Commit 1996a10948e50e546dc2b64276723c0b64d3173b
Committed by
James Morris
1 parent
63cb344923
Exists in
master
and in
20 other branches
security/selinux: constify function pointer tables and fields
Constify function pointer tables and fields. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: James Morris <jmorris@namei.org>
Showing 3 changed files with 4 additions and 4 deletions Inline Diff
include/linux/security.h
1 | /* | 1 | /* |
2 | * Linux Security plug | 2 | * Linux Security plug |
3 | * | 3 | * |
4 | * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com> | 4 | * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com> |
5 | * Copyright (C) 2001 Greg Kroah-Hartman <greg@kroah.com> | 5 | * Copyright (C) 2001 Greg Kroah-Hartman <greg@kroah.com> |
6 | * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> | 6 | * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> |
7 | * Copyright (C) 2001 James Morris <jmorris@intercode.com.au> | 7 | * Copyright (C) 2001 James Morris <jmorris@intercode.com.au> |
8 | * Copyright (C) 2001 Silicon Graphics, Inc. (Trust Technology Group) | 8 | * Copyright (C) 2001 Silicon Graphics, Inc. (Trust Technology Group) |
9 | * | 9 | * |
10 | * This program is free software; you can redistribute it and/or modify | 10 | * This program is free software; you can redistribute it and/or modify |
11 | * it under the terms of the GNU General Public License as published by | 11 | * it under the terms of the GNU General Public License as published by |
12 | * the Free Software Foundation; either version 2 of the License, or | 12 | * the Free Software Foundation; either version 2 of the License, or |
13 | * (at your option) any later version. | 13 | * (at your option) any later version. |
14 | * | 14 | * |
15 | * Due to this file being licensed under the GPL there is controversy over | 15 | * Due to this file being licensed under the GPL there is controversy over |
16 | * whether this permits you to write a module that #includes this file | 16 | * whether this permits you to write a module that #includes this file |
17 | * without placing your module under the GPL. Please consult a lawyer for | 17 | * without placing your module under the GPL. Please consult a lawyer for |
18 | * advice before doing this. | 18 | * advice before doing this. |
19 | * | 19 | * |
20 | */ | 20 | */ |
21 | 21 | ||
22 | #ifndef __LINUX_SECURITY_H | 22 | #ifndef __LINUX_SECURITY_H |
23 | #define __LINUX_SECURITY_H | 23 | #define __LINUX_SECURITY_H |
24 | 24 | ||
25 | #include <linux/fs.h> | 25 | #include <linux/fs.h> |
26 | #include <linux/binfmts.h> | 26 | #include <linux/binfmts.h> |
27 | #include <linux/signal.h> | 27 | #include <linux/signal.h> |
28 | #include <linux/resource.h> | 28 | #include <linux/resource.h> |
29 | #include <linux/sem.h> | 29 | #include <linux/sem.h> |
30 | #include <linux/shm.h> | 30 | #include <linux/shm.h> |
31 | #include <linux/msg.h> | 31 | #include <linux/msg.h> |
32 | #include <linux/sched.h> | 32 | #include <linux/sched.h> |
33 | #include <linux/key.h> | 33 | #include <linux/key.h> |
34 | #include <linux/xfrm.h> | 34 | #include <linux/xfrm.h> |
35 | #include <net/flow.h> | 35 | #include <net/flow.h> |
36 | 36 | ||
37 | /* only a char in selinux superblock security struct flags */ | 37 | /* only a char in selinux superblock security struct flags */ |
38 | #define FSCONTEXT_MNT 0x01 | 38 | #define FSCONTEXT_MNT 0x01 |
39 | #define CONTEXT_MNT 0x02 | 39 | #define CONTEXT_MNT 0x02 |
40 | #define ROOTCONTEXT_MNT 0x04 | 40 | #define ROOTCONTEXT_MNT 0x04 |
41 | #define DEFCONTEXT_MNT 0x08 | 41 | #define DEFCONTEXT_MNT 0x08 |
42 | 42 | ||
43 | /* | 43 | /* |
44 | * Bounding set | 44 | * Bounding set |
45 | */ | 45 | */ |
46 | extern kernel_cap_t cap_bset; | 46 | extern kernel_cap_t cap_bset; |
47 | 47 | ||
48 | extern unsigned securebits; | 48 | extern unsigned securebits; |
49 | 49 | ||
50 | struct ctl_table; | 50 | struct ctl_table; |
51 | 51 | ||
52 | /* | 52 | /* |
53 | * These functions are in security/capability.c and are used | 53 | * These functions are in security/capability.c and are used |
54 | * as the default capabilities functions | 54 | * as the default capabilities functions |
55 | */ | 55 | */ |
56 | extern int cap_capable (struct task_struct *tsk, int cap); | 56 | extern int cap_capable (struct task_struct *tsk, int cap); |
57 | extern int cap_settime (struct timespec *ts, struct timezone *tz); | 57 | extern int cap_settime (struct timespec *ts, struct timezone *tz); |
58 | extern int cap_ptrace (struct task_struct *parent, struct task_struct *child); | 58 | extern int cap_ptrace (struct task_struct *parent, struct task_struct *child); |
59 | extern int cap_capget (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); | 59 | extern int cap_capget (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); |
60 | extern int cap_capset_check (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); | 60 | extern int cap_capset_check (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); |
61 | extern void cap_capset_set (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); | 61 | extern void cap_capset_set (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); |
62 | extern int cap_bprm_set_security (struct linux_binprm *bprm); | 62 | extern int cap_bprm_set_security (struct linux_binprm *bprm); |
63 | extern void cap_bprm_apply_creds (struct linux_binprm *bprm, int unsafe); | 63 | extern void cap_bprm_apply_creds (struct linux_binprm *bprm, int unsafe); |
64 | extern int cap_bprm_secureexec(struct linux_binprm *bprm); | 64 | extern int cap_bprm_secureexec(struct linux_binprm *bprm); |
65 | extern int cap_inode_setxattr(struct dentry *dentry, char *name, void *value, size_t size, int flags); | 65 | extern int cap_inode_setxattr(struct dentry *dentry, char *name, void *value, size_t size, int flags); |
66 | extern int cap_inode_removexattr(struct dentry *dentry, char *name); | 66 | extern int cap_inode_removexattr(struct dentry *dentry, char *name); |
67 | extern int cap_inode_need_killpriv(struct dentry *dentry); | 67 | extern int cap_inode_need_killpriv(struct dentry *dentry); |
68 | extern int cap_inode_killpriv(struct dentry *dentry); | 68 | extern int cap_inode_killpriv(struct dentry *dentry); |
69 | extern int cap_task_post_setuid (uid_t old_ruid, uid_t old_euid, uid_t old_suid, int flags); | 69 | extern int cap_task_post_setuid (uid_t old_ruid, uid_t old_euid, uid_t old_suid, int flags); |
70 | extern void cap_task_reparent_to_init (struct task_struct *p); | 70 | extern void cap_task_reparent_to_init (struct task_struct *p); |
71 | extern int cap_task_kill(struct task_struct *p, struct siginfo *info, int sig, u32 secid); | 71 | extern int cap_task_kill(struct task_struct *p, struct siginfo *info, int sig, u32 secid); |
72 | extern int cap_task_setscheduler (struct task_struct *p, int policy, struct sched_param *lp); | 72 | extern int cap_task_setscheduler (struct task_struct *p, int policy, struct sched_param *lp); |
73 | extern int cap_task_setioprio (struct task_struct *p, int ioprio); | 73 | extern int cap_task_setioprio (struct task_struct *p, int ioprio); |
74 | extern int cap_task_setnice (struct task_struct *p, int nice); | 74 | extern int cap_task_setnice (struct task_struct *p, int nice); |
75 | extern int cap_syslog (int type); | 75 | extern int cap_syslog (int type); |
76 | extern int cap_vm_enough_memory(struct mm_struct *mm, long pages); | 76 | extern int cap_vm_enough_memory(struct mm_struct *mm, long pages); |
77 | 77 | ||
78 | struct msghdr; | 78 | struct msghdr; |
79 | struct sk_buff; | 79 | struct sk_buff; |
80 | struct sock; | 80 | struct sock; |
81 | struct sockaddr; | 81 | struct sockaddr; |
82 | struct socket; | 82 | struct socket; |
83 | struct flowi; | 83 | struct flowi; |
84 | struct dst_entry; | 84 | struct dst_entry; |
85 | struct xfrm_selector; | 85 | struct xfrm_selector; |
86 | struct xfrm_policy; | 86 | struct xfrm_policy; |
87 | struct xfrm_state; | 87 | struct xfrm_state; |
88 | struct xfrm_user_sec_ctx; | 88 | struct xfrm_user_sec_ctx; |
89 | 89 | ||
90 | extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb); | 90 | extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb); |
91 | extern int cap_netlink_recv(struct sk_buff *skb, int cap); | 91 | extern int cap_netlink_recv(struct sk_buff *skb, int cap); |
92 | 92 | ||
93 | extern unsigned long mmap_min_addr; | 93 | extern unsigned long mmap_min_addr; |
94 | /* | 94 | /* |
95 | * Values used in the task_security_ops calls | 95 | * Values used in the task_security_ops calls |
96 | */ | 96 | */ |
97 | /* setuid or setgid, id0 == uid or gid */ | 97 | /* setuid or setgid, id0 == uid or gid */ |
98 | #define LSM_SETID_ID 1 | 98 | #define LSM_SETID_ID 1 |
99 | 99 | ||
100 | /* setreuid or setregid, id0 == real, id1 == eff */ | 100 | /* setreuid or setregid, id0 == real, id1 == eff */ |
101 | #define LSM_SETID_RE 2 | 101 | #define LSM_SETID_RE 2 |
102 | 102 | ||
103 | /* setresuid or setresgid, id0 == real, id1 == eff, uid2 == saved */ | 103 | /* setresuid or setresgid, id0 == real, id1 == eff, uid2 == saved */ |
104 | #define LSM_SETID_RES 4 | 104 | #define LSM_SETID_RES 4 |
105 | 105 | ||
106 | /* setfsuid or setfsgid, id0 == fsuid or fsgid */ | 106 | /* setfsuid or setfsgid, id0 == fsuid or fsgid */ |
107 | #define LSM_SETID_FS 8 | 107 | #define LSM_SETID_FS 8 |
108 | 108 | ||
109 | /* forward declares to avoid warnings */ | 109 | /* forward declares to avoid warnings */ |
110 | struct nfsctl_arg; | 110 | struct nfsctl_arg; |
111 | struct sched_param; | 111 | struct sched_param; |
112 | struct swap_info_struct; | 112 | struct swap_info_struct; |
113 | struct request_sock; | 113 | struct request_sock; |
114 | 114 | ||
115 | /* bprm_apply_creds unsafe reasons */ | 115 | /* bprm_apply_creds unsafe reasons */ |
116 | #define LSM_UNSAFE_SHARE 1 | 116 | #define LSM_UNSAFE_SHARE 1 |
117 | #define LSM_UNSAFE_PTRACE 2 | 117 | #define LSM_UNSAFE_PTRACE 2 |
118 | #define LSM_UNSAFE_PTRACE_CAP 4 | 118 | #define LSM_UNSAFE_PTRACE_CAP 4 |
119 | 119 | ||
120 | #ifdef CONFIG_SECURITY | 120 | #ifdef CONFIG_SECURITY |
121 | 121 | ||
122 | /** | 122 | /** |
123 | * struct security_operations - main security structure | 123 | * struct security_operations - main security structure |
124 | * | 124 | * |
125 | * Security hooks for program execution operations. | 125 | * Security hooks for program execution operations. |
126 | * | 126 | * |
127 | * @bprm_alloc_security: | 127 | * @bprm_alloc_security: |
128 | * Allocate and attach a security structure to the @bprm->security field. | 128 | * Allocate and attach a security structure to the @bprm->security field. |
129 | * The security field is initialized to NULL when the bprm structure is | 129 | * The security field is initialized to NULL when the bprm structure is |
130 | * allocated. | 130 | * allocated. |
131 | * @bprm contains the linux_binprm structure to be modified. | 131 | * @bprm contains the linux_binprm structure to be modified. |
132 | * Return 0 if operation was successful. | 132 | * Return 0 if operation was successful. |
133 | * @bprm_free_security: | 133 | * @bprm_free_security: |
134 | * @bprm contains the linux_binprm structure to be modified. | 134 | * @bprm contains the linux_binprm structure to be modified. |
135 | * Deallocate and clear the @bprm->security field. | 135 | * Deallocate and clear the @bprm->security field. |
136 | * @bprm_apply_creds: | 136 | * @bprm_apply_creds: |
137 | * Compute and set the security attributes of a process being transformed | 137 | * Compute and set the security attributes of a process being transformed |
138 | * by an execve operation based on the old attributes (current->security) | 138 | * by an execve operation based on the old attributes (current->security) |
139 | * and the information saved in @bprm->security by the set_security hook. | 139 | * and the information saved in @bprm->security by the set_security hook. |
140 | * Since this hook function (and its caller) are void, this hook can not | 140 | * Since this hook function (and its caller) are void, this hook can not |
141 | * return an error. However, it can leave the security attributes of the | 141 | * return an error. However, it can leave the security attributes of the |
142 | * process unchanged if an access failure occurs at this point. | 142 | * process unchanged if an access failure occurs at this point. |
143 | * bprm_apply_creds is called under task_lock. @unsafe indicates various | 143 | * bprm_apply_creds is called under task_lock. @unsafe indicates various |
144 | * reasons why it may be unsafe to change security state. | 144 | * reasons why it may be unsafe to change security state. |
145 | * @bprm contains the linux_binprm structure. | 145 | * @bprm contains the linux_binprm structure. |
146 | * @bprm_post_apply_creds: | 146 | * @bprm_post_apply_creds: |
147 | * Runs after bprm_apply_creds with the task_lock dropped, so that | 147 | * Runs after bprm_apply_creds with the task_lock dropped, so that |
148 | * functions which cannot be called safely under the task_lock can | 148 | * functions which cannot be called safely under the task_lock can |
149 | * be used. This hook is a good place to perform state changes on | 149 | * be used. This hook is a good place to perform state changes on |
150 | * the process such as closing open file descriptors to which access | 150 | * the process such as closing open file descriptors to which access |
151 | * is no longer granted if the attributes were changed. | 151 | * is no longer granted if the attributes were changed. |
152 | * Note that a security module might need to save state between | 152 | * Note that a security module might need to save state between |
153 | * bprm_apply_creds and bprm_post_apply_creds to store the decision | 153 | * bprm_apply_creds and bprm_post_apply_creds to store the decision |
154 | * on whether the process may proceed. | 154 | * on whether the process may proceed. |
155 | * @bprm contains the linux_binprm structure. | 155 | * @bprm contains the linux_binprm structure. |
156 | * @bprm_set_security: | 156 | * @bprm_set_security: |
157 | * Save security information in the bprm->security field, typically based | 157 | * Save security information in the bprm->security field, typically based |
158 | * on information about the bprm->file, for later use by the apply_creds | 158 | * on information about the bprm->file, for later use by the apply_creds |
159 | * hook. This hook may also optionally check permissions (e.g. for | 159 | * hook. This hook may also optionally check permissions (e.g. for |
160 | * transitions between security domains). | 160 | * transitions between security domains). |
161 | * This hook may be called multiple times during a single execve, e.g. for | 161 | * This hook may be called multiple times during a single execve, e.g. for |
162 | * interpreters. The hook can tell whether it has already been called by | 162 | * interpreters. The hook can tell whether it has already been called by |
163 | * checking to see if @bprm->security is non-NULL. If so, then the hook | 163 | * checking to see if @bprm->security is non-NULL. If so, then the hook |
164 | * may decide either to retain the security information saved earlier or | 164 | * may decide either to retain the security information saved earlier or |
165 | * to replace it. | 165 | * to replace it. |
166 | * @bprm contains the linux_binprm structure. | 166 | * @bprm contains the linux_binprm structure. |
167 | * Return 0 if the hook is successful and permission is granted. | 167 | * Return 0 if the hook is successful and permission is granted. |
168 | * @bprm_check_security: | 168 | * @bprm_check_security: |
169 | * This hook mediates the point when a search for a binary handler will | 169 | * This hook mediates the point when a search for a binary handler will |
170 | * begin. It allows a check the @bprm->security value which is set in | 170 | * begin. It allows a check the @bprm->security value which is set in |
171 | * the preceding set_security call. The primary difference from | 171 | * the preceding set_security call. The primary difference from |
172 | * set_security is that the argv list and envp list are reliably | 172 | * set_security is that the argv list and envp list are reliably |
173 | * available in @bprm. This hook may be called multiple times | 173 | * available in @bprm. This hook may be called multiple times |
174 | * during a single execve; and in each pass set_security is called | 174 | * during a single execve; and in each pass set_security is called |
175 | * first. | 175 | * first. |
176 | * @bprm contains the linux_binprm structure. | 176 | * @bprm contains the linux_binprm structure. |
177 | * Return 0 if the hook is successful and permission is granted. | 177 | * Return 0 if the hook is successful and permission is granted. |
178 | * @bprm_secureexec: | 178 | * @bprm_secureexec: |
179 | * Return a boolean value (0 or 1) indicating whether a "secure exec" | 179 | * Return a boolean value (0 or 1) indicating whether a "secure exec" |
180 | * is required. The flag is passed in the auxiliary table | 180 | * is required. The flag is passed in the auxiliary table |
181 | * on the initial stack to the ELF interpreter to indicate whether libc | 181 | * on the initial stack to the ELF interpreter to indicate whether libc |
182 | * should enable secure mode. | 182 | * should enable secure mode. |
183 | * @bprm contains the linux_binprm structure. | 183 | * @bprm contains the linux_binprm structure. |
184 | * | 184 | * |
185 | * Security hooks for filesystem operations. | 185 | * Security hooks for filesystem operations. |
186 | * | 186 | * |
187 | * @sb_alloc_security: | 187 | * @sb_alloc_security: |
188 | * Allocate and attach a security structure to the sb->s_security field. | 188 | * Allocate and attach a security structure to the sb->s_security field. |
189 | * The s_security field is initialized to NULL when the structure is | 189 | * The s_security field is initialized to NULL when the structure is |
190 | * allocated. | 190 | * allocated. |
191 | * @sb contains the super_block structure to be modified. | 191 | * @sb contains the super_block structure to be modified. |
192 | * Return 0 if operation was successful. | 192 | * Return 0 if operation was successful. |
193 | * @sb_free_security: | 193 | * @sb_free_security: |
194 | * Deallocate and clear the sb->s_security field. | 194 | * Deallocate and clear the sb->s_security field. |
195 | * @sb contains the super_block structure to be modified. | 195 | * @sb contains the super_block structure to be modified. |
196 | * @sb_statfs: | 196 | * @sb_statfs: |
197 | * Check permission before obtaining filesystem statistics for the @mnt | 197 | * Check permission before obtaining filesystem statistics for the @mnt |
198 | * mountpoint. | 198 | * mountpoint. |
199 | * @dentry is a handle on the superblock for the filesystem. | 199 | * @dentry is a handle on the superblock for the filesystem. |
