aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorDavid Woodhouse <dwmw2@infradead.org>2006-05-06 14:59:18 -0400
committerDavid Woodhouse <dwmw2@infradead.org>2006-05-06 14:59:18 -0400
commit5047f09b56d0bc3c21aec9cb16de60283da645c6 (patch)
tree09a07554b933c3bb912ce3bfc0ea7c7e1f16041c /include/linux
parentc0f1fe00c3923135b2c2f443448585482da8a53e (diff)
parent5528e568a760442e0ec8fd2dea1f0791875a066b (diff)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/audit.h22
-rw-r--r--include/linux/fs_uart_pd.h60
-rw-r--r--include/linux/list.h2
-rw-r--r--include/linux/mmc/card.h1
-rw-r--r--include/linux/netfilter/x_tables.h8
-rw-r--r--include/linux/netfilter_ipv4/ip_conntrack_helper_h323_asn1.h2
-rw-r--r--include/linux/netlink.h1
-rw-r--r--include/linux/pipe_fs_i.h30
-rw-r--r--include/linux/security.h16
-rw-r--r--include/linux/selinux.h177
10 files changed, 290 insertions, 29 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 319975532943..14259f6db5bc 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -82,6 +82,7 @@
82#define AUDIT_CONFIG_CHANGE 1305 /* Audit system configuration change */ 82#define AUDIT_CONFIG_CHANGE 1305 /* Audit system configuration change */
83#define AUDIT_SOCKADDR 1306 /* sockaddr copied as syscall arg */ 83#define AUDIT_SOCKADDR 1306 /* sockaddr copied as syscall arg */
84#define AUDIT_CWD 1307 /* Current working directory */ 84#define AUDIT_CWD 1307 /* Current working directory */
85#define AUDIT_IPC_SET_PERM 1311 /* IPC new permissions record type */
85 86
86#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */ 87#define AUDIT_AVC 1400 /* SE Linux avc denial or grant */
87#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */ 88#define AUDIT_SELINUX_ERR 1401 /* Internal SE Linux Errors */
@@ -144,6 +145,11 @@
144#define AUDIT_PERS 10 145#define AUDIT_PERS 10
145#define AUDIT_ARCH 11 146#define AUDIT_ARCH 11
146#define AUDIT_MSGTYPE 12 147#define AUDIT_MSGTYPE 12
148#define AUDIT_SE_USER 13 /* security label user */
149#define AUDIT_SE_ROLE 14 /* security label role */
150#define AUDIT_SE_TYPE 15 /* security label type */
151#define AUDIT_SE_SEN 16 /* security label sensitivity label */
152#define AUDIT_SE_CLR 17 /* security label clearance label */
147 153
148 /* These are ONLY useful when checking 154 /* These are ONLY useful when checking
149 * at syscall exit time (AUDIT_AT_EXIT). */ 155 * at syscall exit time (AUDIT_AT_EXIT). */
@@ -287,10 +293,10 @@ struct netlink_skb_parms;
287 /* Public API */ 293 /* Public API */
288extern int audit_alloc(struct task_struct *task); 294extern int audit_alloc(struct task_struct *task);
289extern void audit_free(struct task_struct *task); 295extern void audit_free(struct task_struct *task);
290extern void audit_syscall_entry(struct task_struct *task, int arch, 296extern void audit_syscall_entry(int arch,
291 int major, unsigned long a0, unsigned long a1, 297 int major, unsigned long a0, unsigned long a1,
292 unsigned long a2, unsigned long a3); 298 unsigned long a2, unsigned long a3);
293extern void audit_syscall_exit(struct task_struct *task, int failed, long return_code); 299extern void audit_syscall_exit(int failed, long return_code);
294extern void audit_getname(const char *name); 300extern void audit_getname(const char *name);
295extern void audit_putname(const char *name); 301extern void audit_putname(const char *name);
296extern void __audit_inode(const char *name, const struct inode *inode, unsigned flags); 302extern void __audit_inode(const char *name, const struct inode *inode, unsigned flags);
@@ -314,7 +320,8 @@ extern void auditsc_get_stamp(struct audit_context *ctx,
