diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-18 21:18:30 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-04-18 21:18:30 -0400 |
commit | 3925e6fc1f774048404fdd910b0345b06c699eb4 (patch) | |
tree | c9a58417d9492f39f7fe81d4721d674c34dd8be2 /security/dummy.c | |
parent | 334d094504c2fe1c44211ecb49146ae6bca8c321 (diff) | |
parent | 7cea51be4e91edad05bd834f3235b45c57783f0d (diff) |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6:
security: fix up documentation for security_module_enable
Security: Introduce security= boot parameter
Audit: Final renamings and cleanup
SELinux: use new audit hooks, remove redundant exports
Audit: internally use the new LSM audit hooks
LSM/Audit: Introduce generic Audit LSM hooks
SELinux: remove redundant exports
Netlink: Use generic LSM hook
Audit: use new LSM hooks instead of SELinux exports
SELinux: setup new inode/ipc getsecid hooks
LSM: Introduce inode_getsecid and ipc_getsecid hooks
Diffstat (limited to 'security/dummy.c')
-rw-r--r-- | security/dummy.c | 51 |
1 files changed, 48 insertions, 3 deletions
diff --git a/security/dummy.c b/security/dummy.c index 480366f9c41d..98d5f969cdc8 100644 --- a/security/dummy.c +++ b/security/dummy.c | |||
@@ -424,6 +424,11 @@ static int dummy_inode_listsecurity(struct inode *inode, char *buffer, size_t bu | |||
424 | return 0; | 424 | return 0; |
425 | } | 425 | } |
426 | 426 | ||
427 | static void dummy_inode_getsecid(const struct inode *inode, u32 *secid) | ||
428 | { | ||
429 | *secid = 0; | ||
430 | } | ||
431 | |||
427 | static int dummy_file_permission (struct file *file, int mask) | 432 | static int dummy_file_permission (struct file *file, int mask) |
428 | { | 433 | { |
429 | return 0; | 434 | return 0; |
@@ -542,7 +547,9 @@ static int dummy_task_getsid (struct task_struct *p) | |||
542 | } | 547 | } |
543 | 548 | ||
544 | static void dummy_task_getsecid (struct task_struct *p, u32 *secid) | 549 | static void dummy_task_getsecid (struct task_struct *p, u32 *secid) |
545 | { } | 550 | { |
551 | *secid = 0; | ||
552 | } | ||
546 | 553 | ||
547 | static int dummy_task_setgroups (struct group_info *group_info) | 554 | static int dummy_task_setgroups (struct group_info *group_info) |
548 | { | 555 | { |
@@ -616,6 +623,11 @@ static int dummy_ipc_permission (struct kern_ipc_perm *ipcp, short flag) | |||
616 | return 0; | 623 | return 0; |
617 | } | 624 | } |
618 | 625 | ||
626 | static void dummy_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) | ||
627 | { | ||
628 | *secid = 0; | ||
629 | } | ||
630 | |||
619 | static int dummy_msg_msg_alloc_security (struct msg_msg *msg) | 631 | static int dummy_msg_msg_alloc_security (struct msg_msg *msg) |
620 | { | 632 | { |
621 | return 0; | 633 | return 0; |
@@ -983,7 +995,33 @@ static inline int dummy_key_permission(key_ref_t key_ref, | |||
983 | } | 995 | } |
984 | #endif /* CONFIG_KEYS */ | 996 | #endif /* CONFIG_KEYS */ |
985 | 997 | ||
986 | struct security_operations dummy_security_ops; | 998 | #ifdef CONFIG_AUDIT |
999 | static inline int dummy_audit_rule_init(u32 field, u32 op, char *rulestr, | ||
1000 | void **lsmrule) | ||