200 | * Return 0 if permission is granted. | 200 | * Return 0 if permission is granted. |
201 | * @sb_mount: | 201 | * @sb_mount: |
202 | * Check permission before an object specified by @dev_name is mounted on | 202 | * Check permission before an object specified by @dev_name is mounted on |
203 | * the mount point named by @nd. For an ordinary mount, @dev_name | 203 | * the mount point named by @nd. For an ordinary mount, @dev_name |
204 | * identifies a device if the file system type requires a device. For a | 204 | * identifies a device if the file system type requires a device. For a |
205 | * remount (@flags & MS_REMOUNT), @dev_name is irrelevant. For a | 205 | * remount (@flags & MS_REMOUNT), @dev_name is irrelevant. For a |
206 | * loopback/bind mount (@flags & MS_BIND), @dev_name identifies the | 206 | * loopback/bind mount (@flags & MS_BIND), @dev_name identifies the |
207 | * pathname of the object being mounted. | 207 | * pathname of the object being mounted. |
208 | * @dev_name contains the name for object being mounted. | 208 | * @dev_name contains the name for object being mounted. |
209 | * @nd contains the nameidata structure for mount point object. | 209 | * @nd contains the nameidata structure for mount point object. |
210 | * @type contains the filesystem type. | 210 | * @type contains the filesystem type. |
211 | * @flags contains the mount flags. | 211 | * @flags contains the mount flags. |
212 | * @data contains the filesystem-specific data. | 212 | * @data contains the filesystem-specific data. |
213 | * Return 0 if permission is granted. | 213 | * Return 0 if permission is granted. |
214 | * @sb_copy_data: | 214 | * @sb_copy_data: |
215 | * Allow mount option data to be copied prior to parsing by the filesystem, | 215 | * Allow mount option data to be copied prior to parsing by the filesystem, |
216 | * so that the security module can extract security-specific mount | 216 | * so that the security module can extract security-specific mount |
217 | * options cleanly (a filesystem may modify the data e.g. with strsep()). | 217 | * options cleanly (a filesystem may modify the data e.g. with strsep()). |
218 | * This also allows the original mount data to be stripped of security- | 218 | * This also allows the original mount data to be stripped of security- |
219 | * specific options to avoid having to make filesystems aware of them. | 219 | * specific options to avoid having to make filesystems aware of them. |
220 | * @type the type of filesystem being mounted. | 220 | * @type the type of filesystem being mounted. |
221 | * @orig the original mount data copied from userspace. | 221 | * @orig the original mount data copied from userspace. |
222 | * @copy copied data which will be passed to the security module. | 222 | * @copy copied data which will be passed to the security module. |
223 | * Returns 0 if the copy was successful. | 223 | * Returns 0 if the copy was successful. |
224 | * @sb_check_sb: | 224 | * @sb_check_sb: |
225 | * Check permission before the device with superblock @mnt->sb is mounted | 225 | * Check permission before the device with superblock @mnt->sb is mounted |
226 | * on the mount point named by @nd. | 226 | * on the mount point named by @nd. |
227 | * @mnt contains the vfsmount for device being mounted. | 227 | * @mnt contains the vfsmount for device being mounted. |
228 | * @nd contains the nameidata object for the mount point. | 228 | * @nd contains the nameidata object for the mount point. |
229 | * Return 0 if permission is granted. | 229 | * Return 0 if permission is granted. |
230 | * @sb_umount: | 230 | * @sb_umount: |
231 | * Check permission before the @mnt file system is unmounted. | 231 | * Check permission before the @mnt file system is unmounted. |
232 | * @mnt contains the mounted file system. | 232 | * @mnt contains the mounted file system. |
233 | * @flags contains the unmount flags, e.g. MNT_FORCE. | 233 | * @flags contains the unmount flags, e.g. MNT_FORCE. |
234 | * Return 0 if permission is granted. | 234 | * Return 0 if permission is granted. |
235 | * @sb_umount_close: | 235 | * @sb_umount_close: |
236 | * Close any files in the @mnt mounted filesystem that are held open by | 236 | * Close any files in the @mnt mounted filesystem that are held open by |
237 | * the security module. This hook is called during an umount operation | 237 | * the security module. This hook is called during an umount operation |
238 | * prior to checking whether the filesystem is still busy. | 238 | * prior to checking whether the filesystem is still busy. |
239 | * @mnt contains the mounted filesystem. | 239 | * @mnt contains the mounted filesystem. |
240 | * @sb_umount_busy: | 240 | * @sb_umount_busy: |
241 | * Handle a failed umount of the @mnt mounted filesystem, e.g. re-opening | 241 | * Handle a failed umount of the @mnt mounted filesystem, e.g. re-opening |
242 | * any files that were closed by umount_close. This hook is called during | 242 | * any files that were closed by umount_close. This hook is called during |
243 | * an umount operation if the umount fails after a call to the | 243 | * an umount operation if the umount fails after a call to the |
244 | * umount_close hook. | 244 | * umount_close hook. |
245 | * @mnt contains the mounted filesystem. | 245 | * @mnt contains the mounted filesystem. |
246 | * @sb_post_remount: | 246 | * @sb_post_remount: |
247 | * Update the security module's state when a filesystem is remounted. | 247 | * Update the security module's state when a filesystem is remounted. |
248 | * This hook is only called if the remount was successful. | 248 | * This hook is only called if the remount was successful. |
249 | * @mnt contains the mounted file system. | 249 | * @mnt contains the mounted file system. |
250 | * @flags contains the new filesystem flags. | 250 | * @flags contains the new filesystem flags. |
251 | * @data contains the filesystem-specific data. | 251 | * @data contains the filesystem-specific data. |
252 | * @sb_post_addmount: | 252 | * @sb_post_addmount: |
253 | * Update the security module's state when a filesystem is mounted. | 253 | * Update the security module's state when a filesystem is mounted. |
254 | * This hook is called any time a mount is successfully grafetd to | 254 | * This hook is called any time a mount is successfully grafetd to |
255 | * the tree. | 255 | * the tree. |
256 | * @mnt contains the mounted filesystem. | 256 | * @mnt contains the mounted filesystem. |
257 | * @mountpoint_nd contains the nameidata structure for the mount point. | 257 | * @mountpoint_nd contains the nameidata structure for the mount point. |
258 | * @sb_pivotroot: | 258 | * @sb_pivotroot: |
259 | * Check permission before pivoting the root filesystem. | 259 | * Check permission before pivoting the root filesystem. |
260 | * @old_nd contains the nameidata structure for the new location of the current root (put_old). | 260 | * @old_nd contains the nameidata structure for the new location of the current root (put_old). |
261 | * @new_nd contains the nameidata structure for the new root (new_root). | 261 | * @new_nd contains the nameidata structure for the new root (new_root). |
262 | * Return 0 if permission is granted. | 262 | * Return 0 if permission is granted. |
263 | * @sb_post_pivotroot: | 263 | * @sb_post_pivotroot: |
264 | * Update module state after a successful pivot. | 264 | * Update module state after a successful pivot. |
265 | * @old_nd contains the nameidata structure for the old root. | 265 | * @old_nd contains the nameidata structure for the old root. |
266 | * @new_nd contains the nameidata structure for the new root. | 266 | * @new_nd contains the nameidata structure for the new root. |
267 | * @sb_get_mnt_opts: | 267 | * @sb_get_mnt_opts: |
268 | * Get the security relevant mount options used for a superblock | 268 | * Get the security relevant mount options used for a superblock |
269 | * @sb the superblock to get security mount options from | 269 | * @sb the superblock to get security mount options from |
270 | * @mount_options array for pointers to mount options | 270 | * @mount_options array for pointers to mount options |
271 | * @mount_flags array of ints specifying what each mount options is | 271 | * @mount_flags array of ints specifying what each mount options is |
272 | * @num_opts number of options in the arrays | 272 | * @num_opts number of options in the arrays |
273 | * @sb_set_mnt_opts: | 273 | * @sb_set_mnt_opts: |
274 | * Set the security relevant mount options used for a superblock | 274 | * Set the security relevant mount options used for a superblock |
275 | * @sb the superblock to set security mount options for | 275 | * @sb the superblock to set security mount options for |
276 | * @mount_options array for pointers to mount options | 276 | * @mount_options array for pointers to mount options |
277 | * @mount_flags array of ints specifying what each mount options is | 277 | * @mount_flags array of ints specifying what each mount options is |
278 | * @num_opts number of options in the arrays | 278 | * @num_opts number of options in the arrays |
279 | * @sb_clone_mnt_opts: | 279 | * @sb_clone_mnt_opts: |
280 | * Copy all security options from a given superblock to another | 280 | * Copy all security options from a given superblock to another |
281 | * @oldsb old superblock which contain information to clone | 281 | * @oldsb old superblock which contain information to clone |
282 | * @newsb new superblock which needs filled in | 282 | * @newsb new superblock which needs filled in |
283 | * | 283 | * |
284 | * Security hooks for inode operations. | 284 | * Security hooks for inode operations. |
285 | * | 285 | * |
286 | * @inode_alloc_security: | 286 | * @inode_alloc_security: |
287 | * Allocate and attach a security structure to @inode->i_security. The | 287 | * Allocate and attach a security structure to @inode->i_security. The |
288 | * i_security field is initialized to NULL when the inode structure is | 288 | * i_security field is initialized to NULL when the inode structure is |
289 | * allocated. | 289 | * allocated. |
290 | * @inode contains the inode structure. | 290 | * @inode contains the inode structure. |
291 | * Return 0 if operation was successful. | 291 | * Return 0 if operation was successful. |
292 | * @inode_free_security: | 292 | * @inode_free_security: |
293 | * @inode contains the inode structure. | 293 | * @inode contains the inode structure. |
294 | * Deallocate the inode security structure and set @inode->i_security to | 294 | * Deallocate the inode security structure and set @inode->i_security to |
295 | * NULL. | 295 | * NULL. |
296 | * @inode_init_security: | 296 | * @inode_init_security: |
297 | * Obtain the security attribute name suffix and value to set on a newly | 297 | * Obtain the security attribute name suffix and value to set on a newly |
298 | * created inode and set up the incore security field for the new inode. | 298 | * created inode and set up the incore security field for the new inode. |
299 | * This hook is called by the fs code as part of the inode creation | 299 | * This hook is called by the fs code as part of the inode creation |
300 | * transaction and provides for atomic labeling of the inode, unlike | 300 | * transaction and provides for atomic labeling of the inode, unlike |
301 | * the post_create/mkdir/... hooks called by the VFS. The hook function | 301 | * the post_create/mkdir/... hooks called by the VFS. The hook function |
302 | * is expected to allocate the name and value via kmalloc, with the caller | 302 | * is expected to allocate the name and value via kmalloc, with the caller |
303 | * being responsible for calling kfree after using them. | 303 | * being responsible for calling kfree after using them. |
304 | * If the security module does not use security attributes or does | 304 | * If the security module does not use security attributes or does |
305 | * not wish to put a security attribute on this particular inode, | 305 | * not wish to put a security attribute on this particular inode, |
306 | * then it should return -EOPNOTSUPP to skip this processing. | 306 | * then it should return -EOPNOTSUPP to skip this processing. |
307 | * @inode contains the inode structure of the newly created inode. | 307 | * @inode contains the inode structure of the newly created inode. |
308 | * @dir contains the inode structure of the parent directory. | 308 | * @dir contains the inode structure of the parent directory. |
309 | * @name will be set to the allocated name suffix (e.g. selinux). | 309 | * @name will be set to the allocated name suffix (e.g. selinux). |
310 | * @value will be set to the allocated attribute value. | 310 | * @value will be set to the allocated attribute value. |
311 | * @len will be set to the length of the value. | 311 | * @len will be set to the length of the value. |
312 | * Returns 0 if @name and @value have been successfully set, | 312 | * Returns 0 if @name and @value have been successfully set, |
313 | * -EOPNOTSUPP if no security attribute is needed, or | 313 | * -EOPNOTSUPP if no security attribute is needed, or |
314 | * -ENOMEM on memory allocation failure. | 314 | * -ENOMEM on memory allocation failure. |
315 | * @inode_create: | 315 | * @inode_create: |
316 | * Check permission to create a regular file. | 316 | * Check permission to create a regular file. |
317 | * @dir contains inode structure of the parent of the new file. | 317 | * @dir contains inode structure of the parent of the new file. |
318 | * @dentry contains the dentry structure for the file to be created. | 318 | * @dentry contains the dentry structure for the file to be created. |
319 | * @mode contains the file mode of the file to be created. | 319 | * @mode contains the file mode of the file to be created. |
320 | * Return 0 if permission is granted. | 320 | * Return 0 if permission is granted. |
321 | * @inode_link: | 321 | * @inode_link: |
322 | * Check permission before creating a new hard link to a file. | 322 | * Check permission before creating a new hard link to a file. |
323 | * @old_dentry contains the dentry structure for an existing link to the file. | 323 | * @old_dentry contains the dentry structure for an existing link to the file. |
324 | * @dir contains the inode structure of the parent directory of the new link. | 324 | * @dir contains the inode structure of the parent directory of the new link. |
325 | * @new_dentry contains the dentry structure for the new link. | 325 | * @new_dentry contains the dentry structure for the new link. |
326 | * Return 0 if permission is granted. | 326 | * Return 0 if permission is granted. |
327 | * @inode_unlink: | 327 | * @inode_unlink: |
328 | * Check the permission to remove a hard link to a file. | 328 | * Check the permission to remove a hard link to a file. |
329 | * @dir contains the inode structure of parent directory of the file. | 329 | * @dir contains the inode structure of parent directory of the file. |
330 | * @dentry contains the dentry structure for file to be unlinked. | 330 | * @dentry contains the dentry structure for file to be unlinked. |
331 | * Return 0 if permission is granted. | 331 | * Return 0 if permission is granted. |
332 | * @inode_symlink: | 332 | * @inode_symlink: |
333 | * Check the permission to create a symbolic link to a file. | 333 | * Check the permission to create a symbolic link to a file. |
334 | * @dir contains the inode structure of parent directory of the symbolic link. | 334 | * @dir contains the inode structure of parent directory of the symbolic link. |
335 | * @dentry contains the dentry structure of the symbolic link. | 335 | * @dentry contains the dentry structure of the symbolic link. |
336 | * @old_name contains the pathname of file. | 336 | * @old_name contains the pathname of file. |
337 | * Return 0 if permission is granted. | 337 | * Return 0 if permission is granted. |
338 | * @inode_mkdir: | 338 | * @inode_mkdir: |
339 | * Check permissions to create a new directory in the existing directory | 339 | * Check permissions to create a new directory in the existing directory |
340 | * associated with inode strcture @dir. | 340 | * associated with inode strcture @dir. |
341 | * @dir containst the inode structure of parent of the directory to be created. | 341 | * @dir containst the inode structure of parent of the directory to be created. |
342 | * @dentry contains the dentry structure of new directory. | 342 | * @dentry contains the dentry structure of new directory. |
343 | * @mode contains the mode of new directory. | 343 | * @mode contains the mode of new directory. |
344 | * Return 0 if permission is granted. | 344 | * Return 0 if permission is granted. |
345 | * @inode_rmdir: | 345 | * @inode_rmdir: |
346 | * Check the permission to remove a directory. | 346 | * Check the permission to remove a directory. |
347 | * @dir contains the inode structure of parent of the directory to be removed. | 347 | * @dir contains the inode structure of parent of the directory to be removed. |
348 | * @dentry contains the dentry structure of directory to be removed. | 348 | * @dentry contains the dentry structure of directory to be removed. |
349 | * Return 0 if permission is granted. | 349 | * Return 0 if permission is granted. |
350 | * @inode_mknod: | 350 | * @inode_mknod: |
351 | * Check permissions when creating a special file (or a socket or a fifo | 351 | * Check permissions when creating a special file (or a socket or a fifo |
352 | * file created via the mknod system call). Note that if mknod operation | 352 | * file created via the mknod system call). Note that if mknod operation |
353 | * is being done for a regular file, then the create hook will be called | 353 | * is being done for a regular file, then the create hook will be called |
354 | * and not this hook. | 354 | * and not this hook. |
355 | * @dir contains the inode structure of parent of the new file. | 355 | * @dir contains the inode structure of parent of the new file. |
356 | * @dentry contains the dentry structure of the new file. | 356 | * @dentry contains the dentry structure of the new file. |
357 | * @mode contains the mode of the new file. | 357 | * @mode contains the mode of the new file. |
358 | * @dev contains the device number. | 358 | * @dev contains the device number. |
359 | * Return 0 if permission is granted. | 359 | * Return 0 if permission is granted. |
360 | * @inode_rename: | 360 | * @inode_rename: |
361 | * Check for permission to rename a file or directory. | 361 | * Check for permission to rename a file or directory. |
362 | * @old_dir contains the inode structure for parent of the old link. | 362 | * @old_dir contains the inode structure for parent of the old link. |
363 | * @old_dentry contains the dentry structure of the old link. | 363 | * @old_dentry contains the dentry structure of the old link. |
364 | * @new_dir contains the inode structure for parent of the new link. | 364 | * @new_dir contains the inode structure for parent of the new link. |