314 struct timespec *t, unsigned int *serial); 320 struct timespec *t, unsigned int *serial);
315extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid); 321extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid);
316extern uid_t audit_get_loginuid(struct audit_context *ctx); 322extern uid_t audit_get_loginuid(struct audit_context *ctx);
317extern int audit_ipc_perms(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode, struct kern_ipc_perm *ipcp); 323extern int audit_ipc_obj(struct kern_ipc_perm *ipcp);
324extern int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode, struct kern_ipc_perm *ipcp);
318extern int audit_socketcall(int nargs, unsigned long *args); 325extern int audit_socketcall(int nargs, unsigned long *args);
319extern int audit_sockaddr(int len, void *addr); 326extern int audit_sockaddr(int len, void *addr);
320extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt); 327extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt);
@@ -323,8 +330,8 @@ extern int audit_set_macxattr(const char *name);
323#else 330#else
324#define audit_alloc(t) ({ 0; }) 331#define audit_alloc(t) ({ 0; })
325#define audit_free(t) do { ; } while (0) 332#define audit_free(t) do { ; } while (0)
326#define audit_syscall_entry(t,ta,a,b,c,d,e) do { ; } while (0) 333#define audit_syscall_entry(ta,a,b,c,d,e) do { ; } while (0)
327#define audit_syscall_exit(t,f,r) do { ; } while (0) 334#define audit_syscall_exit(f,r) do { ; } while (0)
328#define audit_getname(n) do { ; } while (0) 335#define audit_getname(n) do { ; } while (0)
329#define audit_putname(n) do { ; } while (0) 336#define audit_putname(n) do { ; } while (0)
330#define __audit_inode(n,i,f) do { ; } while (0) 337#define __audit_inode(n,i,f) do { ; } while (0)
@@ -333,7 +340,8 @@ extern int audit_set_macxattr(const char *name);
333#define audit_inode_child(d,i,p) do { ; } while (0) 340#define audit_inode_child(d,i,p) do { ; } while (0)
334#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0) 341#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)
335#define audit_get_loginuid(c) ({ -1; }) 342#define audit_get_loginuid(c) ({ -1; })
336#define audit_ipc_perms(q,u,g,m,i) ({ 0; }) 343#define audit_ipc_obj(i) ({ 0; })
344#define audit_ipc_set_perm(q,u,g,m,i) ({ 0; })
337#define audit_socketcall(n,a) ({ 0; }) 345#define audit_socketcall(n,a) ({ 0; })
338#define audit_sockaddr(len, addr) ({ 0; }) 346#define audit_sockaddr(len, addr) ({ 0; })
339#define audit_avc_path(dentry, mnt) ({ 0; }) 347#define audit_avc_path(dentry, mnt) ({ 0; })
@@ -366,7 +374,7 @@ extern void audit_log_d_path(struct audit_buffer *ab,
366extern int audit_filter_user(struct netlink_skb_parms *cb, int type); 374extern int audit_filter_user(struct netlink_skb_parms *cb, int type);
367extern int audit_filter_type(int type); 375extern int audit_filter_type(int type);
368extern int audit_receive_filter(int type, int pid, int uid, int seq, 376extern int audit_receive_filter(int type, int pid, int uid, int seq,
369 void *data, size_t datasz, uid_t loginuid); 377 void *data, size_t datasz, uid_t loginuid, u32 sid);
370#else 378#else
371#define audit_log(c,g,t,f,...) do { ; } while (0) 379#define audit_log(c,g,t,f,...) do { ; } while (0)
372#define audit_log_start(c,g,t) ({ NULL; }) 380#define audit_log_start(c,g,t) ({ NULL; })
diff --git a/include/linux/fs_uart_pd.h b/include/linux/fs_uart_pd.h
new file mode 100644
index 000000000000..f5975126b712
--- /dev/null
+++ b/include/linux/fs_uart_pd.h
@@ -0,0 +1,60 @@
1/*
2 * Platform information definitions for the CPM Uart driver.
