aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--include/linux/security.h898
1 files changed, 449 insertions, 449 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index 53a34539382a..a90c06376eec 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -46,25 +46,25 @@ struct audit_krule;
46 * These functions are in security/capability.c and are used 46 * These functions are in security/capability.c and are used
47 * as the default capabilities functions 47 * as the default capabilities functions
48 */ 48 */
49extern int cap_capable (struct task_struct *tsk, int cap); 49extern int cap_capable(struct task_struct *tsk, int cap);
50extern int cap_settime (struct timespec *ts, struct timezone *tz); 50extern int cap_settime(struct timespec *ts, struct timezone *tz);
51extern int cap_ptrace (struct task_struct *parent, struct task_struct *child); 51extern int cap_ptrace(struct task_struct *parent, struct task_struct *child);
52extern int cap_capget (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); 52extern int cap_capget(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted);
53extern int cap_capset_check (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); 53extern int cap_capset_check(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted);
54extern void cap_capset_set (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); 54extern void cap_capset_set(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted);
55extern int cap_bprm_set_security (struct linux_binprm *bprm); 55extern int cap_bprm_set_security(struct linux_binprm *bprm);
56extern void cap_bprm_apply_creds (struct linux_binprm *bprm, int unsafe); 56extern void cap_bprm_apply_creds(struct linux_binprm *bprm, int unsafe);
57extern int cap_bprm_secureexec(struct linux_binprm *bprm); 57extern int cap_bprm_secureexec(struct linux_binprm *bprm);
58extern int cap_inode_setxattr(struct dentry *dentry, char *name, void *value, size_t size, int flags); 58extern int cap_inode_setxattr(struct dentry *dentry, char *name, void *value, size_t size, int flags);
59extern int cap_inode_removexattr(struct dentry *dentry, char *name); 59extern int cap_inode_removexattr(struct dentry *dentry, char *name);
60extern int cap_inode_need_killpriv(struct dentry *dentry); 60extern int cap_inode_need_killpriv(struct dentry *dentry);
61extern int cap_inode_killpriv(struct dentry *dentry); 61extern int cap_inode_killpriv(struct dentry *dentry);
62extern int cap_task_post_setuid (uid_t old_ruid, uid_t old_euid, uid_t old_suid, int flags); 62extern int cap_task_post_setuid(uid_t old_ruid, uid_t old_euid, uid_t old_suid, int flags);
63extern void cap_task_reparent_to_init (struct task_struct *p); 63extern void cap_task_reparent_to_init(struct task_struct *p);
64extern int cap_task_setscheduler (struct task_struct *p, int policy, struct sched_param *lp); 64extern int cap_task_setscheduler(struct task_struct *p, int policy, struct sched_param *lp);
65extern int cap_task_setioprio (struct task_struct *p, int ioprio); 65extern int cap_task_setioprio(struct task_struct *p, int ioprio);
66extern int cap_task_setnice (struct task_struct *p, int nice); 66extern int cap_task_setnice(struct task_struct *p, int nice);
67extern int cap_syslog (int type); 67extern int cap_syslog(int type);
68extern int cap_vm_enough_memory(struct mm_struct *mm, long pages); 68extern int cap_vm_enough_memory(struct mm_struct *mm, long pages);
69 69
70struct msghdr; 70struct msghdr;
@@ -128,7 +128,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
128{ 128{
129 int i; 129 int i;
130 if (opts->mnt_opts) 130 if (opts->mnt_opts)
131 for(i = 0; i < opts->num_mnt_opts; i++) 131 for (i = 0; i < opts->num_mnt_opts; i++)
132 kfree(opts->mnt_opts[i]); 132 kfree(opts->mnt_opts[i]);
133 kfree(opts->mnt_opts); 133 kfree(opts->mnt_opts);
134 opts->mnt_opts = NULL; 134 opts->mnt_opts = NULL;
@@ -190,21 +190,21 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
190 * @bprm contains the linux_binprm structure. 190 * @bprm contains the linux_binprm structure.
191 * Return 0 if the hook is successful and permission is granted. 191 * Return 0 if the hook is successful and permission is granted.
192 * @bprm_check_security: 192 * @bprm_check_security:
193 * This hook mediates the point when a search for a binary handler will 193 * This hook mediates the point when a search for a binary handler will
194 * begin. It allows a check the @bprm->security value which is set in 194 * begin. It allows a check the @bprm->security value which is set in
195 * the preceding set_security call. The primary difference from 195 * the preceding set_security call. The primary difference from
196 * set_security is that the argv list and envp list are reliably 196 * set_security is that the argv list and envp list are reliably
197 * available in @bprm. This hook may be called multiple times 197 * available in @bprm. This hook may be called multiple times
198 * during a single execve; and in each pass set_security is called 198 * during a single execve; and in each pass set_security is called
199 * first. 199 * first.
200 * @bprm contains the linux_binprm structure. 200 * @bprm contains the linux_binprm structure.
201 * Return 0 if the hook is successful and permission is granted. 201 * Return 0 if the hook is successful and permission is granted.
202 * @bprm_secureexec: 202 * @bprm_secureexec:
203 * Return a boolean value (0 or 1) indicating whether a "secure exec" 203 * Return a boolean value (0 or 1) indicating whether a "secure exec"
204 * is required. The flag is passed in the auxiliary table 204 * is required. The flag is passed in the auxiliary table
205 * on the initial stack to the ELF interpreter to indicate whether libc 205 * on the initial stack to the ELF interpreter to indicate whether libc
206 * should enable secure mode. 206 * should enable secure mode.
207 * @bprm contains the linux_binprm structure. 207 * @bprm contains the linux_binprm structure.
208 * 208 *
209 * Security hooks for filesystem operations. 209 * Security hooks for filesystem operations.
210 * 210 *
@@ -221,7 +221,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
221 * Check permission before obtaining filesystem statistics for the @mnt 221 * Check permission before obtaining filesystem statistics for the @mnt
222 * mountpoint. 222 * mountpoint.
223 * @dentry is a handle on the superblock for the filesystem. 223 * @dentry is a handle on the superblock for the filesystem.
224 * Return 0 if permission is granted. 224 * Return 0 if permission is granted.
225 * @sb_mount: 225 * @sb_mount:
226 * Check permission before an object specified by @dev_name is mounted on 226 * Check permission before an object specified by @dev_name is mounted on
227 * the mount point named by @nd. For an ordinary mount, @dev_name 227 * the mount point named by @nd. For an ordinary mount, @dev_name
@@ -282,12 +282,12 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
282 * @sb_pivotroot: 282 * @sb_pivotroot:
283 * Check permission before pivoting the root filesystem. 283 * Check permission before pivoting the root filesystem.
284 * @old_path contains the path for the new location of the current root (put_old). 284 * @old_path contains the path for the new location of the current root (put_old).
285 * @new_path contains the path for the new root (new_root). 285 * @new_path contains the path for the new root (new_root).
286 * Return 0 if permission is granted. 286 * Return 0 if permission is granted.
287 * @sb_post_pivotroot: 287 * @sb_post_pivotroot:
288 * Update module state after a successful pivot. 288 * Update module state after a successful pivot.
289 * @old_path contains the path for the old root. 289 * @old_path contains the path for the old root.
290 * @new_path contains the path for the new root. 290 * @new_path contains the path for the new root.
291 * @sb_get_mnt_opts: 291 * @sb_get_mnt_opts:
292 * Get the security relevant mount options used for a superblock 292 * Get the security relevant mount options used for a superblock
293 * @sb the superblock to get security mount options from 293 * @sb the superblock to get security mount options from
@@ -316,9 +316,9 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
316 * @inode_free_security: 316 * @inode_free_security:
317 * @inode contains the inode structure. 317 * @inode contains the inode structure.
318 * Deallocate the inode security structure and set @inode->i_security to 318 * Deallocate the inode security structure and set @inode->i_security to
319 * NULL. 319 * NULL.
320 * @inode_init_security: 320 * @inode_init_security:
321 * Obtain the security attribute name suffix and value to set on a newly 321 * Obtain the security attribute name suffix and value to set on a newly
322 * created inode and set up the incore security field for the new inode. 322 * created inode and set up the incore security field for the new inode.
323 * This hook is called by the fs code as part of the inode creation 323 * This hook is called by the fs code as part of the inode creation
324 * transaction and provides for atomic labeling of the inode, unlike 324 * transaction and provides for atomic labeling of the inode, unlike
@@ -349,7 +349,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
349 * @new_dentry contains the dentry structure for the new link. 349 * @new_dentry contains the dentry structure for the new link.
350 * Return 0 if permission is granted. 350 * Return 0 if permission is granted.
351 * @inode_unlink: 351 * @inode_unlink:
352 * Check the permission to remove a hard link to a file. 352 * Check the permission to remove a hard link to a file.
353 * @dir contains the inode structure of parent directory of the file. 353 * @dir contains the inode structure of parent directory of the file.
354 * @dentry contains the dentry structure for file to be unlinked. 354 * @dentry contains the dentry structure for file to be unlinked.
355 * Return 0 if permission is granted. 355 * Return 0 if permission is granted.
@@ -361,7 +361,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
361 * Return 0 if permission is granted. 361 * Return 0 if permission is granted.
362 * @inode_mkdir: 362 * @inode_mkdir:
363 * Check permissions to create a new directory in the existing directory 363 * Check permissions to create a new directory in the existing directory
364 * associated with inode strcture @dir. 364 * associated with inode strcture @dir.
365 * @dir containst the inode structure of parent of the directory to be created. 365 * @dir containst the inode structure of parent of the directory to be created.
366 * @dentry contains the dentry structure of new directory. 366 * @dentry contains the dentry structure of new directory.
367 * @mode contains the mode of new directory. 367 * @mode contains the mode of new directory.
@@ -406,7 +406,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
406 * called when the actual read/write operations are performed. 406 * called when the actual read/write operations are performed.
407 * @inode contains the inode structure to check. 407 * @inode contains the inode structure to check.
408 * @mask contains the permission mask. 408 * @mask contains the permission mask.
409 * @nd contains the nameidata (may be NULL). 409 * @nd contains the nameidata (may be NULL).
410 * Return 0 if permission is granted. 410 * Return 0 if permission is granted.
411 * @inode_setattr: 411 * @inode_setattr:
412 * Check permission before setting file attributes. Note that the kernel 412 * Check permission before setting file attributes. Note that the kernel
@@ -428,24 +428,24 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
428 * can use this hook to release any persistent label associated with the 428 * can use this hook to release any persistent label associated with the
429 * inode. 429 * inode.
430 * @inode_setxattr: 430 * @inode_setxattr:
431 * Check permission before setting the extended attributes 431 * Check permission before setting the extended attributes
432 * @value identified by @name for @dentry. 432 * @value identified by @name for @dentry.
433 * Return 0 if permission is granted. 433 * Return 0 if permission is granted.
434 * @inode_post_setxattr: 434 * @inode_post_setxattr:
435 * Update inode security field after successful setxattr operation. 435 * Update inode security field after successful setxattr operation.
436 * @value identified by @name for @dentry. 436 * @value identified by @name for @dentry.
437 * @inode_getxattr: 437 * @inode_getxattr:
438 * Check permission before obtaining the extended attributes 438 * Check permission before obtaining the extended attributes
439 * identified by @name for @dentry. 439 * identified by @name for @dentry.
440 * Return 0 if permission is granted. 440 * Return 0 if permission is granted.
441 * @inode_listxattr: 441 * @inode_listxattr:
442 * Check permission before obtaining the list of extended attribute 442 * Check permission before obtaining the list of extended attribute
443 * names for @dentry. 443 * names for @dentry.
444 * Return 0 if permission is granted. 444 * Return 0 if permission is granted.
445 * @inode_removexattr: 445 * @inode_removexattr:
446 * Check permission before removing the extended attribute 446 * Check permission before removing the extended attribute
447 * identified by @name for @dentry. 447 * identified by @name for @dentry.
448 * Return 0 if permission is granted. 448 * Return 0 if permission is granted.
449 * @inode_getsecurity: 449 * @inode_getsecurity:
450 * Retrieve a copy of the extended attribute representation of the 450 * Retrieve a copy of the extended attribute representation of the
451 * security label associated with @name for @inode via @buffer. Note that 451 * security label associated with @name for @inode via @buffer. Note that
@@ -457,7 +457,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
457 * Set the security label associated with @name for @inode from the 457 * Set the security label associated with @name for @inode from the
458 * extended attribute value @value. @size indicates the size of the 458 * extended attribute value @value. @size indicates the size of the
459 * @value in bytes. @flags may be XATTR_CREATE, XATTR_REPLACE, or 0. 459 * @value in bytes. @flags may be XATTR_CREATE, XATTR_REPLACE, or 0.
460 * Note that @name is the remainder of the attribute name after the 460 * Note that @name is the remainder of the attribute name after the
461 * security. prefix has been removed. 461 * security. prefix has been removed.
462 * Return 0 on success. 462 * Return 0 on success.