365 | * @new_dentry contains the dentry structure of the new link. | 365 | * @new_dentry contains the dentry structure of the new link. |
366 | * Return 0 if permission is granted. | 366 | * Return 0 if permission is granted. |
367 | * @inode_readlink: | 367 | * @inode_readlink: |
368 | * Check the permission to read the symbolic link. | 368 | * Check the permission to read the symbolic link. |
369 | * @dentry contains the dentry structure for the file link. | 369 | * @dentry contains the dentry structure for the file link. |
370 | * Return 0 if permission is granted. | 370 | * Return 0 if permission is granted. |
371 | * @inode_follow_link: | 371 | * @inode_follow_link: |
372 | * Check permission to follow a symbolic link when looking up a pathname. | 372 | * Check permission to follow a symbolic link when looking up a pathname. |
373 | * @dentry contains the dentry structure for the link. | 373 | * @dentry contains the dentry structure for the link. |
374 | * @nd contains the nameidata structure for the parent directory. | 374 | * @nd contains the nameidata structure for the parent directory. |
375 | * Return 0 if permission is granted. | 375 | * Return 0 if permission is granted. |
376 | * @inode_permission: | 376 | * @inode_permission: |
377 | * Check permission before accessing an inode. This hook is called by the | 377 | * Check permission before accessing an inode. This hook is called by the |
378 | * existing Linux permission function, so a security module can use it to | 378 | * existing Linux permission function, so a security module can use it to |
379 | * provide additional checking for existing Linux permission checks. | 379 | * provide additional checking for existing Linux permission checks. |
380 | * Notice that this hook is called when a file is opened (as well as many | 380 | * Notice that this hook is called when a file is opened (as well as many |
381 | * other operations), whereas the file_security_ops permission hook is | 381 | * other operations), whereas the file_security_ops permission hook is |
382 | * called when the actual read/write operations are performed. | 382 | * called when the actual read/write operations are performed. |
383 | * @inode contains the inode structure to check. | 383 | * @inode contains the inode structure to check. |
384 | * @mask contains the permission mask. | 384 | * @mask contains the permission mask. |
385 | * @nd contains the nameidata (may be NULL). | 385 | * @nd contains the nameidata (may be NULL). |
386 | * Return 0 if permission is granted. | 386 | * Return 0 if permission is granted. |
387 | * @inode_setattr: | 387 | * @inode_setattr: |
388 | * Check permission before setting file attributes. Note that the kernel | 388 | * Check permission before setting file attributes. Note that the kernel |
389 | * call to notify_change is performed from several locations, whenever | 389 | * call to notify_change is performed from several locations, whenever |
390 | * file attributes change (such as when a file is truncated, chown/chmod | 390 | * file attributes change (such as when a file is truncated, chown/chmod |
391 | * operations, transferring disk quotas, etc). | 391 | * operations, transferring disk quotas, etc). |
392 | * @dentry contains the dentry structure for the file. | 392 | * @dentry contains the dentry structure for the file. |
393 | * @attr is the iattr structure containing the new file attributes. | 393 | * @attr is the iattr structure containing the new file attributes. |
394 | * Return 0 if permission is granted. | 394 | * Return 0 if permission is granted. |
395 | * @inode_getattr: | 395 | * @inode_getattr: |
396 | * Check permission before obtaining file attributes. | 396 | * Check permission before obtaining file attributes. |
397 | * @mnt is the vfsmount where the dentry was looked up | 397 | * @mnt is the vfsmount where the dentry was looked up |
398 | * @dentry contains the dentry structure for the file. | 398 | * @dentry contains the dentry structure for the file. |
399 | * Return 0 if permission is granted. | 399 | * Return 0 if permission is granted. |
400 | * @inode_delete: | 400 | * @inode_delete: |
401 | * @inode contains the inode structure for deleted inode. | 401 | * @inode contains the inode structure for deleted inode. |
402 | * This hook is called when a deleted inode is released (i.e. an inode | 402 | * This hook is called when a deleted inode is released (i.e. an inode |
403 | * with no hard links has its use count drop to zero). A security module | 403 | * with no hard links has its use count drop to zero). A security module |
404 | * can use this hook to release any persistent label associated with the | 404 | * can use this hook to release any persistent label associated with the |
405 | * inode. | 405 | * inode. |
406 | * @inode_setxattr: | 406 | * @inode_setxattr: |
407 | * Check permission before setting the extended attributes | 407 | * Check permission before setting the extended attributes |
408 | * @value identified by @name for @dentry. | 408 | * @value identified by @name for @dentry. |
409 | * Return 0 if permission is granted. | 409 | * Return 0 if permission is granted. |
410 | * @inode_post_setxattr: | 410 | * @inode_post_setxattr: |
411 | * Update inode security field after successful setxattr operation. | 411 | * Update inode security field after successful setxattr operation. |
412 | * @value identified by @name for @dentry. | 412 | * @value identified by @name for @dentry. |
413 | * @inode_getxattr: | 413 | * @inode_getxattr: |
414 | * Check permission before obtaining the extended attributes | 414 | * Check permission before obtaining the extended attributes |
415 | * identified by @name for @dentry. | 415 | * identified by @name for @dentry. |
416 | * Return 0 if permission is granted. | 416 | * Return 0 if permission is granted. |
417 | * @inode_listxattr: | 417 | * @inode_listxattr: |
418 | * Check permission before obtaining the list of extended attribute | 418 | * Check permission before obtaining the list of extended attribute |
419 | * names for @dentry. | 419 | * names for @dentry. |
420 | * Return 0 if permission is granted. | 420 | * Return 0 if permission is granted. |
421 | * @inode_removexattr: | 421 | * @inode_removexattr: |
422 | * Check permission before removing the extended attribute | 422 | * Check permission before removing the extended attribute |
423 | * identified by @name for @dentry. | 423 | * identified by @name for @dentry. |
424 | * Return 0 if permission is granted. | 424 | * Return 0 if permission is granted. |
425 | * @inode_getsecurity: | 425 | * @inode_getsecurity: |
426 | * Copy the extended attribute representation of the security label | 426 | * Copy the extended attribute representation of the security label |
427 | * associated with @name for @inode into @buffer. @buffer may be | 427 | * associated with @name for @inode into @buffer. @buffer may be |
428 | * NULL to request the size of the buffer required. @size indicates | 428 | * NULL to request the size of the buffer required. @size indicates |
429 | * the size of @buffer in bytes. Note that @name is the remainder | 429 | * the size of @buffer in bytes. Note that @name is the remainder |
430 | * of the attribute name after the security. prefix has been removed. | 430 | * of the attribute name after the security. prefix has been removed. |
431 | * @err is the return value from the preceding fs getxattr call, | 431 | * @err is the return value from the preceding fs getxattr call, |
432 | * and can be used by the security module to determine whether it | 432 | * and can be used by the security module to determine whether it |
433 | * should try and canonicalize the attribute value. | 433 | * should try and canonicalize the attribute value. |
434 | * Return number of bytes used/required on success. | 434 | * Return number of bytes used/required on success. |
435 | * @inode_setsecurity: | 435 | * @inode_setsecurity: |
436 | * Set the security label associated with @name for @inode from the | 436 | * Set the security label associated with @name for @inode from the |
437 | * extended attribute value @value. @size indicates the size of the | 437 | * extended attribute value @value. @size indicates the size of the |
438 | * @value in bytes. @flags may be XATTR_CREATE, XATTR_REPLACE, or 0. | 438 | * @value in bytes. @flags may be XATTR_CREATE, XATTR_REPLACE, or 0. |
439 | * Note that @name is the remainder of the attribute name after the | 439 | * Note that @name is the remainder of the attribute name after the |
440 | * security. prefix has been removed. | 440 | * security. prefix has been removed. |
441 | * Return 0 on success. | 441 | * Return 0 on success. |
442 | * @inode_listsecurity: | 442 | * @inode_listsecurity: |
443 | * Copy the extended attribute names for the security labels | 443 | * Copy the extended attribute names for the security labels |
444 | * associated with @inode into @buffer. The maximum size of @buffer | 444 | * associated with @inode into @buffer. The maximum size of @buffer |
445 | * is specified by @buffer_size. @buffer may be NULL to request | 445 | * is specified by @buffer_size. @buffer may be NULL to request |
446 | * the size of the buffer required. | 446 | * the size of the buffer required. |
447 | * Returns number of bytes used/required on success. | 447 | * Returns number of bytes used/required on success. |
448 | * @inode_need_killpriv: | 448 | * @inode_need_killpriv: |
449 | * Called when an inode has been changed. | 449 | * Called when an inode has been changed. |
450 | * @dentry is the dentry being changed. | 450 | * @dentry is the dentry being changed. |
451 | * Return <0 on error to abort the inode change operation. | 451 | * Return <0 on error to abort the inode change operation. |
452 | * Return 0 if inode_killpriv does not need to be called. | 452 | * Return 0 if inode_killpriv does not need to be called. |
453 | * Return >0 if inode_killpriv does need to be called. | 453 | * Return >0 if inode_killpriv does need to be called. |
454 | * @inode_killpriv: | 454 | * @inode_killpriv: |
455 | * The setuid bit is being removed. Remove similar security labels. | 455 | * The setuid bit is being removed. Remove similar security labels. |
456 | * Called with the dentry->d_inode->i_mutex held. | 456 | * Called with the dentry->d_inode->i_mutex held. |
457 | * @dentry is the dentry being changed. | 457 | * @dentry is the dentry being changed. |
458 | * Return 0 on success. If error is returned, then the operation | 458 | * Return 0 on success. If error is returned, then the operation |
459 | * causing setuid bit removal is failed. | 459 | * causing setuid bit removal is failed. |
460 | * | 460 | * |
461 | * Security hooks for file operations | 461 | * Security hooks for file operations |
462 | * | 462 | * |
463 | * @file_permission: | 463 | * @file_permission: |
464 | * Check file permissions before accessing an open file. This hook is | 464 | * Check file permissions before accessing an open file. This hook is |
465 | * called by various operations that read or write files. A security | 465 | * called by various operations that read or write files. A security |
466 | * module can use this hook to perform additional checking on these | 466 | * module can use this hook to perform additional checking on these |
467 | * operations, e.g. to revalidate permissions on use to support privilege | 467 | * operations, e.g. to revalidate permissions on use to support privilege |
468 | * bracketing or policy changes. Notice that this hook is used when the | 468 | * bracketing or policy changes. Notice that this hook is used when the |
469 | * actual read/write operations are performed, whereas the | 469 | * actual read/write operations are performed, whereas the |
470 | * inode_security_ops hook is called when a file is opened (as well as | 470 | * inode_security_ops hook is called when a file is opened (as well as |
471 | * many other operations). | 471 | * many other operations). |
472 | * Caveat: Although this hook can be used to revalidate permissions for | 472 | * Caveat: Although this hook can be used to revalidate permissions for |
473 | * various system call operations that read or write files, it does not | 473 | * various system call operations that read or write files, it does not |
474 | * address the revalidation of permissions for memory-mapped files. | 474 | * address the revalidation of permissions for memory-mapped files. |
475 | * Security modules must handle this separately if they need such | 475 | * Security modules must handle this separately if they need such |
476 | * revalidation. | 476 | * revalidation. |
477 | * @file contains the file structure being accessed. | 477 | * @file contains the file structure being accessed. |
478 | * @mask contains the requested permissions. | 478 | * @mask contains the requested permissions. |
479 | * Return 0 if permission is granted. | 479 | * Return 0 if permission is granted. |
480 | * @file_alloc_security: | 480 | * @file_alloc_security: |
481 | * Allocate and attach a security structure to the file->f_security field. | 481 | * Allocate and attach a security structure to the file->f_security field. |
482 | * The security field is initialized to NULL when the structure is first | 482 | * The security field is initialized to NULL when the structure is first |
483 | * created. | 483 | * created. |
484 | * @file contains the file structure to secure. | 484 | * @file contains the file structure to secure. |
485 | * Return 0 if the hook is successful and permission is granted. | 485 | * Return 0 if the hook is successful and permission is granted. |
486 | * @file_free_security: | 486 | * @file_free_security: |
487 | * Deallocate and free any security structures stored in file->f_security. | 487 | * Deallocate and free any security structures stored in file->f_security. |
488 | * @file contains the file structure being modified. | 488 | * @file contains the file structure being modified. |
489 | * @file_ioctl: | 489 | * @file_ioctl: |
490 | * @file contains the file structure. | 490 | * @file contains the file structure. |
491 | * @cmd contains the operation to perform. | 491 | * @cmd contains the operation to perform. |
492 | * @arg contains the operational arguments. | 492 | * @arg contains the operational arguments. |
493 | * Check permission for an ioctl operation on @file. Note that @arg can | 493 | * Check permission for an ioctl operation on @file. Note that @arg can |
494 | * sometimes represents a user space pointer; in other cases, it may be a | 494 | * sometimes represents a user space pointer; in other cases, it may be a |
495 | * simple integer value. When @arg represents a user space pointer, it | 495 | * simple integer value. When @arg represents a user space pointer, it |
496 | * should never be used by the security module. | 496 | * should never be used by the security module. |
497 | * Return 0 if permission is granted. | 497 | * Return 0 if permission is granted. |
498 | * @file_mmap : | 498 | * @file_mmap : |
499 | * Check permissions for a mmap operation. The @file may be NULL, e.g. | 499 | * Check permissions for a mmap operation. The @file may be NULL, e.g. |
500 | * if mapping anonymous memory. | 500 | * if mapping anonymous memory. |
501 | * @file contains the file structure for file to map (may be NULL). | 501 | * @file contains the file structure for file to map (may be NULL). |
502 | * @reqprot contains the protection requested by the application. | 502 | * @reqprot contains the protection requested by the application. |
503 | * @prot contains the protection that will be applied by the kernel. | 503 | * @prot contains the protection that will be applied by the kernel. |
504 | * @flags contains the operational flags. | 504 | * @flags contains the operational flags. |
505 | * Return 0 if permission is granted. | 505 | * Return 0 if permission is granted. |
506 | * @file_mprotect: | 506 | * @file_mprotect: |
507 | * Check permissions before changing memory access permissions. | 507 | * Check permissions before changing memory access permissions. |
508 | * @vma contains the memory region to modify. | 508 | * @vma contains the memory region to modify. |
509 | * @reqprot contains the protection requested by the application. | 509 | * @reqprot contains the protection requested by the application. |
510 | * @prot contains the protection that will be applied by the kernel. | 510 | * @prot contains the protection that will be applied by the kernel. |
511 | * Return 0 if permission is granted. | 511 | * Return 0 if permission is granted. |
512 | * @file_lock: | 512 | * @file_lock: |
513 | * Check permission before performing file locking operations. | 513 | * Check permission before performing file locking operations. |
514 | * Note: this hook mediates both flock and fcntl style locks. | 514 | * Note: this hook mediates both flock and fcntl style locks. |
515 | * @file contains the file structure. | 515 | * @file contains the file structure. |
516 | * @cmd contains the posix-translated lock operation to perform | 516 | * @cmd contains the posix-translated lock operation to perform |
517 | * (e.g. F_RDLCK, F_WRLCK). | 517 | * (e.g. F_RDLCK, F_WRLCK). |
518 | * Return 0 if permission is granted. | 518 | * Return 0 if permission is granted. |
519 | * @file_fcntl: | 519 | * @file_fcntl: |
520 | * Check permission before allowing the file operation specified by @cmd | 520 | * Check permission before allowing the file operation specified by @cmd |
521 | * from being performed on the file @file. Note that @arg can sometimes | 521 | * from being performed on the file @file. Note that @arg can sometimes |
522 | * represents a user space pointer; in other cases, it may be a simple | 522 | * represents a user space pointer; in other cases, it may be a simple |
523 | * integer value. When @arg represents a user space pointer, it should | 523 | * integer value. When @arg represents a user space pointer, it should |
524 | * never be used by the security module. | 524 | * never be used by the security module. |
525 | * @file contains the file structure. | 525 | * @file contains the file structure. |
526 | * @cmd contains the operation to be performed. | 526 | * @cmd contains the operation to be performed. |
527 | * @arg contains the operational arguments. | 527 | * @arg contains the operational arguments. |
528 | * Return 0 if permission is granted. | 528 | * Return 0 if permission is granted. |
529 | * @file_set_fowner: | 529 | * @file_set_fowner: |
530 | * Save owner security information (typically from current->security) in | 530 | * Save owner security information (typically from current->security) in |
531 | * file->f_security for later use by the send_sigiotask hook. | 531 | * file->f_security for later use by the send_sigiotask hook. |
532 | * @file contains the file structure to update. | 532 | * @file contains the file structure to update. |
533 | * Return 0 on success. | 533 | * Return 0 on success. |
534 | * @file_send_sigiotask: | 534 | * @file_send_sigiotask: |
