aboutsummaryrefslogtreecommitdiffstats
path: root/security/smack/smack.h
diff options
context:
space:
mode:
Diffstat (limited to 'security/smack/smack.h')
-rw-r--r--security/smack/smack.h39
1 files changed, 20 insertions, 19 deletions
diff --git a/security/smack/smack.h b/security/smack/smack.h
index 020307ef0972..b828a379377c 100644
--- a/security/smack/smack.h
+++ b/security/smack/smack.h
@@ -71,11 +71,11 @@ struct smack_known {
71#define SMK_CIPSOLEN 24 71#define SMK_CIPSOLEN 24
72 72
73struct superblock_smack { 73struct superblock_smack {
74 char *smk_root; 74 struct smack_known *smk_root;
75 char *smk_floor; 75 struct smack_known *smk_floor;
76 char *smk_hat; 76 struct smack_known *smk_hat;
77 char *smk_default; 77 struct smack_known *smk_default;
78 int smk_initialized; 78 int smk_initialized;
79}; 79};
80 80
81struct socket_smack { 81struct socket_smack {
@@ -88,7 +88,7 @@ struct socket_smack {
88 * Inode smack data 88 * Inode smack data
89 */ 89 */
90struct inode_smack { 90struct inode_smack {
91 char *smk_inode; /* label of the fso */ 91 struct smack_known *smk_inode; /* label of the fso */
92 struct smack_known *smk_task; /* label of the task */ 92 struct smack_known *smk_task; /* label of the task */
93 struct smack_known *smk_mmap; /* label of the mmap domain */ 93 struct smack_known *smk_mmap; /* label of the mmap domain */
94 struct mutex smk_lock; /* initialization lock */ 94 struct mutex smk_lock; /* initialization lock */
@@ -112,7 +112,7 @@ struct task_smack {
112struct smack_rule { 112struct smack_rule {
113 struct list_head list; 113 struct list_head list;
114 struct smack_known *smk_subject; 114 struct smack_known *smk_subject;
115 char *smk_object; 115 struct smack_known *smk_object;
116 int smk_access; 116 int smk_access;
117}; 117};
118 118
@@ -123,7 +123,7 @@ struct smk_netlbladdr {
123 struct list_head list; 123 struct list_head list;
124 struct sockaddr_in smk_host; /* network address */ 124 struct sockaddr_in smk_host; /* network address */
125 struct in_addr smk_mask; /* network mask */ 125 struct in_addr smk_mask; /* network mask */
126 char *smk_label; /* label */ 126 struct smack_known *smk_label; /* label */
127}; 127};
128 128
129/* 129/*
@@ -191,6 +191,7 @@ struct smk_port_label {
191 */ 191 */
192#define MAY_TRANSMUTE 0x00001000 /* Controls directory labeling */ 192#define MAY_TRANSMUTE 0x00001000 /* Controls directory labeling */
193#define MAY_LOCK 0x00002000 /* Locks should be writes, but ... */ 193#define MAY_LOCK 0x00002000 /* Locks should be writes, but ... */
194#define MAY_BRINGUP 0x00004000 /* Report use of this rule */
194 195
195/* 196/*
196 * Just to make the common cases easier to deal with 197 * Just to make the common cases easier to deal with
@@ -200,9 +201,9 @@ struct smk_port_label {
200#define MAY_NOT 0 201#define MAY_NOT 0
201 202
202/* 203/*
203 * Number of access types used by Smack (rwxatl) 204 * Number of access types used by Smack (rwxatlb)
204 */ 205 */
205#define SMK_NUM_ACCESS_TYPE 6 206#define SMK_NUM_ACCESS_TYPE 7
206 207
207/* SMACK data */ 208/* SMACK data */
208struct smack_audit_data { 209struct smack_audit_data {
@@ -226,23 +227,23 @@ struct smk_audit_info {
226/* 227/*
227 * These functions are in smack_lsm.c 228 * These functions are in smack_lsm.c
228 */ 229 */
229struct inode_smack *new_inode_smack(char *); 230struct inode_smack *new_inode_smack(struct smack_known *);
230 231
231/* 232/*
232 * These functions are in smack_access.c 233 * These functions are in smack_access.c
233 */ 234 */
234int smk_access_entry(char *, char *, struct list_head *); 235int smk_access_entry(char *, char *, struct list_head *);
235int smk_access(struct smack_known *, char *, int, struct smk_audit_info *); 236int smk_access(struct smack_known *, struct smack_known *,
236int smk_tskacc(struct task_smack *, char *, u32, struct smk_audit_info *); 237 int, struct smk_audit_info *);
237int smk_curacc(char *, u32, struct smk_audit_info *); 238int smk_tskacc(struct task_smack *, struct smack_known *,
239 u32, struct smk_audit_info *);
240int smk_curacc(struct smack_known *, u32, struct smk_audit_info *);
238struct smack_known *smack_from_secid(const u32); 241struct smack_known *smack_from_secid(const u32);
239char *smk_parse_smack(const char *string, int len); 242char *smk_parse_smack(const char *string, int len);
240int smk_netlbl_mls(int, char *, struct netlbl_lsm_secattr *, int); 243int smk_netlbl_mls(int, char *, struct netlbl_lsm_secattr *, int);
241char *smk_import(const char *, int);
242struct smack_known *smk_import_entry(const char *, int); 244struct smack_known *smk_import_entry(const char *, int);
243void smk_insert_entry(struct smack_known *skp); 245void smk_insert_entry(struct smack_known *skp);
244struct smack_known *smk_find_entry(const char *); 246struct smack_known *smk_find_entry(const char *);
245u32 smack_to_secid(const char *);
246 247
247/* 248/*
248 * Shared data. 249 * Shared data.
@@ -252,7 +253,7 @@ extern int smack_cipso_mapped;
252extern struct smack_known *smack_net_ambient; 253extern struct smack_known *smack_net_ambient;
253extern struct smack_known *smack_onlycap; 254extern struct smack_known *smack_onlycap;
254extern struct smack_known *smack_syslog_label; 255extern struct smack_known *smack_syslog_label;
255extern const char *smack_cipso_option; 256extern struct smack_known smack_cipso_option;
256extern int smack_ptrace_rule; 257extern int smack_ptrace_rule;
257 258
258extern struct smack_known smack_known_floor; 259extern struct smack_known smack_known_floor;
@@ -281,9 +282,9 @@ static inline int smk_inode_transmutable(const struct inode *isp)
281} 282}
282 283
283/* 284/*
284 * Present a pointer to the smack label in an inode blob. 285 * Present a pointer to the smack label entry in an inode blob.
285 */ 286 */
286static inline char *smk_of_inode(const struct inode *isp) 287static inline struct smack_known *smk_of_inode(const struct inode *isp)
287{ 288{
288 struct inode_smack *sip = isp->i_security; 289 struct inode_smack *sip = isp->i_security;
289 return sip->smk_inode; 290 return sip->smk_inode;
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-14 16:43:00 -0500