3 *
4 * 2006 (c) MontaVista Software, Inc.
5 * Vitaly Bordug <vbordug@ru.mvista.com>
6 *
7 * This file is licensed under the terms of the GNU General Public License
8 * version 2. This program is licensed "as is" without any warranty of any
9 * kind, whether express or implied.
10 */
11
12#ifndef FS_UART_PD_H
13#define FS_UART_PD_H
14
15#include <linux/version.h>
16#include <asm/types.h>
17
18enum fs_uart_id {
19 fsid_smc1_uart,
20 fsid_smc2_uart,
21 fsid_scc1_uart,
22 fsid_scc2_uart,
23 fsid_scc3_uart,
24 fsid_scc4_uart,
25 fs_uart_nr,
26};
27
28static inline int fs_uart_id_scc2fsid(int id)
29{
30 return fsid_scc1_uart + id - 1;
31}
32
33static inline int fs_uart_id_fsid2scc(int id)
34{
35 return id - fsid_scc1_uart + 1;
36}
37
38static inline int fs_uart_id_smc2fsid(int id)
39{
40 return fsid_smc1_uart + id - 1;
41}
42
43static inline int fs_uart_id_fsid2smc(int id)
44{
45 return id - fsid_smc1_uart + 1;
46}
47
48struct fs_uart_platform_info {
49 void(*init_ioports)(void);
50 /* device specific information */
51 int fs_no; /* controller index */
52 u32 uart_clk;
53 u8 tx_num_fifo;
54 u8 tx_buf_size;
55 u8 rx_num_fifo;
56 u8 rx_buf_size;
57 u8 brg;
58};
59
60#endif
diff --git a/include/linux/list.h b/include/linux/list.h
index 67258b47e9ca..76f05718342c 100644
--- a/include/linux/list.h
+++ b/include/linux/list.h
@@ -619,7 +619,7 @@ static inline void hlist_del_rcu(struct hlist_node *n)
619 619
620static inline void hlist_del_init(struct hlist_node *n) 620static inline void hlist_del_init(struct hlist_node *n)
621{ 621{
622 if (n->pprev) { 622 if (!hlist_unhashed(n)) {
623 __hlist_del(n); 623 __hlist_del(n);
624 INIT_HLIST_NODE(n); 624 INIT_HLIST_NODE(n);
625 } 625 }
diff --git a/include/linux/mmc/card.h b/include/linux/mmc/card.h
index 30dd978c1ec8..991a37382a22 100644
--- a/include/linux/mmc/card.h
+++ b/include/linux/mmc/card.h
@@ -28,6 +28,7 @@ struct mmc_csd {
28 unsigned short cmdclass; 28 unsigned short cmdclass;
29 unsigned short tacc_clks; 29 unsigned short tacc_clks;
30 unsigned int tacc_ns; 30 unsigned int tacc_ns;
31 unsigned int r2w_factor;
31 unsigned int max_dtr; 32 unsigned int max_dtr;
32 unsigned int read_blkbits; 33 unsigned int read_blkbits;
33 unsigned int write_blkbits; 34 unsigned int write_blkbits;
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h
index 38701454e197..48cc32d83f77 100644
--- a/include/linux/netfilter/x_tables.h
+++ b/include/linux/netfilter/x_tables.h
@@ -337,6 +337,10 @@ struct compat_xt_entry_match
337 char name[XT_FUNCTION_MAXNAMELEN - 1]; 337 char name[XT_FUNCTION_MAXNAMELEN - 1];
338 u_int8_t revision; 338 u_int8_t revision;
339 } user; 339 } user;
340 struct {
341 u_int16_t match_size;
342 compat_uptr_t match;
343 } kernel;
