (void); | 1633 | void (*secmark_refcount_dec) (void); |
| 1622 | void (*req_classify_flow) (const struct request_sock *req, struct flowi *fl); | 1634 | void (*req_classify_flow) (const struct request_sock *req, struct flowi *fl); |
| 1623 | int (*tun_dev_create)(void); | 1635 | int (*tun_dev_alloc_security) (void **security); |
| 1624 | void (*tun_dev_post_create)(struct sock *sk); | 1636 | void (*tun_dev_free_security) (void *security); |
| 1625 | int (*tun_dev_attach)(struct sock *sk); | 1637 | int (*tun_dev_create) (void); |
| 1638 | int (*tun_dev_attach_queue) (void *security); | ||
| 1639 | int (*tun_dev_attach) (struct sock *sk, void *security); | ||
| 1640 | int (*tun_dev_open) (void *security); | ||
| 1626 | #endif /* CONFIG_SECURITY_NETWORK */ | 1641 | #endif /* CONFIG_SECURITY_NETWORK */ |
| 1627 | 1642 | ||
| 1628 | #ifdef CONFIG_SECURITY_NETWORK_XFRM | 1643 | #ifdef CONFIG_SECURITY_NETWORK_XFRM |
| @@ -2566,9 +2581,12 @@ void security_inet_conn_established(struct sock *sk, | |||
| 2566 | int security_secmark_relabel_packet(u32 secid); | 2581 | int security_secmark_relabel_packet(u32 secid); |
| 2567 | void security_secmark_refcount_inc(void); | 2582 | void security_secmark_refcount_inc(void); |
| 2568 | void security_secmark_refcount_dec(void); | 2583 | void security_secmark_refcount_dec(void); |
| 2584 | int security_tun_dev_alloc_security(void **security); | ||
| 2585 | void security_tun_dev_free_security(void *security); | ||
| 2569 | int security_tun_dev_create(void); | 2586 | int security_tun_dev_create(void); |
| 2570 | void security_tun_dev_post_create(struct sock *sk); | 2587 | int security_tun_dev_attach_queue(void *security); |
| 2571 | int security_tun_dev_attach(struct sock *sk); | 2588 | int security_tun_dev_attach(struct sock *sk, void *security); |
| 2589 | int security_tun_dev_open(void *security); | ||
| 2572 | 2590 | ||
| 2573 | #else /* CONFIG_SECURITY_NETWORK */ | 2591 | #else /* CONFIG_SECURITY_NETWORK */ |
| 2574 | static inline int security_unix_stream_connect(struct sock *sock, | 2592 | static inline int security_unix_stream_connect(struct sock *sock, |
| @@ -2733,16 +2751,31 @@ static inline void security_secmark_refcount_dec(void) | |||
| 2733 | { | 2751 | { |
| 2734 | } | 2752 | } |
| 2735 | 2753 | ||
| 2754 | static inline int security_tun_dev_alloc_security(void **security) | ||
| 2755 | { | ||
| 2756 | return 0; | ||
| 2757 | } | ||
| 2758 | |||
| 2759 | static inline void security_tun_dev_free_security(void *security) | ||
| 2760 | { | ||
| 2761 | } | ||
| 2762 | |||
| 2736 | static inline int security_tun_dev_create(void) | 2763 | static inline int security_tun_dev_create(void) |
| 2737 | { | 2764 | { |
| 2738 | return 0; | 2765 | return 0; |
| 2739 | } | 2766 | } |
| 2740 | 2767 | ||
| 2741 | static inline void security_tun_dev_post_create(struct sock *sk) | 2768 | static inline int security_tun_dev_attach_queue(void *security) |
| 2769 | { | ||
| 2770 | return 0; | ||
| 2771 | } | ||
| 2772 | |||
| 2773 | static inline int security_tun_dev_attach(struct sock *sk, void *security) | ||
| 2742 | { | 2774 | { |
| 2775 | return 0; | ||
| 2743 | } | 2776 | } |
| 2744 | 2777 | ||
| 2745 | static inline int security_tun_dev_attach(struct sock *sk) | 2778 | static inline int security_tun_dev_open(void *security) |
| 2746 | { | 2779 | { |
| 2747 | return 0; | 2780 | return 0; |
| 2748 | } | 2781 | } |