diff options
Diffstat (limited to 'include/linux/security.h')
| -rw-r--r-- | include/linux/security.h | 37 |
1 files changed, 24 insertions, 13 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index 1f2ab6353c00..d5fd6163606f 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
| @@ -32,6 +32,7 @@ | |||
| 32 | #include <linux/sched.h> | 32 | #include <linux/sched.h> |
| 33 | #include <linux/key.h> | 33 | #include <linux/key.h> |
| 34 | #include <linux/xfrm.h> | 34 | #include <linux/xfrm.h> |
| 35 | #include <linux/gfp.h> | ||
| 35 | #include <net/flow.h> | 36 | #include <net/flow.h> |
| 36 | 37 | ||
| 37 | /* Maximum number of letters for an LSM name string */ | 38 | /* Maximum number of letters for an LSM name string */ |
| @@ -880,11 +881,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |||
| 880 | * @sock contains the listening socket structure. | 881 | * @sock contains the listening socket structure. |
| 881 | * @newsock contains the newly created server socket for connection. | 882 | * @newsock contains the newly created server socket for connection. |
| 882 | * Return 0 if permission is granted. | 883 | * Return 0 if permission is granted. |
| 883 | * @socket_post_accept: | ||
| 884 | * This hook allows a security module to copy security | ||
| 885 | * information into the newly created socket's inode. | ||
| 886 | * @sock contains the listening socket structure. | ||
| 887 | * @newsock contains the newly created server socket for connection. | ||
| 888 | * @socket_sendmsg: | 884 | * @socket_sendmsg: |
| 889 | * Check permission before transmitting a message to another socket. | 885 | * Check permission before transmitting a message to another socket. |
| 890 | * @sock contains the socket structure. | 886 | * @sock contains the socket structure. |
| @@ -1554,8 +1550,6 @@ struct security_operations { | |||
| 1554 | struct sockaddr *address, int addrlen); | 1550 | struct sockaddr *address, int addrlen); |
| 1555 | int (*socket_listen) (struct socket *sock, int backlog); | 1551 | int (*socket_listen) (struct socket *sock, int backlog); |
| 1556 | int (*socket_accept) (struct socket *sock, struct socket *newsock); | 1552 | int (*socket_accept) (struct socket *sock, struct socket *newsock); |
| 1557 | void (*socket_post_accept) (struct socket *sock, | ||
| 1558 | struct socket *newsock); | ||
| 1559 | int (*socket_sendmsg) (struct socket *sock, | 1553 | int (*socket_sendmsg) (struct socket *sock, |
| 1560 | struct msghdr *msg, int size); | 1554 | struct msghdr *msg, int size); |
| 1561 | int (*socket_recvmsg) (struct socket *sock, | 1555 | int (*socket_recvmsg) (struct socket *sock, |
| @@ -2537,7 +2531,6 @@ int security_socket_bind(struct socket *sock, struct sockaddr *address, int addr | |||
| 2537 | int security_socket_connect(struct socket *sock, struct sockaddr *address, int addrlen); | 2531 | int security_socket_connect(struct socket *sock, struct sockaddr *address, int addrlen); |
| 2538 | int security_socket_listen(struct socket *sock, int backlog); | 2532 | int security_socket_listen(struct socket *sock, int backlog); |
| 2539 | int security_socket_accept(struct socket *sock, struct socket *newsock); | 2533 | int security_socket_accept(struct socket *sock, struct socket *newsock); |
| 2540 | void security_socket_post_accept(struct socket *sock, struct socket *newsock); | ||
| 2541 | int security_socket_sendmsg(struct socket *sock, struct msghdr *msg, int size); | 2534 | int security_socket_sendmsg(struct socket *sock, struct msghdr *msg, int size); |
| 2542 | int security_socket_recvmsg(struct socket *sock, struct msghdr *msg, | 2535 | int security_socket_recvmsg(struct socket *sock, struct msghdr *msg, |
| 2543 | int size, int flags); | 2536 | int size, int flags); |
| @@ -2616,11 +2609,6 @@ static inline int security_socket_accept(struct socket *sock, | |||
| 2616 | return 0; | 2609 | return 0; |
| 2617 | } | 2610 | } |
| 2618 | 2611 | ||
| 2619 | static inline void security_socket_post_accept(struct socket *sock, | ||
| 2620 | struct socket *newsock) | ||
| 2621 | { | ||
| 2622 | } | ||
| 2623 | |||
| 2624 | static inline int security_socket_sendmsg(struct socket *sock, | 2612 | static inline int security_socket_sendmsg(struct socket *sock, |
| 2625 | struct msghdr *msg, int size) | 2613 | struct msghdr *msg, int size) |
| 2626 | { | 2614 | { |
| @@ -2966,5 +2954,28 @@ static inline void securityfs_remove(struct dentry *dentry) | |||
| 2966 | 2954 | ||
| 2967 | #endif | 2955 | #endif |
| 2968 | 2956 | ||
| 2957 | #ifdef CONFIG_SECURITY | ||
| 2958 | |||
| 2959 | static inline char *alloc_secdata(void) | ||
| 2960 | { | ||
| 2961 | return (char *)get_zeroed_page(GFP_KERNEL); | ||
| 2962 | } | ||
| 2963 | |||
| 2964 | static inline void free_secdata(void *secdata) | ||
| 2965 | { | ||
| 2966 | free_page((unsigned long)secdata); | ||
| 2967 | } | ||
| 2968 | |||
| 2969 | #else | ||
| 2970 | |||
| 2971 | static inline char *alloc_secdata(void) | ||
| 2972 | { | ||
| 2973 | return (char *)1; | ||
| 2974 | } | ||
| 2975 | |||
| 2976 | static inline void free_secdata(void *secdata) | ||
| 2977 | { } | ||
| 2978 | #endif /* CONFIG_SECURITY */ | ||
| 2979 | |||
| 2969 | #endif /* ! __LINUX_SECURITY_H */ | 2980 | #endif /* ! __LINUX_SECURITY_H */ |
| 2970 | 2981 | ||