340 u_int16_t match_size; 344 u_int16_t match_size;
341 } u; 345 } u;
342 unsigned char data[0]; 346 unsigned char data[0];
@@ -350,6 +354,10 @@ struct compat_xt_entry_target
350 char name[XT_FUNCTION_MAXNAMELEN - 1]; 354 char name[XT_FUNCTION_MAXNAMELEN - 1];
351 u_int8_t revision; 355 u_int8_t revision;
352 } user; 356 } user;
357 struct {
358 u_int16_t target_size;
359 compat_uptr_t target;
360 } kernel;
353 u_int16_t target_size; 361 u_int16_t target_size;
354 } u; 362 } u;
355 unsigned char data[0]; 363 unsigned char data[0];
diff --git a/include/linux/netfilter_ipv4/ip_conntrack_helper_h323_asn1.h b/include/linux/netfilter_ipv4/ip_conntrack_helper_h323_asn1.h
index 0bd828081c0c..c6e9a0b6d30b 100644
--- a/include/linux/netfilter_ipv4/ip_conntrack_helper_h323_asn1.h
+++ b/include/linux/netfilter_ipv4/ip_conntrack_helper_h323_asn1.h
@@ -2,7 +2,7 @@
2 * ip_conntrack_helper_h323_asn1.h - BER and PER decoding library for H.323 2 * ip_conntrack_helper_h323_asn1.h - BER and PER decoding library for H.323
3 * conntrack/NAT module. 3 * conntrack/NAT module.
4 * 4 *
5 * Copyright (c) 2006 by Jing Min Zhao <zhaojingmin@hotmail.com> 5 * Copyright (c) 2006 by Jing Min Zhao <zhaojingmin@users.sourceforge.net>
6 * 6 *
7 * This source code is licensed under General Public License version 2. 7 * This source code is licensed under General Public License version 2.
8 * 8 *
diff --git a/include/linux/netlink.h b/include/linux/netlink.h
index f8f3d1c927f8..87b8a5703ebc 100644
--- a/include/linux/netlink.h
+++ b/include/linux/netlink.h
@@ -143,6 +143,7 @@ struct netlink_skb_parms
143 __u32 dst_group; 143 __u32 dst_group;
144 kernel_cap_t eff_cap; 144 kernel_cap_t eff_cap;
145 __u32 loginuid; /* Login (audit) uid */ 145 __u32 loginuid; /* Login (audit) uid */
146 __u32 sid; /* SELinux security id */
146}; 147};
147 148
148#define NETLINK_CB(skb) (*(struct netlink_skb_parms*)&((skb)->cb)) 149#define NETLINK_CB(skb) (*(struct netlink_skb_parms*)&((skb)->cb))
diff --git a/include/linux/pipe_fs_i.h b/include/linux/pipe_fs_i.h
index 0008d4bd4059..ea4f7cd7bfd8 100644
--- a/include/linux/pipe_fs_i.h
+++ b/include/linux/pipe_fs_i.h
@@ -5,8 +5,9 @@
5 5
6#define PIPE_BUFFERS (16) 6#define PIPE_BUFFERS (16)
7 7
8#define PIPE_BUF_FLAG_STOLEN 0x01 8#define PIPE_BUF_FLAG_LRU 0x01 /* page is on the LRU */
9#define PIPE_BUF_FLAG_LRU 0x02 9#define PIPE_BUF_FLAG_ATOMIC 0x02 /* was atomically mapped */
10#define PIPE_BUF_FLAG_GIFT 0x04 /* page is a gift */
10 11
11struct pipe_buffer { 12struct pipe_buffer {
12 struct page *page; 13 struct page *page;
@@ -15,10 +16,23 @@ struct pipe_buffer {
15 unsigned int flags; 16 unsigned int flags;
16}; 17};
17 18
19/*
20 * Note on the nesting of these functions:
21 *
22 * ->pin()
23 * ->steal()
24 * ...