535 | * Check permission for the file owner @fown to send SIGIO or SIGURG to the | 535 | * Check permission for the file owner @fown to send SIGIO or SIGURG to the |
536 | * process @tsk. Note that this hook is sometimes called from interrupt. | 536 | * process @tsk. Note that this hook is sometimes called from interrupt. |
537 | * Note that the fown_struct, @fown, is never outside the context of a | 537 | * Note that the fown_struct, @fown, is never outside the context of a |
538 | * struct file, so the file structure (and associated security information) | 538 | * struct file, so the file structure (and associated security information) |
539 | * can always be obtained: | 539 | * can always be obtained: |
540 | * container_of(fown, struct file, f_owner) | 540 | * container_of(fown, struct file, f_owner) |
541 | * @tsk contains the structure of task receiving signal. | 541 | * @tsk contains the structure of task receiving signal. |
542 | * @fown contains the file owner information. | 542 | * @fown contains the file owner information. |
543 | * @sig is the signal that will be sent. When 0, kernel sends SIGIO. | 543 | * @sig is the signal that will be sent. When 0, kernel sends SIGIO. |
544 | * Return 0 if permission is granted. | 544 | * Return 0 if permission is granted. |
545 | * @file_receive: | 545 | * @file_receive: |
546 | * This hook allows security modules to control the ability of a process | 546 | * This hook allows security modules to control the ability of a process |
547 | * to receive an open file descriptor via socket IPC. | 547 | * to receive an open file descriptor via socket IPC. |
548 | * @file contains the file structure being received. | 548 | * @file contains the file structure being received. |
549 | * Return 0 if permission is granted. | 549 | * Return 0 if permission is granted. |
550 | * | 550 | * |
551 | * Security hook for dentry | 551 | * Security hook for dentry |
552 | * | 552 | * |
553 | * @dentry_open | 553 | * @dentry_open |
554 | * Save open-time permission checking state for later use upon | 554 | * Save open-time permission checking state for later use upon |
555 | * file_permission, and recheck access if anything has changed | 555 | * file_permission, and recheck access if anything has changed |
556 | * since inode_permission. | 556 | * since inode_permission. |
557 | * | 557 | * |
558 | * Security hooks for task operations. | 558 | * Security hooks for task operations. |
559 | * | 559 | * |
560 | * @task_create: | 560 | * @task_create: |
561 | * Check permission before creating a child process. See the clone(2) | 561 | * Check permission before creating a child process. See the clone(2) |
562 | * manual page for definitions of the @clone_flags. | 562 | * manual page for definitions of the @clone_flags. |
563 | * @clone_flags contains the flags indicating what should be shared. | 563 | * @clone_flags contains the flags indicating what should be shared. |
564 | * Return 0 if permission is granted. | 564 | * Return 0 if permission is granted. |
565 | * @task_alloc_security: | 565 | * @task_alloc_security: |
566 | * @p contains the task_struct for child process. | 566 | * @p contains the task_struct for child process. |
567 | * Allocate and attach a security structure to the p->security field. The | 567 | * Allocate and attach a security structure to the p->security field. The |
568 | * security field is initialized to NULL when the task structure is | 568 | * security field is initialized to NULL when the task structure is |
569 | * allocated. | 569 | * allocated. |
570 | * Return 0 if operation was successful. | 570 | * Return 0 if operation was successful. |
571 | * @task_free_security: | 571 | * @task_free_security: |
572 | * @p contains the task_struct for process. | 572 | * @p contains the task_struct for process. |
573 | * Deallocate and clear the p->security field. | 573 | * Deallocate and clear the p->security field. |
574 | * @task_setuid: | 574 | * @task_setuid: |
575 | * Check permission before setting one or more of the user identity | 575 | * Check permission before setting one or more of the user identity |
576 | * attributes of the current process. The @flags parameter indicates | 576 | * attributes of the current process. The @flags parameter indicates |
577 | * which of the set*uid system calls invoked this hook and how to | 577 | * which of the set*uid system calls invoked this hook and how to |
578 | * interpret the @id0, @id1, and @id2 parameters. See the LSM_SETID | 578 | * interpret the @id0, @id1, and @id2 parameters. See the LSM_SETID |
579 | * definitions at the beginning of this file for the @flags values and | 579 | * definitions at the beginning of this file for the @flags values and |
580 | * their meanings. | 580 | * their meanings. |
581 | * @id0 contains a uid. | 581 | * @id0 contains a uid. |
582 | * @id1 contains a uid. | 582 | * @id1 contains a uid. |
583 | * @id2 contains a uid. | 583 | * @id2 contains a uid. |
584 | * @flags contains one of the LSM_SETID_* values. | 584 | * @flags contains one of the LSM_SETID_* values. |
585 | * Return 0 if permission is granted. | 585 | * Return 0 if permission is granted. |
586 | * @task_post_setuid: | 586 | * @task_post_setuid: |
587 | * Update the module's state after setting one or more of the user | 587 | * Update the module's state after setting one or more of the user |
588 | * identity attributes of the current process. The @flags parameter | 588 | * identity attributes of the current process. The @flags parameter |
589 | * indicates which of the set*uid system calls invoked this hook. If | 589 | * indicates which of the set*uid system calls invoked this hook. If |
590 | * @flags is LSM_SETID_FS, then @old_ruid is the old fs uid and the other | 590 | * @flags is LSM_SETID_FS, then @old_ruid is the old fs uid and the other |
591 | * parameters are not used. | 591 | * parameters are not used. |
592 | * @old_ruid contains the old real uid (or fs uid if LSM_SETID_FS). | 592 | * @old_ruid contains the old real uid (or fs uid if LSM_SETID_FS). |
593 | * @old_euid contains the old effective uid (or -1 if LSM_SETID_FS). | 593 | * @old_euid contains the old effective uid (or -1 if LSM_SETID_FS). |
594 | * @old_suid contains the old saved uid (or -1 if LSM_SETID_FS). | 594 | * @old_suid contains the old saved uid (or -1 if LSM_SETID_FS). |
595 | * @flags contains one of the LSM_SETID_* values. | 595 | * @flags contains one of the LSM_SETID_* values. |
596 | * Return 0 on success. | 596 | * Return 0 on success. |
597 | * @task_setgid: | 597 | * @task_setgid: |
598 | * Check permission before setting one or more of the group identity | 598 | * Check permission before setting one or more of the group identity |
599 | * attributes of the current process. The @flags parameter indicates | 599 | * attributes of the current process. The @flags parameter indicates |
600 | * which of the set*gid system calls invoked this hook and how to | 600 | * which of the set*gid system calls invoked this hook and how to |
601 | * interpret the @id0, @id1, and @id2 parameters. See the LSM_SETID | 601 | * interpret the @id0, @id1, and @id2 parameters. See the LSM_SETID |
602 | * definitions at the beginning of this file for the @flags values and | 602 | * definitions at the beginning of this file for the @flags values and |
603 | * their meanings. | 603 | * their meanings. |
604 | * @id0 contains a gid. | 604 | * @id0 contains a gid. |
605 | * @id1 contains a gid. | 605 | * @id1 contains a gid. |
606 | * @id2 contains a gid. | 606 | * @id2 contains a gid. |
607 | * @flags contains one of the LSM_SETID_* values. | 607 | * @flags contains one of the LSM_SETID_* values. |
608 | * Return 0 if permission is granted. | 608 | * Return 0 if permission is granted. |
609 | * @task_setpgid: | 609 | * @task_setpgid: |
610 | * Check permission before setting the process group identifier of the | 610 | * Check permission before setting the process group identifier of the |
611 | * process @p to @pgid. | 611 | * process @p to @pgid. |
612 | * @p contains the task_struct for process being modified. | 612 | * @p contains the task_struct for process being modified. |
613 | * @pgid contains the new pgid. | 613 | * @pgid contains the new pgid. |
614 | * Return 0 if permission is granted. | 614 | * Return 0 if permission is granted. |
615 | * @task_getpgid: | 615 | * @task_getpgid: |
616 | * Check permission before getting the process group identifier of the | 616 | * Check permission before getting the process group identifier of the |
617 | * process @p. | 617 | * process @p. |
618 | * @p contains the task_struct for the process. | 618 | * @p contains the task_struct for the process. |
619 | * Return 0 if permission is granted. | 619 | * Return 0 if permission is granted. |
620 | * @task_getsid: | 620 | * @task_getsid: |
621 | * Check permission before getting the session identifier of the process | 621 | * Check permission before getting the session identifier of the process |
622 | * @p. | 622 | * @p. |
623 | * @p contains the task_struct for the process. | 623 | * @p contains the task_struct for the process. |
624 | * Return 0 if permission is granted. | 624 | * Return 0 if permission is granted. |
625 | * @task_getsecid: | 625 | * @task_getsecid: |
626 | * Retrieve the security identifier of the process @p. | 626 | * Retrieve the security identifier of the process @p. |
627 | * @p contains the task_struct for the process and place is into @secid. | 627 | * @p contains the task_struct for the process and place is into @secid. |
628 | * @task_setgroups: | 628 | * @task_setgroups: |
629 | * Check permission before setting the supplementary group set of the | 629 | * Check permission before setting the supplementary group set of the |
630 | * current process. | 630 | * current process. |
631 | * @group_info contains the new group information. | 631 | * @group_info contains the new group information. |
632 | * Return 0 if permission is granted. | 632 | * Return 0 if permission is granted. |
633 | * @task_setnice: | 633 | * @task_setnice: |
634 | * Check permission before setting the nice value of @p to @nice. | 634 | * Check permission before setting the nice value of @p to @nice. |
635 | * @p contains the task_struct of process. | 635 | * @p contains the task_struct of process. |
636 | * @nice contains the new nice value. | 636 | * @nice contains the new nice value. |
637 | * Return 0 if permission is granted. | 637 | * Return 0 if permission is granted. |
638 | * @task_setioprio | 638 | * @task_setioprio |
639 | * Check permission before setting the ioprio value of @p to @ioprio. | 639 | * Check permission before setting the ioprio value of @p to @ioprio. |
640 | * @p contains the task_struct of process. | 640 | * @p contains the task_struct of process. |
641 | * @ioprio contains the new ioprio value | 641 | * @ioprio contains the new ioprio value |
642 | * Return 0 if permission is granted. | 642 | * Return 0 if permission is granted. |
643 | * @task_getioprio | 643 | * @task_getioprio |
644 | * Check permission before getting the ioprio value of @p. | 644 | * Check permission before getting the ioprio value of @p. |
645 | * @p contains the task_struct of process. | 645 | * @p contains the task_struct of process. |
646 | * Return 0 if permission is granted. | 646 | * Return 0 if permission is granted. |
647 | * @task_setrlimit: | 647 | * @task_setrlimit: |
648 | * Check permission before setting the resource limits of the current | 648 | * Check permission before setting the resource limits of the current |
649 | * process for @resource to @new_rlim. The old resource limit values can | 649 | * process for @resource to @new_rlim. The old resource limit values can |
650 | * be examined by dereferencing (current->signal->rlim + resource). | 650 | * be examined by dereferencing (current->signal->rlim + resource). |
651 | * @resource contains the resource whose limit is being set. | 651 | * @resource contains the resource whose limit is being set. |
652 | * @new_rlim contains the new limits for @resource. | 652 | * @new_rlim contains the new limits for @resource. |
653 | * Return 0 if permission is granted. | 653 | * Return 0 if permission is granted. |
654 | * @task_setscheduler: | 654 | * @task_setscheduler: |
655 | * Check permission before setting scheduling policy and/or parameters of | 655 | * Check permission before setting scheduling policy and/or parameters of |
656 | * process @p based on @policy and @lp. | 656 | * process @p based on @policy and @lp. |
657 | * @p contains the task_struct for process. | 657 | * @p contains the task_struct for process. |
658 | * @policy contains the scheduling policy. | 658 | * @policy contains the scheduling policy. |
659 | * @lp contains the scheduling parameters. | 659 | * @lp contains the scheduling parameters. |
660 | * Return 0 if permission is granted. | 660 | * Return 0 if permission is granted. |
661 | * @task_getscheduler: | 661 | * @task_getscheduler: |
662 | * Check permission before obtaining scheduling information for process | 662 | * Check permission before obtaining scheduling information for process |
663 | * @p. | 663 | * @p. |
664 | * @p contains the task_struct for process. | 664 | * @p contains the task_struct for process. |
665 | * Return 0 if permission is granted. | 665 | * Return 0 if permission is granted. |
666 | * @task_movememory | 666 | * @task_movememory |
667 | * Check permission before moving memory owned by process @p. | 667 | * Check permission before moving memory owned by process @p. |
668 | * @p contains the task_struct for process. | 668 | * @p contains the task_struct for process. |
669 | * Return 0 if permission is granted. | 669 | * Return 0 if permission is granted. |
670 | * @task_kill: | 670 | * @task_kill: |
671 | * Check permission before sending signal @sig to @p. @info can be NULL, | 671 | * Check permission before sending signal @sig to @p. @info can be NULL, |
672 | * the constant 1, or a pointer to a siginfo structure. If @info is 1 or | 672 | * the constant 1, or a pointer to a siginfo structure. If @info is 1 or |
673 | * SI_FROMKERNEL(info) is true, then the signal should be viewed as coming | 673 | * SI_FROMKERNEL(info) is true, then the signal should be viewed as coming |
674 | * from the kernel and should typically be permitted. | 674 | * from the kernel and should typically be permitted. |
675 | * SIGIO signals are handled separately by the send_sigiotask hook in | 675 | * SIGIO signals are handled separately by the send_sigiotask hook in |
676 | * file_security_ops. | 676 | * file_security_ops. |
677 | * @p contains the task_struct for process. | 677 | * @p contains the task_struct for process. |
678 | * @info contains the signal information. | 678 | * @info contains the signal information. |
679 | * @sig contains the signal value. | 679 | * @sig contains the signal value. |
680 | * @secid contains the sid of the process where the signal originated | 680 | * @secid contains the sid of the process where the signal originated |
681 | * Return 0 if permission is granted. | 681 | * Return 0 if permission is granted. |
682 | * @task_wait: | 682 | * @task_wait: |
683 | * Check permission before allowing a process to reap a child process @p | 683 | * Check permission before allowing a process to reap a child process @p |
684 | * and collect its status information. | 684 | * and collect its status information. |
685 | * @p contains the task_struct for process. | 685 | * @p contains the task_struct for process. |
686 | * Return 0 if permission is granted. | 686 | * Return 0 if permission is granted. |
687 | * @task_prctl: | 687 | * @task_prctl: |
688 | * Check permission before performing a process control operation on the | 688 | * Check permission before performing a process control operation on the |
689 | * current process. | 689 | * current process. |
690 | * @option contains the operation. | 690 | * @option contains the operation. |
691 | * @arg2 contains a argument. | 691 | * @arg2 contains a argument. |
692 | * @arg3 contains a argument. | 692 | * @arg3 contains a argument. |
693 | * @arg4 contains a argument. | 693 | * @arg4 contains a argument. |
694 | * @arg5 contains a argument. | 694 | * @arg5 contains a argument. |
695 | * Return 0 if permission is granted. | 695 | * Return 0 if permission is granted. |
696 | * @task_reparent_to_init: | 696 | * @task_reparent_to_init: |
697 | * Set the security attributes in @p->security for a kernel thread that | 697 | * Set the security attributes in @p->security for a kernel thread that |
698 | * is being reparented to the init task. | 698 | * is being reparented to the init task. |
699 | * @p contains the task_struct for the kernel thread. | 699 | * @p contains the task_struct for the kernel thread. |
700 | * @task_to_inode: | 700 | * @task_to_inode: |
701 | * Set the security attributes for an inode based on an associated task's | 701 | * Set the security attributes for an inode based on an associated task's |
702 | * security attributes, e.g. for /proc/pid inodes. | 702 | * security attributes, e.g. for /proc/pid inodes. |
703 | * @p contains the task_struct for the task. | 703 | * @p contains the task_struct for the task. |
704 | * @inode contains the inode structure for the inode. | 704 | * @inode contains the inode structure for the inode. |
705 | * | 705 | * |
706 | * Security hooks for Netlink messaging. | 706 | * Security hooks for Netlink messaging. |
707 | * | 707 | * |
708 | * @netlink_send: | 708 | * @netlink_send: |
709 | * Save security information for a netlink message so that permission | 709 | * Save security information for a netlink message so that permission |
710 | * checking can be performed when the message is processed. The security | 710 | * checking can be performed when the message is processed. The security |
711 | * information can be saved using the eff_cap field of the | 711 | * information can be saved using the eff_cap field of the |
712 | * netlink_skb_parms structure. Also may be used to provide fine | 712 | * netlink_skb_parms structure. Also may be used to provide fine |
713 | * grained control over message transmission. | 713 | * grained control over message transmission. |
714 | * @sk associated sock of task sending the message., | 714 | * @sk associated sock of task sending the message., |
715 | * @skb contains the sk_buff structure for the netlink message. | 715 | * @skb contains the sk_buff structure for the netlink message. |
716 | * Return 0 if the information was successfully saved and message | 716 | * Return 0 if the information was successfully saved and message |
717 | * is allowed to be transmitted. | 717 | * is allowed to be transmitted. |
718 | * @netlink_recv: | 718 | * @netlink_recv: |
719 | * Check permission before processing the received netlink message in | 719 | * Check permission before processing the received netlink message in |
720 | * @skb. | 720 | * @skb. |
721 | * @skb contains the sk_buff structure for the netlink message. | 721 | * @skb contains the sk_buff structure for the netlink message. |