463 * @inode_listsecurity: 463 * @inode_listsecurity:
@@ -564,7 +564,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
564 * struct file, so the file structure (and associated security information) 564 * struct file, so the file structure (and associated security information)
565 * can always be obtained: 565 * can always be obtained:
566 * container_of(fown, struct file, f_owner) 566 * container_of(fown, struct file, f_owner)
567 * @tsk contains the structure of task receiving signal. 567 * @tsk contains the structure of task receiving signal.
568 * @fown contains the file owner information. 568 * @fown contains the file owner information.
569 * @sig is the signal that will be sent. When 0, kernel sends SIGIO. 569 * @sig is the signal that will be sent. When 0, kernel sends SIGIO.
570 * Return 0 if permission is granted. 570 * Return 0 if permission is granted.
@@ -722,12 +722,12 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
722 * @arg5 contains a argument. 722 * @arg5 contains a argument.
723 * Return 0 if permission is granted. 723 * Return 0 if permission is granted.
724 * @task_reparent_to_init: 724 * @task_reparent_to_init:
725 * Set the security attributes in @p->security for a kernel thread that 725 * Set the security attributes in @p->security for a kernel thread that
726 * is being reparented to the init task. 726 * is being reparented to the init task.
727 * @p contains the task_struct for the kernel thread. 727 * @p contains the task_struct for the kernel thread.
728 * @task_to_inode: 728 * @task_to_inode:
729 * Set the security attributes for an inode based on an associated task's 729 * Set the security attributes for an inode based on an associated task's
730 * security attributes, e.g. for /proc/pid inodes. 730 * security attributes, e.g. for /proc/pid inodes.
731 * @p contains the task_struct for the task. 731 * @p contains the task_struct for the task.
732 * @inode contains the inode structure for the inode. 732 * @inode contains the inode structure for the inode.
733 * 733 *
@@ -737,7 +737,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
737 * Save security information for a netlink message so that permission 737 * Save security information for a netlink message so that permission
738 * checking can be performed when the message is processed. The security 738 * checking can be performed when the message is processed. The security
739 * information can be saved using the eff_cap field of the 739 * information can be saved using the eff_cap field of the
740 * netlink_skb_parms structure. Also may be used to provide fine 740 * netlink_skb_parms structure. Also may be used to provide fine
741 * grained control over message transmission. 741 * grained control over message transmission.
742 * @sk associated sock of task sending the message., 742 * @sk associated sock of task sending the message.,
743 * @skb contains the sk_buff structure for the netlink message. 743 * @skb contains the sk_buff structure for the netlink message.
@@ -805,14 +805,14 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
805 * @sock contains the socket structure. 805 * @sock contains the socket structure.
806 * @address contains the address to bind to. 806 * @address contains the address to bind to.
807 * @addrlen contains the length of address. 807 * @addrlen contains the length of address.
808 * Return 0 if permission is granted. 808 * Return 0 if permission is granted.
809 * @socket_connect: 809 * @socket_connect:
810 * Check permission before socket protocol layer connect operation 810 * Check permission before socket protocol layer connect operation
811 * attempts to connect socket @sock to a remote address, @address. 811 * attempts to connect socket @sock to a remote address, @address.
812 * @sock contains the socket structure. 812 * @sock contains the socket structure.
813 * @address contains the address of remote endpoint. 813 * @address contains the address of remote endpoint.
814 * @addrlen contains the length of address. 814 * @addrlen contains the length of address.
815 * Return 0 if permission is granted. 815 * Return 0 if permission is granted.
816 * @socket_listen: 816 * @socket_listen:
817 * Check permission before socket protocol layer listen operation. 817 * Check permission before socket protocol layer listen operation.
818 * @sock contains the socket structure. 818 * @sock contains the socket structure.
@@ -842,7 +842,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
842 * @msg contains the message structure. 842 * @msg contains the message structure.
843 * @size contains the size of message structure. 843 * @size contains the size of message structure.
844 * @flags contains the operational flags. 844 * @flags contains the operational flags.
845 * Return 0 if permission is granted. 845 * Return 0 if permission is granted.
846 * @socket_getsockname: 846 * @socket_getsockname:
847 * Check permission before the local address (name) of the socket object 847 * Check permission before the local address (name) of the socket object
848 * @sock is retrieved. 848 * @sock is retrieved.
@@ -866,7 +866,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
866 * @sock contains the socket structure. 866 * @sock contains the socket structure.
867 * @level contains the protocol level to set options for. 867 * @level contains the protocol level to set options for.
868 * @optname contains the name of the option to set. 868 * @optname contains the name of the option to set.
869 * Return 0 if permission is granted. 869 * Return 0 if permission is granted.
870 * @socket_shutdown: 870 * @socket_shutdown:
871 * Checks permission before all or part of a connection on the socket 871 * Checks permission before all or part of a connection on the socket
872 * @sock is shut down. 872 * @sock is shut down.
@@ -893,19 +893,19 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
893 * Return 0 if all is well, otherwise, typical getsockopt return 893 * Return 0 if all is well, otherwise, typical getsockopt return
894 * values. 894 * values.
895 * @socket_getpeersec_dgram: 895 * @socket_getpeersec_dgram:
896 * This hook allows the security module to provide peer socket security 896 * This hook allows the security module to provide peer socket security
897 * state for udp sockets on a per-packet basis to userspace via 897 * state for udp sockets on a per-packet basis to userspace via
898 * getsockopt SO_GETPEERSEC. The application must first have indicated 898 * getsockopt SO_GETPEERSEC. The application must first have indicated
899 * the IP_PASSSEC option via getsockopt. It can then retrieve the 899 * the IP_PASSSEC option via getsockopt. It can then retrieve the
900 * security state returned by this hook for a packet via the SCM_SECURITY 900 * security state returned by this hook for a packet via the SCM_SECURITY
901 * ancillary message type. 901 * ancillary message type.
902 * @skb is the skbuff for the packet being queried 902 * @skb is the skbuff for the packet being queried
903 * @secdata is a pointer to a buffer in which to copy the security data 903 * @secdata is a pointer to a buffer in which to copy the security data
904 * @seclen is the maximum length for @secdata 904 * @seclen is the maximum length for @secdata
905 * Return 0 on success, error on failure. 905 * Return 0 on success, error on failure.
906 * @sk_alloc_security: 906 * @sk_alloc_security:
907 * Allocate and attach a security structure to the sk->sk_security field, 907 * Allocate and attach a security structure to the sk->sk_security field,
908 * which is used to copy security attributes between local stream sockets. 908 * which is used to copy security attributes between local stream sockets.
909 * @sk_free_security: 909 * @sk_free_security:
910 * Deallocate security structure. 910 * Deallocate security structure.
911 * @sk_clone_security: 911 * @sk_clone_security:
@@ -920,7 +920,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
920 * @inet_csk_clone: 920 * @inet_csk_clone:
921 * Sets the new child socket's sid to the openreq sid. 921 * Sets the new child socket's sid to the openreq sid.
922 * @inet_conn_established: 922 * @inet_conn_established:
923 * Sets the connection's peersid to the secmark on skb. 923 * Sets the connection's peersid to the secmark on skb.
924 * @req_classify_flow: 924 * @req_classify_flow:
925 * Sets the flow's sid to the openreq sid. 925 * Sets the flow's sid to the openreq sid.
926 * 926 *
@@ -999,13 +999,13 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
999 * No return value. 999 * No return value.
1000 * @key_permission: 1000 * @key_permission:
1001 * See whether a specific operational right is granted to a process on a 1001 * See whether a specific operational right is granted to a process on a
1002 * key. 1002 * key.
1003 * @key_ref refers to the key (key pointer + possession attribute bit). 1003 * @key_ref refers to the key (key pointer + possession attribute bit).
1004 * @context points to the process to provide the context against which to 1004 * @context points to the process to provide the context against which to
1005 * evaluate the security data on the key. 1005 * evaluate the security data on the key.
1006 * @perm describes the combination of permissions required of this key. 1006 * @perm describes the combination of permissions required of this key.
1007 * Return 1 if permission granted, 0 if permission denied and -ve it the 1007 * Return 1 if permission granted, 0 if permission denied and -ve it the
1008 * normal permissions model should be effected. 1008 * normal permissions model should be effected.
1009 * 1009 *
1010 * Security hooks affecting all System V IPC operations. 1010 * Security hooks affecting all System V IPC operations.
1011 * 1011 *
@@ -1056,7 +1056,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1056 * The @msq may be NULL, e.g. for IPC_INFO or MSG_INFO. 1056 * The @msq may be NULL, e.g. for IPC_INFO or MSG_INFO.
1057 * @msq contains the message queue to act upon. May be NULL. 1057 * @msq contains the message queue to act upon. May be NULL.
1058 * @cmd contains the operation to be performed. 1058 * @cmd contains the operation to be performed.
1059 * Return 0 if permission is granted. 1059 * Return 0 if permission is granted.
1060 * @msg_queue_msgsnd: 1060 * @msg_queue_msgsnd:
1061 * Check permission before a message, @msg, is enqueued on the message 1061 * Check permission before a message, @msg, is enqueued on the message
1062 * queue, @msq. 1062 * queue, @msq.
@@ -1066,8 +1066,8 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1066 * Return 0 if permission is granted. 1066 * Return 0 if permission is granted.
1067 * @msg_queue_msgrcv: 1067 * @msg_queue_msgrcv:
1068 * Check permission before a message, @msg, is removed from the message 1068 * Check permission before a message, @msg, is removed from the message
1069 * queue, @msq. The @target task structure contains a pointer to the 1069 * queue, @msq. The @target task structure contains a pointer to the
1070 * process that will be receiving the message (not equal to the current 1070 * process that will be receiving the message (not equal to the current
1071 * process when inline receives are being performed). 1071 * process when inline receives are being performed).
1072 * @msq contains the message queue to retrieve message from. 1072 * @msq contains the message queue to retrieve message from.
1073 * @msg contains the message destination. 1073 * @msg contains the message destination.
@@ -1132,15 +1132,15 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1132 * Return 0 if permission is granted. 1132 * Return 0 if permission is granted.
1133 * @sem_semctl: 1133 * @sem_semctl:
1134 * Check permission when a semaphore operation specified by @cmd is to be 1134 * Check permission when a semaphore operation specified by @cmd is to be
1135 * performed on the semaphore @sma. The @sma may be NULL, e.g. for 1135 * performed on the semaphore @sma. The @sma may be NULL, e.g. for
1136 * IPC_INFO or SEM_INFO. 1136 * IPC_INFO or SEM_INFO.
1137 * @sma contains the semaphore structure. May be NULL. 1137 * @sma contains the semaphore structure. May be NULL.
1138 * @cmd contains the operation to be performed. 1138 * @cmd contains the operation to be performed.
1139 * Return 0 if permission is granted. 1139 * Return 0 if permission is granted.
1140 * @sem_semop 1140 * @sem_semop
1141 * Check permissions before performing operations on members of the 1141 * Check permissions before performing operations on members of the
1142 * semaphore set @sma. If the @alter flag is nonzero, the semaphore set 1142 * semaphore set @sma. If the @alter flag is nonzero, the semaphore set
1143 * may be modified. 1143 * may be modified.
1144 * @sma contains the semaphore structure. 1144 * @sma contains the semaphore structure.
1145 * @sops contains the operations to perform. 1145 * @sops contains the operations to perform.
1146 * @nsops contains the number of operations to perform. 1146 * @nsops contains the number of operations to perform.
@@ -1211,7 +1211,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1211 * @syslog: 1211 * @syslog:
1212 * Check permission before accessing the kernel message ring or changing 1212 * Check permission before accessing the kernel message ring or changing
1213 * logging to the console. 1213 * logging to the console.
1214 * See the syslog(2) manual page for an explanation of the @type values. 1214 * See the syslog(2) manual page for an explanation of the @type values.
1215 * @type contains the type of action. 1215 * @type contains the type of action.
1216 * Return 0 if permission is granted. 1216 * Return 0 if permission is granted.
1217 * @settime: 1217 * @settime:
@@ -1223,22 +1223,22 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1223 * @vm_enough_memory: 1223 * @vm_enough_memory:
1224 * Check permissions for allocating a new virtual mapping. 1224 * Check permissions for allocating a new virtual mapping.
1225 * @mm contains the mm struct it is being added to. 1225 * @mm contains the mm struct it is being added to.
1226 * @pages contains the number of pages. 1226 * @pages contains the number of pages.
1227 * Return 0 if permission is granted. 1227 * Return 0 if permission is granted.
1228 * 1228 *
1229 * @register_security: 1229 * @register_security:
1230 * allow module stacking. 1230 * allow module stacking.
1231 * @name contains the name of the security module being stacked. 1231 * @name contains the name of the security module being stacked.
1232 * @ops contains a pointer to the struct security_operations of the module to stack. 1232 * @ops contains a pointer to the struct security_operations of the module to stack.
1233 * 1233 *
1234 * @secid_to_secctx: 1234 * @secid_to_secctx:
1235 * Convert secid to security context. 1235 * Convert secid to security context.
