diff options
-rw-r--r-- | Documentation/DocBook/kernel-api.tmpl | 1 | ||||
-rw-r--r-- | security/inode.c | 33 | ||||
-rw-r--r-- | security/security.c | 8 |
3 files changed, 21 insertions, 21 deletions
diff --git a/Documentation/DocBook/kernel-api.tmpl b/Documentation/DocBook/kernel-api.tmpl index b7b1482f6e04..cd0e6d5370d7 100644 --- a/Documentation/DocBook/kernel-api.tmpl +++ b/Documentation/DocBook/kernel-api.tmpl | |||
@@ -283,6 +283,7 @@ X!Earch/x86/kernel/mca_32.c | |||
283 | <chapter id="security"> | 283 | <chapter id="security"> |
284 | <title>Security Framework</title> | 284 | <title>Security Framework</title> |
285 | !Isecurity/security.c | 285 | !Isecurity/security.c |
286 | !Esecurity/inode.c | ||
286 | </chapter> | 287 | </chapter> |
287 | 288 | ||
288 | <chapter id="audit"> | 289 | <chapter id="audit"> |
diff --git a/security/inode.c b/security/inode.c index acc6cf0d7900..ca4958ebad8d 100644 --- a/security/inode.c +++ b/security/inode.c | |||
@@ -190,7 +190,7 @@ static int create_by_name(const char *name, mode_t mode, | |||
190 | * @name: a pointer to a string containing the name of the file to create. | 190 | * @name: a pointer to a string containing the name of the file to create. |
191 | * @mode: the permission that the file should have | 191 | * @mode: the permission that the file should have |
192 | * @parent: a pointer to the parent dentry for this file. This should be a | 192 | * @parent: a pointer to the parent dentry for this file. This should be a |
193 | * directory dentry if set. If this paramater is NULL, then the | 193 | * directory dentry if set. If this parameter is %NULL, then the |
194 | * file will be created in the root of the securityfs filesystem. | 194 | * file will be created in the root of the securityfs filesystem. |
195 | * @data: a pointer to something that the caller will want to get to later | 195 | * @data: a pointer to something that the caller will want to get to later |
196 | * on. The inode.i_private pointer will point to this value on | 196 | * on. The inode.i_private pointer will point to this value on |
@@ -199,18 +199,18 @@ static int create_by_name(const char *name, mode_t mode, | |||
199 | * this file. | 199 | * this file. |
200 | * | 200 | * |
201 | * This is the basic "create a file" function for securityfs. It allows for a | 201 | * This is the basic "create a file" function for securityfs. It allows for a |
202 | * wide range of flexibility in createing a file, or a directory (if you | 202 | * wide range of flexibility in creating a file, or a directory (if you |
203 | * want to create a directory, the securityfs_create_dir() function is | 203 | * want to create a directory, the securityfs_create_dir() function is |
204 | * recommended to be used instead.) | 204 | * recommended to be used instead). |
205 | * | 205 | * |
206 | * This function will return a pointer to a dentry if it succeeds. This | 206 | * This function returns a pointer to a dentry if it succeeds. This |
207 | * pointer must be passed to the securityfs_remove() function when the file is | 207 | * pointer must be passed to the securityfs_remove() function when the file is |
208 | * to be removed (no automatic cleanup happens if your module is unloaded, | 208 | * to be removed (no automatic cleanup happens if your module is unloaded, |
209 | * you are responsible here.) If an error occurs, NULL will be returned. | 209 | * you are responsible here). If an error occurs, %NULL is returned. |
210 | * | 210 | * |
211 | * If securityfs is not enabled in the kernel, the value -ENODEV will be | 211 | * If securityfs is not enabled in the kernel, the value %-ENODEV is |
212 | * returned. It is not wise to check for this value, but rather, check for | 212 | * returned. It is not wise to check for this value, but rather, check for |
213 | * NULL or !NULL instead as to eliminate the need for #ifdef in the calling | 213 | * %NULL or !%NULL instead as to eliminate the need for #ifdef in the calling |
214 | * code. | 214 | * code. |
215 | */ | 215 | */ |
216 | struct dentry *securityfs_create_file(const char *name, mode_t mode, | 216 | struct dentry *securityfs_create_file(const char *name, mode_t mode, |
@@ -252,19 +252,19 @@ EXPORT_SYMBOL_GPL(securityfs_create_file); | |||
252 | * @name: a pointer to a string containing the name of the directory to | 252 | * @name: a pointer to a string containing the name of the directory to |
253 | * create. | 253 | * create. |
254 | * @parent: a pointer to the parent dentry for this file. This should be a | 254 | * @parent: a pointer to the parent dentry for this file. This should be a |
255 | * directory dentry if set. If this paramater is NULL, then the | 255 | * directory dentry if set. If this parameter is %NULL, then the |
256 | * directory will be created in the root of the securityfs filesystem. | 256 | * directory will be created in the root of the securityfs filesystem. |
257 | * | 257 | * |
258 | * This function creates a directory in securityfs with the given name. | 258 | * This function creates a directory in securityfs with the given @name. |
259 | * | 259 | * |