722 | * @cap indicates the capability required | 722 | * @cap indicates the capability required |
723 | * Return 0 if permission is granted. | 723 | * Return 0 if permission is granted. |
724 | * | 724 | * |
725 | * Security hooks for Unix domain networking. | 725 | * Security hooks for Unix domain networking. |
726 | * | 726 | * |
727 | * @unix_stream_connect: | 727 | * @unix_stream_connect: |
728 | * Check permissions before establishing a Unix domain stream connection | 728 | * Check permissions before establishing a Unix domain stream connection |
729 | * between @sock and @other. | 729 | * between @sock and @other. |
730 | * @sock contains the socket structure. | 730 | * @sock contains the socket structure. |
731 | * @other contains the peer socket structure. | 731 | * @other contains the peer socket structure. |
732 | * Return 0 if permission is granted. | 732 | * Return 0 if permission is granted. |
733 | * @unix_may_send: | 733 | * @unix_may_send: |
734 | * Check permissions before connecting or sending datagrams from @sock to | 734 | * Check permissions before connecting or sending datagrams from @sock to |
735 | * @other. | 735 | * @other. |
736 | * @sock contains the socket structure. | 736 | * @sock contains the socket structure. |
737 | * @sock contains the peer socket structure. | 737 | * @sock contains the peer socket structure. |
738 | * Return 0 if permission is granted. | 738 | * Return 0 if permission is granted. |
739 | * | 739 | * |
740 | * The @unix_stream_connect and @unix_may_send hooks were necessary because | 740 | * The @unix_stream_connect and @unix_may_send hooks were necessary because |
741 | * Linux provides an alternative to the conventional file name space for Unix | 741 | * Linux provides an alternative to the conventional file name space for Unix |
742 | * domain sockets. Whereas binding and connecting to sockets in the file name | 742 | * domain sockets. Whereas binding and connecting to sockets in the file name |
743 | * space is mediated by the typical file permissions (and caught by the mknod | 743 | * space is mediated by the typical file permissions (and caught by the mknod |
744 | * and permission hooks in inode_security_ops), binding and connecting to | 744 | * and permission hooks in inode_security_ops), binding and connecting to |
745 | * sockets in the abstract name space is completely unmediated. Sufficient | 745 | * sockets in the abstract name space is completely unmediated. Sufficient |
746 | * control of Unix domain sockets in the abstract name space isn't possible | 746 | * control of Unix domain sockets in the abstract name space isn't possible |
747 | * using only the socket layer hooks, since we need to know the actual target | 747 | * using only the socket layer hooks, since we need to know the actual target |
748 | * socket, which is not looked up until we are inside the af_unix code. | 748 | * socket, which is not looked up until we are inside the af_unix code. |
749 | * | 749 | * |
750 | * Security hooks for socket operations. | 750 | * Security hooks for socket operations. |
751 | * | 751 | * |
752 | * @socket_create: | 752 | * @socket_create: |
753 | * Check permissions prior to creating a new socket. | 753 | * Check permissions prior to creating a new socket. |
754 | * @family contains the requested protocol family. | 754 | * @family contains the requested protocol family. |
755 | * @type contains the requested communications type. | 755 | * @type contains the requested communications type. |
756 | * @protocol contains the requested protocol. | 756 | * @protocol contains the requested protocol. |
757 | * @kern set to 1 if a kernel socket. | 757 | * @kern set to 1 if a kernel socket. |
758 | * Return 0 if permission is granted. | 758 | * Return 0 if permission is granted. |
759 | * @socket_post_create: | 759 | * @socket_post_create: |
760 | * This hook allows a module to update or allocate a per-socket security | 760 | * This hook allows a module to update or allocate a per-socket security |
761 | * structure. Note that the security field was not added directly to the | 761 | * structure. Note that the security field was not added directly to the |
762 | * socket structure, but rather, the socket security information is stored | 762 | * socket structure, but rather, the socket security information is stored |
763 | * in the associated inode. Typically, the inode alloc_security hook will | 763 | * in the associated inode. Typically, the inode alloc_security hook will |
764 | * allocate and and attach security information to | 764 | * allocate and and attach security information to |
765 | * sock->inode->i_security. This hook may be used to update the | 765 | * sock->inode->i_security. This hook may be used to update the |
766 | * sock->inode->i_security field with additional information that wasn't | 766 | * sock->inode->i_security field with additional information that wasn't |
767 | * available when the inode was allocated. | 767 | * available when the inode was allocated. |
768 | * @sock contains the newly created socket structure. | 768 | * @sock contains the newly created socket structure. |
769 | * @family contains the requested protocol family. | 769 | * @family contains the requested protocol family. |
770 | * @type contains the requested communications type. | 770 | * @type contains the requested communications type. |
771 | * @protocol contains the requested protocol. | 771 | * @protocol contains the requested protocol. |
772 | * @kern set to 1 if a kernel socket. | 772 | * @kern set to 1 if a kernel socket. |
773 | * @socket_bind: | 773 | * @socket_bind: |
774 | * Check permission before socket protocol layer bind operation is | 774 | * Check permission before socket protocol layer bind operation is |
775 | * performed and the socket @sock is bound to the address specified in the | 775 | * performed and the socket @sock is bound to the address specified in the |
776 | * @address parameter. | 776 | * @address parameter. |
777 | * @sock contains the socket structure. | 777 | * @sock contains the socket structure. |
778 | * @address contains the address to bind to. | 778 | * @address contains the address to bind to. |
779 | * @addrlen contains the length of address. | 779 | * @addrlen contains the length of address. |
780 | * Return 0 if permission is granted. | 780 | * Return 0 if permission is granted. |
781 | * @socket_connect: | 781 | * @socket_connect: |
782 | * Check permission before socket protocol layer connect operation | 782 | * Check permission before socket protocol layer connect operation |
783 | * attempts to connect socket @sock to a remote address, @address. | 783 | * attempts to connect socket @sock to a remote address, @address. |
784 | * @sock contains the socket structure. | 784 | * @sock contains the socket structure. |
785 | * @address contains the address of remote endpoint. | 785 | * @address contains the address of remote endpoint. |
786 | * @addrlen contains the length of address. | 786 | * @addrlen contains the length of address. |
787 | * Return 0 if permission is granted. | 787 | * Return 0 if permission is granted. |
788 | * @socket_listen: | 788 | * @socket_listen: |
789 | * Check permission before socket protocol layer listen operation. | 789 | * Check permission before socket protocol layer listen operation. |
790 | * @sock contains the socket structure. | 790 | * @sock contains the socket structure. |
791 | * @backlog contains the maximum length for the pending connection queue. | 791 | * @backlog contains the maximum length for the pending connection queue. |
792 | * Return 0 if permission is granted. | 792 | * Return 0 if permission is granted. |
793 | * @socket_accept: | 793 | * @socket_accept: |
794 | * Check permission before accepting a new connection. Note that the new | 794 | * Check permission before accepting a new connection. Note that the new |
795 | * socket, @newsock, has been created and some information copied to it, | 795 | * socket, @newsock, has been created and some information copied to it, |
796 | * but the accept operation has not actually been performed. | 796 | * but the accept operation has not actually been performed. |
797 | * @sock contains the listening socket structure. | 797 | * @sock contains the listening socket structure. |
798 | * @newsock contains the newly created server socket for connection. | 798 | * @newsock contains the newly created server socket for connection. |
799 | * Return 0 if permission is granted. | 799 | * Return 0 if permission is granted. |
800 | * @socket_post_accept: | 800 | * @socket_post_accept: |
801 | * This hook allows a security module to copy security | 801 | * This hook allows a security module to copy security |
802 | * information into the newly created socket's inode. | 802 | * information into the newly created socket's inode. |
803 | * @sock contains the listening socket structure. | 803 | * @sock contains the listening socket structure. |
804 | * @newsock contains the newly created server socket for connection. | 804 | * @newsock contains the newly created server socket for connection. |
805 | * @socket_sendmsg: | 805 | * @socket_sendmsg: |
806 | * Check permission before transmitting a message to another socket. | 806 | * Check permission before transmitting a message to another socket. |
807 | * @sock contains the socket structure. | 807 | * @sock contains the socket structure. |
808 | * @msg contains the message to be transmitted. | 808 | * @msg contains the message to be transmitted. |
809 | * @size contains the size of message. | 809 | * @size contains the size of message. |
810 | * Return 0 if permission is granted. | 810 | * Return 0 if permission is granted. |
811 | * @socket_recvmsg: | 811 | * @socket_recvmsg: |
812 | * Check permission before receiving a message from a socket. | 812 | * Check permission before receiving a message from a socket. |
813 | * @sock contains the socket structure. | 813 | * @sock contains the socket structure. |
814 | * @msg contains the message structure. | 814 | * @msg contains the message structure. |
815 | * @size contains the size of message structure. | 815 | * @size contains the size of message structure. |
816 | * @flags contains the operational flags. | 816 | * @flags contains the operational flags. |
817 | * Return 0 if permission is granted. | 817 | * Return 0 if permission is granted. |
818 | * @socket_getsockname: | 818 | * @socket_getsockname: |
819 | * Check permission before the local address (name) of the socket object | 819 | * Check permission before the local address (name) of the socket object |
820 | * @sock is retrieved. | 820 | * @sock is retrieved. |
821 | * @sock contains the socket structure. | 821 | * @sock contains the socket structure. |
822 | * Return 0 if permission is granted. | 822 | * Return 0 if permission is granted. |
823 | * @socket_getpeername: | 823 | * @socket_getpeername: |
824 | * Check permission before the remote address (name) of a socket object | 824 | * Check permission before the remote address (name) of a socket object |
825 | * @sock is retrieved. | 825 | * @sock is retrieved. |
826 | * @sock contains the socket structure. | 826 | * @sock contains the socket structure. |
827 | * Return 0 if permission is granted. | 827 | * Return 0 if permission is granted. |
828 | * @socket_getsockopt: | 828 | * @socket_getsockopt: |
829 | * Check permissions before retrieving the options associated with socket | 829 | * Check permissions before retrieving the options associated with socket |
830 | * @sock. | 830 | * @sock. |
831 | * @sock contains the socket structure. | 831 | * @sock contains the socket structure. |
832 | * @level contains the protocol level to retrieve option from. | 832 | * @level contains the protocol level to retrieve option from. |
833 | * @optname contains the name of option to retrieve. | 833 | * @optname contains the name of option to retrieve. |
834 | * Return 0 if permission is granted. | 834 | * Return 0 if permission is granted. |
835 | * @socket_setsockopt: | 835 | * @socket_setsockopt: |
836 | * Check permissions before setting the options associated with socket | 836 | * Check permissions before setting the options associated with socket |
837 | * @sock. | 837 | * @sock. |
838 | * @sock contains the socket structure. | 838 | * @sock contains the socket structure. |
839 | * @level contains the protocol level to set options for. | 839 | * @level contains the protocol level to set options for. |
840 | * @optname contains the name of the option to set. | 840 | * @optname contains the name of the option to set. |
841 | * Return 0 if permission is granted. | 841 | * Return 0 if permission is granted. |
842 | * @socket_shutdown: | 842 | * @socket_shutdown: |
843 | * Checks permission before all or part of a connection on the socket | 843 | * Checks permission before all or part of a connection on the socket |
844 | * @sock is shut down. | 844 | * @sock is shut down. |
845 | * @sock contains the socket structure. | 845 | * @sock contains the socket structure. |
846 | * @how contains the flag indicating how future sends and receives are handled. | 846 | * @how contains the flag indicating how future sends and receives are handled. |
847 | * Return 0 if permission is granted. | 847 | * Return 0 if permission is granted. |
848 | * @socket_sock_rcv_skb: | 848 | * @socket_sock_rcv_skb: |
849 | * Check permissions on incoming network packets. This hook is distinct | 849 | * Check permissions on incoming network packets. This hook is distinct |
850 | * from Netfilter's IP input hooks since it is the first time that the | 850 | * from Netfilter's IP input hooks since it is the first time that the |
851 | * incoming sk_buff @skb has been associated with a particular socket, @sk. | 851 | * incoming sk_buff @skb has been associated with a particular socket, @sk. |
852 | * @sk contains the sock (not socket) associated with the incoming sk_buff. | 852 | * @sk contains the sock (not socket) associated with the incoming sk_buff. |
853 | * @skb contains the incoming network data. | 853 | * @skb contains the incoming network data. |
854 | * @socket_getpeersec_stream: | 854 | * @socket_getpeersec_stream: |
855 | * This hook allows the security module to provide peer socket security | 855 | * This hook allows the security module to provide peer socket security |
856 | * state for unix or connected tcp sockets to userspace via getsockopt | 856 | * state for unix or connected tcp sockets to userspace via getsockopt |
857 | * SO_GETPEERSEC. For tcp sockets this can be meaningful if the | 857 | * SO_GETPEERSEC. For tcp sockets this can be meaningful if the |
858 | * socket is associated with an ipsec SA. | 858 | * socket is associated with an ipsec SA. |
859 | * @sock is the local socket. | 859 | * @sock is the local socket. |
860 | * @optval userspace memory where the security state is to be copied. | 860 | * @optval userspace memory where the security state is to be copied. |
861 | * @optlen userspace int where the module should copy the actual length | 861 | * @optlen userspace int where the module should copy the actual length |
862 | * of the security state. | 862 | * of the security state. |
863 | * @len as input is the maximum length to copy to userspace provided | 863 | * @len as input is the maximum length to copy to userspace provided |
864 | * by the caller. | 864 | * by the caller. |
865 | * Return 0 if all is well, otherwise, typical getsockopt return | 865 | * Return 0 if all is well, otherwise, typical getsockopt return |
866 | * values. | 866 | * values. |
867 | * @socket_getpeersec_dgram: | 867 | * @socket_getpeersec_dgram: |
868 | * This hook allows the security module to provide peer socket security | 868 | * This hook allows the security module to provide peer socket security |
869 | * state for udp sockets on a per-packet basis to userspace via | 869 | * state for udp sockets on a per-packet basis to userspace via |
870 | * getsockopt SO_GETPEERSEC. The application must first have indicated | 870 | * getsockopt SO_GETPEERSEC. The application must first have indicated |
871 | * the IP_PASSSEC option via getsockopt. It can then retrieve the | 871 | * the IP_PASSSEC option via getsockopt. It can then retrieve the |
872 | * security state returned by this hook for a packet via the SCM_SECURITY | 872 | * security state returned by this hook for a packet via the SCM_SECURITY |
873 | * ancillary message type. | 873 | * ancillary message type. |
874 | * @skb is the skbuff for the packet being queried | 874 | * @skb is the skbuff for the packet being queried |
875 | * @secdata is a pointer to a buffer in which to copy the security data | 875 | * @secdata is a pointer to a buffer in which to copy the security data |
876 | * @seclen is the maximum length for @secdata | 876 | * @seclen is the maximum length for @secdata |
877 | * Return 0 on success, error on failure. | 877 | * Return 0 on success, error on failure. |
878 | * @sk_alloc_security: | 878 | * @sk_alloc_security: |
879 | * Allocate and attach a security structure to the sk->sk_security field, | 879 | * Allocate and attach a security structure to the sk->sk_security field, |
880 | * which is used to copy security attributes between local stream sockets. | 880 | * which is used to copy security attributes between local stream sockets. |
881 | * @sk_free_security: | 881 | * @sk_free_security: |
882 | * Deallocate security structure. | 882 | * Deallocate security structure. |
883 | * @sk_clone_security: | 883 | * @sk_clone_security: |
884 | * Clone/copy security structure. | 884 | * Clone/copy security structure. |
885 | * @sk_getsecid: | 885 | * @sk_getsecid: |
886 | * Retrieve the LSM-specific secid for the sock to enable caching of network | 886 | * Retrieve the LSM-specific secid for the sock to enable caching of network |
887 | * authorizations. | 887 | * authorizations. |
888 | * @sock_graft: | 888 | * @sock_graft: |
889 | * Sets the socket's isec sid to the sock's sid. | 889 | * Sets the socket's isec sid to the sock's sid. |
890 | * @inet_conn_request: | 890 | * @inet_conn_request: |
891 | * Sets the openreq's sid to socket's sid with MLS portion taken from peer sid. | 891 | * Sets the openreq's sid to socket's sid with MLS portion taken from peer sid. |
892 | * @inet_csk_clone: | 892 | * @inet_csk_clone: |
893 | * Sets the new child socket's sid to the openreq sid. | 893 | * Sets the new child socket's sid to the openreq sid. |
894 | * @inet_conn_established: | 894 | * @inet_conn_established: |
895 | * Sets the connection's peersid to the secmark on skb. | 895 | * Sets the connection's peersid to the secmark on skb. |
896 | * @req_classify_flow: | 896 | * @req_classify_flow: |
897 | * Sets the flow's sid to the openreq sid. | 897 | * Sets the flow's sid to the openreq sid. |
898 | * | 898 | * |
899 | * Security hooks for XFRM operations. | 899 | * Security hooks for XFRM operations. |
900 | * | 900 | * |
901 | * @xfrm_policy_alloc_security: | 901 | * @xfrm_policy_alloc_security: |
