aboutsummaryrefslogtreecommitdiffstats
path: root/security/security.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/security.c')
-rw-r--r--security/security.c103
1 files changed, 51 insertions, 52 deletions
diff --git a/security/security.c b/security/security.c
index c0acfa7177e5..d85dbb37c972 100644
--- a/security/security.c
+++ b/security/security.c
@@ -145,25 +145,23 @@ int security_capget(struct task_struct *target,
145 return security_ops->capget(target, effective, inheritable, permitted); 145 return security_ops->capget(target, effective, inheritable, permitted);
146} 146}
147 147
148int security_capset_check(struct task_struct *target, 148int security_capset(struct cred *new, const struct cred *old,
149 kernel_cap_t *effective, 149 const kernel_cap_t *effective,
150 kernel_cap_t *inheritable, 150 const kernel_cap_t *inheritable,
151 kernel_cap_t *permitted) 151 const kernel_cap_t *permitted)
152{ 152{
153 return security_ops->capset_check(target, effective, inheritable, permitted); 153 return security_ops->capset(new, old,
154 effective, inheritable, permitted);
154} 155}
155 156
156void security_capset_set(struct task_struct *target, 157int security_capable(struct task_struct *tsk, int cap)
157 kernel_cap_t *effective,
158 kernel_cap_t *inheritable,
159 kernel_cap_t *permitted)
160{ 158{
161 security_ops->capset_set(target, effective, inheritable, permitted); 159 return security_ops->capable(tsk, cap, SECURITY_CAP_AUDIT);
162} 160}
163 161
164int security_capable(struct task_struct *tsk, int cap) 162int security_capable_noaudit(struct task_struct *tsk, int cap)
165{ 163{
166 return security_ops->capable(tsk, cap); 164 return security_ops->capable(tsk, cap, SECURITY_CAP_NOAUDIT);
167} 165}
168 166
169int security_acct(struct file *file) 167int security_acct(struct file *file)
@@ -215,34 +213,24 @@ int security_vm_enough_memory_kern(long pages)
215 return security_ops->vm_enough_memory(current->mm, pages); 213 return security_ops->vm_enough_memory(current->mm, pages);
216} 214}
217 215
218int security_bprm_alloc(struct linux_binprm *bprm) 216int security_bprm_set_creds(struct linux_binprm *bprm)
219{
220 return security_ops->bprm_alloc_security(bprm);
221}
222
223void security_bprm_free(struct linux_binprm *bprm)
224{
225 security_ops->bprm_free_security(bprm);
226}
227
228void security_bprm_apply_creds(struct linux_binprm *bprm, int unsafe)
229{ 217{
230 security_ops->bprm_apply_creds(bprm, unsafe); 218 return security_ops->bprm_set_creds(bprm);
231} 219}
232 220
233void security_bprm_post_apply_creds(struct linux_binprm *bprm) 221int security_bprm_check(struct linux_binprm *bprm)
234{ 222{
235 security_ops->bprm_post_apply_creds(bprm); 223 return security_ops->bprm_check_security(bprm);
236} 224}
237 225
238int security_bprm_set(struct linux_binprm *bprm) 226void security_bprm_committing_creds(struct linux_binprm *bprm)
239{ 227{
240 return security_ops->bprm_set_security(bprm); 228 security_ops->bprm_committing_creds(bprm);
241} 229}
242 230
243int security_bprm_check(struct linux_binprm *bprm) 231void security_bprm_committed_creds(struct linux_binprm *bprm)
244{ 232{
245 return security_ops->bprm_check_security(bprm); 233 security_ops->bprm_committed_creds(bprm);
246} 234}
247 235
248int security_bprm_secureexec(struct linux_binprm *bprm) 236int security_bprm_secureexec(struct linux_binprm *bprm)
@@ -266,9 +254,9 @@ int security_sb_copy_data(char *orig, char *copy)
266} 254}
267EXPORT_SYMBOL(security_sb_copy_data); 255EXPORT_SYMBOL(security_sb_copy_data);
268 256
269int security_sb_kern_mount(struct super_block *sb, void *data) 257int security_sb_kern_mount(struct super_block *sb, int flags, void *data)
270{ 258{
271 return security_ops->sb_kern_mount(sb, data); 259 return security_ops->sb_kern_mount(sb, flags, data);
272} 260}
273 261
274int security_sb_show_options(struct seq_file *m, struct super_block *sb) 262int security_sb_show_options(struct seq_file *m, struct super_block *sb)
@@ -603,9 +591,9 @@ int security_file_receive(struct file *file)
603 return security_ops->file_receive(file); 591 return security_ops->file_receive(file);
604} 592}
605 593
