aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/inode.c33
-rw-r--r--security/security.c8
2 files changed, 20 insertions, 21 deletions
diff --git a/security/inode.c b/security/inode.c
index acc6cf0d7900..ca4958ebad8d 100644
--- a/security/inode.c
+++ b/security/inode.c
@@ -190,7 +190,7 @@ static int create_by_name(const char *name, mode_t mode,
190 * @name: a pointer to a string containing the name of the file to create. 190 * @name: a pointer to a string containing the name of the file to create.
191 * @mode: the permission that the file should have 191 * @mode: the permission that the file should have
192 * @parent: a pointer to the parent dentry for this file. This should be a 192 * @parent: a pointer to the parent dentry for this file. This should be a
193 * directory dentry if set. If this paramater is NULL, then the 193 * directory dentry if set. If this parameter is %NULL, then the
194 * file will be created in the root of the securityfs filesystem. 194 * file will be created in the root of the securityfs filesystem.
195 * @data: a pointer to something that the caller will want to get to later 195 * @data: a pointer to something that the caller will want to get to later
196 * on. The inode.i_private pointer will point to this value on 196 * on. The inode.i_private pointer will point to this value on
@@ -199,18 +199,18 @@ static int create_by_name(const char *name, mode_t mode,
199 * this file. 199 * this file.
200 * 200 *
201 * This is the basic "create a file" function for securityfs. It allows for a 201 * This is the basic "create a file" function for securityfs. It allows for a
202 * wide range of flexibility in createing a file, or a directory (if you 202 * wide range of flexibility in creating a file, or a directory (if you
203 * want to create a directory, the securityfs_create_dir() function is 203 * want to create a directory, the securityfs_create_dir() function is
204 * recommended to be used instead.) 204 * recommended to be used instead).
205 * 205 *
206 * This function will return a pointer to a dentry if it succeeds. This 206 * This function returns a pointer to a dentry if it succeeds. This
207 * pointer must be passed to the securityfs_remove() function when the file is 207 * pointer must be passed to the securityfs_remove() function when the file is
208 * to be removed (no automatic cleanup happens if your module is unloaded, 208 * to be removed (no automatic cleanup happens if your module is unloaded,
209 * you are responsible here.) If an error occurs, NULL will be returned. 209 * you are responsible here). If an error occurs, %NULL is returned.
210 * 210 *
211 * If securityfs is not enabled in the kernel, the value -ENODEV will be 211 * If securityfs is not enabled in the kernel, the value %-ENODEV is
212 * returned. It is not wise to check for this value, but rather, check for 212 * returned. It is not wise to check for this value, but rather, check for
213 * NULL or !NULL instead as to eliminate the need for #ifdef in the calling 213 * %NULL or !%NULL instead as to eliminate the need for #ifdef in the calling
214 * code. 214 * code.
215 */ 215 */
216struct dentry *securityfs_create_file(const char *name, mode_t mode, 216struct dentry *securityfs_create_file(const char *name, mode_t mode,
@@ -252,19 +252,19 @@ EXPORT_SYMBOL_GPL(securityfs_create_file);
252 * @name: a pointer to a string containing the name of the directory to 252 * @name: a pointer to a string containing the name of the directory to
253 * create. 253 * create.
254 * @parent: a pointer to the parent dentry for this file. This should be a 254 * @parent: a pointer to the parent dentry for this file. This should be a
255 * directory dentry if set. If this paramater is NULL, then the 255 * directory dentry if set. If this parameter is %NULL, then the
256 * directory will be created in the root of the securityfs filesystem. 256 * directory will be created in the root of the securityfs filesystem.
257 * 257 *
258 * This function creates a directory in securityfs with the given name. 258 * This function creates a directory in securityfs with the given @name.
259 * 259 *
260 * This function will return a pointer to a dentry if it succeeds. This 260 * This function returns a pointer to a dentry if it succeeds. This
261 * pointer must be passed to the securityfs_remove() function when the file is 261 * pointer must be passed to the securityfs_remove() function when the file is
262 * to be removed (no automatic cleanup happens if your module is unloaded, 262 * to be removed (no automatic cleanup happens if your module is unloaded,
263 * you are responsible here.) If an error occurs, NULL will be returned. 263 * you are responsible here). If an error occurs, %NULL will be returned.