1236 * @secid contains the security ID. 1236 * @secid contains the security ID.
1237 * @secdata contains the pointer that stores the converted security context. 1237 * @secdata contains the pointer that stores the converted security context.
1238 * @secctx_to_secid: 1238 * @secctx_to_secid:
1239 * Convert security context to secid. 1239 * Convert security context to secid.
1240 * @secid contains the pointer to the generated security ID. 1240 * @secid contains the pointer to the generated security ID.
1241 * @secdata contains the security context. 1241 * @secdata contains the security context.
1242 * 1242 *
1243 * @release_secctx: 1243 * @release_secctx:
1244 * Release the security context. 1244 * Release the security context.
@@ -1281,49 +1281,49 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
1281struct security_operations { 1281struct security_operations {
1282 char name[SECURITY_NAME_MAX + 1]; 1282 char name[SECURITY_NAME_MAX + 1];
1283 1283
1284 int (*ptrace) (struct task_struct * parent, struct task_struct * child); 1284 int (*ptrace) (struct task_struct *parent, struct task_struct *child);
1285 int (*capget) (struct task_struct * target, 1285 int (*capget) (struct task_struct *target,
1286 kernel_cap_t * effective, 1286 kernel_cap_t *effective,
1287 kernel_cap_t * inheritable, kernel_cap_t * permitted); 1287 kernel_cap_t *inheritable, kernel_cap_t *permitted);
1288 int (*capset_check) (struct task_struct * target, 1288 int (*capset_check) (struct task_struct *target,
1289 kernel_cap_t * effective, 1289 kernel_cap_t *effective,
1290 kernel_cap_t * inheritable, 1290 kernel_cap_t *inheritable,
1291 kernel_cap_t * permitted); 1291 kernel_cap_t *permitted);
1292 void (*capset_set) (struct task_struct * target, 1292 void (*capset_set) (struct task_struct *target,
1293 kernel_cap_t * effective, 1293 kernel_cap_t *effective,
1294 kernel_cap_t * inheritable, 1294 kernel_cap_t *inheritable,
1295 kernel_cap_t * permitted); 1295 kernel_cap_t *permitted);
1296 int (*capable) (struct task_struct * tsk, int cap); 1296 int (*capable) (struct task_struct *tsk, int cap);
1297 int (*acct) (struct file * file); 1297 int (*acct) (struct file *file);
1298 int (*sysctl) (struct ctl_table * table, int op); 1298 int (*sysctl) (struct ctl_table *table, int op);
1299 int (*quotactl) (int cmds, int type, int id, struct super_block * sb); 1299 int (*quotactl) (int cmds, int type, int id, struct super_block *sb);
1300 int (*quota_on) (struct dentry * dentry); 1300 int (*quota_on) (struct dentry *dentry);
1301 int (*syslog) (int type); 1301 int (*syslog) (int type);
1302 int (*settime) (struct timespec *ts, struct timezone *tz); 1302 int (*settime) (struct timespec *ts, struct timezone *tz);
1303 int (*vm_enough_memory) (struct mm_struct *mm, long pages); 1303 int (*vm_enough_memory) (struct mm_struct *mm, long pages);
1304 1304
1305 int (*bprm_alloc_security) (struct linux_binprm * bprm); 1305 int (*bprm_alloc_security) (struct linux_binprm *bprm);
1306 void (*bprm_free_security) (struct linux_binprm * bprm); 1306 void (*bprm_free_security) (struct linux_binprm *bprm);
1307 void (*bprm_apply_creds) (struct linux_binprm * bprm, int unsafe); 1307 void (*bprm_apply_creds) (struct linux_binprm *bprm, int unsafe);
1308 void (*bprm_post_apply_creds) (struct linux_binprm * bprm); 1308 void (*bprm_post_apply_creds) (struct linux_binprm *bprm);
1309 int (*bprm_set_security) (struct linux_binprm * bprm); 1309 int (*bprm_set_security) (struct linux_binprm *bprm);
1310 int (*bprm_check_security) (struct linux_binprm * bprm); 1310 int (*bprm_check_security) (struct linux_binprm *bprm);
1311 int (*bprm_secureexec) (struct linux_binprm * bprm); 1311 int (*bprm_secureexec) (struct linux_binprm *bprm);
1312 1312
1313 int (*sb_alloc_security) (struct super_block * sb); 1313 int (*sb_alloc_security) (struct super_block *sb);
1314 void (*sb_free_security) (struct super_block * sb); 1314 void (*sb_free_security) (struct super_block *sb);
1315 int (*sb_copy_data)(char *orig, char *copy); 1315 int (*sb_copy_data) (char *orig, char *copy);
1316 int (*sb_kern_mount) (struct super_block *sb, void *data); 1316 int (*sb_kern_mount) (struct super_block *sb, void *data);
1317 int (*sb_statfs) (struct dentry *dentry); 1317 int (*sb_statfs) (struct dentry *dentry);
1318 int (*sb_mount) (char *dev_name, struct path *path, 1318 int (*sb_mount) (char *dev_name, struct path *path,
1319 char *type, unsigned long flags, void *data); 1319 char *type, unsigned long flags, void *data);
1320 int (*sb_check_sb) (struct vfsmount * mnt, struct path *path); 1320 int (*sb_check_sb) (struct vfsmount *mnt, struct path *path);
1321 int (*sb_umount) (struct vfsmount * mnt, int flags); 1321 int (*sb_umount) (struct vfsmount *mnt, int flags);
1322 void (*sb_umount_close) (struct vfsmount * mnt); 1322 void (*sb_umount_close) (struct vfsmount *mnt);
1323 void (*sb_umount_busy) (struct vfsmount * mnt); 1323 void (*sb_umount_busy) (struct vfsmount *mnt);
1324 void (*sb_post_remount) (struct vfsmount * mnt, 1324 void (*sb_post_remount) (struct vfsmount *mnt,
1325 unsigned long flags, void *data); 1325 unsigned long flags, void *data);
1326 void (*sb_post_addmount) (struct vfsmount * mnt, 1326 void (*sb_post_addmount) (struct vfsmount *mnt,
1327 struct path *mountpoint); 1327 struct path *mountpoint);
1328 int (*sb_pivotroot) (struct path *old_path, 1328 int (*sb_pivotroot) (struct path *old_path,
1329 struct path *new_path); 1329 struct path *new_path);
@@ -1337,29 +1337,29 @@ struct security_operations {
1337 struct super_block *newsb); 1337 struct super_block *newsb);
1338 int (*sb_parse_opts_str) (char *options, struct security_mnt_opts *opts); 1338 int (*sb_parse_opts_str) (char *options, struct security_mnt_opts *opts);
1339 1339
1340 int (*inode_alloc_security) (struct inode *inode); 1340 int (*inode_alloc_security) (struct inode *inode);
1341 void (*inode_free_security) (struct inode *inode); 1341 void (*inode_free_security) (struct inode *inode);
1342 int (*inode_init_security) (struct inode *inode, struct inode *dir, 1342 int (*inode_init_security) (struct inode *inode, struct inode *dir,
1343 char **name, void **value, size_t *len); 1343 char **name, void **value, size_t *len);
1344 int (*inode_create) (struct inode *dir, 1344 int (*inode_create) (struct inode *dir,
1345 struct dentry *dentry, int mode); 1345 struct dentry *dentry, int mode);
1346 int (*inode_link) (struct dentry *old_dentry, 1346 int (*inode_link) (struct dentry *old_dentry,
1347 struct inode *dir, struct dentry *new_dentry); 1347 struct inode *dir, struct dentry *new_dentry);
1348 int (*inode_unlink) (struct inode *dir, struct dentry *dentry); 1348 int (*inode_unlink) (struct inode *dir, struct dentry *dentry);
1349 int (*inode_symlink) (struct inode *dir, 1349 int (*inode_symlink) (struct inode *dir,
1350 struct dentry *dentry, const char *old_name); 1350 struct dentry *dentry, const char *old_name);
1351 int (*inode_mkdir) (struct inode *dir, struct dentry *dentry, int mode); 1351 int (*inode_mkdir) (struct inode *dir, struct dentry *dentry, int mode);
1352 int (*inode_rmdir) (struct inode *dir, struct dentry *dentry); 1352 int (*inode_rmdir) (struct inode *dir, struct dentry *dentry);
1353 int (*inode_mknod) (struct inode *dir, struct dentry *dentry, 1353 int (*inode_mknod) (struct inode *dir, struct dentry *dentry,
1354 int mode, dev_t dev); 1354 int mode, dev_t dev);
1355 int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry, 1355 int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry,
1356 struct inode *new_dir, struct dentry *new_dentry); 1356 struct inode *new_dir, struct dentry *new_dentry);
1357 int (*inode_readlink) (struct dentry *dentry); 1357 int (*inode_readlink) (struct dentry *dentry);
1358 int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd); 1358 int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd);
1359 int (*inode_permission) (struct inode *inode, int mask, struct nameidata *nd); 1359 int (*inode_permission) (struct inode *inode, int mask, struct nameidata *nd);
1360 int (*inode_setattr) (struct dentry *dentry, struct iattr *attr); 1360 int (*inode_setattr) (struct dentry *dentry, struct iattr *attr);
1361 int (*inode_getattr) (struct vfsmount *mnt, struct dentry *dentry); 1361 int (*inode_getattr) (struct vfsmount *mnt, struct dentry *dentry);
1362 void (*inode_delete) (struct inode *inode); 1362 void (*inode_delete) (struct inode *inode);
1363 int (*inode_setxattr) (struct dentry *dentry, char *name, void *value, 1363 int (*inode_setxattr) (struct dentry *dentry, char *name, void *value,
1364 size_t size, int flags); 1364 size_t size, int flags);
1365 void (*inode_post_setxattr) (struct dentry *dentry, char *name, void *value, 1365 void (*inode_post_setxattr) (struct dentry *dentry, char *name, void *value,
@@ -1369,145 +1369,145 @@ struct security_operations {
1369 int (*inode_removexattr) (struct dentry *dentry, char *name); 1369 int (*inode_removexattr) (struct dentry *dentry, char *name);
1370 int (*inode_need_killpriv) (struct dentry *dentry); 1370 int (*inode_need_killpriv) (struct dentry *dentry);
1371 int (*inode_killpriv) (struct dentry *dentry); 1371 int (*inode_killpriv) (struct dentry *dentry);
1372 int (*inode_getsecurity)(const struct inode *inode, const char *name, void **buffer, bool alloc); 1372 int (*inode_getsecurity) (const struct inode *inode, const char *name, void **buffer, bool alloc);
1373 int (*inode_setsecurity)(struct inode *inode, const char *name, const void *value, size_t size, int flags); 1373 int (*inode_setsecurity) (struct inode *inode, const char *name, const void *value, size_t size, int flags);
1374 int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t buffer_size); 1374 int (*inode_listsecurity) (struct inode *inode, char *buffer, size_t buffer_size);
1375 void (*inode_getsecid)(const struct inode *inode, u32 *secid); 1375 void (*inode_getsecid) (const struct inode *inode, u32 *secid);
1376 1376
1377 int (*file_permission) (struct file * file, int mask); 1377 int (*file_permission) (struct file *file, int mask);
1378 int (*file_alloc_security) (struct file * file); 1378 int (*file_alloc_security) (struct file *file);
1379 void (*file_free_security) (struct file * file); 1379 void (*file_free_security) (struct file *file);
1380 int (*file_ioctl) (struct file * file, unsigned int cmd, 1380 int (*file_ioctl) (struct file *file, unsigned int cmd,
1381 unsigned long arg); 1381 unsigned long arg);
1382 int (*file_mmap) (struct file * file, 1382 int (*file_mmap) (struct file *file,
1383 unsigned long reqprot, unsigned long prot, 1383 unsigned long reqprot, unsigned long prot,
1384 unsigned long flags, unsigned long addr, 1384 unsigned long flags, unsigned long addr,
1385 unsigned long addr_only); 1385 unsigned long addr_only);
1386 int (*file_mprotect) (struct vm_area_struct * vma, 1386 int (*file_mprotect) (struct vm_area_struct *vma,
1387 unsigned long reqprot, 1387 unsigned long reqprot,
1388 unsigned long prot); 1388 unsigned long prot);
1389 int (*file_lock) (struct file * file, unsigned int cmd); 1389 int (*file_lock) (struct file *file, unsigned int cmd);
1390 int (*file_fcntl) (struct file * file, unsigned int cmd, 1390 int (*file_fcntl) (struct file *file, unsigned int cmd,
1391 unsigned long arg); 1391 unsigned long arg);
1392 int (*file_set_fowner) (struct file * file); 1392 int (*file_set_fowner) (struct file *file);
1393 int (*file_send_sigiotask) (struct task_struct * tsk, 1393 int (*file_send_sigiotask) (struct task_struct *tsk,
1394 struct fown_struct * fown, int sig); 1394 struct fown_struct *fown, int sig);
1395 int (*file_receive) (struct file * file); 1395 int (*file_receive) (struct file *file);
1396 int (*dentry_open) (struct file *file); 1396 int (*dentry_open) (struct file *file);