902 | * @xp contains the xfrm_policy being added to Security Policy Database | 902 | * @xp contains the xfrm_policy being added to Security Policy Database |
903 | * used by the XFRM system. | 903 | * used by the XFRM system. |
904 | * @sec_ctx contains the security context information being provided by | 904 | * @sec_ctx contains the security context information being provided by |
905 | * the user-level policy update program (e.g., setkey). | 905 | * the user-level policy update program (e.g., setkey). |
906 | * Allocate a security structure to the xp->security field; the security | 906 | * Allocate a security structure to the xp->security field; the security |
907 | * field is initialized to NULL when the xfrm_policy is allocated. | 907 | * field is initialized to NULL when the xfrm_policy is allocated. |
908 | * Return 0 if operation was successful (memory to allocate, legal context) | 908 | * Return 0 if operation was successful (memory to allocate, legal context) |
909 | * @xfrm_policy_clone_security: | 909 | * @xfrm_policy_clone_security: |
910 | * @old contains an existing xfrm_policy in the SPD. | 910 | * @old contains an existing xfrm_policy in the SPD. |
911 | * @new contains a new xfrm_policy being cloned from old. | 911 | * @new contains a new xfrm_policy being cloned from old. |
912 | * Allocate a security structure to the new->security field | 912 | * Allocate a security structure to the new->security field |
913 | * that contains the information from the old->security field. | 913 | * that contains the information from the old->security field. |
914 | * Return 0 if operation was successful (memory to allocate). | 914 | * Return 0 if operation was successful (memory to allocate). |
915 | * @xfrm_policy_free_security: | 915 | * @xfrm_policy_free_security: |
916 | * @xp contains the xfrm_policy | 916 | * @xp contains the xfrm_policy |
917 | * Deallocate xp->security. | 917 | * Deallocate xp->security. |
918 | * @xfrm_policy_delete_security: | 918 | * @xfrm_policy_delete_security: |
919 | * @xp contains the xfrm_policy. | 919 | * @xp contains the xfrm_policy. |
920 | * Authorize deletion of xp->security. | 920 | * Authorize deletion of xp->security. |
921 | * @xfrm_state_alloc_security: | 921 | * @xfrm_state_alloc_security: |
922 | * @x contains the xfrm_state being added to the Security Association | 922 | * @x contains the xfrm_state being added to the Security Association |
923 | * Database by the XFRM system. | 923 | * Database by the XFRM system. |
924 | * @sec_ctx contains the security context information being provided by | 924 | * @sec_ctx contains the security context information being provided by |
925 | * the user-level SA generation program (e.g., setkey or racoon). | 925 | * the user-level SA generation program (e.g., setkey or racoon). |
926 | * @secid contains the secid from which to take the mls portion of the context. | 926 | * @secid contains the secid from which to take the mls portion of the context. |
927 | * Allocate a security structure to the x->security field; the security | 927 | * Allocate a security structure to the x->security field; the security |
928 | * field is initialized to NULL when the xfrm_state is allocated. Set the | 928 | * field is initialized to NULL when the xfrm_state is allocated. Set the |
929 | * context to correspond to either sec_ctx or polsec, with the mls portion | 929 | * context to correspond to either sec_ctx or polsec, with the mls portion |
930 | * taken from secid in the latter case. | 930 | * taken from secid in the latter case. |
931 | * Return 0 if operation was successful (memory to allocate, legal context). | 931 | * Return 0 if operation was successful (memory to allocate, legal context). |
932 | * @xfrm_state_free_security: | 932 | * @xfrm_state_free_security: |
933 | * @x contains the xfrm_state. | 933 | * @x contains the xfrm_state. |
934 | * Deallocate x->security. | 934 | * Deallocate x->security. |
935 | * @xfrm_state_delete_security: | 935 | * @xfrm_state_delete_security: |
936 | * @x contains the xfrm_state. | 936 | * @x contains the xfrm_state. |
937 | * Authorize deletion of x->security. | 937 | * Authorize deletion of x->security. |
938 | * @xfrm_policy_lookup: | 938 | * @xfrm_policy_lookup: |
939 | * @xp contains the xfrm_policy for which the access control is being | 939 | * @xp contains the xfrm_policy for which the access control is being |
940 | * checked. | 940 | * checked. |
941 | * @fl_secid contains the flow security label that is used to authorize | 941 | * @fl_secid contains the flow security label that is used to authorize |
942 | * access to the policy xp. | 942 | * access to the policy xp. |
943 | * @dir contains the direction of the flow (input or output). | 943 | * @dir contains the direction of the flow (input or output). |
944 | * Check permission when a flow selects a xfrm_policy for processing | 944 | * Check permission when a flow selects a xfrm_policy for processing |
945 | * XFRMs on a packet. The hook is called when selecting either a | 945 | * XFRMs on a packet. The hook is called when selecting either a |
946 | * per-socket policy or a generic xfrm policy. | 946 | * per-socket policy or a generic xfrm policy. |
947 | * Return 0 if permission is granted, -ESRCH otherwise, or -errno | 947 | * Return 0 if permission is granted, -ESRCH otherwise, or -errno |
948 | * on other errors. | 948 | * on other errors. |
949 | * @xfrm_state_pol_flow_match: | 949 | * @xfrm_state_pol_flow_match: |
950 | * @x contains the state to match. | 950 | * @x contains the state to match. |
951 | * @xp contains the policy to check for a match. | 951 | * @xp contains the policy to check for a match. |
952 | * @fl contains the flow to check for a match. | 952 | * @fl contains the flow to check for a match. |
953 | * Return 1 if there is a match. | 953 | * Return 1 if there is a match. |
954 | * @xfrm_decode_session: | 954 | * @xfrm_decode_session: |
955 | * @skb points to skb to decode. | 955 | * @skb points to skb to decode. |
956 | * @secid points to the flow key secid to set. | 956 | * @secid points to the flow key secid to set. |
957 | * @ckall says if all xfrms used should be checked for same secid. | 957 | * @ckall says if all xfrms used should be checked for same secid. |
958 | * Return 0 if ckall is zero or all xfrms used have the same secid. | 958 | * Return 0 if ckall is zero or all xfrms used have the same secid. |
959 | * | 959 | * |
960 | * Security hooks affecting all Key Management operations | 960 | * Security hooks affecting all Key Management operations |
961 | * | 961 | * |
962 | * @key_alloc: | 962 | * @key_alloc: |
963 | * Permit allocation of a key and assign security data. Note that key does | 963 | * Permit allocation of a key and assign security data. Note that key does |
964 | * not have a serial number assigned at this point. | 964 | * not have a serial number assigned at this point. |
965 | * @key points to the key. | 965 | * @key points to the key. |
966 | * @flags is the allocation flags | 966 | * @flags is the allocation flags |
967 | * Return 0 if permission is granted, -ve error otherwise. | 967 | * Return 0 if permission is granted, -ve error otherwise. |
968 | * @key_free: | 968 | * @key_free: |
969 | * Notification of destruction; free security data. | 969 | * Notification of destruction; free security data. |
970 | * @key points to the key. | 970 | * @key points to the key. |
971 | * No return value. | 971 | * No return value. |
972 | * @key_permission: | 972 | * @key_permission: |
973 | * See whether a specific operational right is granted to a process on a | 973 | * See whether a specific operational right is granted to a process on a |
974 | * key. | 974 | * key. |
975 | * @key_ref refers to the key (key pointer + possession attribute bit). | 975 | * @key_ref refers to the key (key pointer + possession attribute bit). |
976 | * @context points to the process to provide the context against which to | 976 | * @context points to the process to provide the context against which to |
977 | * evaluate the security data on the key. | 977 | * evaluate the security data on the key. |
978 | * @perm describes the combination of permissions required of this key. | 978 | * @perm describes the combination of permissions required of this key. |
979 | * Return 1 if permission granted, 0 if permission denied and -ve it the | 979 | * Return 1 if permission granted, 0 if permission denied and -ve it the |
980 | * normal permissions model should be effected. | 980 | * normal permissions model should be effected. |
981 | * | 981 | * |
982 | * Security hooks affecting all System V IPC operations. | 982 | * Security hooks affecting all System V IPC operations. |
983 | * | 983 | * |
984 | * @ipc_permission: | 984 | * @ipc_permission: |
985 | * Check permissions for access to IPC | 985 | * Check permissions for access to IPC |
986 | * @ipcp contains the kernel IPC permission structure | 986 | * @ipcp contains the kernel IPC permission structure |
987 | * @flag contains the desired (requested) permission set | 987 | * @flag contains the desired (requested) permission set |
988 | * Return 0 if permission is granted. | 988 | * Return 0 if permission is granted. |
989 | * | 989 | * |
990 | * Security hooks for individual messages held in System V IPC message queues | 990 | * Security hooks for individual messages held in System V IPC message queues |
991 | * @msg_msg_alloc_security: | 991 | * @msg_msg_alloc_security: |
992 | * Allocate and attach a security structure to the msg->security field. | 992 | * Allocate and attach a security structure to the msg->security field. |
993 | * The security field is initialized to NULL when the structure is first | 993 | * The security field is initialized to NULL when the structure is first |
994 | * created. | 994 | * created. |
995 | * @msg contains the message structure to be modified. | 995 | * @msg contains the message structure to be modified. |
996 | * Return 0 if operation was successful and permission is granted. | 996 | * Return 0 if operation was successful and permission is granted. |
997 | * @msg_msg_free_security: | 997 | * @msg_msg_free_security: |
998 | * Deallocate the security structure for this message. | 998 | * Deallocate the security structure for this message. |
999 | * @msg contains the message structure to be modified. | 999 | * @msg contains the message structure to be modified. |
1000 | * | 1000 | * |
1001 | * Security hooks for System V IPC Message Queues | 1001 | * Security hooks for System V IPC Message Queues |
1002 | * | 1002 | * |
1003 | * @msg_queue_alloc_security: | 1003 | * @msg_queue_alloc_security: |
1004 | * Allocate and attach a security structure to the | 1004 | * Allocate and attach a security structure to the |
1005 | * msq->q_perm.security field. The security field is initialized to | 1005 | * msq->q_perm.security field. The security field is initialized to |
1006 | * NULL when the structure is first created. | 1006 | * NULL when the structure is first created. |
1007 | * @msq contains the message queue structure to be modified. | 1007 | * @msq contains the message queue structure to be modified. |
1008 | * Return 0 if operation was successful and permission is granted. | 1008 | * Return 0 if operation was successful and permission is granted. |
1009 | * @msg_queue_free_security: | 1009 | * @msg_queue_free_security: |
1010 | * Deallocate security structure for this message queue. | 1010 | * Deallocate security structure for this message queue. |
1011 | * @msq contains the message queue structure to be modified. | 1011 | * @msq contains the message queue structure to be modified. |
1012 | * @msg_queue_associate: | 1012 | * @msg_queue_associate: |
1013 | * Check permission when a message queue is requested through the | 1013 | * Check permission when a message queue is requested through the |
1014 | * msgget system call. This hook is only called when returning the | 1014 | * msgget system call. This hook is only called when returning the |
1015 | * message queue identifier for an existing message queue, not when a | 1015 | * message queue identifier for an existing message queue, not when a |
1016 | * new message queue is created. | 1016 | * new message queue is created. |
1017 | * @msq contains the message queue to act upon. | 1017 | * @msq contains the message queue to act upon. |
1018 | * @msqflg contains the operation control flags. | 1018 | * @msqflg contains the operation control flags. |
1019 | * Return 0 if permission is granted. | 1019 | * Return 0 if permission is granted. |
1020 | * @msg_queue_msgctl: | 1020 | * @msg_queue_msgctl: |
1021 | * Check permission when a message control operation specified by @cmd | 1021 | * Check permission when a message control operation specified by @cmd |
1022 | * is to be performed on the message queue @msq. | 1022 | * is to be performed on the message queue @msq. |
1023 | * The @msq may be NULL, e.g. for IPC_INFO or MSG_INFO. | 1023 | * The @msq may be NULL, e.g. for IPC_INFO or MSG_INFO. |
1024 | * @msq contains the message queue to act upon. May be NULL. | 1024 | * @msq contains the message queue to act upon. May be NULL. |
1025 | * @cmd contains the operation to be performed. | 1025 | * @cmd contains the operation to be performed. |
1026 | * Return 0 if permission is granted. | 1026 | * Return 0 if permission is granted. |
1027 | * @msg_queue_msgsnd: | 1027 | * @msg_queue_msgsnd: |
1028 | * Check permission before a message, @msg, is enqueued on the message | 1028 | * Check permission before a message, @msg, is enqueued on the message |
1029 | * queue, @msq. | 1029 | * queue, @msq. |
1030 | * @msq contains the message queue to send message to. | 1030 | * @msq contains the message queue to send message to. |
1031 | * @msg contains the message to be enqueued. | 1031 | * @msg contains the message to be enqueued. |
1032 | * @msqflg contains operational flags. | 1032 | * @msqflg contains operational flags. |
1033 | * Return 0 if permission is granted. | 1033 | * Return 0 if permission is granted. |
1034 | * @msg_queue_msgrcv: | 1034 | * @msg_queue_msgrcv: |
1035 | * Check permission before a message, @msg, is removed from the message | 1035 | * Check permission before a message, @msg, is removed from the message |
1036 | * queue, @msq. The @target task structure contains a pointer to the | 1036 | * queue, @msq. The @target task structure contains a pointer to the |
1037 | * process that will be receiving the message (not equal to the current | 1037 | * process that will be receiving the message (not equal to the current |
1038 | * process when inline receives are being performed). | 1038 | * process when inline receives are being performed). |
1039 | * @msq contains the message queue to retrieve message from. | 1039 | * @msq contains the message queue to retrieve message from. |
1040 | * @msg contains the message destination. | 1040 | * @msg contains the message destination. |
1041 | * @target contains the task structure for recipient process. | 1041 | * @target contains the task structure for recipient process. |
1042 | * @type contains the type of message requested. | 1042 | * @type contains the type of message requested. |
1043 | * @mode contains the operational flags. | 1043 | * @mode contains the operational flags. |
1044 | * Return 0 if permission is granted. | 1044 | * Return 0 if permission is granted. |
1045 | * | 1045 | * |
1046 | * Security hooks for System V Shared Memory Segments | 1046 | * Security hooks for System V Shared Memory Segments |
1047 | * | 1047 | * |
1048 | * @shm_alloc_security: | 1048 | * @shm_alloc_security: |
1049 | * Allocate and attach a security structure to the shp->shm_perm.security | 1049 | * Allocate and attach a security structure to the shp->shm_perm.security |
1050 | * field. The security field is initialized to NULL when the structure is | 1050 | * field. The security field is initialized to NULL when the structure is |
1051 | * first created. | 1051 | * first created. |
1052 | * @shp contains the shared memory structure to be modified. | 1052 | * @shp contains the shared memory structure to be modified. |
1053 | * Return 0 if operation was successful and permission is granted. | 1053 | * Return 0 if operation was successful and permission is granted. |
1054 | * @shm_free_security: | 1054 | * @shm_free_security: |
1055 | * Deallocate the security struct for this memory segment. | 1055 | * Deallocate the security struct for this memory segment. |
1056 | * @shp contains the shared memory structure to be modified. | 1056 | * @shp contains the shared memory structure to be modified. |
1057 | * @shm_associate: | 1057 | * @shm_associate: |
1058 | * Check permission when a shared memory region is requested through the | 1058 | * Check permission when a shared memory region is requested through the |
1059 | * shmget system call. This hook is only called when returning the shared | 1059 | * shmget system call. This hook is only called when returning the shared |
1060 | * memory region identifier for an existing region, not when a new shared | 1060 | * memory region identifier for an existing region, not when a new shared |
1061 | * memory region is created. | 1061 | * memory region is created. |
1062 | * @shp contains the shared memory structure to be modified. | 1062 | * @shp contains the shared memory structure to be modified. |
1063 | * @shmflg contains the operation control flags. | 1063 | * @shmflg contains the operation control flags. |
1064 | * Return 0 if permission is granted. | 1064 | * Return 0 if permission is granted. |
1065 | * @shm_shmctl: | 1065 | * @shm_shmctl: |
1066 | * Check permission when a shared memory control operation specified by | 1066 | * Check permission when a shared memory control operation specified by |
1067 | * @cmd is to be performed on the shared memory region @shp. | 1067 | * @cmd is to be performed on the shared memory region @shp. |
1068 | * The @shp may be NULL, e.g. for IPC_INFO or SHM_INFO. | 1068 | * The @shp may be NULL, e.g. for IPC_INFO or SHM_INFO. |
1069 | * @shp contains shared memory structure to be modified. | 1069 | * @shp contains shared memory structure to be modified. |
1070 | * @cmd contains the operation to be performed. | 1070 | * @cmd contains the operation to be performed. |
1071 | * Return 0 if permission is granted. | 1071 | * Return 0 if permission is granted. |
1072 | * @shm_shmat: | 1072 | * @shm_shmat: |
1073 | * Check permissions prior to allowing the shmat system call to attach the | 1073 | * Check permissions prior to allowing the shmat system call to attach the |
1074 | * shared memory segment @shp to the data segment of the calling process. | 1074 | * shared memory segment @shp to the data segment of the calling process. |
1075 | * The attaching address is specified by @shmaddr. | 1075 | * The attaching address is specified by @shmaddr. |
1076 | * @shp contains the shared memory structure to be modified. | 1076 | * @shp contains the shared memory structure to be modified. |