264 * 264 *
265 * If securityfs is not enabled in the kernel, the value -ENODEV will be 265 * If securityfs is not enabled in the kernel, the value %-ENODEV is
266 * returned. It is not wise to check for this value, but rather, check for 266 * returned. It is not wise to check for this value, but rather, check for
267 * NULL or !NULL instead as to eliminate the need for #ifdef in the calling 267 * %NULL or !%NULL instead as to eliminate the need for #ifdef in the calling
268 * code. 268 * code.
269 */ 269 */
270struct dentry *securityfs_create_dir(const char *name, struct dentry *parent) 270struct dentry *securityfs_create_dir(const char *name, struct dentry *parent)
@@ -278,16 +278,15 @@ EXPORT_SYMBOL_GPL(securityfs_create_dir);
278/** 278/**
279 * securityfs_remove - removes a file or directory from the securityfs filesystem 279 * securityfs_remove - removes a file or directory from the securityfs filesystem
280 * 280 *
281 * @dentry: a pointer to a the dentry of the file or directory to be 281 * @dentry: a pointer to a the dentry of the file or directory to be removed.
282 * removed.
283 * 282 *
284 * This function removes a file or directory in securityfs that was previously 283 * This function removes a file or directory in securityfs that was previously
285 * created with a call to another securityfs function (like 284 * created with a call to another securityfs function (like
286 * securityfs_create_file() or variants thereof.) 285 * securityfs_create_file() or variants thereof.)
287 * 286 *
288 * This function is required to be called in order for the file to be 287 * This function is required to be called in order for the file to be
289 * removed, no automatic cleanup of files will happen when a module is 288 * removed. No automatic cleanup of files will happen when a module is
290 * removed, you are responsible here. 289 * removed; you are responsible here.
291 */ 290 */
292void securityfs_remove(struct dentry *dentry) 291void securityfs_remove(struct dentry *dentry)
293{ 292{
diff --git a/security/security.c b/security/security.c
index ff7068727757..d953d251fdca 100644
--- a/security/security.c
+++ b/security/security.c
@@ -82,8 +82,8 @@ __setup("security=", choose_lsm);
82 * 82 *
83 * Return true if: 83 * Return true if:
84 * -The passed LSM is the one chosen by user at boot time, 84 * -The passed LSM is the one chosen by user at boot time,
85 * -or user didsn't specify a specific LSM and we're the first to ask 85 * -or user didn't specify a specific LSM and we're the first to ask
86 * for registeration permissoin, 86 * for registration permission,
87 * -or the passed LSM is currently loaded. 87 * -or the passed LSM is currently loaded.
88 * Otherwise, return false. 88 * Otherwise, return false.
89 */ 89 */
@@ -101,13 +101,13 @@ int __init security_module_enable(struct security_operations *ops)
101 * register_security - registers a security framework with the kernel 101 * register_security - registers a security framework with the kernel
102 * @ops: a pointer to the struct security_options that is to be registered 102 * @ops: a pointer to the struct security_options that is to be registered
103 * 103 *
104 * This function is to allow a security module to register itself with the 104 * This function allows a security module to register itself with the
105 * kernel security subsystem. Some rudimentary checking is done on the @ops 105 * kernel security subsystem. Some rudimentary checking is done on the @ops
106 * value passed to this function. You'll need to check first if your LSM 106 * value passed to this function. You'll need to check first if your LSM
107 * is allowed to register its @ops by calling security_module_enable(@ops). 107 * is allowed to register its @ops by calling security_module_enable(@ops).
108 * 108 *
109 * If there is already a security module registered with the kernel, 109 * If there is already a security module registered with the kernel,
110 * an error will be returned. Otherwise 0 is returned on success. 110 * an error will be returned. Otherwise %0 is returned on success.
111 */ 111 */
112int register_security(struct security_operations *ops) 112int register_security(struct security_operations *ops)
113{ 113{