1397 1397
1398 int (*task_create) (unsigned long clone_flags); 1398 int (*task_create) (unsigned long clone_flags);
1399 int (*task_alloc_security) (struct task_struct * p); 1399 int (*task_alloc_security) (struct task_struct *p);
1400 void (*task_free_security) (struct task_struct * p); 1400 void (*task_free_security) (struct task_struct *p);
1401 int (*task_setuid) (uid_t id0, uid_t id1, uid_t id2, int flags); 1401 int (*task_setuid) (uid_t id0, uid_t id1, uid_t id2, int flags);
1402 int (*task_post_setuid) (uid_t old_ruid /* or fsuid */ , 1402 int (*task_post_setuid) (uid_t old_ruid /* or fsuid */ ,
1403 uid_t old_euid, uid_t old_suid, int flags); 1403 uid_t old_euid, uid_t old_suid, int flags);
1404 int (*task_setgid) (gid_t id0, gid_t id1, gid_t id2, int flags); 1404 int (*task_setgid) (gid_t id0, gid_t id1, gid_t id2, int flags);
1405 int (*task_setpgid) (struct task_struct * p, pid_t pgid); 1405 int (*task_setpgid) (struct task_struct *p, pid_t pgid);
1406 int (*task_getpgid) (struct task_struct * p); 1406 int (*task_getpgid) (struct task_struct *p);
1407 int (*task_getsid) (struct task_struct * p); 1407 int (*task_getsid) (struct task_struct *p);
1408 void (*task_getsecid) (struct task_struct * p, u32 * secid); 1408 void (*task_getsecid) (struct task_struct *p, u32 *secid);
1409 int (*task_setgroups) (struct group_info *group_info); 1409 int (*task_setgroups) (struct group_info *group_info);
1410 int (*task_setnice) (struct task_struct * p, int nice); 1410 int (*task_setnice) (struct task_struct *p, int nice);
1411 int (*task_setioprio) (struct task_struct * p, int ioprio); 1411 int (*task_setioprio) (struct task_struct *p, int ioprio);
1412 int (*task_getioprio) (struct task_struct * p); 1412 int (*task_getioprio) (struct task_struct *p);
1413 int (*task_setrlimit) (unsigned int resource, struct rlimit * new_rlim); 1413 int (*task_setrlimit) (unsigned int resource, struct rlimit *new_rlim);
1414 int (*task_setscheduler) (struct task_struct * p, int policy, 1414 int (*task_setscheduler) (struct task_struct *p, int policy,
1415 struct sched_param * lp); 1415 struct sched_param *lp);
1416 int (*task_getscheduler) (struct task_struct * p); 1416 int (*task_getscheduler) (struct task_struct *p);
1417 int (*task_movememory) (struct task_struct * p); 1417 int (*task_movememory) (struct task_struct *p);
1418 int (*task_kill) (struct task_struct * p, 1418 int (*task_kill) (struct task_struct *p,
1419 struct siginfo * info, int sig, u32 secid); 1419 struct siginfo *info, int sig, u32 secid);
1420 int (*task_wait) (struct task_struct * p); 1420 int (*task_wait) (struct task_struct *p);
1421 int (*task_prctl) (int option, unsigned long arg2, 1421 int (*task_prctl) (int option, unsigned long arg2,
1422 unsigned long arg3, unsigned long arg4, 1422 unsigned long arg3, unsigned long arg4,
1423 unsigned long arg5); 1423 unsigned long arg5);
1424 void (*task_reparent_to_init) (struct task_struct * p); 1424 void (*task_reparent_to_init) (struct task_struct *p);
1425 void (*task_to_inode)(struct task_struct *p, struct inode *inode); 1425 void (*task_to_inode) (struct task_struct *p, struct inode *inode);
1426 1426
1427 int (*ipc_permission) (struct kern_ipc_perm * ipcp, short flag); 1427 int (*ipc_permission) (struct kern_ipc_perm *ipcp, short flag);
1428 void (*ipc_getsecid) (struct kern_ipc_perm *ipcp, u32 *secid); 1428 void (*ipc_getsecid) (struct kern_ipc_perm *ipcp, u32 *secid);
1429 1429
1430 int (*msg_msg_alloc_security) (struct msg_msg * msg); 1430 int (*msg_msg_alloc_security) (struct msg_msg *msg);
1431 void (*msg_msg_free_security) (struct msg_msg * msg); 1431 void (*msg_msg_free_security) (struct msg_msg *msg);
1432 1432
1433 int (*msg_queue_alloc_security) (struct msg_queue * msq); 1433 int (*msg_queue_alloc_security) (struct msg_queue *msq);
1434 void (*msg_queue_free_security) (struct msg_queue * msq); 1434 void (*msg_queue_free_security) (struct msg_queue *msq);
1435 int (*msg_queue_associate) (struct msg_queue * msq, int msqflg); 1435 int (*msg_queue_associate) (struct msg_queue *msq, int msqflg);
1436 int (*msg_queue_msgctl) (struct msg_queue * msq, int cmd); 1436 int (*msg_queue_msgctl) (struct msg_queue *msq, int cmd);
1437 int (*msg_queue_msgsnd) (struct msg_queue * msq, 1437 int (*msg_queue_msgsnd) (struct msg_queue *msq,
1438 struct msg_msg * msg, int msqflg); 1438 struct msg_msg *msg, int msqflg);
1439 int (*msg_queue_msgrcv) (struct msg_queue * msq, 1439 int (*msg_queue_msgrcv) (struct msg_queue *msq,
1440 struct msg_msg * msg, 1440 struct msg_msg *msg,
1441 struct task_struct * target, 1441 struct task_struct *target,
1442 long type, int mode); 1442 long type, int mode);
1443 1443
1444 int (*shm_alloc_security) (struct shmid_kernel * shp); 1444 int (*shm_alloc_security) (struct shmid_kernel *shp);
1445 void (*shm_free_security) (struct shmid_kernel * shp); 1445 void (*shm_free_security) (struct shmid_kernel *shp);
1446 int (*shm_associate) (struct shmid_kernel * shp, int shmflg); 1446 int (*shm_associate) (struct shmid_kernel *shp, int shmflg);
1447 int (*shm_shmctl) (struct shmid_kernel * shp, int cmd); 1447 int (*shm_shmctl) (struct shmid_kernel *shp, int cmd);
1448 int (*shm_shmat) (struct shmid_kernel * shp, 1448 int (*shm_shmat) (struct shmid_kernel *shp,
1449 char __user *shmaddr, int shmflg); 1449 char __user *shmaddr, int shmflg);
1450 1450
1451 int (*sem_alloc_security) (struct sem_array * sma); 1451 int (*sem_alloc_security) (struct sem_array *sma);
1452 void (*sem_free_security) (struct sem_array * sma); 1452 void (*sem_free_security) (struct sem_array *sma);
1453 int (*sem_associate) (struct sem_array * sma, int semflg); 1453 int (*sem_associate) (struct sem_array *sma, int semflg);
1454 int (*sem_semctl) (struct sem_array * sma, int cmd); 1454 int (*sem_semctl) (struct sem_array *sma, int cmd);
1455 int (*sem_semop) (struct sem_array * sma, 1455 int (*sem_semop) (struct sem_array *sma,
1456 struct sembuf * sops, unsigned nsops, int alter); 1456 struct sembuf *sops, unsigned nsops, int alter);
1457 1457
1458 int (*netlink_send) (struct sock * sk, struct sk_buff * skb); 1458 int (*netlink_send) (struct sock *sk, struct sk_buff *skb);
1459 int (*netlink_recv) (struct sk_buff * skb, int cap); 1459 int (*netlink_recv) (struct sk_buff *skb, int cap);
1460 1460
1461 /* allow module stacking */ 1461 /* allow module stacking */
1462 int (*register_security) (const char *name, 1462 int (*register_security) (const char *name,
1463 struct security_operations *ops); 1463 struct security_operations *ops);
1464 1464
1465 void (*d_instantiate) (struct dentry *dentry, struct inode *inode); 1465 void (*d_instantiate) (struct dentry *dentry, struct inode *inode);
1466 1466
1467 int (*getprocattr)(struct task_struct *p, char *name, char **value); 1467 int (*getprocattr) (struct task_struct *p, char *name, char **value);
1468 int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size); 1468 int (*setprocattr) (struct task_struct *p, char *name, void *value, size_t size);
1469 int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen); 1469 int (*secid_to_secctx) (u32 secid, char **secdata, u32 *seclen);
1470 int (*secctx_to_secid)(char *secdata, u32 seclen, u32 *secid); 1470 int (*secctx_to_secid) (char *secdata, u32 seclen, u32 *secid);
1471 void (*release_secctx)(char *secdata, u32 seclen); 1471 void (*release_secctx) (char *secdata, u32 seclen);
1472 1472
1473#ifdef CONFIG_SECURITY_NETWORK 1473#ifdef CONFIG_SECURITY_NETWORK
1474 int (*unix_stream_connect) (struct socket * sock, 1474 int (*unix_stream_connect) (struct socket *sock,
1475 struct socket * other, struct sock * newsk); 1475 struct socket *other, struct sock *newsk);
1476 int (*unix_may_send) (struct socket * sock, struct socket * other); 1476 int (*unix_may_send) (struct socket *sock, struct socket *other);
1477 1477
1478 int (*socket_create) (int family, int type, int protocol, int kern); 1478 int (*socket_create) (int family, int type, int protocol, int kern);
1479 int (*socket_post_create) (struct socket * sock, int family, 1479 int (*socket_post_create) (struct socket *sock, int family,
1480 int type, int protocol, int kern); 1480 int type, int protocol, int kern);
1481 int (*socket_bind) (struct socket * sock, 1481 int (*socket_bind) (struct socket *sock,
1482 struct sockaddr * address, int addrlen); 1482 struct sockaddr *address, int addrlen);
1483 int (*socket_connect) (struct socket * sock, 1483 int (*socket_connect) (struct socket *sock,
1484 struct sockaddr * address, int addrlen); 1484 struct sockaddr *address, int addrlen);
1485 int (*socket_listen) (struct socket * sock, int backlog); 1485 int (*socket_listen) (struct socket *sock, int backlog);
1486 int (*socket_accept) (struct socket * sock, struct socket * newsock); 1486 int (*socket_accept) (struct socket *sock, struct socket *newsock);
1487 void (*socket_post_accept) (struct socket * sock, 1487 void (*socket_post_accept) (struct socket *sock,
1488 struct socket * newsock); 1488 struct socket *newsock);
1489 int (*socket_sendmsg) (struct socket * sock, 1489 int (*socket_sendmsg) (struct socket *sock,
1490 struct msghdr * msg, int size); 1490 struct msghdr *msg, int size);
1491 int (*socket_recvmsg) (struct socket * sock, 1491 int (*socket_recvmsg) (struct socket *sock,
1492 struct msghdr * msg, int size, int flags); 1492 struct msghdr *msg, int size, int flags);
1493 int (*socket_getsockname) (struct socket * sock); 1493 int (*socket_getsockname) (struct socket *sock);
1494 int (*socket_getpeername) (struct socket * sock); 1494 int (*socket_getpeername) (struct socket *sock);
1495 int (*socket_getsockopt) (struct socket * sock, int level, int optname); 1495 int (*socket_getsockopt) (struct socket *sock, int level, int optname);
1496 int (*socket_setsockopt) (struct socket * sock, int level, int optname); 1496 int (*socket_setsockopt) (struct socket *sock, int level, int optname);
1497 int (*socket_shutdown) (struct socket * sock, int how); 1497 int (*socket_shutdown) (struct socket *sock, int how);
1498 int (*socket_sock_rcv_skb) (struct sock * sk, struct sk_buff * skb); 1498 int (*socket_sock_rcv_skb) (struct sock *sk, struct sk_buff *skb);
1499 int (*socket_getpeersec_stream) (struct socket *sock, char __user *optval, int __user *optlen, unsigned len); 1499 int (*socket_getpeersec_stream) (struct socket *sock, char __user *optval, int __user *optlen, unsigned len);
1500 int (*socket_getpeersec_dgram) (struct socket *sock, struct sk_buff *skb, u32 *secid); 1500 int (*socket_getpeersec_dgram) (struct socket *sock, struct sk_buff *skb, u32 *secid);
1501 int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority); 1501 int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority);
1502 void (*sk_free_security) (struct sock *sk); 1502 void (*sk_free_security) (struct sock *sk);
1503 void (*sk_clone_security) (const struct sock *sk, struct sock *newsk); 1503 void (*sk_clone_security) (const struct sock *sk, struct sock *newsk);
1504 void (*sk_getsecid) (struct sock *sk, u32 *secid); 1504 void (*sk_getsecid) (struct sock *sk, u32 *secid);
1505 void (*sock_graft)(struct sock* sk, struct socket *parent); 1505 void (*sock_graft) (struct sock *sk, struct socket *parent);
1506 int (*inet_conn_request)(struct sock *sk, struct sk_buff *skb, 1506 int (*inet_conn_request) (struct sock *sk, struct sk_buff *skb,
1507 struct request_sock *req); 1507 struct request_sock *req);
1508 void (*inet_csk_clone)(struct sock *newsk, const struct request_sock *req); 1508 void (*inet_csk_clone) (struct sock *newsk, const struct request_sock *req);
1509 void (*inet_conn_established)(struct sock *sk, struct sk_buff *skb); 1509 void (*inet_conn_established) (struct sock *sk, struct sk_buff *skb);