1077 | * @shmaddr contains the address to attach memory region to. | 1077 | * @shmaddr contains the address to attach memory region to. |
1078 | * @shmflg contains the operational flags. | 1078 | * @shmflg contains the operational flags. |
1079 | * Return 0 if permission is granted. | 1079 | * Return 0 if permission is granted. |
1080 | * | 1080 | * |
1081 | * Security hooks for System V Semaphores | 1081 | * Security hooks for System V Semaphores |
1082 | * | 1082 | * |
1083 | * @sem_alloc_security: | 1083 | * @sem_alloc_security: |
1084 | * Allocate and attach a security structure to the sma->sem_perm.security | 1084 | * Allocate and attach a security structure to the sma->sem_perm.security |
1085 | * field. The security field is initialized to NULL when the structure is | 1085 | * field. The security field is initialized to NULL when the structure is |
1086 | * first created. | 1086 | * first created. |
1087 | * @sma contains the semaphore structure | 1087 | * @sma contains the semaphore structure |
1088 | * Return 0 if operation was successful and permission is granted. | 1088 | * Return 0 if operation was successful and permission is granted. |
1089 | * @sem_free_security: | 1089 | * @sem_free_security: |
1090 | * deallocate security struct for this semaphore | 1090 | * deallocate security struct for this semaphore |
1091 | * @sma contains the semaphore structure. | 1091 | * @sma contains the semaphore structure. |
1092 | * @sem_associate: | 1092 | * @sem_associate: |
1093 | * Check permission when a semaphore is requested through the semget | 1093 | * Check permission when a semaphore is requested through the semget |
1094 | * system call. This hook is only called when returning the semaphore | 1094 | * system call. This hook is only called when returning the semaphore |
1095 | * identifier for an existing semaphore, not when a new one must be | 1095 | * identifier for an existing semaphore, not when a new one must be |
1096 | * created. | 1096 | * created. |
1097 | * @sma contains the semaphore structure. | 1097 | * @sma contains the semaphore structure. |
1098 | * @semflg contains the operation control flags. | 1098 | * @semflg contains the operation control flags. |
1099 | * Return 0 if permission is granted. | 1099 | * Return 0 if permission is granted. |
1100 | * @sem_semctl: | 1100 | * @sem_semctl: |
1101 | * Check permission when a semaphore operation specified by @cmd is to be | 1101 | * Check permission when a semaphore operation specified by @cmd is to be |
1102 | * performed on the semaphore @sma. The @sma may be NULL, e.g. for | 1102 | * performed on the semaphore @sma. The @sma may be NULL, e.g. for |
1103 | * IPC_INFO or SEM_INFO. | 1103 | * IPC_INFO or SEM_INFO. |
1104 | * @sma contains the semaphore structure. May be NULL. | 1104 | * @sma contains the semaphore structure. May be NULL. |
1105 | * @cmd contains the operation to be performed. | 1105 | * @cmd contains the operation to be performed. |
1106 | * Return 0 if permission is granted. | 1106 | * Return 0 if permission is granted. |
1107 | * @sem_semop | 1107 | * @sem_semop |
1108 | * Check permissions before performing operations on members of the | 1108 | * Check permissions before performing operations on members of the |
1109 | * semaphore set @sma. If the @alter flag is nonzero, the semaphore set | 1109 | * semaphore set @sma. If the @alter flag is nonzero, the semaphore set |
1110 | * may be modified. | 1110 | * may be modified. |
1111 | * @sma contains the semaphore structure. | 1111 | * @sma contains the semaphore structure. |
1112 | * @sops contains the operations to perform. | 1112 | * @sops contains the operations to perform. |
1113 | * @nsops contains the number of operations to perform. | 1113 | * @nsops contains the number of operations to perform. |
1114 | * @alter contains the flag indicating whether changes are to be made. | 1114 | * @alter contains the flag indicating whether changes are to be made. |
1115 | * Return 0 if permission is granted. | 1115 | * Return 0 if permission is granted. |
1116 | * | 1116 | * |
1117 | * @ptrace: | 1117 | * @ptrace: |
1118 | * Check permission before allowing the @parent process to trace the | 1118 | * Check permission before allowing the @parent process to trace the |
1119 | * @child process. | 1119 | * @child process. |
1120 | * Security modules may also want to perform a process tracing check | 1120 | * Security modules may also want to perform a process tracing check |
1121 | * during an execve in the set_security or apply_creds hooks of | 1121 | * during an execve in the set_security or apply_creds hooks of |
1122 | * binprm_security_ops if the process is being traced and its security | 1122 | * binprm_security_ops if the process is being traced and its security |
1123 | * attributes would be changed by the execve. | 1123 | * attributes would be changed by the execve. |
1124 | * @parent contains the task_struct structure for parent process. | 1124 | * @parent contains the task_struct structure for parent process. |
1125 | * @child contains the task_struct structure for child process. | 1125 | * @child contains the task_struct structure for child process. |
1126 | * Return 0 if permission is granted. | 1126 | * Return 0 if permission is granted. |
1127 | * @capget: | 1127 | * @capget: |
1128 | * Get the @effective, @inheritable, and @permitted capability sets for | 1128 | * Get the @effective, @inheritable, and @permitted capability sets for |
1129 | * the @target process. The hook may also perform permission checking to | 1129 | * the @target process. The hook may also perform permission checking to |
1130 | * determine if the current process is allowed to see the capability sets | 1130 | * determine if the current process is allowed to see the capability sets |
1131 | * of the @target process. | 1131 | * of the @target process. |
1132 | * @target contains the task_struct structure for target process. | 1132 | * @target contains the task_struct structure for target process. |
1133 | * @effective contains the effective capability set. | 1133 | * @effective contains the effective capability set. |
1134 | * @inheritable contains the inheritable capability set. | 1134 | * @inheritable contains the inheritable capability set. |
1135 | * @permitted contains the permitted capability set. | 1135 | * @permitted contains the permitted capability set. |
1136 | * Return 0 if the capability sets were successfully obtained. | 1136 | * Return 0 if the capability sets were successfully obtained. |
1137 | * @capset_check: | 1137 | * @capset_check: |
1138 | * Check permission before setting the @effective, @inheritable, and | 1138 | * Check permission before setting the @effective, @inheritable, and |
1139 | * @permitted capability sets for the @target process. | 1139 | * @permitted capability sets for the @target process. |
1140 | * Caveat: @target is also set to current if a set of processes is | 1140 | * Caveat: @target is also set to current if a set of processes is |
1141 | * specified (i.e. all processes other than current and init or a | 1141 | * specified (i.e. all processes other than current and init or a |
1142 | * particular process group). Hence, the capset_set hook may need to | 1142 | * particular process group). Hence, the capset_set hook may need to |
1143 | * revalidate permission to the actual target process. | 1143 | * revalidate permission to the actual target process. |
1144 | * @target contains the task_struct structure for target process. | 1144 | * @target contains the task_struct structure for target process. |
1145 | * @effective contains the effective capability set. | 1145 | * @effective contains the effective capability set. |
1146 | * @inheritable contains the inheritable capability set. | 1146 | * @inheritable contains the inheritable capability set. |
1147 | * @permitted contains the permitted capability set. | 1147 | * @permitted contains the permitted capability set. |
1148 | * Return 0 if permission is granted. | 1148 | * Return 0 if permission is granted. |
1149 | * @capset_set: | 1149 | * @capset_set: |
1150 | * Set the @effective, @inheritable, and @permitted capability sets for | 1150 | * Set the @effective, @inheritable, and @permitted capability sets for |
1151 | * the @target process. Since capset_check cannot always check permission | 1151 | * the @target process. Since capset_check cannot always check permission |
1152 | * to the real @target process, this hook may also perform permission | 1152 | * to the real @target process, this hook may also perform permission |
1153 | * checking to determine if the current process is allowed to set the | 1153 | * checking to determine if the current process is allowed to set the |
1154 | * capability sets of the @target process. However, this hook has no way | 1154 | * capability sets of the @target process. However, this hook has no way |
1155 | * of returning an error due to the structure of the sys_capset code. | 1155 | * of returning an error due to the structure of the sys_capset code. |
1156 | * @target contains the task_struct structure for target process. | 1156 | * @target contains the task_struct structure for target process. |
1157 | * @effective contains the effective capability set. | 1157 | * @effective contains the effective capability set. |
1158 | * @inheritable contains the inheritable capability set. | 1158 | * @inheritable contains the inheritable capability set. |
1159 | * @permitted contains the permitted capability set. | 1159 | * @permitted contains the permitted capability set. |
1160 | * @capable: | 1160 | * @capable: |
1161 | * Check whether the @tsk process has the @cap capability. | 1161 | * Check whether the @tsk process has the @cap capability. |
1162 | * @tsk contains the task_struct for the process. | 1162 | * @tsk contains the task_struct for the process. |
1163 | * @cap contains the capability <include/linux/capability.h>. | 1163 | * @cap contains the capability <include/linux/capability.h>. |
1164 | * Return 0 if the capability is granted for @tsk. | 1164 | * Return 0 if the capability is granted for @tsk. |
1165 | * @acct: | 1165 | * @acct: |
1166 | * Check permission before enabling or disabling process accounting. If | 1166 | * Check permission before enabling or disabling process accounting. If |
1167 | * accounting is being enabled, then @file refers to the open file used to | 1167 | * accounting is being enabled, then @file refers to the open file used to |
1168 | * store accounting records. If accounting is being disabled, then @file | 1168 | * store accounting records. If accounting is being disabled, then @file |
1169 | * is NULL. | 1169 | * is NULL. |
1170 | * @file contains the file structure for the accounting file (may be NULL). | 1170 | * @file contains the file structure for the accounting file (may be NULL). |
1171 | * Return 0 if permission is granted. | 1171 | * Return 0 if permission is granted. |
1172 | * @sysctl: | 1172 | * @sysctl: |
1173 | * Check permission before accessing the @table sysctl variable in the | 1173 | * Check permission before accessing the @table sysctl variable in the |
1174 | * manner specified by @op. | 1174 | * manner specified by @op. |
1175 | * @table contains the ctl_table structure for the sysctl variable. | 1175 | * @table contains the ctl_table structure for the sysctl variable. |
1176 | * @op contains the operation (001 = search, 002 = write, 004 = read). | 1176 | * @op contains the operation (001 = search, 002 = write, 004 = read). |
1177 | * Return 0 if permission is granted. | 1177 | * Return 0 if permission is granted. |
1178 | * @syslog: | 1178 | * @syslog: |
1179 | * Check permission before accessing the kernel message ring or changing | 1179 | * Check permission before accessing the kernel message ring or changing |
1180 | * logging to the console. | 1180 | * logging to the console. |
1181 | * See the syslog(2) manual page for an explanation of the @type values. | 1181 | * See the syslog(2) manual page for an explanation of the @type values. |
1182 | * @type contains the type of action. | 1182 | * @type contains the type of action. |
1183 | * Return 0 if permission is granted. | 1183 | * Return 0 if permission is granted. |
1184 | * @settime: | 1184 | * @settime: |
1185 | * Check permission to change the system time. | 1185 | * Check permission to change the system time. |
1186 | * struct timespec and timezone are defined in include/linux/time.h | 1186 | * struct timespec and timezone are defined in include/linux/time.h |
1187 | * @ts contains new time | 1187 | * @ts contains new time |
1188 | * @tz contains new timezone | 1188 | * @tz contains new timezone |
1189 | * Return 0 if permission is granted. | 1189 | * Return 0 if permission is granted. |
1190 | * @vm_enough_memory: | 1190 | * @vm_enough_memory: |
1191 | * Check permissions for allocating a new virtual mapping. | 1191 | * Check permissions for allocating a new virtual mapping. |
1192 | * @mm contains the mm struct it is being added to. | 1192 | * @mm contains the mm struct it is being added to. |
1193 | * @pages contains the number of pages. | 1193 | * @pages contains the number of pages. |
1194 | * Return 0 if permission is granted. | 1194 | * Return 0 if permission is granted. |
1195 | * | 1195 | * |
1196 | * @register_security: | 1196 | * @register_security: |
1197 | * allow module stacking. | 1197 | * allow module stacking. |
1198 | * @name contains the name of the security module being stacked. | 1198 | * @name contains the name of the security module being stacked. |
1199 | * @ops contains a pointer to the struct security_operations of the module to stack. | 1199 | * @ops contains a pointer to the struct security_operations of the module to stack. |
1200 | * | 1200 | * |
1201 | * @secid_to_secctx: | 1201 | * @secid_to_secctx: |
1202 | * Convert secid to security context. | 1202 | * Convert secid to security context. |
1203 | * @secid contains the security ID. | 1203 | * @secid contains the security ID. |
1204 | * @secdata contains the pointer that stores the converted security context. | 1204 | * @secdata contains the pointer that stores the converted security context. |
1205 | * @secctx_to_secid: | 1205 | * @secctx_to_secid: |
1206 | * Convert security context to secid. | 1206 | * Convert security context to secid. |
1207 | * @secid contains the pointer to the generated security ID. | 1207 | * @secid contains the pointer to the generated security ID. |
1208 | * @secdata contains the security context. | 1208 | * @secdata contains the security context. |
1209 | * | 1209 | * |
1210 | * @release_secctx: | 1210 | * @release_secctx: |
1211 | * Release the security context. | 1211 | * Release the security context. |
1212 | * @secdata contains the security context. | 1212 | * @secdata contains the security context. |
1213 | * @seclen contains the length of the security context. | 1213 | * @seclen contains the length of the security context. |
1214 | * | 1214 | * |
1215 | * This is the main security structure. | 1215 | * This is the main security structure. |
1216 | */ | 1216 | */ |
1217 | struct security_operations { | 1217 | struct security_operations { |
1218 | int (*ptrace) (struct task_struct * parent, struct task_struct * child); | 1218 | int (*ptrace) (struct task_struct * parent, struct task_struct * child); |
1219 | int (*capget) (struct task_struct * target, | 1219 | int (*capget) (struct task_struct * target, |
1220 | kernel_cap_t * effective, | 1220 | kernel_cap_t * effective, |
1221 | kernel_cap_t * inheritable, kernel_cap_t * permitted); | 1221 | kernel_cap_t * inheritable, kernel_cap_t * permitted); |
1222 | int (*capset_check) (struct task_struct * target, | 1222 | int (*capset_check) (struct task_struct * target, |
1223 | kernel_cap_t * effective, | 1223 | kernel_cap_t * effective, |
1224 | kernel_cap_t * inheritable, | 1224 | kernel_cap_t * inheritable, |
1225 | kernel_cap_t * permitted); | 1225 | kernel_cap_t * permitted); |
1226 | void (*capset_set) (struct task_struct * target, | 1226 | void (*capset_set) (struct task_struct * target, |
1227 | kernel_cap_t * effective, | 1227 | kernel_cap_t * effective, |
1228 | kernel_cap_t * inheritable, | 1228 | kernel_cap_t * inheritable, |
1229 | kernel_cap_t * permitted); | 1229 | kernel_cap_t * permitted); |
1230 | int (*capable) (struct task_struct * tsk, int cap); | 1230 | int (*capable) (struct task_struct * tsk, int cap); |
1231 | int (*acct) (struct file * file); | 1231 | int (*acct) (struct file * file); |
1232 | int (*sysctl) (struct ctl_table * table, int op); | 1232 | int (*sysctl) (struct ctl_table * table, int op); |
1233 | int (*quotactl) (int cmds, int type, int id, struct super_block * sb); | 1233 | int (*quotactl) (int cmds, int type, int id, struct super_block * sb); |
1234 | int (*quota_on) (struct dentry * dentry); | 1234 | int (*quota_on) (struct dentry * dentry); |
1235 | int (*syslog) (int type); | 1235 | int (*syslog) (int type); |
1236 | int (*settime) (struct timespec *ts, struct timezone *tz); | 1236 | int (*settime) (struct timespec *ts, struct timezone *tz); |
1237 | int (*vm_enough_memory) (struct mm_struct *mm, long pages); | 1237 | int (*vm_enough_memory) (struct mm_struct *mm, long pages); |
1238 | 1238 | ||
1239 | int (*bprm_alloc_security) (struct linux_binprm * bprm); | 1239 | int (*bprm_alloc_security) (struct linux_binprm * bprm); |
1240 | void (*bprm_free_security) (struct linux_binprm * bprm); | 1240 | void (*bprm_free_security) (struct linux_binprm * bprm); |
1241 | void (*bprm_apply_creds) (struct linux_binprm * bprm, int unsafe); | 1241 | void (*bprm_apply_creds) (struct linux_binprm * bprm, int unsafe); |
1242 | void (*bprm_post_apply_creds) (struct linux_binprm * bprm); | 1242 | void (*bprm_post_apply_creds) (struct linux_binprm * bprm); |
1243 | int (*bprm_set_security) (struct linux_binprm * bprm); | 1243 | int (*bprm_set_security) (struct linux_binprm * bprm); |
1244 | int (*bprm_check_security) (struct linux_binprm * bprm); | 1244 | int (*bprm_check_security) (struct linux_binprm * bprm); |
1245 | int (*bprm_secureexec) (struct linux_binprm * bprm); | 1245 | int (*bprm_secureexec) (struct linux_binprm * bprm); |
1246 | 1246 | ||
1247 | int (*sb_alloc_security) (struct super_block * sb); | 1247 | int (*sb_alloc_security) (struct super_block * sb); |
1248 | void (*sb_free_security) (struct super_block * sb); | 1248 | void (*sb_free_security) (struct super_block * sb); |
1249 | int (*sb_copy_data)(struct file_system_type *type, | 1249 | int (*sb_copy_data)(struct file_system_type *type, |
1250 | void *orig, void *copy); | 1250 | void *orig, void *copy); |
1251 | int (*sb_kern_mount) (struct super_block *sb, void *data); | 1251 | int (*sb_kern_mount) (struct super_block *sb, void *data); |
1252 | int (*sb_statfs) (struct dentry *dentry); | 1252 | int (*sb_statfs) (struct dentry *dentry); |
1253 | int (*sb_mount) (char *dev_name, struct nameidata * nd, | 1253 | int (*sb_mount) (char *dev_name, struct nameidata * nd, |
1254 | char *type, unsigned long flags, void *data); | 1254 | char *type, unsigned long flags, void *data); |