25 * ->map()
26 * ...
27 * ->unmap()
28 *
29 * That is, ->map() must be called on a pinned buffer, same goes for ->steal().
30 */
18struct pipe_buf_operations { 31struct pipe_buf_operations {
19 int can_merge; 32 int can_merge;
20 void * (*map)(struct file *, struct pipe_inode_info *, struct pipe_buffer *); 33 void * (*map)(struct pipe_inode_info *, struct pipe_buffer *, int);
21 void (*unmap)(struct pipe_inode_info *, struct pipe_buffer *); 34 void (*unmap)(struct pipe_inode_info *, struct pipe_buffer *, void *);
35 int (*pin)(struct pipe_inode_info *, struct pipe_buffer *);
22 void (*release)(struct pipe_inode_info *, struct pipe_buffer *); 36 void (*release)(struct pipe_inode_info *, struct pipe_buffer *);
23 int (*steal)(struct pipe_inode_info *, struct pipe_buffer *); 37 int (*steal)(struct pipe_inode_info *, struct pipe_buffer *);
24 void (*get)(struct pipe_inode_info *, struct pipe_buffer *); 38 void (*get)(struct pipe_inode_info *, struct pipe_buffer *);
@@ -51,6 +65,13 @@ struct pipe_inode_info * alloc_pipe_info(struct inode * inode);
51void free_pipe_info(struct inode * inode); 65void free_pipe_info(struct inode * inode);
52void __free_pipe_info(struct pipe_inode_info *); 66void __free_pipe_info(struct pipe_inode_info *);
53 67
68/* Generic pipe buffer ops functions */
69void *generic_pipe_buf_map(struct pipe_inode_info *, struct pipe_buffer *, int);
70void generic_pipe_buf_unmap(struct pipe_inode_info *, struct pipe_buffer *, void *);
71void generic_pipe_buf_get(struct pipe_inode_info *, struct pipe_buffer *);
72int generic_pipe_buf_pin(struct pipe_inode_info *, struct pipe_buffer *);
73int generic_pipe_buf_steal(struct pipe_inode_info *, struct pipe_buffer *);
74
54/* 75/*
55 * splice is tied to pipes as a transport (at least for now), so we'll just 76 * splice is tied to pipes as a transport (at least for now), so we'll just
56 * add the splice flags here. 77 * add the splice flags here.
@@ -60,6 +81,7 @@ void __free_pipe_info(struct pipe_inode_info *);
60 /* we may still block on the fd we splice */ 81 /* we may still block on the fd we splice */
61 /* from/to, of course */ 82 /* from/to, of course */
62#define SPLICE_F_MORE (0x04) /* expect more data */ 83#define SPLICE_F_MORE (0x04) /* expect more data */
84#define SPLICE_F_GIFT (0x08) /* pages passed in are a gift */
63 85
64/* 86/*
65 * Passed to the actors 87 * Passed to the actors
diff --git a/include/linux/security.h b/include/linux/security.h
index aaa0a5cdbf75..1bab48f6aeac 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -869,11 +869,6 @@ struct swap_info_struct;
869 * @ipcp contains the kernel IPC permission structure 869 * @ipcp contains the kernel IPC permission structure
870 * @flag contains the desired (requested) permission set 870 * @flag contains the desired (requested) permission set
871 * Return 0 if permission is granted. 871 * Return 0 if permission is granted.
872 * @ipc_getsecurity:
873 * Copy the security label associated with the ipc object into
874 * @buffer. @buffer may be NULL to request the size of the buffer
875 * required. @size indicates the size of @buffer in bytes. Return
876 * number of bytes used/required on success.