1510 void (*req_classify_flow)(const struct request_sock *req, struct flowi *fl); 1510 void (*req_classify_flow) (const struct request_sock *req, struct flowi *fl);
1511#endif /* CONFIG_SECURITY_NETWORK */ 1511#endif /* CONFIG_SECURITY_NETWORK */
1512 1512
1513#ifdef CONFIG_SECURITY_NETWORK_XFRM 1513#ifdef CONFIG_SECURITY_NETWORK_XFRM
@@ -1521,57 +1521,57 @@ struct security_operations {
1521 u32 secid); 1521 u32 secid);
1522 void (*xfrm_state_free_security) (struct xfrm_state *x); 1522 void (*xfrm_state_free_security) (struct xfrm_state *x);
1523 int (*xfrm_state_delete_security) (struct xfrm_state *x); 1523 int (*xfrm_state_delete_security) (struct xfrm_state *x);
1524 int (*xfrm_policy_lookup)(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir); 1524 int (*xfrm_policy_lookup) (struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir);
1525 int (*xfrm_state_pol_flow_match)(struct xfrm_state *x, 1525 int (*xfrm_state_pol_flow_match) (struct xfrm_state *x,
1526 struct xfrm_policy *xp, struct flowi *fl); 1526 struct xfrm_policy *xp,
1527 int (*xfrm_decode_session)(struct sk_buff *skb, u32 *secid, int ckall); 1527 struct flowi *fl);
1528 int (*xfrm_decode_session) (struct sk_buff *skb, u32 *secid, int ckall);
1528#endif /* CONFIG_SECURITY_NETWORK_XFRM */ 1529#endif /* CONFIG_SECURITY_NETWORK_XFRM */
1529 1530
1530 /* key management security hooks */ 1531 /* key management security hooks */
1531#ifdef CONFIG_KEYS 1532#ifdef CONFIG_KEYS
1532 int (*key_alloc)(struct key *key, struct task_struct *tsk, unsigned long flags); 1533 int (*key_alloc) (struct key *key, struct task_struct *tsk, unsigned long flags);
1533 void (*key_free)(struct key *key); 1534 void (*key_free) (struct key *key);
1534 int (*key_permission)(key_ref_t key_ref, 1535 int (*key_permission) (key_ref_t key_ref,
1535 struct task_struct *context, 1536 struct task_struct *context,
1536 key_perm_t perm); 1537 key_perm_t perm);
1537 1538
1538#endif /* CONFIG_KEYS */ 1539#endif /* CONFIG_KEYS */
1539 1540
1540#ifdef CONFIG_AUDIT 1541#ifdef CONFIG_AUDIT
1541 int (*audit_rule_init)(u32 field, u32 op, char *rulestr, void **lsmrule); 1542 int (*audit_rule_init) (u32 field, u32 op, char *rulestr, void **lsmrule);
1542 int (*audit_rule_known)(struct audit_krule *krule); 1543 int (*audit_rule_known) (struct audit_krule *krule);
1543 int (*audit_rule_match)(u32 secid, u32 field, u32 op, void *lsmrule, 1544 int (*audit_rule_match) (u32 secid, u32 field, u32 op, void *lsmrule,
1544 struct audit_context *actx); 1545 struct audit_context *actx);
1545 void (*audit_rule_free)(void *lsmrule); 1546 void (*audit_rule_free) (void *lsmrule);
1546#endif /* CONFIG_AUDIT */ 1547#endif /* CONFIG_AUDIT */
1547}; 1548};
1548 1549
1549/* prototypes */ 1550/* prototypes */
1550extern int security_init (void); 1551extern int security_init(void);
1551extern int security_module_enable(struct security_operations *ops); 1552extern int security_module_enable(struct security_operations *ops);
1552extern int register_security (struct security_operations *ops); 1553extern int register_security(struct security_operations *ops);
1553extern int mod_reg_security (const char *name, struct security_operations *ops); 1554extern int mod_reg_security(const char *name, struct security_operations *ops);
1554extern struct dentry *securityfs_create_file(const char *name, mode_t mode, 1555extern struct dentry *securityfs_create_file(const char *name, mode_t mode,
1555 struct dentry *parent, void *data, 1556 struct dentry *parent, void *data,
1556 const struct file_operations *fops); 1557 const struct file_operations *fops);
1557extern struct dentry *securityfs_create_dir(const char *name, struct dentry *parent); 1558extern struct dentry *securityfs_create_dir(const char *name, struct dentry *parent);
1558extern void securityfs_remove(struct dentry *dentry); 1559extern void securityfs_remove(struct dentry *dentry);
1559 1560
1560
1561/* Security operations */ 1561/* Security operations */
1562int security_ptrace(struct task_struct *parent, struct task_struct *child); 1562int security_ptrace(struct task_struct *parent, struct task_struct *child);
1563int security_capget(struct task_struct *target, 1563int security_capget(struct task_struct *target,
1564 kernel_cap_t *effective, 1564 kernel_cap_t *effective,
1565 kernel_cap_t *inheritable, 1565 kernel_cap_t *inheritable,
1566 kernel_cap_t *permitted); 1566 kernel_cap_t *permitted);
1567int security_capset_check(struct task_struct *target, 1567int security_capset_check(struct task_struct *target,
1568 kernel_cap_t *effective,
1569 kernel_cap_t *inheritable,
1570 kernel_cap_t *permitted);
1571void security_capset_set(struct task_struct *target,
1572 kernel_cap_t *effective, 1568 kernel_cap_t *effective,
1573 kernel_cap_t *inheritable, 1569 kernel_cap_t *inheritable,
1574 kernel_cap_t *permitted); 1570 kernel_cap_t *permitted);
1571void security_capset_set(struct task_struct *target,
1572 kernel_cap_t *effective,
1573 kernel_cap_t *inheritable,
1574 kernel_cap_t *permitted);
1575int security_capable(struct task_struct *tsk, int cap); 1575int security_capable(struct task_struct *tsk, int cap);
1576int security_acct(struct file *file); 1576int security_acct(struct file *file);
1577int security_sysctl(struct ctl_table *table, int op); 1577int security_sysctl(struct ctl_table *table, int op);
@@ -1594,7 +1594,7 @@ int security_sb_copy_data(char *orig, char *copy);
1594int security_sb_kern_mount(struct super_block *sb, void *data); 1594int security_sb_kern_mount(struct super_block *sb, void *data);
1595int security_sb_statfs(struct dentry *dentry); 1595int security_sb_statfs(struct dentry *dentry);
1596int security_sb_mount(char *dev_name, struct path *path, 1596int security_sb_mount(char *dev_name, struct path *path,
1597 char *type, unsigned long flags, void *data); 1597 char *type, unsigned long flags, void *data);
1598int security_sb_check_sb(struct vfsmount *mnt, struct path *path); 1598int security_sb_check_sb(struct vfsmount *mnt, struct path *path);
1599int security_sb_umount(struct vfsmount *mnt, int flags); 1599int security_sb_umount(struct vfsmount *mnt, int flags);
1600void security_sb_umount_close(struct vfsmount *mnt); 1600void security_sb_umount_close(struct vfsmount *mnt);
@@ -1619,12 +1619,12 @@ int security_inode_link(struct dentry *old_dentry, struct inode *dir,
1619 struct dentry *new_dentry); 1619 struct dentry *new_dentry);
1620int security_inode_unlink(struct inode *dir, struct dentry *dentry); 1620int security_inode_unlink(struct inode *dir, struct dentry *dentry);
1621int security_inode_symlink(struct inode *dir, struct dentry *dentry, 1621int security_inode_symlink(struct inode *dir, struct dentry *dentry,
1622 const char *old_name); 1622 const char *old_name);
1623int security_inode_mkdir(struct inode *dir, struct dentry *dentry, int mode); 1623int security_inode_mkdir(struct inode *dir, struct dentry *dentry, int mode);
1624int security_inode_rmdir(struct inode *dir, struct dentry *dentry); 1624int security_inode_rmdir(struct inode *dir, struct dentry *dentry);
1625int security_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev); 1625int security_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev);
1626int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry, 1626int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry,
1627 struct inode *new_dir, struct dentry *new_dentry); 1627 struct inode *new_dir, struct dentry *new_dentry);
1628int security_inode_readlink(struct dentry *dentry); 1628int security_inode_readlink(struct dentry *dentry);
1629int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd); 1629int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd);
1630int security_inode_permission(struct inode *inode, int mask, struct nameidata *nd); 1630int security_inode_permission(struct inode *inode, int mask, struct nameidata *nd);
@@ -1632,9 +1632,9 @@ int security_inode_setattr(struct dentry *dentry, struct iattr *attr);
1632int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry); 1632int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry);
1633void security_inode_delete(struct inode *inode); 1633void security_inode_delete(struct inode *inode);
1634int security_inode_setxattr(struct dentry *dentry, char *name, 1634int security_inode_setxattr(struct dentry *dentry, char *name,
1635 void *value, size_t size, int flags); 1635 void *value, size_t size, int flags);
1636void security_inode_post_setxattr(struct dentry *dentry, char *name, 1636void security_inode_post_setxattr(struct dentry *dentry, char *name,
1637 void *value, size_t size, int flags); 1637 void *value, size_t size, int flags);
1638int security_inode_getxattr(struct dentry *dentry, char *name); 1638int security_inode_getxattr(struct dentry *dentry, char *name);
1639int security_inode_listxattr(struct dentry *dentry); 1639int security_inode_listxattr(struct dentry *dentry);
1640int security_inode_removexattr(struct dentry *dentry, char *name); 1640int security_inode_removexattr(struct dentry *dentry, char *name);
@@ -1652,12 +1652,12 @@ int security_file_mmap(struct file *file, unsigned long reqprot,
1652 unsigned long prot, unsigned long flags, 1652 unsigned long prot, unsigned long flags,
1653 unsigned long addr, unsigned long addr_only); 1653 unsigned long addr, unsigned long addr_only);
1654int security_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot, 1654int security_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
1655 unsigned long prot); 1655 unsigned long prot);
1656int security_file_lock(struct file *file, unsigned int cmd); 1656int security_file_lock(struct file *file, unsigned int cmd);
1657int security_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg); 1657int security_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg);
1658int security_file_set_fowner(struct file *file); 1658int security_file_set_fowner(struct file *file);
1659int security_file_send_sigiotask(struct task_struct *tsk, 1659int security_file_send_sigiotask(struct task_struct *tsk,
1660 struct fown_struct *fown, int sig); 1660 struct fown_struct *fown, int sig);
1661int security_file_receive(struct file *file); 1661int security_file_receive(struct file *file);
1662int security_dentry_open(struct file *file); 1662int security_dentry_open(struct file *file);
1663int security_task_create(unsigned long clone_flags); 1663int security_task_create(unsigned long clone_flags);
@@ -1665,7 +1665,7 @@ int security_task_alloc(struct task_struct *p);
1665void security_task_free(struct task_struct *p); 1665void security_task_free(struct task_struct *p);
1666int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags); 1666int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags);
1667int security_task_post_setuid(uid_t old_ruid, uid_t old_euid, 1667int security_task_post_setuid(uid_t old_ruid, uid_t old_euid,
1668 uid_t old_suid, int flags); 1668 uid_t old_suid, int flags);
1669int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags); 1669int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags);
1670int security_task_setpgid(struct task_struct *p, pid_t pgid); 1670int security_task_setpgid(struct task_struct *p, pid_t pgid);
1671int security_task_getpgid(struct task_struct *p); 1671int security_task_getpgid(struct task_struct *p);
@@ -1696,9 +1696,9 @@ void security_msg_queue_free(struct msg_queue *msq);
1696int security_msg_queue_associate(struct msg_queue *msq, int msqflg); 1696int security_msg_queue_associate(struct msg_queue *msq, int msqflg);
1697int security_msg_queue_msgctl(struct msg_queue *msq, int cmd); 1697int security_msg_queue_msgctl(struct msg_queue *msq, int cmd);
1698int security_msg_queue_msgsnd(struct msg_queue *msq, 1698int security_msg_queue_msgsnd(struct msg_queue *msq,
1699 struct msg_msg *msg, int msqflg); 1699 struct msg_msg *msg, int msqflg);
