aboutsummaryrefslogtreecommitdiffstats
path: root/security/security.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/security.c')
-rw-r--r--security/security.c27
1 files changed, 27 insertions, 0 deletions
diff --git a/security/security.c b/security/security.c
index f9a2f2ef2454..3724029d0f6d 100644
--- a/security/security.c
+++ b/security/security.c
@@ -136,11 +136,23 @@ int __init register_security(struct security_operations *ops)
136 136
137int security_ptrace_access_check(struct task_struct *child, unsigned int mode) 137int security_ptrace_access_check(struct task_struct *child, unsigned int mode)
138{ 138{
139#ifdef CONFIG_SECURITY_YAMA_STACKED
140 int rc;
141 rc = yama_ptrace_access_check(child, mode);
142 if (rc)
143 return rc;
144#endif
139 return security_ops->ptrace_access_check(child, mode); 145 return security_ops->ptrace_access_check(child, mode);
140} 146}
141 147
142int security_ptrace_traceme(struct task_struct *parent) 148int security_ptrace_traceme(struct task_struct *parent)
143{ 149{
150#ifdef CONFIG_SECURITY_YAMA_STACKED
151 int rc;
152 rc = yama_ptrace_traceme(parent);
153 if (rc)
154 return rc;
155#endif
144 return security_ops->ptrace_traceme(parent); 156 return security_ops->ptrace_traceme(parent);
145} 157}
146 158
@@ -561,6 +573,9 @@ int security_inode_setxattr(struct dentry *dentry, const char *name,
561 ret = security_ops->inode_setxattr(dentry, name, value, size, flags); 573 ret = security_ops->inode_setxattr(dentry, name, value, size, flags);
562 if (ret) 574 if (ret)
563 return ret; 575 return ret;
576 ret = ima_inode_setxattr(dentry, name, value, size);
577 if (ret)
578 return ret;
564 return evm_inode_setxattr(dentry, name, value, size); 579 return evm_inode_setxattr(dentry, name, value, size);
565} 580}
566 581
@@ -596,6 +611,9 @@ int security_inode_removexattr(struct dentry *dentry, const char *name)
596 ret = security_ops->inode_removexattr(dentry, name); 611 ret = security_ops->inode_removexattr(dentry, name);
597 if (ret) 612 if (ret)
598 return ret; 613 return ret;
614 ret = ima_inode_removexattr(dentry, name);
615 if (ret)
616 return ret;
599 return evm_inode_removexattr(dentry, name); 617 return evm_inode_removexattr(dentry, name);
600} 618}
601 619
@@ -761,6 +779,9 @@ int security_task_create(unsigned long clone_flags)
761 779
762void security_task_free(struct task_struct *task) 780void security_task_free(struct task_struct *task)
763{ 781{
782#ifdef CONFIG_SECURITY_YAMA_STACKED
783 yama_task_free(task);
784#endif
764 security_ops->task_free(task); 785 security_ops->task_free(task);
765} 786}
766 787
@@ -876,6 +897,12 @@ int security_task_wait(struct task_struct *p)
876int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, 897int security_task_prctl(int option, unsigned long arg2, unsigned long arg3,
877 unsigned long arg4, unsigned long arg5) 898 unsigned long arg4, unsigned long arg5)
878{ 899{
900#ifdef CONFIG_SECURITY_YAMA_STACKED
901 int rc;
902 rc = yama_task_prctl(option, arg2, arg3, arg4, arg5);
903 if (rc != -ENOSYS)
904 return rc;
905#endif
879 return security_ops->task_prctl(option, arg2, arg3, arg4, arg5); 906 return security_ops->task_prctl(option, arg2, arg3, arg4, arg5);
880} 907}
881 908
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-27 13:01:35 -0500