877 * 872 *
878 * Security hooks for individual messages held in System V IPC message queues 873 * Security hooks for individual messages held in System V IPC message queues
879 * @msg_msg_alloc_security: 874 * @msg_msg_alloc_security:
@@ -1223,7 +1218,6 @@ struct security_operations {
1223 void (*task_to_inode)(struct task_struct *p, struct inode *inode); 1218 void (*task_to_inode)(struct task_struct *p, struct inode *inode);
1224 1219
1225 int (*ipc_permission) (struct kern_ipc_perm * ipcp, short flag); 1220 int (*ipc_permission) (struct kern_ipc_perm * ipcp, short flag);
1226 int (*ipc_getsecurity)(struct kern_ipc_perm *ipcp, void *buffer, size_t size);
1227 1221
1228 int (*msg_msg_alloc_security) (struct msg_msg * msg); 1222 int (*msg_msg_alloc_security) (struct msg_msg * msg);
1229 void (*msg_msg_free_security) (struct msg_msg * msg); 1223 void (*msg_msg_free_security) (struct msg_msg * msg);
@@ -1887,11 +1881,6 @@ static inline int security_ipc_permission (struct kern_ipc_perm *ipcp,
1887 return security_ops->ipc_permission (ipcp, flag); 1881 return security_ops->ipc_permission (ipcp, flag);
1888} 1882}
1889 1883
1890static inline int security_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size)
1891{
1892 return security_ops->ipc_getsecurity(ipcp, buffer, size);
1893}
1894
1895static inline int security_msg_msg_alloc (struct msg_msg * msg) 1884static inline int security_msg_msg_alloc (struct msg_msg * msg)
1896{ 1885{
1897 return security_ops->msg_msg_alloc_security (msg); 1886 return security_ops->msg_msg_alloc_security (msg);
@@ -2532,11 +2521,6 @@ static inline int security_ipc_permission (struct kern_ipc_perm *ipcp,
2532 return 0; 2521 return 0;
2533} 2522}
2534 2523
2535static inline int security_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size)
2536{
2537 return -EOPNOTSUPP;
2538}
2539
2540static inline int security_msg_msg_alloc (struct msg_msg * msg) 2524static inline int security_msg_msg_alloc (struct msg_msg * msg)
2541{ 2525{
2542 return 0; 2526 return 0;
diff --git a/include/linux/selinux.h b/include/linux/selinux.h
new file mode 100644
index 000000000000..4047bcde4484
--- /dev/null
+++ b/include/linux/selinux.h
@@ -0,0 +1,177 @@
1/*
2 * SELinux services exported to the rest of the kernel.
3 *
4 * Author: James Morris <jmorris@redhat.com>
5 *
6 * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com>
7 * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
8 * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2,
12 * as published by the Free Software Foundation.
13 */
14#ifndef _LINUX_SELINUX_H
15#define _LINUX_SELINUX_H
16
17struct selinux_audit_rule;
18struct audit_context;
19struct inode;
20struct kern_ipc_perm;
21
22#ifdef CONFIG_SECURITY_SELINUX
23
24/**
25 * selinux_audit_rule_init - alloc/init an selinux audit rule structure.
26 * @field: the field this rule refers to
27 * @op: the operater the rule uses
28 * @rulestr: the text "target" of the rule
29 * @rule: pointer to the new rule structure returned via this
30 *
31 * Returns 0 if successful, -errno if not. On success, the rule structure
32 * will be allocated internally. The caller must free this structure with
33 * selinux_audit_rule_free() after use.
34 */
35int selinux_audit_rule_init(u32 field, u32 op, char *rulestr,
36 struct selinux_audit_rule **rule);
37
38/**
39 * selinux_audit_rule_free - free an selinux audit rule structure.
40 * @rule: pointer to the audit rule to be freed
41 *
42 * This will free all memory associated with the given rule.
43 * If @rule is NULL, no operation is performed.
44 */
45void selinux_audit_rule_free(struct selinux_audit_rule *rule);
46
47/**
48 * selinux_audit_rule_match - determine if a context ID matches a rule.