1700int security_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, 1700int security_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg,
1701 struct task_struct *target, long type, int mode); 1701 struct task_struct *target, long type, int mode);
1702int security_shm_alloc(struct shmid_kernel *shp); 1702int security_shm_alloc(struct shmid_kernel *shp);
1703void security_shm_free(struct shmid_kernel *shp); 1703void security_shm_free(struct shmid_kernel *shp);
1704int security_shm_associate(struct shmid_kernel *shp, int shmflg); 1704int security_shm_associate(struct shmid_kernel *shp, int shmflg);
@@ -1710,7 +1710,7 @@ int security_sem_associate(struct sem_array *sma, int semflg);
1710int security_sem_semctl(struct sem_array *sma, int cmd); 1710int security_sem_semctl(struct sem_array *sma, int cmd);
1711int security_sem_semop(struct sem_array *sma, struct sembuf *sops, 1711int security_sem_semop(struct sem_array *sma, struct sembuf *sops,
1712 unsigned nsops, int alter); 1712 unsigned nsops, int alter);
1713void security_d_instantiate (struct dentry *dentry, struct inode *inode); 1713void security_d_instantiate(struct dentry *dentry, struct inode *inode);
1714int security_getprocattr(struct task_struct *p, char *name, char **value); 1714int security_getprocattr(struct task_struct *p, char *name, char **value);
1715int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size); 1715int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size);
1716int security_netlink_send(struct sock *sk, struct sk_buff *skb); 1716int security_netlink_send(struct sock *sk, struct sk_buff *skb);
@@ -1741,33 +1741,33 @@ static inline int security_init(void)
1741 return 0; 1741 return 0;
1742} 1742}
1743 1743
1744static inline int security_ptrace (struct task_struct *parent, struct task_struct * child) 1744static inline int security_ptrace(struct task_struct *parent, struct task_struct *child)
1745{ 1745{
1746 return cap_ptrace (parent, child); 1746 return cap_ptrace(parent, child);
1747} 1747}
1748 1748
1749static inline int security_capget (struct task_struct *target, 1749static inline int security_capget(struct task_struct *target,
1750 kernel_cap_t *effective, 1750 kernel_cap_t *effective,
1751 kernel_cap_t *inheritable, 1751 kernel_cap_t *inheritable,
1752 kernel_cap_t *permitted) 1752 kernel_cap_t *permitted)
1753{ 1753{
1754 return cap_capget (target, effective, inheritable, permitted); 1754 return cap_capget(target, effective, inheritable, permitted);
1755} 1755}
1756 1756
1757static inline int security_capset_check (struct task_struct *target, 1757static inline int security_capset_check(struct task_struct *target,
1758 kernel_cap_t *effective, 1758 kernel_cap_t *effective,
1759 kernel_cap_t *inheritable, 1759 kernel_cap_t *inheritable,
1760 kernel_cap_t *permitted) 1760 kernel_cap_t *permitted)
1761{ 1761{
1762 return cap_capset_check (target, effective, inheritable, permitted); 1762 return cap_capset_check(target, effective, inheritable, permitted);
1763} 1763}
1764 1764
1765static inline void security_capset_set (struct task_struct *target, 1765static inline void security_capset_set(struct task_struct *target,
1766 kernel_cap_t *effective, 1766 kernel_cap_t *effective,
1767 kernel_cap_t *inheritable, 1767 kernel_cap_t *inheritable,
1768 kernel_cap_t *permitted) 1768 kernel_cap_t *permitted)
1769{ 1769{
1770 cap_capset_set (target, effective, inheritable, permitted); 1770 cap_capset_set(target, effective, inheritable, permitted);
1771} 1771}
1772 1772
1773static inline int security_capable(struct task_struct *tsk, int cap) 1773static inline int security_capable(struct task_struct *tsk, int cap)
@@ -1775,7 +1775,7 @@ static inline int security_capable(struct task_struct *tsk, int cap)
1775 return cap_capable(tsk, cap); 1775 return cap_capable(tsk, cap);
1776} 1776}
1777 1777
1778static inline int security_acct (struct file *file) 1778static inline int security_acct(struct file *file)
1779{ 1779{
1780 return 0; 1780 return 0;
1781} 1781}
@@ -1785,13 +1785,13 @@ static inline int security_sysctl(struct ctl_table *table, int op)
1785 return 0; 1785 return 0;
1786} 1786}
1787 1787
1788static inline int security_quotactl (int cmds, int type, int id, 1788static inline int security_quotactl(int cmds, int type, int id,
1789 struct super_block * sb) 1789 struct super_block *sb)
1790{ 1790{
1791 return 0; 1791 return 0;
1792} 1792}
1793 1793
1794static inline int security_quota_on (struct dentry * dentry) 1794static inline int security_quota_on(struct dentry *dentry)
1795{ 1795{
1796 return 0; 1796 return 0;
1797} 1797}
@@ -1816,102 +1816,102 @@ static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
1816 return cap_vm_enough_memory(mm, pages); 1816 return cap_vm_enough_memory(mm, pages);
1817} 1817}
1818 1818
1819static inline int security_bprm_alloc (struct linux_binprm *bprm) 1819static inline int security_bprm_alloc(struct linux_binprm *bprm)
1820{ 1820{
1821 return 0; 1821 return 0;
1822} 1822}
1823 1823
1824static inline void security_bprm_free (struct linux_binprm *bprm) 1824static inline void security_bprm_free(struct linux_binprm *bprm)
1825{ } 1825{ }
1826 1826
1827static inline void security_bprm_apply_creds (struct linux_binprm *bprm, int unsafe) 1827static inline void security_bprm_apply_creds(struct linux_binprm *bprm, int unsafe)
1828{ 1828{
1829 cap_bprm_apply_creds (bprm, unsafe); 1829 cap_bprm_apply_creds(bprm, unsafe);
1830} 1830}
1831 1831
1832static inline void security_bprm_post_apply_creds (struct linux_binprm *bprm) 1832static inline void security_bprm_post_apply_creds(struct linux_binprm *bprm)
1833{ 1833{
1834 return; 1834 return;
1835} 1835}
1836 1836
1837static inline int security_bprm_set (struct linux_binprm *bprm) 1837static inline int security_bprm_set(struct linux_binprm *bprm)
1838{ 1838{
1839 return cap_bprm_set_security (bprm); 1839 return cap_bprm_set_security(bprm);
1840} 1840}
1841 1841
1842static inline int security_bprm_check (struct linux_binprm *bprm) 1842static inline int security_bprm_check(struct linux_binprm *bprm)
1843{ 1843{
1844 return 0; 1844 return 0;
1845} 1845}
1846 1846
1847static inline int security_bprm_secureexec (struct linux_binprm *bprm) 1847static inline int security_bprm_secureexec(struct linux_binprm *bprm)
1848{ 1848{
1849 return cap_bprm_secureexec(bprm); 1849 return cap_bprm_secureexec(bprm);
1850} 1850}
1851 1851
1852static inline int security_sb_alloc (struct super_block *sb) 1852static inline int security_sb_alloc(struct super_block *sb)
1853{ 1853{
1854 return 0; 1854 return 0;
1855} 1855}
1856 1856
1857static inline void security_sb_free (struct super_block *sb) 1857static inline void security_sb_free(struct super_block *sb)
1858{ } 1858{ }
1859 1859
1860static inline int security_sb_copy_data (char *orig, char *copy) 1860static inline int security_sb_copy_data(char *orig, char *copy)
1861{ 1861{
1862 return 0; 1862 return 0;
1863} 1863}
1864 1864
1865static inline int security_sb_kern_mount (struct super_block *sb, void *data) 1865static inline int security_sb_kern_mount(struct super_block *sb, void *data)
1866{ 1866{
1867 return 0; 1867 return 0;
1868} 1868}
1869 1869
1870static inline int security_sb_statfs (struct dentry *dentry) 1870static inline int security_sb_statfs(struct dentry *dentry)
1871{ 1871{
1872 return 0; 1872 return 0;
1873} 1873}
1874 1874
1875static inline int security_sb_mount (char *dev_name, struct path *path, 1875static inline int security_sb_mount(char *dev_name, struct path *path,
1876 char *type, unsigned long flags, 1876 char *type, unsigned long flags,
1877 void *data) 1877 void *data)
1878{ 1878{
1879 return 0; 1879 return 0;
1880} 1880}
1881 1881
1882static inline int security_sb_check_sb (struct vfsmount *mnt, 1882static inline int security_sb_check_sb(struct vfsmount *mnt,
1883 struct path *path) 1883 struct path *path)
1884{ 1884{
1885 return 0; 1885 return 0;
1886} 1886}
1887 1887
1888static inline int security_sb_umount (struct vfsmount *mnt, int flags) 1888static inline int security_sb_umount(struct vfsmount *mnt, int flags)
1889{ 1889{
1890 return 0; 1890 return 0;
1891} 1891}
1892 1892
1893static inline void security_sb_umount_close (struct vfsmount *mnt) 1893static inline void security_sb_umount_close(struct vfsmount *mnt)
1894{ } 1894{ }
1895 1895
1896static inline void security_sb_umount_busy (struct vfsmount *mnt) 1896static inline void security_sb_umount_busy(struct vfsmount *mnt)
1897{ } 1897{ }
1898 1898
1899static inline void security_sb_post_remount (struct vfsmount *mnt, 1899static inline void security_sb_post_remount(struct vfsmount *mnt,
1900 unsigned long flags, void *data) 1900 unsigned long flags, void *data)
1901{ } 1901{ }
1902 1902
1903static inline void security_sb_post_addmount (struct vfsmount *mnt, 1903static inline void security_sb_post_addmount(struct vfsmount *mnt,
1904 struct path *mountpoint) 1904 struct path *mountpoint)
1905{ } 1905{ }
1906 1906
1907static inline int security_sb_pivotroot (struct path *old_path, 1907static inline int security_sb_pivotroot(struct path *old_path,
1908 struct path *new_path) 1908 struct path *new_path)
1909{ 1909{
1910 return 0; 1910 return 0;
1911} 1911}
1912 1912
1913static inline void security_sb_post_pivotroot (struct path *old_path, 1913static inline void security_sb_post_pivotroot(struct path *old_path,
1914 struct path *new_path) 1914 struct path *new_path)
1915{ } 1915{ }
1916static inline int security_sb_get_mnt_opts(const struct super_block *sb, 1916static inline int security_sb_get_mnt_opts(const struct super_block *sb,
1917 struct security_mnt_opts *opts) 1917 struct security_mnt_opts *opts)
@@ -1935,15 +1935,15 @@ static inline int security_sb_parse_opts_str(char *options, struct security_mnt_
1935 return 0; 1935 return 0;
1936} 1936}
1937 1937
1938static inline int security_inode_alloc (struct inode *inode) 1938static inline int security_inode_alloc(struct inode *inode)
1939{ 1939{
1940 return 0; 1940 return 0;
1941} 1941}
1942 1942
1943static inline void security_inode_free (struct inode *inode) 1943static inline void security_inode_free(struct inode *inode)
1944{ } 1944{ }
1945 1945
1946static inline int security_inode_init_security (struct inode *inode, 1946static inline int security_inode_init_security(struct inode *inode,
1947 struct inode *dir, 1947 struct inode *dir,
1948 char **name, 1948 char **name,
1949 void **value, 1949 void **value,
@@ -1951,55 +1951,55 @@ static inline int security_inode_init_security (struct inode *inode,
1951{ 1951{
1952 return -EOPNOTSUPP; 1952 return -EOPNOTSUPP;
1953} 1953}
1954 1954
1955static inline int security_inode_create (struct inode *dir, 1955static inline int security_inode_create(struct inode *dir,
1956 struct dentry *dentry, 1956 struct dentry *dentry,
1957 int mode) 1957 int mode)
1958{ 1958{
1959 return 0; 1959 return 0;
1960} 1960}
1961 1961
1962static inline int security_inode_link (struct dentry *old_dentry, 1962static inline int security_inode_link(struct dentry *old_dentry,
1963 struct inode *dir, 1963 struct inode *dir,
1964 struct dentry *new_dentry) 1964 struct dentry *new_dentry)
1965{ 1965{
1966 return 0; 1966 return 0;
1967} 1967}
1968 1968
1969static inline int security_inode_unlink (struct inode *dir, 1969static inline int security_inode_unlink(struct inode *dir,
1970 struct dentry *dentry) 1970 struct dentry *dentry)
1971{ 1971{
1972 return 0; 1972 return 0;
1973} 1973}
1974 1974
1975static inline int security_inode_symlink (struct inode *dir, 1975static inline int security_inode_symlink(struct inode *dir,
1976 struct dentry *dentry, 1976 struct dentry *dentry,
1977 const char *old_name) 1977 const char *old_name)
1978{ 1978{
1979 return 0; 1979 return 0;
1980} 1980}
1981 1981
1982static inline int security_inode_mkdir (struct inode *dir, 1982static inline int security_inode_mkdir(struct inode *dir,
