aboutsummaryrefslogtreecommitdiffstats
path: root/security/security.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/security.c')
-rw-r--r--security/security.c75
1 files changed, 3 insertions, 72 deletions
diff --git a/security/security.c b/security/security.c
index 687c6fd14bb6..351942a4ca0e 100644
--- a/security/security.c
+++ b/security/security.c
@@ -23,14 +23,14 @@ static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] =
23 CONFIG_DEFAULT_SECURITY; 23 CONFIG_DEFAULT_SECURITY;
24 24
25/* things that live in capability.c */ 25/* things that live in capability.c */
26extern void security_fixup_ops(struct security_operations *ops); 26extern void __init security_fixup_ops(struct security_operations *ops);
27 27
28static struct security_operations *security_ops; 28static struct security_operations *security_ops;
29static struct security_operations default_security_ops = { 29static struct security_operations default_security_ops = {
30 .name = "default", 30 .name = "default",
31}; 31};
32 32
33static inline int verify(struct security_operations *ops) 33static inline int __init verify(struct security_operations *ops)
34{ 34{
35 /* verify the security_operations structure exists */ 35 /* verify the security_operations structure exists */
36 if (!ops) 36 if (!ops)
@@ -117,7 +117,7 @@ int __init security_module_enable(struct security_operations *ops)
117 * If there is already a security module registered with the kernel, 117 * If there is already a security module registered with the kernel,
118 * an error will be returned. Otherwise %0 is returned on success. 118 * an error will be returned. Otherwise %0 is returned on success.
119 */ 119 */
120int register_security(struct security_operations *ops) 120int __init register_security(struct security_operations *ops)
121{ 121{
122 if (verify(ops)) { 122 if (verify(ops)) {
123 printk(KERN_DEBUG "%s could not verify " 123 printk(KERN_DEBUG "%s could not verify "
@@ -190,11 +190,6 @@ int security_real_capable_noaudit(struct task_struct *tsk, int cap)
190 return ret; 190 return ret;
191} 191}
192 192
193int security_acct(struct file *file)
194{
195 return security_ops->acct(file);
196}
197
198int security_sysctl(struct ctl_table *table, int op) 193int security_sysctl(struct ctl_table *table, int op)
199{ 194{
200 return security_ops->sysctl(table, op); 195 return security_ops->sysctl(table, op);
@@ -306,46 +301,16 @@ int security_sb_mount(char *dev_name, struct path *path,
306 return security_ops->sb_mount(dev_name, path, type, flags, data); 301 return security_ops->sb_mount(dev_name, path, type, flags, data);
307} 302}
308 303
309int security_sb_check_sb(struct vfsmount *mnt, struct path *path)
310{
311 return security_ops->sb_check_sb(mnt, path);
312}
313
314int security_sb_umount(struct vfsmount *mnt, int flags) 304int security_sb_umount(struct vfsmount *mnt, int flags)
315{ 305{
316 return security_ops->sb_umount(mnt, flags); 306 return security_ops->sb_umount(mnt, flags);
317} 307}
318 308
319void security_sb_umount_close(struct vfsmount *mnt)
320{
321 security_ops->sb_umount_close(mnt);
322}
323
324void security_sb_umount_busy(struct vfsmount *mnt)
325{
326 security_ops->sb_umount_busy(mnt);
327}
328
329void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data)
330{
331 security_ops->sb_post_remount(mnt, flags, data);
332}
333
334void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint)
335{
336 security_ops->sb_post_addmount(mnt, mountpoint);
337}
338
339int security_sb_pivotroot(struct path *old_path, struct path *new_path) 309int security_sb_pivotroot(struct path *old_path, struct path *new_path)
340{ 310{
341 return security_ops->sb_pivotroot(old_path, new_path); 311 return security_ops->sb_pivotroot(old_path, new_path);