49 * @ctxid: the context ID to check
50 * @field: the field this rule refers to
51 * @op: the operater the rule uses
52 * @rule: pointer to the audit rule to check against
53 * @actx: the audit context (can be NULL) associated with the check
54 *
55 * Returns 1 if the context id matches the rule, 0 if it does not, and
56 * -errno on failure.
57 */
58int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
59 struct selinux_audit_rule *rule,
60 struct audit_context *actx);
61
62/**
63 * selinux_audit_set_callback - set the callback for policy reloads.
64 * @callback: the function to call when the policy is reloaded
65 *
66 * This sets the function callback function that will update the rules
67 * upon policy reloads. This callback should rebuild all existing rules
68 * using selinux_audit_rule_init().
69 */
70void selinux_audit_set_callback(int (*callback)(void));
71
72/**
73 * selinux_task_ctxid - determine a context ID for a process.
74 * @tsk: the task object
75 * @ctxid: ID value returned via this
76 *
77 * On return, ctxid will contain an ID for the context. This value
78 * should only be used opaquely.
79 */
80void selinux_task_ctxid(struct task_struct *tsk, u32 *ctxid);
81
82/**
83 * selinux_ctxid_to_string - map a security context ID to a string
84 * @ctxid: security context ID to be converted.
85 * @ctx: address of context string to be returned
86 * @ctxlen: length of returned context string.
87 *
88 * Returns 0 if successful, -errno if not. On success, the context
89 * string will be allocated internally, and the caller must call
90 * kfree() on it after use.
91 */
92int selinux_ctxid_to_string(u32 ctxid, char **ctx, u32 *ctxlen);
93
94/**
95 * selinux_get_inode_sid - get the inode's security context ID
96 * @inode: inode structure to get the sid from.
97 * @sid: pointer to security context ID to be filled in.
98 *
99 * Returns nothing
100 */
101void selinux_get_inode_sid(const struct inode *inode, u32 *sid);
102
103/**
104 * selinux_get_ipc_sid - get the ipc security context ID
105 * @ipcp: ipc structure to get the sid from.
106 * @sid: pointer to security context ID to be filled in.
107 *
108 * Returns nothing
109 */
110void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid);
111
112/**
113 * selinux_get_task_sid - return the SID of task
114 * @tsk: the task whose SID will be returned
115 * @sid: pointer to security context ID to be filled in.
116 *
117 * Returns nothing
118 */
119void selinux_get_task_sid(struct task_struct *tsk, u32 *sid);
120
121
122#else
123
124static inline int selinux_audit_rule_init(u32 field, u32 op,
125 char *rulestr,
126 struct selinux_audit_rule **rule)
127{
128 return -ENOTSUPP;
129}
130
131static inline void selinux_audit_rule_free(struct selinux_audit_rule *rule)
132{
133 return;
134}
135
136static inline int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
137 struct selinux_audit_rule *rule,
138 struct audit_context *actx)
139{
140 return 0;
141}
142
143static inline void selinux_audit_set_callback(int (*callback)(void))
144{
145 return;
146}
147
148static inline void selinux_task_ctxid(struct task_struct *tsk, u32 *ctxid)
149{
150 *ctxid = 0;
151}
152
153static inline int selinux_ctxid_to_string(u32 ctxid, char **ctx, u32 *ctxlen)
154{
155 *ctx = NULL;
156 *ctxlen = 0;
157 return 0;
158}
159
160static inline void selinux_get_inode_sid(const struct inode *inode, u32 *sid)
161{
162 *sid = 0;
163}
164
165static inline void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid)
166{
167 *sid = 0;
168}
169
170static inline void selinux_get_task_sid(struct task_struct *tsk, u32 *sid)
171{
172 *sid = 0;
173}
174
175#endif /* CONFIG_SECURITY_SELINUX */
176
177#endif /* _LINUX_SELINUX_H */