1983 struct dentry *dentry, 1983 struct dentry *dentry,
1984 int mode) 1984 int mode)
1985{ 1985{
1986 return 0; 1986 return 0;
1987} 1987}
1988 1988
1989static inline int security_inode_rmdir (struct inode *dir, 1989static inline int security_inode_rmdir(struct inode *dir,
1990 struct dentry *dentry) 1990 struct dentry *dentry)
1991{ 1991{
1992 return 0; 1992 return 0;
1993} 1993}
1994 1994
1995static inline int security_inode_mknod (struct inode *dir, 1995static inline int security_inode_mknod(struct inode *dir,
1996 struct dentry *dentry, 1996 struct dentry *dentry,
1997 int mode, dev_t dev) 1997 int mode, dev_t dev)
1998{ 1998{
1999 return 0; 1999 return 0;
2000} 2000}
2001 2001
2002static inline int security_inode_rename (struct inode *old_dir, 2002static inline int security_inode_rename(struct inode *old_dir,
2003 struct dentry *old_dentry, 2003 struct dentry *old_dentry,
2004 struct inode *new_dir, 2004 struct inode *new_dir,
2005 struct dentry *new_dentry) 2005 struct dentry *new_dentry)
@@ -2007,59 +2007,59 @@ static inline int security_inode_rename (struct inode *old_dir,
2007 return 0; 2007 return 0;
2008} 2008}
2009 2009
2010static inline int security_inode_readlink (struct dentry *dentry) 2010static inline int security_inode_readlink(struct dentry *dentry)
2011{ 2011{
2012 return 0; 2012 return 0;
2013} 2013}
2014 2014
2015static inline int security_inode_follow_link (struct dentry *dentry, 2015static inline int security_inode_follow_link(struct dentry *dentry,
2016 struct nameidata *nd) 2016 struct nameidata *nd)
2017{ 2017{
2018 return 0; 2018 return 0;
2019} 2019}
2020 2020
2021static inline int security_inode_permission (struct inode *inode, int mask, 2021static inline int security_inode_permission(struct inode *inode, int mask,
2022 struct nameidata *nd) 2022 struct nameidata *nd)
2023{ 2023{
2024 return 0; 2024 return 0;
2025} 2025}
2026 2026
2027static inline int security_inode_setattr (struct dentry *dentry, 2027static inline int security_inode_setattr(struct dentry *dentry,
2028 struct iattr *attr) 2028 struct iattr *attr)
2029{ 2029{
2030 return 0; 2030 return 0;
2031} 2031}
2032 2032
2033static inline int security_inode_getattr (struct vfsmount *mnt, 2033static inline int security_inode_getattr(struct vfsmount *mnt,
2034 struct dentry *dentry) 2034 struct dentry *dentry)
2035{ 2035{
2036 return 0; 2036 return 0;
2037} 2037}
2038 2038
2039static inline void security_inode_delete (struct inode *inode) 2039static inline void security_inode_delete(struct inode *inode)
2040{ } 2040{ }
2041 2041
2042static inline int security_inode_setxattr (struct dentry *dentry, char *name, 2042static inline int security_inode_setxattr(struct dentry *dentry, char *name,
2043 void *value, size_t size, int flags) 2043 void *value, size_t size, int flags)
2044{ 2044{
2045 return cap_inode_setxattr(dentry, name, value, size, flags); 2045 return cap_inode_setxattr(dentry, name, value, size, flags);
2046} 2046}
2047 2047
2048static inline void security_inode_post_setxattr (struct dentry *dentry, char *name, 2048static inline void security_inode_post_setxattr(struct dentry *dentry, char *name,
2049 void *value, size_t size, int flags) 2049 void *value, size_t size, int flags)
2050{ } 2050{ }
2051 2051
2052static inline int security_inode_getxattr (struct dentry *dentry, char *name) 2052static inline int security_inode_getxattr(struct dentry *dentry, char *name)
2053{ 2053{
2054 return 0; 2054 return 0;
2055} 2055}
2056 2056
2057static inline int security_inode_listxattr (struct dentry *dentry) 2057static inline int security_inode_listxattr(struct dentry *dentry)
2058{ 2058{
2059 return 0; 2059 return 0;
2060} 2060}
2061 2061
2062static inline int security_inode_removexattr (struct dentry *dentry, char *name) 2062static inline int security_inode_removexattr(struct dentry *dentry, char *name)
2063{ 2063{
2064 return cap_inode_removexattr(dentry, name); 2064 return cap_inode_removexattr(dentry, name);
2065} 2065}
@@ -2094,198 +2094,198 @@ static inline void security_inode_getsecid(const struct inode *inode, u32 *secid
2094 *secid = 0; 2094 *secid = 0;
2095} 2095}
2096 2096
2097static inline int security_file_permission (struct file *file, int mask) 2097static inline int security_file_permission(struct file *file, int mask)
2098{ 2098{
2099 return 0; 2099 return 0;
2100} 2100}
2101 2101
2102static inline int security_file_alloc (struct file *file) 2102static inline int security_file_alloc(struct file *file)
2103{ 2103{
2104 return 0; 2104 return 0;
2105} 2105}
2106 2106
2107static inline void security_file_free (struct file *file) 2107static inline void security_file_free(struct file *file)
2108{ } 2108{ }
2109 2109
2110static inline int security_file_ioctl (struct file *file, unsigned int cmd, 2110static inline int security_file_ioctl(struct file *file, unsigned int cmd,
2111 unsigned long arg) 2111 unsigned long arg)
2112{ 2112{
2113 return 0; 2113 return 0;
2114} 2114}
2115 2115
2116static inline int security_file_mmap (struct file *file, unsigned long reqprot, 2116static inline int security_file_mmap(struct file *file, unsigned long reqprot,
2117 unsigned long prot, 2117 unsigned long prot,
2118 unsigned long flags, 2118 unsigned long flags,
2119 unsigned long addr, 2119 unsigned long addr,
2120 unsigned long addr_only) 2120 unsigned long addr_only)
2121{ 2121{
2122 return 0; 2122 return 0;
2123} 2123}
2124 2124
2125static inline int security_file_mprotect (struct vm_area_struct *vma, 2125static inline int security_file_mprotect(struct vm_area_struct *vma,
2126 unsigned long reqprot, 2126 unsigned long reqprot,
2127 unsigned long prot) 2127 unsigned long prot)
2128{ 2128{
2129 return 0; 2129 return 0;
2130} 2130}
2131 2131
2132static inline int security_file_lock (struct file *file, unsigned int cmd) 2132static inline int security_file_lock(struct file *file, unsigned int cmd)
2133{ 2133{
2134 return 0; 2134 return 0;
2135} 2135}
2136 2136
2137static inline int security_file_fcntl (struct file *file, unsigned int cmd, 2137static inline int security_file_fcntl(struct file *file, unsigned int cmd,
2138 unsigned long arg) 2138 unsigned long arg)
2139{ 2139{
2140 return 0; 2140 return 0;
2141} 2141}
2142 2142
2143static inline int security_file_set_fowner (struct file *file) 2143static inline int security_file_set_fowner(struct file *file)
2144{ 2144{
2145 return 0; 2145 return 0;
2146} 2146}
2147 2147
2148static inline int security_file_send_sigiotask (struct task_struct *tsk, 2148static inline int security_file_send_sigiotask(struct task_struct *tsk,
2149 struct fown_struct *fown, 2149 struct fown_struct *fown,
2150 int sig) 2150 int sig)
2151{ 2151{
2152 return 0; 2152 return 0;
2153} 2153}
2154 2154
2155static inline int security_file_receive (struct file *file) 2155static inline int security_file_receive(struct file *file)
2156{ 2156{
2157 return 0; 2157 return 0;
2158} 2158}
2159 2159
2160static inline int security_dentry_open (struct file *file) 2160static inline int security_dentry_open(struct file *file)
2161{ 2161{
2162 return 0; 2162 return 0;
2163} 2163}
2164 2164
2165static inline int security_task_create (unsigned long clone_flags) 2165static inline int security_task_create(unsigned long clone_flags)
2166{ 2166{
2167 return 0; 2167 return 0;
2168} 2168}
2169 2169
2170static inline int security_task_alloc (struct task_struct *p) 2170static inline int security_task_alloc(struct task_struct *p)
2171{ 2171{
2172 return 0; 2172 return 0;
2173} 2173}
2174 2174
2175static inline void security_task_free (struct task_struct *p) 2175static inline void security_task_free(struct task_struct *p)
2176{ } 2176{ }
2177 2177
2178static inline int security_task_setuid (uid_t id0, uid_t id1, uid_t id2, 2178static inline int security_task_setuid(uid_t id0, uid_t id1, uid_t id2,
2179 int flags) 2179 int flags)
2180{ 2180{
2181 return 0; 2181 return 0;
2182} 2182}
2183 2183
2184static inline int security_task_post_setuid (uid_t old_ruid, uid_t old_euid, 2184static inline int security_task_post_setuid(uid_t old_ruid, uid_t old_euid,
2185 uid_t old_suid, int flags) 2185 uid_t old_suid, int flags)
2186{ 2186{
2187 return cap_task_post_setuid (old_ruid, old_euid, old_suid, flags); 2187 return cap_task_post_setuid(old_ruid, old_euid, old_suid, flags);
2188} 2188}
2189 2189
2190static inline int security_task_setgid (gid_t id0, gid_t id1, gid_t id2, 2190static inline int security_task_setgid(gid_t id0, gid_t id1, gid_t id2,
2191 int flags) 2191 int flags)
2192{ 2192{
2193 return 0; 2193 return 0;
2194} 2194}
2195 2195
2196static inline int security_task_setpgid (struct task_struct *p, pid_t pgid) 2196static inline int security_task_setpgid(struct task_struct *p, pid_t pgid)
2197{ 2197{
2198 return 0; 2198 return 0;
2199} 2199}
2200 2200
2201static inline int security_task_getpgid (struct task_struct *p) 2201static inline int security_task_getpgid(struct task_struct *p)
2202{ 2202{
2203 return 0; 2203 return 0;
2204} 2204}
2205 2205
2206static inline int security_task_getsid (struct task_struct *p) 2206static inline int security_task_getsid(struct task_struct *p)
2207{ 2207{
2208 return 0; 2208 return 0;
2209} 2209}
2210 2210
2211static inline void security_task_getsecid (struct task_struct *p, u32 *secid) 2211static inline void security_task_getsecid(struct task_struct *p, u32 *secid)
2212{ 2212{
2213 *secid = 0; 2213 *secid = 0;
2214} 2214}
2215 2215
2216static inline int security_task_setgroups (struct group_info *group_info) 2216static inline int security_task_setgroups(struct group_info *group_info)
2217{ 2217{
2218 return 0; 2218 return 0;
2219} 2219}
2220 2220
2221static inline int security_task_setnice (struct task_struct *p, int nice) 2221static inline int security_task_setnice(struct task_struct *p, int nice)
2222{ 2222{
2223 return cap_task_setnice(p, nice); 2223 return cap_task_setnice(p, nice);
2224} 2224}
2225 2225
2226static inline int security_task_setioprio (struct task_struct *p, int ioprio) 2226static inline int security_task_setioprio(struct task_struct *p, int ioprio)
2227{ 2227{
2228 return cap_task_setioprio(p, ioprio); 2228 return cap_task_setioprio(p, ioprio);
2229} 2229}
2230 2230
2231static inline int security_task_getioprio (struct task_struct *p) 2231static inline int security_task_getioprio(struct task_struct *p)
2232{ 2232{
2233 return 0; 2233 return 0;
2234} 2234}
2235 2235
2236static inline int security_task_setrlimit (unsigned int resource, 2236static inline int security_task_setrlimit(unsigned int resource,
2237 struct rlimit *new_rlim) 2237 struct rlimit *new_rlim)
2238{ 2238{
2239 return 0; 2239 return 0;
2240} 2240}
2241 2241
2242static inline int security_task_setscheduler (struct task_struct *p, 2242static inline int security_task_setscheduler(struct task_struct *p,
2243 int policy, 2243 int policy,
2244 struct sched_param *lp) 2244 struct sched_param *lp)
2245{ 2245{
2246 return cap_task_setscheduler(p, policy, lp); 2246 return cap_task_setscheduler(p, policy, lp);
2247} 2247}
2248 2248
2249static inline int security_task_getscheduler (struct task_struct *p) 2249static inline int security_task_getscheduler(struct task_struct *p)
2250{ 2250{
2251 return 0; 2251 return 0;
2252} 2252}
2253 2253
2254static inline int security_task_movememory (struct task_struct *p) 2254static inline int security_task_movememory(struct task_struct *p)
2255{ 2255{
2256 return 0; 2256 return 0;
2257} 2257}
2258 2258
2259static inline int security_task_kill (struct task_struct *p, 2259static inline int security_task_kill(struct task_struct *p,
2260 struct siginfo *info, int sig, 2260 struct siginfo *info, int sig,
2261 u32 secid) 2261 u32 secid)
2262{ 2262{
2263 return 0; 2263 return 0;
2264} 2264}
2265 2265