260 | * This function will return a pointer to a dentry if it succeeds. This | 260 | * This function returns a pointer to a dentry if it succeeds. This |
261 | * pointer must be passed to the securityfs_remove() function when the file is | 261 | * pointer must be passed to the securityfs_remove() function when the file is |
262 | * to be removed (no automatic cleanup happens if your module is unloaded, | 262 | * to be removed (no automatic cleanup happens if your module is unloaded, |
263 | * you are responsible here.) If an error occurs, NULL will be returned. | 263 | * you are responsible here). If an error occurs, %NULL will be returned. |
264 | * | 264 | * |
265 | * If securityfs is not enabled in the kernel, the value -ENODEV will be | 265 | * If securityfs is not enabled in the kernel, the value %-ENODEV is |
266 | * returned. It is not wise to check for this value, but rather, check for | 266 | * returned. It is not wise to check for this value, but rather, check for |
267 | * NULL or !NULL instead as to eliminate the need for #ifdef in the calling | 267 | * %NULL or !%NULL instead as to eliminate the need for #ifdef in the calling |
268 | * code. | 268 | * code. |
269 | */ | 269 | */ |
270 | struct dentry *securityfs_create_dir(const char *name, struct dentry *parent) | 270 | struct dentry *securityfs_create_dir(const char *name, struct dentry *parent) |
@@ -278,16 +278,15 @@ EXPORT_SYMBOL_GPL(securityfs_create_dir); | |||
278 | /** | 278 | /** |
279 | * securityfs_remove - removes a file or directory from the securityfs filesystem | 279 | * securityfs_remove - removes a file or directory from the securityfs filesystem |
280 | * | 280 | * |
281 | * @dentry: a pointer to a the dentry of the file or directory to be | 281 | * @dentry: a pointer to a the dentry of the file or directory to be removed. |
282 | * removed. | ||
283 | * | 282 | * |
284 | * This function removes a file or directory in securityfs that was previously | 283 | * This function removes a file or directory in securityfs that was previously |
285 | * created with a call to another securityfs function (like | 284 | * created with a call to another securityfs function (like |
286 | * securityfs_create_file() or variants thereof.) | 285 | * securityfs_create_file() or variants thereof.) |
287 | * | 286 | * |
288 | * This function is required to be called in order for the file to be | 287 | * This function is required to be called in order for the file to be |
289 | * removed, no automatic cleanup of files will happen when a module is | 288 | * removed. No automatic cleanup of files will happen when a module is |
290 | * removed, you are responsible here. | 289 | * removed; you are responsible here. |
291 | */ | 290 | */ |
292 | void securityfs_remove(struct dentry *dentry) | 291 | void securityfs_remove(struct dentry *dentry) |
293 | { | 292 | { |
diff --git a/security/security.c b/security/security.c index ff7068727757..d953d251fdca 100644 --- a/security/security.c +++ b/security/security.c | |||
@@ -82,8 +82,8 @@ __setup("security=", choose_lsm); | |||
82 | * | 82 | * |
83 | * Return true if: | 83 | * Return true if: |
84 | * -The passed LSM is the one chosen by user at boot time, | 84 | * -The passed LSM is the one chosen by user at boot time, |
85 | * -or user didsn't specify a specific LSM and we're the first to ask | 85 | * -or user didn't specify a specific LSM and we're the first to ask |
86 | * for registeration permissoin, | 86 | * for registration permission, |
87 | * -or the passed LSM is currently loaded. | 87 | * -or the passed LSM is currently loaded. |
88 | * Otherwise, return false. | 88 | * Otherwise, return false. |
89 | */ | 89 | */ |
@@ -101,13 +101,13 @@ int __init security_module_enable(struct security_operations *ops) | |||
101 | * register_security - registers a security framework with the kernel | 101 | * register_security - registers a security framework with the kernel |
102 | * @ops: a pointer to the struct security_options that is to be registered | 102 | * @ops: a pointer to the struct security_options that is to be registered |
103 | * | 103 | * |
104 | * This function is to allow a security module to register itself with the | 104 | * This function allows a security module to register itself with the |
105 | * kernel security subsystem. Some rudimentary checking is done on the @ops | 105 | * kernel security subsystem. Some rudimentary checking is done on the @ops |
106 | * value passed to this function. You'll need to check first if your LSM | 106 | * value passed to this function. You'll need to check first if your LSM |
107 | * is allowed to register its @ops by calling security_module_enable(@ops). | 107 | * is allowed to register its @ops by calling security_module_enable(@ops). |
108 | * | 108 | * |
109 | * If there is already a security module registered with the kernel, | 109 | * If there is already a security module registered with the kernel, |
110 | * an error will be returned. Otherwise 0 is returned on success. | 110 | * an error will be returned. Otherwise %0 is returned on success. |
111 | */ | 111 | */ |
112 | int register_security(struct security_operations *ops) | 112 | int register_security(struct security_operations *ops) |
113 | { | 113 | { |