diff options
Diffstat (limited to 'include/linux/security.h')
-rw-r--r-- | include/linux/security.h | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index 53a34539382a..e6299e50e210 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
@@ -34,8 +34,6 @@ | |||
34 | #include <linux/xfrm.h> | 34 | #include <linux/xfrm.h> |
35 | #include <net/flow.h> | 35 | #include <net/flow.h> |
36 | 36 | ||
37 | extern unsigned securebits; | ||
38 | |||
39 | /* Maximum number of letters for an LSM name string */ | 37 | /* Maximum number of letters for an LSM name string */ |
40 | #define SECURITY_NAME_MAX 10 | 38 | #define SECURITY_NAME_MAX 10 |
41 | 39 | ||
@@ -61,6 +59,8 @@ extern int cap_inode_need_killpriv(struct dentry *dentry); | |||
61 | extern int cap_inode_killpriv(struct dentry *dentry); | 59 | extern int cap_inode_killpriv(struct dentry *dentry); |
62 | extern int cap_task_post_setuid (uid_t old_ruid, uid_t old_euid, uid_t old_suid, int flags); | 60 | extern int cap_task_post_setuid (uid_t old_ruid, uid_t old_euid, uid_t old_suid, int flags); |
63 | extern void cap_task_reparent_to_init (struct task_struct *p); | 61 | extern void cap_task_reparent_to_init (struct task_struct *p); |
62 | extern int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3, | ||
63 | unsigned long arg4, unsigned long arg5, long *rc_p); | ||
64 | extern int cap_task_setscheduler (struct task_struct *p, int policy, struct sched_param *lp); | 64 | extern int cap_task_setscheduler (struct task_struct *p, int policy, struct sched_param *lp); |
65 | extern int cap_task_setioprio (struct task_struct *p, int ioprio); | 65 | extern int cap_task_setioprio (struct task_struct *p, int ioprio); |
66 | extern int cap_task_setnice (struct task_struct *p, int nice); | 66 | extern int cap_task_setnice (struct task_struct *p, int nice); |
@@ -720,7 +720,9 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |||
720 | * @arg3 contains a argument. | 720 | * @arg3 contains a argument. |
721 | * @arg4 contains a argument. | 721 | * @arg4 contains a argument. |
722 | * @arg5 contains a argument. | 722 | * @arg5 contains a argument. |
723 | * Return 0 if permission is granted. | 723 | * @rc_p contains a pointer to communicate back the forced return code |
724 | * Return 0 if permission is granted, and non-zero if the security module | ||
725 | * has taken responsibility (setting *rc_p) for the prctl call. | ||
724 | * @task_reparent_to_init: | 726 | * @task_reparent_to_init: |
725 | * Set the security attributes in @p->security for a kernel thread that | 727 | * Set the security attributes in @p->security for a kernel thread that |
726 | * is being reparented to the init task. | 728 | * is being reparented to the init task. |
@@ -1420,7 +1422,7 @@ struct security_operations { | |||
1420 | int (*task_wait) (struct task_struct * p); | 1422 | int (*task_wait) (struct task_struct * p); |
1421 | int (*task_prctl) (int option, unsigned long arg2, | 1423 | int (*task_prctl) (int option, unsigned long arg2, |
1422 | unsigned long arg3, unsigned long arg4, | 1424 | unsigned long arg3, unsigned long arg4, |
1423 | unsigned long arg5); | 1425 | unsigned long arg5, long *rc_p); |
1424 | void (*task_reparent_to_init) (struct task_struct * p); | 1426 | void (*task_reparent_to_init) (struct task_struct * p); |
1425 | void (*task_to_inode)(struct task_struct *p, struct inode *inode); | 1427 | void (*task_to_inode)(struct task_struct *p, struct inode *inode); |
1426 | 1428 | ||
@@ -1684,7 +1686,7 @@ int security_task_kill(struct task_struct *p, struct siginfo *info, | |||
1684 | int sig, u32 secid); | 1686 | int sig, u32 secid); |
1685 | int security_task_wait(struct task_struct *p); | 1687 | int security_task_wait(struct task_struct *p); |
1686 | int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, | 1688 | int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, |
1687 | unsigned long arg4, unsigned long arg5); | 1689 | unsigned long arg4, unsigned long arg5, long *rc_p); |
1688 | void security_task_reparent_to_init(struct task_struct *p); | 1690 | void security_task_reparent_to_init(struct task_struct *p); |
1689 | void security_task_to_inode(struct task_struct *p, struct inode *inode); | 1691 | void security_task_to_inode(struct task_struct *p, struct inode *inode); |
1690 | int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag); | 1692 | int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag); |
@@ -2271,9 +2273,9 @@ static inline int security_task_wait (struct task_struct *p) | |||
2271 | static inline int security_task_prctl (int option, unsigned long arg2, | 2273 | static inline int security_task_prctl (int option, unsigned long arg2, |
2272 | unsigned long arg3, | 2274 | unsigned long arg3, |
2273 | unsigned long arg4, | 2275 | unsigned long arg4, |
2274 | unsigned long arg5) | 2276 | unsigned long arg5, long *rc_p) |
2275 | { | 2277 | { |
2276 | return 0; | 2278 | return cap_task_prctl(option, arg2, arg3, arg3, arg5, rc_p); |
2277 | } | 2279 | } |
2278 | 2280 | ||
2279 | static inline void security_task_reparent_to_init (struct task_struct *p) | 2281 | static inline void security_task_reparent_to_init (struct task_struct *p) |