aboutsummaryrefslogtreecommitdiffstats
path: root/security/dummy.c
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2007-11-30 13:00:35 -0500
committerJames Morris <jmorris@namei.org>2008-01-24 19:29:46 -0500
commitc9180a57a9ab2d5525faf8815a332364ee9e89b7 (patch)
treec677ec33735f3529d478a2b71fcc732d4fe59adf /security/dummy.c
parent19c5fc198c369bb00f3ed9716ef40648865d8d94 (diff)
Security: add get, set, and cloning of superblock security information
Adds security_get_sb_mnt_opts, security_set_sb_mnt_opts, and security_clont_sb_mnt_opts to the LSM and to SELinux. This will allow filesystems to directly own and control all of their mount options if they so choose. This interface deals only with option identifiers and strings so it should generic enough for any LSM which may come in the future. Filesystems which pass text mount data around in the kernel (almost all of them) need not currently make use of this interface when dealing with SELinux since it will still parse those strings as it always has. I assume future LSM's would do the same. NFS is the primary FS which does not use text mount data and thus must make use of this interface. An LSM would need to implement these functions only if they had mount time options, such as selinux has context= or fscontext=. If the LSM has no mount time options they could simply not implement and let the dummy ops take care of things. An LSM other than SELinux would need to define new option numbers in security.h and any FS which decides to own there own security options would need to be patched to use this new interface for every possible LSM. This is because it was stated to me very clearly that LSM's should not attempt to understand FS mount data and the burdon to understand security should be in the FS which owns the options. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen D. Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/dummy.c')
-rw-r--r--security/dummy.c26
1 files changed, 26 insertions, 0 deletions
diff --git a/security/dummy.c b/security/dummy.c
index 3ccfbbe973b6..a3b29d0d00e5 100644
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -245,6 +245,29 @@ static void dummy_sb_post_pivotroot (struct nameidata *old_nd, struct nameidata
245 return; 245 return;
246} 246}
247 247
248static int dummy_sb_get_mnt_opts(const struct super_block *sb, char ***mount_options,
249 int **flags, int *num_opts)
250{
251 *mount_options = NULL;
252 *flags = NULL;
253 *num_opts = 0;
254 return 0;
255}
256
257static int dummy_sb_set_mnt_opts(struct super_block *sb, char **mount_options,
258 int *flags, int num_opts)
259{
260 if (unlikely(num_opts))
261 return -EOPNOTSUPP;
262 return 0;
263}
264
265static void dummy_sb_clone_mnt_opts(const struct super_block *oldsb,
266 struct super_block *newsb)
267{
268 return;
269}
270
248static int dummy_inode_alloc_security (struct inode *inode) 271static int dummy_inode_alloc_security (struct inode *inode)
249{ 272{
250 return 0; 273 return 0;
@@ -998,6 +1021,9 @@ void security_fixup_ops (struct security_operations *ops)
998 set_to_dummy_if_null(ops, sb_post_addmount); 1021 set_to_dummy_if_null(ops, sb_post_addmount);
999 set_to_dummy_if_null(ops, sb_pivotroot); 1022 set_to_dummy_if_null(ops, sb_pivotroot);
1000 set_to_dummy_if_null(ops, sb_post_pivotroot); 1023 set_to_dummy_if_null(ops, sb_post_pivotroot);
1024 set_to_dummy_if_null(ops, sb_get_mnt_opts);
1025 set_to_dummy_if_null(ops, sb_set_mnt_opts);
1026 set_to_dummy_if_null(ops, sb_clone_mnt_opts);
1001 set_to_dummy_if_null(ops, inode_alloc_security); 1027 set_to_dummy_if_null(ops, inode_alloc_security);
1002 set_to_dummy_if_null(ops, inode_free_security); 1028 set_to_dummy_if_null(ops, inode_free_security);
1003 set_to_dummy_if_null(ops, inode_init_security); 1029 set_to_dummy_if_null(ops, inode_init_security);