606int security_dentry_open(struct file *file) 594int security_dentry_open(struct file *file, const struct cred *cred)
607{ 595{
608 return security_ops->dentry_open(file); 596 return security_ops->dentry_open(file, cred);
609} 597}
610 598
611int security_task_create(unsigned long clone_flags) 599int security_task_create(unsigned long clone_flags)
@@ -613,14 +601,29 @@ int security_task_create(unsigned long clone_flags)
613 return security_ops->task_create(clone_flags); 601 return security_ops->task_create(clone_flags);
614} 602}
615 603
616int security_task_alloc(struct task_struct *p) 604void security_cred_free(struct cred *cred)
617{ 605{
618 return security_ops->task_alloc_security(p); 606 security_ops->cred_free(cred);
619} 607}
620 608
621void security_task_free(struct task_struct *p) 609int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp)
622{ 610{
623 security_ops->task_free_security(p); 611 return security_ops->cred_prepare(new, old, gfp);
612}
613
614void security_commit_creds(struct cred *new, const struct cred *old)
615{
616 security_ops->cred_commit(new, old);
617}
618
619int security_kernel_act_as(struct cred *new, u32 secid)
620{
621 return security_ops->kernel_act_as(new, secid);
622}
623
624int security_kernel_create_files_as(struct cred *new, struct inode *inode)
625{
626 return security_ops->kernel_create_files_as(new, inode);
624} 627}
625 628
626int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags) 629int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags)
@@ -628,10 +631,10 @@ int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags)
628 return security_ops->task_setuid(id0, id1, id2, flags); 631 return security_ops->task_setuid(id0, id1, id2, flags);
629} 632}
630 633
631int security_task_post_setuid(uid_t old_ruid, uid_t old_euid, 634int security_task_fix_setuid(struct cred *new, const struct cred *old,
632 uid_t old_suid, int flags) 635 int flags)
633{ 636{
634 return security_ops->task_post_setuid(old_ruid, old_euid, old_suid, flags); 637 return security_ops->task_fix_setuid(new, old, flags);
635} 638}
636 639
637int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags) 640int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags)
@@ -713,14 +716,9 @@ int security_task_wait(struct task_struct *p)
713} 716}
714 717
715int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, 718int security_task_prctl(int option, unsigned long arg2, unsigned long arg3,
716 unsigned long arg4, unsigned long arg5, long *rc_p) 719 unsigned long arg4, unsigned long arg5)
717{
718 return security_ops->task_prctl(option, arg2, arg3, arg4, arg5, rc_p);
719}
720
721void security_task_reparent_to_init(struct task_struct *p)
722{ 720{
723 security_ops->task_reparent_to_init(p); 721 return security_ops->task_prctl(option, arg2, arg3, arg4, arg5);
724} 722}
725 723
726void security_task_to_inode(struct task_struct *p, struct inode *inode) 724void security_task_to_inode(struct task_struct *p, struct inode *inode)
@@ -1120,9 +1118,10 @@ EXPORT_SYMBOL(security_skb_classify_flow);
1120 1118
1121#ifdef CONFIG_KEYS 1119#ifdef CONFIG_KEYS
1122 1120
1123int security_key_alloc(struct key *key, struct task_struct *tsk, unsigned long flags) 1121int security_key_alloc(struct key *key, const struct cred *cred,
1122 unsigned long flags)
1124{ 1123{
1125 return security_ops->key_alloc(key, tsk, flags); 1124 return security_ops->key_alloc(key, cred, flags);
1126} 1125}
1127 1126
1128void security_key_free(struct key *key) 1127void security_key_free(struct key *key)
@@ -1131,9 +1130,9 @@ void security_key_free(struct key *key)
1131} 1130}
1132 1131
1133int security_key_permission(key_ref_t key_ref, 1132int security_key_permission(key_ref_t key_ref,
1134 struct task_struct *context, key_perm_t perm) 1133 const struct cred *cred, key_perm_t perm)
1135{ 1134{
1136 return security_ops->key_permission(key_ref, context, perm); 1135 return security_ops->key_permission(key_ref, cred, perm);
1137} 1136}
1138 1137
1139int security_key_getsecurity(struct key *key, char **_buffer) 1138int security_key_getsecurity(struct key *key, char **_buffer)
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-05 21:59:02 -0500