2266static inline int security_task_wait (struct task_struct *p) 2266static inline int security_task_wait(struct task_struct *p)
2267{ 2267{
2268 return 0; 2268 return 0;
2269} 2269}
2270 2270
2271static inline int security_task_prctl (int option, unsigned long arg2, 2271static inline int security_task_prctl(int option, unsigned long arg2,
2272 unsigned long arg3, 2272 unsigned long arg3,
2273 unsigned long arg4, 2273 unsigned long arg4,
2274 unsigned long arg5) 2274 unsigned long arg5)
2275{ 2275{
2276 return 0; 2276 return 0;
2277} 2277}
2278 2278
2279static inline void security_task_reparent_to_init (struct task_struct *p) 2279static inline void security_task_reparent_to_init(struct task_struct *p)
2280{ 2280{
2281 cap_task_reparent_to_init (p); 2281 cap_task_reparent_to_init(p);
2282} 2282}
2283 2283
2284static inline void security_task_to_inode(struct task_struct *p, struct inode *inode) 2284static inline void security_task_to_inode(struct task_struct *p, struct inode *inode)
2285{ } 2285{ }
2286 2286
2287static inline int security_ipc_permission (struct kern_ipc_perm *ipcp, 2287static inline int security_ipc_permission(struct kern_ipc_perm *ipcp,
2288 short flag) 2288 short flag)
2289{ 2289{
2290 return 0; 2290 return 0;
2291} 2291}
@@ -2295,98 +2295,98 @@ static inline void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid)
2295 *secid = 0; 2295 *secid = 0;
2296} 2296}
2297 2297
2298static inline int security_msg_msg_alloc (struct msg_msg * msg) 2298static inline int security_msg_msg_alloc(struct msg_msg *msg)
2299{ 2299{
2300 return 0; 2300 return 0;
2301} 2301}
2302 2302
2303static inline void security_msg_msg_free (struct msg_msg * msg) 2303static inline void security_msg_msg_free(struct msg_msg *msg)
2304{ } 2304{ }
2305 2305
2306static inline int security_msg_queue_alloc (struct msg_queue *msq) 2306static inline int security_msg_queue_alloc(struct msg_queue *msq)
2307{ 2307{
2308 return 0; 2308 return 0;
2309} 2309}
2310 2310
2311static inline void security_msg_queue_free (struct msg_queue *msq) 2311static inline void security_msg_queue_free(struct msg_queue *msq)
2312{ } 2312{ }
2313 2313
2314static inline int security_msg_queue_associate (struct msg_queue * msq, 2314static inline int security_msg_queue_associate(struct msg_queue *msq,
2315 int msqflg) 2315 int msqflg)
2316{ 2316{
2317 return 0; 2317 return 0;
2318} 2318}
2319 2319
2320static inline int security_msg_queue_msgctl (struct msg_queue * msq, int cmd) 2320static inline int security_msg_queue_msgctl(struct msg_queue *msq, int cmd)
2321{ 2321{
2322 return 0; 2322 return 0;
2323} 2323}
2324 2324
2325static inline int security_msg_queue_msgsnd (struct msg_queue * msq, 2325static inline int security_msg_queue_msgsnd(struct msg_queue *msq,
2326 struct msg_msg * msg, int msqflg) 2326 struct msg_msg *msg, int msqflg)
2327{ 2327{
2328 return 0; 2328 return 0;
2329} 2329}
2330 2330
2331static inline int security_msg_queue_msgrcv (struct msg_queue * msq, 2331static inline int security_msg_queue_msgrcv(struct msg_queue *msq,
2332 struct msg_msg * msg, 2332 struct msg_msg *msg,
2333 struct task_struct * target, 2333 struct task_struct *target,
2334 long type, int mode) 2334 long type, int mode)
2335{ 2335{
2336 return 0; 2336 return 0;
2337} 2337}
2338 2338
2339static inline int security_shm_alloc (struct shmid_kernel *shp) 2339static inline int security_shm_alloc(struct shmid_kernel *shp)
2340{ 2340{
2341 return 0; 2341 return 0;
2342} 2342}
2343 2343
2344static inline void security_shm_free (struct shmid_kernel *shp) 2344static inline void security_shm_free(struct shmid_kernel *shp)
2345{ } 2345{ }
2346 2346
2347static inline int security_shm_associate (struct shmid_kernel * shp, 2347static inline int security_shm_associate(struct shmid_kernel *shp,
2348 int shmflg) 2348 int shmflg)
2349{ 2349{
2350 return 0; 2350 return 0;
2351} 2351}
2352 2352
2353static inline int security_shm_shmctl (struct shmid_kernel * shp, int cmd) 2353static inline int security_shm_shmctl(struct shmid_kernel *shp, int cmd)
2354{ 2354{
2355 return 0; 2355 return 0;
2356} 2356}
2357 2357
2358static inline int security_shm_shmat (struct shmid_kernel * shp, 2358static inline int security_shm_shmat(struct shmid_kernel *shp,
2359 char __user *shmaddr, int shmflg) 2359 char __user *shmaddr, int shmflg)
2360{ 2360{
2361 return 0; 2361 return 0;
2362} 2362}
2363 2363
2364static inline int security_sem_alloc (struct sem_array *sma) 2364static inline int security_sem_alloc(struct sem_array *sma)
2365{ 2365{
2366 return 0; 2366 return 0;
2367} 2367}
2368 2368
2369static inline void security_sem_free (struct sem_array *sma) 2369static inline void security_sem_free(struct sem_array *sma)
2370{ } 2370{ }
2371 2371
2372static inline int security_sem_associate (struct sem_array * sma, int semflg) 2372static inline int security_sem_associate(struct sem_array *sma, int semflg)
2373{ 2373{
2374 return 0; 2374 return 0;
2375} 2375}
2376 2376
2377static inline int security_sem_semctl (struct sem_array * sma, int cmd) 2377static inline int security_sem_semctl(struct sem_array *sma, int cmd)
2378{ 2378{
2379 return 0; 2379 return 0;
2380} 2380}
2381 2381
2382static inline int security_sem_semop (struct sem_array * sma, 2382static inline int security_sem_semop(struct sem_array *sma,
2383 struct sembuf * sops, unsigned nsops, 2383 struct sembuf *sops, unsigned nsops,
2384 int alter) 2384 int alter)
2385{ 2385{
2386 return 0; 2386 return 0;
2387} 2387}
2388 2388
2389static inline void security_d_instantiate (struct dentry *dentry, struct inode *inode) 2389static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode)
2390{ } 2390{ }
2391 2391
2392static inline int security_getprocattr(struct task_struct *p, char *name, char **value) 2392static inline int security_getprocattr(struct task_struct *p, char *name, char **value)
@@ -2399,14 +2399,14 @@ static inline int security_setprocattr(struct task_struct *p, char *name, void *
2399 return -EINVAL; 2399 return -EINVAL;
2400} 2400}
2401 2401
2402static inline int security_netlink_send (struct sock *sk, struct sk_buff *skb) 2402static inline int security_netlink_send(struct sock *sk, struct sk_buff *skb)
2403{ 2403{
2404 return cap_netlink_send (sk, skb); 2404 return cap_netlink_send(sk, skb);
2405} 2405}
2406 2406
2407static inline int security_netlink_recv (struct sk_buff *skb, int cap) 2407static inline int security_netlink_recv(struct sk_buff *skb, int cap)
2408{ 2408{
2409 return cap_netlink_recv (skb, cap); 2409 return cap_netlink_recv(skb, cap);
2410} 2410}
2411 2411
2412static inline struct dentry *securityfs_create_dir(const char *name, 2412static inline struct dentry *securityfs_create_dir(const char *name,
@@ -2484,26 +2484,26 @@ void security_inet_conn_established(struct sock *sk,
2484 struct sk_buff *skb); 2484 struct sk_buff *skb);
2485 2485
2486#else /* CONFIG_SECURITY_NETWORK */ 2486#else /* CONFIG_SECURITY_NETWORK */
2487static inline int security_unix_stream_connect(struct socket * sock, 2487static inline int security_unix_stream_connect(struct socket *sock,
2488 struct socket * other, 2488 struct socket *other,
2489 struct sock * newsk) 2489 struct sock *newsk)
2490{ 2490{
2491 return 0; 2491 return 0;
2492} 2492}
2493 2493
2494static inline int security_unix_may_send(struct socket * sock, 2494static inline int security_unix_may_send(struct socket *sock,
2495 struct socket * other) 2495 struct socket *other)
2496{ 2496{
2497 return 0; 2497 return 0;
2498} 2498}
2499 2499
2500static inline int security_socket_create (int family, int type, 2500static inline int security_socket_create(int family, int type,
2501 int protocol, int kern) 2501 int protocol, int kern)
2502{ 2502{
2503 return 0; 2503 return 0;
2504} 2504}
2505 2505
2506static inline int security_socket_post_create(struct socket * sock, 2506static inline int security_socket_post_create(struct socket *sock,
2507 int family, 2507 int family,
2508 int type, 2508 int type,
2509 int protocol, int kern) 2509 int protocol, int kern)
@@ -2511,77 +2511,77 @@ static inline int security_socket_post_create(struct socket * sock,
2511 return 0; 2511 return 0;
2512} 2512}
2513 2513
2514static inline int security_socket_bind(struct socket * sock, 2514static inline int security_socket_bind(struct socket *sock,
2515 struct sockaddr * address, 2515 struct sockaddr *address,
2516 int addrlen) 2516 int addrlen)
2517{ 2517{
2518 return 0; 2518 return 0;
2519} 2519}
2520 2520
2521static inline int security_socket_connect(struct socket * sock, 2521static inline int security_socket_connect(struct socket *sock,
2522 struct sockaddr * address, 2522 struct sockaddr *address,
2523 int addrlen) 2523 int addrlen)
2524{ 2524{
2525 return 0; 2525 return 0;
2526} 2526}
2527 2527
2528static inline int security_socket_listen(struct socket * sock, int backlog) 2528static inline int security_socket_listen(struct socket *sock, int backlog)
2529{ 2529{
2530 return 0; 2530 return 0;
2531} 2531}
2532 2532
2533static inline int security_socket_accept(struct socket * sock, 2533static inline int security_socket_accept(struct socket *sock,
2534 struct socket * newsock) 2534 struct socket *newsock)
2535{ 2535{
2536 return 0; 2536 return 0;
2537} 2537}
2538 2538
2539static inline void security_socket_post_accept(struct socket * sock, 2539static inline void security_socket_post_accept(struct socket *sock,
2540 struct socket * newsock) 2540 struct socket *newsock)
2541{ 2541{
2542} 2542}
2543 2543
2544static inline int security_socket_sendmsg(struct socket * sock, 2544static inline int security_socket_sendmsg(struct socket *sock,
2545 struct msghdr * msg, int size) 2545 struct msghdr *msg, int size)
2546{ 2546{
2547 return 0; 2547 return 0;
2548} 2548}
2549 2549
2550static inline int security_socket_recvmsg(struct socket * sock, 2550static inline int security_socket_recvmsg(struct socket *sock,
2551 struct msghdr * msg, int size, 2551 struct msghdr *msg, int size,
2552 int flags) 2552 int flags)
2553{ 2553{
2554 return 0; 2554 return 0;
2555} 2555}
2556 2556
2557static inline int security_socket_getsockname(struct socket * sock) 2557static inline int security_socket_getsockname(struct socket *sock)
2558{ 2558{
2559 return 0; 2559 return 0;
2560} 2560}
2561 2561
2562static inline int security_socket_getpeername(struct socket * sock) 2562static inline int security_socket_getpeername(struct socket *sock)
2563{ 2563{
2564 return 0; 2564 return 0;
2565} 2565}
2566 2566
2567static inline int security_socket_getsockopt(struct socket * sock, 2567static inline int security_socket_getsockopt(struct socket *sock,
2568 int level, int optname) 2568 int level, int optname)
2569{ 2569{
2570 return 0; 2570 return 0;
2571} 2571}
2572 2572
2573static inline int security_socket_setsockopt(struct socket * sock, 2573static inline int security_socket_setsockopt(struct socket *sock,
2574 int level, int optname) 2574 int level, int optname)
2575{ 2575{
2576 return 0; 2576 return 0;
2577} 2577}
2578 2578
2579static inline int security_socket_shutdown(struct socket * sock, int how) 2579static inline int security_socket_shutdown(struct socket *sock, int how)
2580{ 2580{
2581 return 0; 2581 return 0;
2582} 2582}
2583static inline int security_sock_rcv_skb (struct sock * sk, 2583static inline int security_sock_rcv_skb(struct sock *sk,
2584 struct sk_buff * skb) 2584 struct sk_buff *skb)
2585{ 2585{
2586 return 0; 2586 return 0;
2587} 2587}
@@ -2618,7 +2618,7 @@ static inline void security_req_classify_flow(const struct request_sock *req, st
2618{ 2618{
2619} 2619}
2620 2620
2621static inline void security_sock_graft(struct sock* sk, struct socket *parent) 2621static inline void security_sock_graft(struct sock *sk, struct socket *parent)
2622{ 2622{
2623} 2623}
2624 2624
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-12 15:22:25 -0500