diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2011-10-25 03:45:31 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-10-25 03:45:31 -0400 |
commit | 36b8d186e6cc8e32cb5227f5645a58e1bc0af190 (patch) | |
tree | 1000ad26e189e6ff2c53fb7eeff605f59c7ad94e /include/linux/security.h | |
parent | cd85b557414fe4cd44ea6608825e96612a5fe2b2 (diff) | |
parent | c45ed235abf1b0b6666417e3c394f18717976acd (diff) |
Merge branch 'next' of git://selinuxproject.org/~jmorris/linux-security
* 'next' of git://selinuxproject.org/~jmorris/linux-security: (95 commits)
TOMOYO: Fix incomplete read after seek.
Smack: allow to access /smack/access as normal user
TOMOYO: Fix unused kernel config option.
Smack: fix: invalid length set for the result of /smack/access
Smack: compilation fix
Smack: fix for /smack/access output, use string instead of byte
Smack: domain transition protections (v3)
Smack: Provide information for UDS getsockopt(SO_PEERCRED)
Smack: Clean up comments
Smack: Repair processing of fcntl
Smack: Rule list lookup performance
Smack: check permissions from user space (v2)
TOMOYO: Fix quota and garbage collector.
TOMOYO: Remove redundant tasklist_lock.
TOMOYO: Fix domain transition failure warning.
TOMOYO: Remove tomoyo_policy_memory_lock spinlock.
TOMOYO: Simplify garbage collector.
TOMOYO: Fix make namespacecheck warnings.
target: check hex2bin result
encrypted-keys: check hex2bin result
...
Diffstat (limited to 'include/linux/security.h')
-rw-r--r-- | include/linux/security.h | 32 |
1 files changed, 25 insertions, 7 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index ebd2a53a3d07..19d8e04e1688 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
@@ -36,6 +36,7 @@ | |||
36 | #include <linux/key.h> | 36 | #include <linux/key.h> |
37 | #include <linux/xfrm.h> | 37 | #include <linux/xfrm.h> |
38 | #include <linux/slab.h> | 38 | #include <linux/slab.h> |
39 | #include <linux/xattr.h> | ||
39 | #include <net/flow.h> | 40 | #include <net/flow.h> |
40 | 41 | ||
41 | /* Maximum number of letters for an LSM name string */ | 42 | /* Maximum number of letters for an LSM name string */ |
@@ -147,6 +148,10 @@ extern int mmap_min_addr_handler(struct ctl_table *table, int write, | |||
147 | void __user *buffer, size_t *lenp, loff_t *ppos); | 148 | void __user *buffer, size_t *lenp, loff_t *ppos); |
148 | #endif | 149 | #endif |
149 | 150 | ||
151 | /* security_inode_init_security callback function to write xattrs */ | ||
152 | typedef int (*initxattrs) (struct inode *inode, | ||
153 | const struct xattr *xattr_array, void *fs_data); | ||
154 | |||
150 | #ifdef CONFIG_SECURITY | 155 | #ifdef CONFIG_SECURITY |
151 | 156 | ||
152 | struct security_mnt_opts { | 157 | struct security_mnt_opts { |
@@ -1367,7 +1372,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |||
1367 | * @inode_getsecctx: | 1372 | * @inode_getsecctx: |
1368 | * Returns a string containing all relavent security context information | 1373 | * Returns a string containing all relavent security context information |
1369 | * | 1374 | * |
1370 | * @inode we wish to set the security context of. | 1375 | * @inode we wish to get the security context of. |
1371 | * @ctx is a pointer in which to place the allocated security context. | 1376 | * @ctx is a pointer in which to place the allocated security context. |
1372 | * @ctxlen points to the place to put the length of @ctx. | 1377 | * @ctxlen points to the place to put the length of @ctx. |
1373 | * This is the main security structure. | 1378 | * This is the main security structure. |
@@ -1655,6 +1660,8 @@ struct security_operations { | |||
1655 | extern int security_init(void); | 1660 | extern int security_init(void); |
1656 | extern int security_module_enable(struct security_operations *ops); | 1661 | extern int security_module_enable(struct security_operations *ops); |
1657 | extern int register_security(struct security_operations *ops); | 1662 | extern int register_security(struct security_operations *ops); |
1663 | extern void __init security_fixup_ops(struct security_operations *ops); | ||
1664 | |||
1658 | 1665 | ||
1659 | /* Security operations */ | 1666 | /* Security operations */ |
1660 | int security_ptrace_access_check(struct task_struct *child, unsigned int mode); | 1667 | int security_ptrace_access_check(struct task_struct *child, unsigned int mode); |
@@ -1704,8 +1711,11 @@ int security_sb_parse_opts_str(char *options, struct security_mnt_opts *opts); | |||
1704 | int security_inode_alloc(struct inode *inode); | 1711 | int security_inode_alloc(struct inode *inode); |
1705 | void security_inode_free(struct inode *inode); | 1712 | void security_inode_free(struct inode *inode); |
1706 | int security_inode_init_security(struct inode *inode, struct inode *dir, | 1713 | int security_inode_init_security(struct inode *inode, struct inode *dir, |
1707 | const struct qstr *qstr, char **name, | 1714 | const struct qstr *qstr, |
1708 | void **value, size_t *len); | 1715 | initxattrs initxattrs, void *fs_data); |
1716 | int security_old_inode_init_security(struct inode *inode, struct inode *dir, | ||
1717 | const struct qstr *qstr, char **name, | ||
1718 | void **value, size_t *len); | ||
1709 | int security_inode_create(struct inode *dir, struct dentry *dentry, int mode); | 1719 | int security_inode_create(struct inode *dir, struct dentry *dentry, int mode); |
1710 | int security_inode_link(struct dentry *old_dentry, struct inode *dir, | 1720 | int security_inode_link(struct dentry *old_dentry, struct inode *dir, |
1711 | struct dentry *new_dentry); | 1721 | struct dentry *new_dentry); |
@@ -2034,11 +2044,19 @@ static inline void security_inode_free(struct inode *inode) | |||
2034 | static inline int security_inode_init_security(struct inode *inode, | 2044 | static inline int security_inode_init_security(struct inode *inode, |
2035 | struct inode *dir, | 2045 | struct inode *dir, |
2036 | const struct qstr *qstr, | 2046 | const struct qstr *qstr, |
2037 | char **name, | 2047 | initxattrs initxattrs, |
2038 | void **value, | 2048 | void *fs_data) |
2039 | size_t *len) | ||
2040 | { | 2049 | { |
2041 | return -EOPNOTSUPP; | 2050 | return 0; |
2051 | } | ||
2052 | |||
2053 | static inline int security_old_inode_init_security(struct inode *inode, | ||
2054 | struct inode *dir, | ||
2055 | const struct qstr *qstr, | ||
2056 | char **name, void **value, | ||
2057 | size_t *len) | ||
2058 | { | ||
2059 | return 0; | ||
2042 | } | 2060 | } |
2043 | 2061 | ||
2044 | static inline int security_inode_create(struct inode *dir, | 2062 | static inline int security_inode_create(struct inode *dir, |