1001 | { | ||
1002 | return 0; | ||
1003 | } | ||
1004 | |||
1005 | static inline int dummy_audit_rule_known(struct audit_krule *krule) | ||
1006 | { | ||
1007 | return 0; | ||
1008 | } | ||
1009 | |||
1010 | static inline int dummy_audit_rule_match(u32 secid, u32 field, u32 op, | ||
1011 | void *lsmrule, | ||
1012 | struct audit_context *actx) | ||
1013 | { | ||
1014 | return 0; | ||
1015 | } | ||
1016 | |||
1017 | static inline void dummy_audit_rule_free(void *lsmrule) | ||
1018 | { } | ||
1019 | |||
1020 | #endif /* CONFIG_AUDIT */ | ||
1021 | |||
1022 | struct security_operations dummy_security_ops = { | ||
1023 | .name = "dummy", | ||
1024 | }; | ||
987 | 1025 | ||
988 | #define set_to_dummy_if_null(ops, function) \ | 1026 | #define set_to_dummy_if_null(ops, function) \ |
989 | do { \ | 1027 | do { \ |
@@ -1060,6 +1098,7 @@ void security_fixup_ops (struct security_operations *ops) | |||
1060 | set_to_dummy_if_null(ops, inode_getsecurity); | 1098 | set_to_dummy_if_null(ops, inode_getsecurity); |
1061 | set_to_dummy_if_null(ops, inode_setsecurity); | 1099 | set_to_dummy_if_null(ops, inode_setsecurity); |
1062 | set_to_dummy_if_null(ops, inode_listsecurity); | 1100 | set_to_dummy_if_null(ops, inode_listsecurity); |
1101 | set_to_dummy_if_null(ops, inode_getsecid); | ||
1063 | set_to_dummy_if_null(ops, file_permission); | 1102 | set_to_dummy_if_null(ops, file_permission); |
1064 | set_to_dummy_if_null(ops, file_alloc_security); | 1103 | set_to_dummy_if_null(ops, file_alloc_security); |
1065 | set_to_dummy_if_null(ops, file_free_security); | 1104 | set_to_dummy_if_null(ops, file_free_security); |
@@ -1096,6 +1135,7 @@ void security_fixup_ops (struct security_operations *ops) | |||
1096 | set_to_dummy_if_null(ops, task_reparent_to_init); | 1135 | set_to_dummy_if_null(ops, task_reparent_to_init); |
1097 | set_to_dummy_if_null(ops, task_to_inode); | 1136 | set_to_dummy_if_null(ops, task_to_inode); |
1098 | set_to_dummy_if_null(ops, ipc_permission); | 1137 | set_to_dummy_if_null(ops, ipc_permission); |
1138 | set_to_dummy_if_null(ops, ipc_getsecid); | ||
1099 | set_to_dummy_if_null(ops, msg_msg_alloc_security); | 1139 | set_to_dummy_if_null(ops, msg_msg_alloc_security); |
1100 | set_to_dummy_if_null(ops, msg_msg_free_security); | 1140 | set_to_dummy_if_null(ops, msg_msg_free_security); |
1101 | set_to_dummy_if_null(ops, msg_queue_alloc_security); | 1141 | set_to_dummy_if_null(ops, msg_queue_alloc_security); |
@@ -1170,6 +1210,11 @@ void security_fixup_ops (struct security_operations *ops) | |||
1170 | set_to_dummy_if_null(ops, key_free); | 1210 | set_to_dummy_if_null(ops, key_free); |
1171 | set_to_dummy_if_null(ops, key_permission); | 1211 | set_to_dummy_if_null(ops, key_permission); |
1172 | #endif /* CONFIG_KEYS */ | 1212 | #endif /* CONFIG_KEYS */ |
1173 | 1213 | #ifdef CONFIG_AUDIT | |
1214 | set_to_dummy_if_null(ops, audit_rule_init); | ||
1215 | set_to_dummy_if_null(ops, audit_rule_known); | ||
1216 | set_to_dummy_if_null(ops, audit_rule_match); | ||
1217 | set_to_dummy_if_null(ops, audit_rule_free); | ||
1218 | #endif | ||
1174 | } | 1219 | } |
1175 | 1220 | ||