1 files changed, 18 insertions, 14 deletions

diff --git a/include/linux/security.h b/include/linux/security.h
index b8246a8df7d2..1ac42475ea08 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -77,7 +77,6 @@ extern int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3,
 extern int cap_task_setscheduler(struct task_struct *p);
 extern int cap_task_setioprio(struct task_struct *p, int ioprio);
 extern int cap_task_setnice(struct task_struct *p, int nice);
-extern int cap_syslog(int type, bool from_file);
 extern int cap_vm_enough_memory(struct mm_struct *mm, long pages);
 
 struct msghdr;
@@ -458,7 +457,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  *      called when the actual read/write operations are performed.
  *      @inode contains the inode structure to check.
  *      @mask contains the permission mask.
- *      @nd contains the nameidata (may be NULL).
  *      Return 0 if permission is granted.
  * @inode_setattr:
  *      Check permission before setting file attributes.  Note that the kernel
@@ -797,8 +795,9 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  * @unix_stream_connect:
  *      Check permissions before establishing a Unix domain stream connection
  *      between @sock and @other.
- *      @sock contains the socket structure.
- *      @other contains the peer socket structure.
+ *      @sock contains the sock structure.
+ *      @other contains the peer sock structure.
+ *      @newsk contains the new sock structure.
  *      Return 0 if permission is granted.
  * @unix_may_send:
  *      Check permissions before connecting or sending datagrams from @sock to
@@ -1388,7 +1387,7 @@ struct security_operations {
         int (*sysctl) (struct ctl_table *table, int op);
         int (*quotactl) (int cmds, int type, int id, struct super_block *sb);
         int (*quota_on) (struct dentry *dentry);
-        int (*syslog) (int type, bool from_file);
+        int (*syslog) (int type);
         int (*settime) (struct timespec *ts, struct timezone *tz);
         int (*vm_enough_memory) (struct mm_struct *mm, long pages);
 
@@ -1569,8 +1568,7 @@ struct security_operations {
         int (*inode_getsecctx)(struct inode *inode, void **ctx, u32 *ctxlen);
 
 #ifdef CONFIG_SECURITY_NETWORK
-        int (*unix_stream_connect) (struct socket *sock,
-                                    struct socket *other, struct sock *newsk);
+        int (*unix_stream_connect) (struct sock *sock, struct sock *other, struct sock *newsk);
         int (*unix_may_send) (struct socket *sock, struct socket *other);
 
         int (*socket_create) (int family, int type, int protocol, int kern);
@@ -1671,7 +1669,7 @@ int security_real_capable_noaudit(struct task_struct *tsk, int cap);
 int security_sysctl(struct ctl_table *table, int op);
 int security_quotactl(int cmds, int type, int id, struct super_block *sb);
 int security_quota_on(struct dentry *dentry);
-int security_syslog(int type, bool from_file);
+int security_syslog(int type);
 int security_settime(struct timespec *ts, struct timezone *tz);
 int security_vm_enough_memory(long pages);
 int security_vm_enough_memory_mm(struct mm_struct *mm, long pages);
@@ -1714,6 +1712,7 @@ int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry,
 int security_inode_readlink(struct dentry *dentry);
 int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd);
 int security_inode_permission(struct inode *inode, int mask);
+int security_inode_exec_permission(struct inode *inode, unsigned int flags);
 int security_inode_setattr(struct dentry *dentry, struct iattr *attr);
 int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry);
 int security_inode_setxattr(struct dentry *dentry, const char *name,
@@ -1901,9 +1900,9 @@ static inline int security_quota_on(struct dentry *dentry)
         return 0;
 }
 
-static inline int security_syslog(int type, bool from_file)
+static inline int security_syslog(int type)
 {
-        return cap_syslog(type, from_file);
+        return 0;
 }
 
 static inline int security_settime(struct timespec *ts, struct timezone *tz)
@@ -2103,6 +2102,12 @@ static inline int security_inode_permission(struct inode *inode, int mask)
         return 0;
 }
 
+static inline int security_inode_exec_permission(struct inode *inode,
+                                                  unsigned int flags)
+{
+        return 0;
+}
+
 static inline int security_inode_setattr(struct dentry *dentry,
                                           struct iattr *attr)
 {
@@ -2526,8 +2531,7 @@ static inline int security_inode_getsecctx(struct inode *inode, void **ctx, u32
 
 #ifdef CONFIG_SECURITY_NETWORK
 
-int security_unix_stream_connect(struct socket *sock, struct socket *other,
-                                 struct sock *newsk);
+int security_unix_stream_connect(struct sock *sock, struct sock *other, struct sock *newsk);
 int security_unix_may_send(struct socket *sock,  struct socket *other);
 int security_socket_create(int family, int type, int protocol, int kern);
 int security_socket_post_create(struct socket *sock, int family,
@@ -2568,8 +2572,8 @@ void security_tun_dev_post_create(struct sock *sk);
 int security_tun_dev_attach(struct sock *sk);
 
 #else   /* CONFIG_SECURITY_NETWORK */
-static inline int security_unix_stream_connect(struct socket *sock,
-                                               struct socket *other,
+static inline int security_unix_stream_connect(struct sock *sock,
+                                               struct sock *other,
                                                struct sock *newsk)
 {
         return 0;