aboutsummaryrefslogtreecommitdiffstats
path: root/security/capability.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/capability.c')
-rw-r--r--security/capability.c36
1 files changed, 33 insertions, 3 deletions
diff --git a/security/capability.c b/security/capability.c
index b14a30c234b8..6783c3e6c88e 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -395,6 +395,11 @@ static int cap_kernel_module_request(char *kmod_name)
395 return 0; 395 return 0;
396} 396}
397 397
398static int cap_kernel_module_from_file(struct file *file)
399{
400 return 0;
401}
402
398static int cap_task_setpgid(struct task_struct *p, pid_t pgid) 403static int cap_task_setpgid(struct task_struct *p, pid_t pgid)
399{ 404{
400 return 0; 405 return 0;
@@ -704,19 +709,39 @@ static void cap_req_classify_flow(const struct request_sock *req,
704{ 709{
705} 710}
706 711
712static int cap_tun_dev_alloc_security(void **security)
713{
714 return 0;
715}
716
717static void cap_tun_dev_free_security(void *security)
718{
719}
720
707static int cap_tun_dev_create(void) 721static int cap_tun_dev_create(void)
708{ 722{
709 return 0; 723 return 0;
710} 724}
711 725
712static void cap_tun_dev_post_create(struct sock *sk) 726static int cap_tun_dev_attach_queue(void *security)
727{
728 return 0;
729}
730
731static int cap_tun_dev_attach(struct sock *sk, void *security)
713{ 732{
733 return 0;
714} 734}
715 735
716static int cap_tun_dev_attach(struct sock *sk) 736static int cap_tun_dev_open(void *security)
717{ 737{
718 return 0; 738 return 0;
719} 739}
740
741static void cap_skb_owned_by(struct sk_buff *skb, struct sock *sk)
742{
743}
744
720#endif /* CONFIG_SECURITY_NETWORK */ 745#endif /* CONFIG_SECURITY_NETWORK */
721 746
722#ifdef CONFIG_SECURITY_NETWORK_XFRM 747#ifdef CONFIG_SECURITY_NETWORK_XFRM
@@ -967,6 +992,7 @@ void __init security_fixup_ops(struct security_operations *ops)
967 set_to_cap_if_null(ops, kernel_act_as); 992 set_to_cap_if_null(ops, kernel_act_as);
968 set_to_cap_if_null(ops, kernel_create_files_as); 993 set_to_cap_if_null(ops, kernel_create_files_as);
969 set_to_cap_if_null(ops, kernel_module_request); 994 set_to_cap_if_null(ops, kernel_module_request);
995 set_to_cap_if_null(ops, kernel_module_from_file);
970 set_to_cap_if_null(ops, task_fix_setuid); 996 set_to_cap_if_null(ops, task_fix_setuid);
971 set_to_cap_if_null(ops, task_setpgid); 997 set_to_cap_if_null(ops, task_setpgid);
972 set_to_cap_if_null(ops, task_getpgid); 998 set_to_cap_if_null(ops, task_getpgid);
@@ -1044,9 +1070,13 @@ void __init security_fixup_ops(struct security_operations *ops)
1044 set_to_cap_if_null(ops, secmark_refcount_inc); 1070 set_to_cap_if_null(ops, secmark_refcount_inc);
1045 set_to_cap_if_null(ops, secmark_refcount_dec); 1071 set_to_cap_if_null(ops, secmark_refcount_dec);
1046 set_to_cap_if_null(ops, req_classify_flow); 1072 set_to_cap_if_null(ops, req_classify_flow);
1073 set_to_cap_if_null(ops, tun_dev_alloc_security);
1074 set_to_cap_if_null(ops, tun_dev_free_security);
1047 set_to_cap_if_null(ops, tun_dev_create); 1075 set_to_cap_if_null(ops, tun_dev_create);
1048 set_to_cap_if_null(ops, tun_dev_post_create); 1076 set_to_cap_if_null(ops, tun_dev_open);
1077 set_to_cap_if_null(ops, tun_dev_attach_queue);
1049 set_to_cap_if_null(ops, tun_dev_attach); 1078 set_to_cap_if_null(ops, tun_dev_attach);
1079 set_to_cap_if_null(ops, skb_owned_by);
1050#endif /* CONFIG_SECURITY_NETWORK */ 1080#endif /* CONFIG_SECURITY_NETWORK */
1051#ifdef CONFIG_SECURITY_NETWORK_XFRM 1081#ifdef CONFIG_SECURITY_NETWORK_XFRM
1052 set_to_cap_if_null(ops, xfrm_policy_alloc_security); 1082 set_to_cap_if_null(ops, xfrm_policy_alloc_security);
generated by cgit v1.2.2 (git 2.25.0) at 2025-10-05 14:25:49 -0400