aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/dummy.c6
-rw-r--r--security/selinux/exports.c11
-rw-r--r--security/selinux/hooks.c8
3 files changed, 11 insertions, 14 deletions
diff --git a/security/dummy.c b/security/dummy.c
index fd99429278e9..8ccccccc12ac 100644
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -563,11 +563,6 @@ static int dummy_ipc_permission (struct kern_ipc_perm *ipcp, short flag)
563 return 0; 563 return 0;
564} 564}
565 565
566static int dummy_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size)
567{
568 return -EOPNOTSUPP;
569}
570
571static int dummy_msg_msg_alloc_security (struct msg_msg *msg) 566static int dummy_msg_msg_alloc_security (struct msg_msg *msg)
572{ 567{
573 return 0; 568 return 0;
@@ -976,7 +971,6 @@ void security_fixup_ops (struct security_operations *ops)
976 set_to_dummy_if_null(ops, task_reparent_to_init); 971 set_to_dummy_if_null(ops, task_reparent_to_init);
977 set_to_dummy_if_null(ops, task_to_inode); 972 set_to_dummy_if_null(ops, task_to_inode);
978 set_to_dummy_if_null(ops, ipc_permission); 973 set_to_dummy_if_null(ops, ipc_permission);
979 set_to_dummy_if_null(ops, ipc_getsecurity);
980 set_to_dummy_if_null(ops, msg_msg_alloc_security); 974 set_to_dummy_if_null(ops, msg_msg_alloc_security);
981 set_to_dummy_if_null(ops, msg_msg_free_security); 975 set_to_dummy_if_null(ops, msg_msg_free_security);
982 set_to_dummy_if_null(ops, msg_queue_alloc_security); 976 set_to_dummy_if_null(ops, msg_queue_alloc_security);
diff --git a/security/selinux/exports.c b/security/selinux/exports.c
index 07ddce7bf374..7357cf247f60 100644
--- a/security/selinux/exports.c
+++ b/security/selinux/exports.c
@@ -15,6 +15,7 @@
15#include <linux/module.h> 15#include <linux/module.h>
16#include <linux/selinux.h> 16#include <linux/selinux.h>
17#include <linux/fs.h> 17#include <linux/fs.h>
18#include <linux/ipc.h>
18 19
19#include "security.h" 20#include "security.h"
20#include "objsec.h" 21#include "objsec.h"
@@ -50,3 +51,13 @@ void selinux_get_inode_sid(const struct inode *inode, u32 *sid)
50 *sid = 0; 51 *sid = 0;
51} 52}
52 53
54void selinux_get_ipc_sid(const struct kern_ipc_perm *ipcp, u32 *sid)
55{
56 if (selinux_enabled) {
57 struct ipc_security_struct *isec = ipcp->security;
58 *sid = isec->sid;
59 return;
60 }
61 *sid = 0;
62}
63
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index b61b9554bc27..3cf368a16448 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -4052,13 +4052,6 @@ static int selinux_ipc_permission(struct kern_ipc_perm *ipcp, short flag)
4052 return ipc_has_perm(ipcp, av); 4052 return ipc_has_perm(ipcp, av);
4053} 4053}
4054 4054
4055static int selinux_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size)
4056{
4057 struct ipc_security_struct *isec = ipcp->security;
4058
4059 return selinux_getsecurity(isec->sid, buffer, size);
4060}
4061
4062/* module stacking operations */ 4055/* module stacking operations */
4063static int selinux_register_security (const char *name, struct security_operations *ops) 4056static int selinux_register_security (const char *name, struct security_operations *ops)
4064{ 4057{
@@ -4321,7 +4314,6 @@ static struct security_operations selinux_ops = {
4321 .task_to_inode = selinux_task_to_inode, 4314 .task_to_inode = selinux_task_to_inode,
4322 4315
4323 .ipc_permission = selinux_ipc_permission, 4316 .ipc_permission = selinux_ipc_permission,
4324 .ipc_getsecurity = selinux_ipc_getsecurity,
4325 4317
4326 .msg_msg_alloc_security = selinux_msg_msg_alloc_security, 4318 .msg_msg_alloc_security = selinux_msg_msg_alloc_security,
4327 .msg_msg_free_security = selinux_msg_msg_free_security, 4319 .msg_msg_free_security = selinux_msg_msg_free_security,
generated by cgit v1.2.2 (git 2.25.0) at 2026-05-14 06:20:05 -0400