aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2008-01-15 18:47:35 -0500
committerJames Morris <jmorris@namei.org>2008-01-24 19:29:53 -0500
commit63cb34492351078479b2d4bae6a881806a396286 (patch)
treed33ab15eda40c5195c4a723d9e49591a9b4950f9 /include/linux
parentc43e259cc756ece387faae849af0058b56d78466 (diff)
security: add a secctx_to_secid() hook
Add a secctx_to_secid() LSM hook to go along with the existing secid_to_secctx() LSM hook. This patch also includes the SELinux implementation for this hook. Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/security.h13
1 files changed, 13 insertions, 0 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index 2e2c63faead7..e4a91cb1b187 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1202,6 +1202,10 @@ struct request_sock;
1202 * Convert secid to security context. 1202 * Convert secid to security context.
1203 * @secid contains the security ID. 1203 * @secid contains the security ID.
1204 * @secdata contains the pointer that stores the converted security context. 1204 * @secdata contains the pointer that stores the converted security context.
1205 * @secctx_to_secid:
1206 * Convert security context to secid.
1207 * @secid contains the pointer to the generated security ID.
1208 * @secdata contains the security context.
1205 * 1209 *
1206 * @release_secctx: 1210 * @release_secctx:
1207 * Release the security context. 1211 * Release the security context.
@@ -1396,6 +1400,7 @@ struct security_operations {
1396 int (*getprocattr)(struct task_struct *p, char *name, char **value); 1400 int (*getprocattr)(struct task_struct *p, char *name, char **value);
1397 int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size); 1401 int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size);
1398 int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen); 1402 int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen);
1403 int (*secctx_to_secid)(char *secdata, u32 seclen, u32 *secid);
1399 void (*release_secctx)(char *secdata, u32 seclen); 1404 void (*release_secctx)(char *secdata, u32 seclen);
1400 1405
1401#ifdef CONFIG_SECURITY_NETWORK 1406#ifdef CONFIG_SECURITY_NETWORK
@@ -1634,6 +1639,7 @@ int security_setprocattr(struct task_struct *p, char *name, void *value, size_t
1634int security_netlink_send(struct sock *sk, struct sk_buff *skb); 1639int security_netlink_send(struct sock *sk, struct sk_buff *skb);
1635int security_netlink_recv(struct sk_buff *skb, int cap); 1640int security_netlink_recv(struct sk_buff *skb, int cap);
1636int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); 1641int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
1642int security_secctx_to_secid(char *secdata, u32 seclen, u32 *secid);
1637void security_release_secctx(char *secdata, u32 seclen); 1643void security_release_secctx(char *secdata, u32 seclen);
1638 1644
1639#else /* CONFIG_SECURITY */ 1645#else /* CONFIG_SECURITY */
@@ -2308,6 +2314,13 @@ static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *secle
2308 return -EOPNOTSUPP; 2314 return -EOPNOTSUPP;
2309} 2315}
2310 2316
2317static inline int security_secctx_to_secid(char *secdata,
2318 u32 seclen,
2319 u32 *secid)
2320{
2321 return -EOPNOTSUPP;
2322}
2323
2311static inline void security_release_secctx(char *secdata, u32 seclen) 2324static inline void security_release_secctx(char *secdata, u32 seclen)
2312{ 2325{
2313} 2326}