1 files changed, 62 insertions, 0 deletions
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c
index f776400a8f31..4b327b691745 100644
--- a/security/tomoyo/tomoyo.c
+++ b/security/tomoyo/tomoyo.c
@@ -442,6 +442,64 @@ static int tomoyo_sb_pivotroot(struct path *old_path, struct path *new_path)
        return tomoyo_path2_perm(TOMOYO_TYPE_PIVOT_ROOT, new_path, old_path);
 }
+/**
+ * tomoyo_socket_listen - Check permission for listen().
+ *
+ * @sock:    Pointer to "struct socket".
+ * @backlog: Backlog parameter.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
+static int tomoyo_socket_listen(struct socket *sock, int backlog)
+{
+        return tomoyo_socket_listen_permission(sock);
+}
+/**
+ * tomoyo_socket_connect - Check permission for connect().
+ *
+ * @sock:     Pointer to "struct socket".
+ * @addr:     Pointer to "struct sockaddr".
+ * @addr_len: Size of @addr.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
+static int tomoyo_socket_connect(struct socket *sock, struct sockaddr *addr,
+                                 int addr_len)
+{
+        return tomoyo_socket_connect_permission(sock, addr, addr_len);
+}
+/**
+ * tomoyo_socket_bind - Check permission for bind().
+ *
+ * @sock:     Pointer to "struct socket".
+ * @addr:     Pointer to "struct sockaddr".
+ * @addr_len: Size of @addr.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
+static int tomoyo_socket_bind(struct socket *sock, struct sockaddr *addr,
+                              int addr_len)
+{
+        return tomoyo_socket_bind_permission(sock, addr, addr_len);
+}
+/**
+ * tomoyo_socket_sendmsg - Check permission for sendmsg().
+ *
+ * @sock: Pointer to "struct socket".
+ * @msg:  Pointer to "struct msghdr".
+ * @size: Size of message.
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
+static int tomoyo_socket_sendmsg(struct socket *sock, struct msghdr *msg,
+                                 int size)
+{
+        return tomoyo_socket_sendmsg_permission(sock, msg, size);
+}
 /*
 * tomoyo_security_ops is a "struct security_operations" which is used for
 * registering TOMOYO.
@@ -472,6 +530,10 @@ static struct security_operations tomoyo_security_ops = {
        .sb_mount            = tomoyo_sb_mount,
        .sb_umount           = tomoyo_sb_umount,
        .sb_pivotroot        = tomoyo_sb_pivotroot,
+        .socket_bind         = tomoyo_socket_bind,
+        .socket_connect      = tomoyo_socket_connect,
+        .socket_listen       = tomoyo_socket_listen,
+        .socket_sendmsg      = tomoyo_socket_sendmsg,
 };
 /* Lock for GC. */

diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index f776400a8f31..4b327b691745 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c
@@ -442,6 +442,64 @@ static int tomoyo_sb_pivotroot(struct path old_path, struct path new_path)
442	return tomoyo_path2_perm(TOMOYO_TYPE_PIVOT_ROOT, new_path, old_path);	442	return tomoyo_path2_perm(TOMOYO_TYPE_PIVOT_ROOT, new_path, old_path);
443	}	443	}
444		444
		445	/**
		446	* tomoyo_socket_listen - Check permission for listen().
		447	*
		448	* @sock: Pointer to "struct socket".
		449	* @backlog: Backlog parameter.
		450	*
		451	* Returns 0 on success, negative value otherwise.
		452	*/
		453	static int tomoyo_socket_listen(struct socket *sock, int backlog)
		454	{
		455	return tomoyo_socket_listen_permission(sock);
		456	}
		457
		458	/**
		459	* tomoyo_socket_connect - Check permission for connect().
		460	*
		461	* @sock: Pointer to "struct socket".
		462	* @addr: Pointer to "struct sockaddr".
		463	* @addr_len: Size of @addr.
		464	*
		465	* Returns 0 on success, negative value otherwise.
		466	*/
		467	static int tomoyo_socket_connect(struct socket sock, struct sockaddr addr,
		468	int addr_len)
		469	{
		470	return tomoyo_socket_connect_permission(sock, addr, addr_len);
		471	}
		472
		473	/**
		474	* tomoyo_socket_bind - Check permission for bind().
		475	*
		476	* @sock: Pointer to "struct socket".
		477	* @addr: Pointer to "struct sockaddr".
		478	* @addr_len: Size of @addr.
		479	*
		480	* Returns 0 on success, negative value otherwise.
		481	*/
		482	static int tomoyo_socket_bind(struct socket sock, struct sockaddr addr,
		483	int addr_len)
		484	{
		485	return tomoyo_socket_bind_permission(sock, addr, addr_len);
		486	}
		487
		488	/**
		489	* tomoyo_socket_sendmsg - Check permission for sendmsg().
		490	*
		491	* @sock: Pointer to "struct socket".
		492	* @msg: Pointer to "struct msghdr".
		493	* @size: Size of message.
		494	*
		495	* Returns 0 on success, negative value otherwise.
		496	*/
		497	static int tomoyo_socket_sendmsg(struct socket sock, struct msghdr msg,
		498	int size)
		499	{
		500	return tomoyo_socket_sendmsg_permission(sock, msg, size);
		501	}
		502
445	/*	503	/*
446	* tomoyo_security_ops is a "struct security_operations" which is used for	504	* tomoyo_security_ops is a "struct security_operations" which is used for
447	* registering TOMOYO.	505	* registering TOMOYO.
@@ -472,6 +530,10 @@ static struct security_operations tomoyo_security_ops = {
472	.sb_mount = tomoyo_sb_mount,	530	.sb_mount = tomoyo_sb_mount,
473	.sb_umount = tomoyo_sb_umount,	531	.sb_umount = tomoyo_sb_umount,
474	.sb_pivotroot = tomoyo_sb_pivotroot,	532	.sb_pivotroot = tomoyo_sb_pivotroot,
		533	.socket_bind = tomoyo_socket_bind,
		534	.socket_connect = tomoyo_socket_connect,
		535	.socket_listen = tomoyo_socket_listen,
		536	.socket_sendmsg = tomoyo_socket_sendmsg,
475	};	537	};
476		538
477	/* Lock for GC. */	539	/* Lock for GC. */