342} 312}
343 313
344void security_sb_post_pivotroot(struct path *old_path, struct path *new_path)
345{
346 security_ops->sb_post_pivotroot(old_path, new_path);
347}
348
349int security_sb_set_mnt_opts(struct super_block *sb, 314int security_sb_set_mnt_opts(struct super_block *sb,
350 struct security_mnt_opts *opts) 315 struct security_mnt_opts *opts)
351{ 316{
@@ -580,13 +545,6 @@ int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry)
580 return security_ops->inode_getattr(mnt, dentry); 545 return security_ops->inode_getattr(mnt, dentry);
581} 546}
582 547
583void security_inode_delete(struct inode *inode)
584{
585 if (unlikely(IS_PRIVATE(inode)))
586 return;
587 security_ops->inode_delete(inode);
588}
589
590int security_inode_setxattr(struct dentry *dentry, const char *name, 548int security_inode_setxattr(struct dentry *dentry, const char *name,
591 const void *value, size_t size, int flags) 549 const void *value, size_t size, int flags)
592{ 550{
@@ -749,11 +707,6 @@ int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp)
749 return security_ops->cred_prepare(new, old, gfp); 707 return security_ops->cred_prepare(new, old, gfp);
750} 708}
751 709
752void security_commit_creds(struct cred *new, const struct cred *old)
753{
754 security_ops->cred_commit(new, old);
755}
756
757void security_transfer_creds(struct cred *new, const struct cred *old) 710void security_transfer_creds(struct cred *new, const struct cred *old)
758{ 711{
759 security_ops->cred_transfer(new, old); 712 security_ops->cred_transfer(new, old);
@@ -774,22 +727,12 @@ int security_kernel_module_request(char *kmod_name)
774 return security_ops->kernel_module_request(kmod_name); 727 return security_ops->kernel_module_request(kmod_name);
775} 728}
776 729
777int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags)
778{
779 return security_ops->task_setuid(id0, id1, id2, flags);
780}
781
782int security_task_fix_setuid(struct cred *new, const struct cred *old, 730int security_task_fix_setuid(struct cred *new, const struct cred *old,
783 int flags) 731 int flags)
784{ 732{
785 return security_ops->task_fix_setuid(new, old, flags); 733 return security_ops->task_fix_setuid(new, old, flags);
786} 734}
787 735
788int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags)
789{
790 return security_ops->task_setgid(id0, id1, id2, flags);
791}
792
793int security_task_setpgid(struct task_struct *p, pid_t pgid) 736int security_task_setpgid(struct task_struct *p, pid_t pgid)
794{ 737{
795 return security_ops->task_setpgid(p, pgid); 738 return security_ops->task_setpgid(p, pgid);
@@ -811,11 +754,6 @@ void security_task_getsecid(struct task_struct *p, u32 *secid)
811} 754}
812EXPORT_SYMBOL(security_task_getsecid); 755EXPORT_SYMBOL(security_task_getsecid);
813 756
814int security_task_setgroups(struct group_info *group_info)
815{
816 return security_ops->task_setgroups(group_info);
817}
818
819int security_task_setnice(struct task_struct *p, int nice) 757int security_task_setnice(struct task_struct *p, int nice)
820{ 758{
821 return security_ops->task_setnice(p, nice); 759 return security_ops->task_setnice(p, nice);
@@ -1319,13 +1257,6 @@ int security_key_getsecurity(struct key *key, char **_buffer)
1319 return security_ops->key_getsecurity(key, _buffer); 1257 return security_ops->key_getsecurity(key, _buffer);
1320} 1258}
1321 1259
1322int security_key_session_to_parent(const struct cred *cred,
1323 const struct cred *parent_cred,
1324 struct key *key)
1325{
1326 return security_ops->key_session_to_parent(cred, parent_cred, key);
1327}
1328
1329#endif /* CONFIG_KEYS */ 1260#endif /* CONFIG_KEYS */
1330 1261
1331#ifdef CONFIG_AUDIT 1262#ifdef CONFIG_AUDIT
generated by cgit v1.2.2 (git 2.25.0) at 2025-11-04 01:58:35 -0500