1255 | int (*sb_check_sb) (struct vfsmount * mnt, struct nameidata * nd); | 1255 | int (*sb_check_sb) (struct vfsmount * mnt, struct nameidata * nd); |
1256 | int (*sb_umount) (struct vfsmount * mnt, int flags); | 1256 | int (*sb_umount) (struct vfsmount * mnt, int flags); |
1257 | void (*sb_umount_close) (struct vfsmount * mnt); | 1257 | void (*sb_umount_close) (struct vfsmount * mnt); |
1258 | void (*sb_umount_busy) (struct vfsmount * mnt); | 1258 | void (*sb_umount_busy) (struct vfsmount * mnt); |
1259 | void (*sb_post_remount) (struct vfsmount * mnt, | 1259 | void (*sb_post_remount) (struct vfsmount * mnt, |
1260 | unsigned long flags, void *data); | 1260 | unsigned long flags, void *data); |
1261 | void (*sb_post_addmount) (struct vfsmount * mnt, | 1261 | void (*sb_post_addmount) (struct vfsmount * mnt, |
1262 | struct nameidata * mountpoint_nd); | 1262 | struct nameidata * mountpoint_nd); |
1263 | int (*sb_pivotroot) (struct nameidata * old_nd, | 1263 | int (*sb_pivotroot) (struct nameidata * old_nd, |
1264 | struct nameidata * new_nd); | 1264 | struct nameidata * new_nd); |
1265 | void (*sb_post_pivotroot) (struct nameidata * old_nd, | 1265 | void (*sb_post_pivotroot) (struct nameidata * old_nd, |
1266 | struct nameidata * new_nd); | 1266 | struct nameidata * new_nd); |
1267 | int (*sb_get_mnt_opts) (const struct super_block *sb, | 1267 | int (*sb_get_mnt_opts) (const struct super_block *sb, |
1268 | char ***mount_options, int **flags, | 1268 | char ***mount_options, int **flags, |
1269 | int *num_opts); | 1269 | int *num_opts); |
1270 | int (*sb_set_mnt_opts) (struct super_block *sb, char **mount_options, | 1270 | int (*sb_set_mnt_opts) (struct super_block *sb, char **mount_options, |
1271 | int *flags, int num_opts); | 1271 | int *flags, int num_opts); |
1272 | void (*sb_clone_mnt_opts) (const struct super_block *oldsb, | 1272 | void (*sb_clone_mnt_opts) (const struct super_block *oldsb, |
1273 | struct super_block *newsb); | 1273 | struct super_block *newsb); |
1274 | 1274 | ||
1275 | int (*inode_alloc_security) (struct inode *inode); | 1275 | int (*inode_alloc_security) (struct inode *inode); |
1276 | void (*inode_free_security) (struct inode *inode); | 1276 | void (*inode_free_security) (struct inode *inode); |
1277 | int (*inode_init_security) (struct inode *inode, struct inode *dir, | 1277 | int (*inode_init_security) (struct inode *inode, struct inode *dir, |
1278 | char **name, void **value, size_t *len); | 1278 | char **name, void **value, size_t *len); |
1279 | int (*inode_create) (struct inode *dir, | 1279 | int (*inode_create) (struct inode *dir, |
1280 | struct dentry *dentry, int mode); | 1280 | struct dentry *dentry, int mode); |
1281 | int (*inode_link) (struct dentry *old_dentry, | 1281 | int (*inode_link) (struct dentry *old_dentry, |
1282 | struct inode *dir, struct dentry *new_dentry); | 1282 | struct inode *dir, struct dentry *new_dentry); |
1283 | int (*inode_unlink) (struct inode *dir, struct dentry *dentry); | 1283 | int (*inode_unlink) (struct inode *dir, struct dentry *dentry); |
1284 | int (*inode_symlink) (struct inode *dir, | 1284 | int (*inode_symlink) (struct inode *dir, |
1285 | struct dentry *dentry, const char *old_name); | 1285 | struct dentry *dentry, const char *old_name); |
1286 | int (*inode_mkdir) (struct inode *dir, struct dentry *dentry, int mode); | 1286 | int (*inode_mkdir) (struct inode *dir, struct dentry *dentry, int mode); |
1287 | int (*inode_rmdir) (struct inode *dir, struct dentry *dentry); | 1287 | int (*inode_rmdir) (struct inode *dir, struct dentry *dentry); |
1288 | int (*inode_mknod) (struct inode *dir, struct dentry *dentry, | 1288 | int (*inode_mknod) (struct inode *dir, struct dentry *dentry, |
1289 | int mode, dev_t dev); | 1289 | int mode, dev_t dev); |
1290 | int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry, | 1290 | int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry, |
1291 | struct inode *new_dir, struct dentry *new_dentry); | 1291 | struct inode *new_dir, struct dentry *new_dentry); |
1292 | int (*inode_readlink) (struct dentry *dentry); | 1292 | int (*inode_readlink) (struct dentry *dentry); |
1293 | int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd); | 1293 | int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd); |
1294 | int (*inode_permission) (struct inode *inode, int mask, struct nameidata *nd); | 1294 | int (*inode_permission) (struct inode *inode, int mask, struct nameidata *nd); |
1295 | int (*inode_setattr) (struct dentry *dentry, struct iattr *attr); | 1295 | int (*inode_setattr) (struct dentry *dentry, struct iattr *attr); |
1296 | int (*inode_getattr) (struct vfsmount *mnt, struct dentry *dentry); | 1296 | int (*inode_getattr) (struct vfsmount *mnt, struct dentry *dentry); |
1297 | void (*inode_delete) (struct inode *inode); | 1297 | void (*inode_delete) (struct inode *inode); |
1298 | int (*inode_setxattr) (struct dentry *dentry, char *name, void *value, | 1298 | int (*inode_setxattr) (struct dentry *dentry, char *name, void *value, |
1299 | size_t size, int flags); | 1299 | size_t size, int flags); |
1300 | void (*inode_post_setxattr) (struct dentry *dentry, char *name, void *value, | 1300 | void (*inode_post_setxattr) (struct dentry *dentry, char *name, void *value, |
1301 | size_t size, int flags); | 1301 | size_t size, int flags); |
1302 | int (*inode_getxattr) (struct dentry *dentry, char *name); | 1302 | int (*inode_getxattr) (struct dentry *dentry, char *name); |
1303 | int (*inode_listxattr) (struct dentry *dentry); | 1303 | int (*inode_listxattr) (struct dentry *dentry); |
1304 | int (*inode_removexattr) (struct dentry *dentry, char *name); | 1304 | int (*inode_removexattr) (struct dentry *dentry, char *name); |
1305 | int (*inode_need_killpriv) (struct dentry *dentry); | 1305 | int (*inode_need_killpriv) (struct dentry *dentry); |
1306 | int (*inode_killpriv) (struct dentry *dentry); | 1306 | int (*inode_killpriv) (struct dentry *dentry); |
1307 | int (*inode_getsecurity)(const struct inode *inode, const char *name, void *buffer, size_t size, int err); | 1307 | int (*inode_getsecurity)(const struct inode *inode, const char *name, void *buffer, size_t size, int err); |
1308 | int (*inode_setsecurity)(struct inode *inode, const char *name, const void *value, size_t size, int flags); | 1308 | int (*inode_setsecurity)(struct inode *inode, const char *name, const void *value, size_t size, int flags); |
1309 | int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t buffer_size); | 1309 | int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t buffer_size); |
1310 | 1310 | ||
1311 | int (*file_permission) (struct file * file, int mask); | 1311 | int (*file_permission) (struct file * file, int mask); |
1312 | int (*file_alloc_security) (struct file * file); | 1312 | int (*file_alloc_security) (struct file * file); |
1313 | void (*file_free_security) (struct file * file); | 1313 | void (*file_free_security) (struct file * file); |
1314 | int (*file_ioctl) (struct file * file, unsigned int cmd, | 1314 | int (*file_ioctl) (struct file * file, unsigned int cmd, |
1315 | unsigned long arg); | 1315 | unsigned long arg); |
1316 | int (*file_mmap) (struct file * file, | 1316 | int (*file_mmap) (struct file * file, |
1317 | unsigned long reqprot, unsigned long prot, | 1317 | unsigned long reqprot, unsigned long prot, |
1318 | unsigned long flags, unsigned long addr, | 1318 | unsigned long flags, unsigned long addr, |
1319 | unsigned long addr_only); | 1319 | unsigned long addr_only); |
1320 | int (*file_mprotect) (struct vm_area_struct * vma, | 1320 | int (*file_mprotect) (struct vm_area_struct * vma, |
1321 | unsigned long reqprot, | 1321 | unsigned long reqprot, |
1322 | unsigned long prot); | 1322 | unsigned long prot); |
1323 | int (*file_lock) (struct file * file, unsigned int cmd); | 1323 | int (*file_lock) (struct file * file, unsigned int cmd); |
1324 | int (*file_fcntl) (struct file * file, unsigned int cmd, | 1324 | int (*file_fcntl) (struct file * file, unsigned int cmd, |
1325 | unsigned long arg); | 1325 | unsigned long arg); |
1326 | int (*file_set_fowner) (struct file * file); | 1326 | int (*file_set_fowner) (struct file * file); |
1327 | int (*file_send_sigiotask) (struct task_struct * tsk, | 1327 | int (*file_send_sigiotask) (struct task_struct * tsk, |
1328 | struct fown_struct * fown, int sig); | 1328 | struct fown_struct * fown, int sig); |
1329 | int (*file_receive) (struct file * file); | 1329 | int (*file_receive) (struct file * file); |
1330 | int (*dentry_open) (struct file *file); | 1330 | int (*dentry_open) (struct file *file); |
1331 | 1331 | ||
1332 | int (*task_create) (unsigned long clone_flags); | 1332 | int (*task_create) (unsigned long clone_flags); |
1333 | int (*task_alloc_security) (struct task_struct * p); | 1333 | int (*task_alloc_security) (struct task_struct * p); |
1334 | void (*task_free_security) (struct task_struct * p); | 1334 | void (*task_free_security) (struct task_struct * p); |
1335 | int (*task_setuid) (uid_t id0, uid_t id1, uid_t id2, int flags); | 1335 | int (*task_setuid) (uid_t id0, uid_t id1, uid_t id2, int flags); |
1336 | int (*task_post_setuid) (uid_t old_ruid /* or fsuid */ , | 1336 | int (*task_post_setuid) (uid_t old_ruid /* or fsuid */ , |
1337 | uid_t old_euid, uid_t old_suid, int flags); | 1337 | uid_t old_euid, uid_t old_suid, int flags); |
1338 | int (*task_setgid) (gid_t id0, gid_t id1, gid_t id2, int flags); | 1338 | int (*task_setgid) (gid_t id0, gid_t id1, gid_t id2, int flags); |
1339 | int (*task_setpgid) (struct task_struct * p, pid_t pgid); | 1339 | int (*task_setpgid) (struct task_struct * p, pid_t pgid); |
1340 | int (*task_getpgid) (struct task_struct * p); | 1340 | int (*task_getpgid) (struct task_struct * p); |
1341 | int (*task_getsid) (struct task_struct * p); | 1341 | int (*task_getsid) (struct task_struct * p); |
1342 | void (*task_getsecid) (struct task_struct * p, u32 * secid); | 1342 | void (*task_getsecid) (struct task_struct * p, u32 * secid); |
1343 | int (*task_setgroups) (struct group_info *group_info); | 1343 | int (*task_setgroups) (struct group_info *group_info); |
1344 | int (*task_setnice) (struct task_struct * p, int nice); | 1344 | int (*task_setnice) (struct task_struct * p, int nice); |
1345 | int (*task_setioprio) (struct task_struct * p, int ioprio); | 1345 | int (*task_setioprio) (struct task_struct * p, int ioprio); |
1346 | int (*task_getioprio) (struct task_struct * p); | 1346 | int (*task_getioprio) (struct task_struct * p); |
1347 | int (*task_setrlimit) (unsigned int resource, struct rlimit * new_rlim); | 1347 | int (*task_setrlimit) (unsigned int resource, struct rlimit * new_rlim); |
1348 | int (*task_setscheduler) (struct task_struct * p, int policy, | 1348 | int (*task_setscheduler) (struct task_struct * p, int policy, |
1349 | struct sched_param * lp); | 1349 | struct sched_param * lp); |
1350 | int (*task_getscheduler) (struct task_struct * p); | 1350 | int (*task_getscheduler) (struct task_struct * p); |
1351 | int (*task_movememory) (struct task_struct * p); | 1351 | int (*task_movememory) (struct task_struct * p); |
1352 | int (*task_kill) (struct task_struct * p, | 1352 | int (*task_kill) (struct task_struct * p, |
1353 | struct siginfo * info, int sig, u32 secid); | 1353 | struct siginfo * info, int sig, u32 secid); |
1354 | int (*task_wait) (struct task_struct * p); | 1354 | int (*task_wait) (struct task_struct * p); |
1355 | int (*task_prctl) (int option, unsigned long arg2, | 1355 | int (*task_prctl) (int option, unsigned long arg2, |
1356 | unsigned long arg3, unsigned long arg4, | 1356 | unsigned long arg3, unsigned long arg4, |
1357 | unsigned long arg5); | 1357 | unsigned long arg5); |
1358 | void (*task_reparent_to_init) (struct task_struct * p); | 1358 | void (*task_reparent_to_init) (struct task_struct * p); |
1359 | void (*task_to_inode)(struct task_struct *p, struct inode *inode); | 1359 | void (*task_to_inode)(struct task_struct *p, struct inode *inode); |
1360 | 1360 | ||
1361 | int (*ipc_permission) (struct kern_ipc_perm * ipcp, short flag); | 1361 | int (*ipc_permission) (struct kern_ipc_perm * ipcp, short flag); |
1362 | 1362 | ||
1363 | int (*msg_msg_alloc_security) (struct msg_msg * msg); | 1363 | int (*msg_msg_alloc_security) (struct msg_msg * msg); |
1364 | void (*msg_msg_free_security) (struct msg_msg * msg); | 1364 | void (*msg_msg_free_security) (struct msg_msg * msg); |
1365 | 1365 | ||
1366 | int (*msg_queue_alloc_security) (struct msg_queue * msq); | 1366 | int (*msg_queue_alloc_security) (struct msg_queue * msq); |
1367 | void (*msg_queue_free_security) (struct msg_queue * msq); | 1367 | void (*msg_queue_free_security) (struct msg_queue * msq); |
1368 | int (*msg_queue_associate) (struct msg_queue * msq, int msqflg); | 1368 | int (*msg_queue_associate) (struct msg_queue * msq, int msqflg); |
1369 | int (*msg_queue_msgctl) (struct msg_queue * msq, int cmd); | 1369 | int (*msg_queue_msgctl) (struct msg_queue * msq, int cmd); |
1370 | int (*msg_queue_msgsnd) (struct msg_queue * msq, | 1370 | int (*msg_queue_msgsnd) (struct msg_queue * msq, |
1371 | struct msg_msg * msg, int msqflg); | 1371 | struct msg_msg * msg, int msqflg); |
1372 | int (*msg_queue_msgrcv) (struct msg_queue * msq, | 1372 | int (*msg_queue_msgrcv) (struct msg_queue * msq, |
1373 | struct msg_msg * msg, | 1373 | struct msg_msg * msg, |
1374 | struct task_struct * target, | 1374 | struct task_struct * target, |
1375 | long type, int mode); | 1375 | long type, int mode); |
1376 | 1376 | ||
1377 | int (*shm_alloc_security) (struct shmid_kernel * shp); | 1377 | int (*shm_alloc_security) (struct shmid_kernel * shp); |
1378 | void (*shm_free_security) (struct shmid_kernel * shp); | 1378 | void (*shm_free_security) (struct shmid_kernel * shp); |
1379 | int (*shm_associate) (struct shmid_kernel * shp, int shmflg); | 1379 | int (*shm_associate) (struct shmid_kernel * shp, int shmflg); |
1380 | int (*shm_shmctl) (struct shmid_kernel * shp, int cmd); | 1380 | int (*shm_shmctl) (struct shmid_kernel * shp, int cmd); |
1381 | int (*shm_shmat) (struct shmid_kernel * shp, | 1381 | int (*shm_shmat) (struct shmid_kernel * shp, |
1382 | char __user *shmaddr, int shmflg); | 1382 | char __user *shmaddr, int shmflg); |
1383 | 1383 | ||
1384 | int (*sem_alloc_security) (struct sem_array * sma); | 1384 | int (*sem_alloc_security) (struct sem_array * sma); |
1385 | void (*sem_free_security) (struct sem_array * sma); | 1385 | void (*sem_free_security) (struct sem_array * sma); |
1386 | int (*sem_associate) (struct sem_array * sma, int semflg); | 1386 | int (*sem_associate) (struct sem_array * sma, int semflg); |
1387 | int (*sem_semctl) (struct sem_array * sma, int cmd); | 1387 | int (*sem_semctl) (struct sem_array * sma, int cmd); |
1388 | int (*sem_semop) (struct sem_array * sma, | 1388 | int (*sem_semop) (struct sem_array * sma, |
1389 | struct sembuf * sops, unsigned nsops, int alter); | 1389 | struct sembuf * sops, unsigned nsops, int alter); |
1390 | 1390 | ||
1391 | int (*netlink_send) (struct sock * sk, struct sk_buff * skb); | 1391 | int (*netlink_send) (struct sock * sk, struct sk_buff * skb); |
1392 | int (*netlink_recv) (struct sk_buff * skb, int cap); | 1392 | int (*netlink_recv) (struct sk_buff * skb, int cap); |
1393 | 1393 | ||
1394 | /* allow module stacking */ | 1394 | /* allow module stacking */ |
1395 | int (*register_security) (const char *name, | 1395 | int (*register_security) (const char *name, |
1396 | struct security_operations *ops); | 1396 | struct security_operations *ops); |
1397 | 1397 | ||
1398 | void (*d_instantiate) (struct dentry *dentry, struct inode *inode); | 1398 | void (*d_instantiate) (struct dentry *dentry, struct inode *inode); |
1399 | 1399 | ||
1400 | int (*getprocattr)(struct task_struct *p, char *name, char **value); | 1400 | int (*getprocattr)(struct task_struct *p, char *name, char **value); |
1401 | int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size); | 1401 | int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size); |
1402 | int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen); | 1402 | int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen); |
1403 | int (*secctx_to_secid)(char *secdata, u32 seclen, u32 *secid); | 1403 | int (*secctx_to_secid)(char *secdata, u32 seclen, u32 *secid); |
1404 | void (*release_secctx)(char *secdata, u32 seclen); | 1404 | void (*release_secctx)(char *secdata, u32 seclen); |
1405 | 1405 | ||
1406 | #ifdef CONFIG_SECURITY_NETWORK | 1406 | #ifdef CONFIG_SECURITY_NETWORK |
1407 | int (*unix_stream_connect) (struct socket * sock, | 1407 | int (*unix_stream_connect) (struct socket * sock, |
1408 | struct socket * other, struct sock * newsk); | 1408 | struct socket * other, struct sock * newsk); |
1409 | int (*unix_may_send) (struct socket * sock, struct socket * other); | 1409 | int (*unix_may_send) (struct socket * sock, struct socket * other); |
1410 | 1410 | ||
1411 | int (*socket_create) (int family, int type, int protocol, int kern); | 1411 | int (*socket_create) (int family, int type, int protocol, int kern); |
1412 | int (*socket_post_create) (struct socket * sock, int family, | 1412 | int (*socket_post_create) (struct socket * sock, int family, |
1413 | int type, int protocol, int kern); | 1413 | int type, int protocol, int kern); |
1414 | int (*socket_bind) (struct socket * sock, | 1414 | int (*socket_bind) (struct socket * sock, |
1415 | struct sockaddr * address, int addrlen); | 1415 | struct sockaddr * address, int addrlen); |
1416 | int (*socket_connect) (struct socket * sock, | 1416 | int (*socket_connect) (struct socket * sock, |
1417 | struct sockaddr * address, int addrlen); | 1417 | struct sockaddr * address, int addrlen); |
1418 | int (*socket_listen) (struct socket * sock, int backlog); | 1418 | int (*socket_listen) (struct socket * sock, int backlog); |
1419 | int (*socket_accept) (struct socket * sock, struct socket * newsock); | 1419 | int (*socket_accept) (struct socket * sock, struct socket * newsock); |
1420 | void (*socket_post_accept) (struct socket * sock, | 1420 | void (*socket_post_accept) (struct socket * sock, |
1421 | struct socket * newsock); | 1421 | struct socket * newsock); |
1422 | int (*socket_sendmsg) (struct socket * sock, | 1422 | int (*socket_sendmsg) (struct socket * sock, |
1423 | struct msghdr * msg, int size); | 1423 | struct msghdr * msg, int size); |
1424 | int (*socket_recvmsg) (struct socket * sock, | 1424 | int (*socket_recvmsg) (struct socket * sock, |
1425 | struct msghdr * msg, int size, int flags); | 1425 | struct msghdr * msg, int size, int flags); |
1426 | int (*socket_getsockname) (struct socket * sock); | 1426 | int (*socket_getsockname) (struct socket * sock); |
1427 | int (*socket_getpeername) (struct socket * sock); | 1427 | int (*socket_getpeername) (struct socket * sock); |
1428 | int (*socket_getsockopt) (struct socket * sock, int level, int optname); | 1428 | int (*socket_getsockopt) (struct socket * sock, int level, int optname); |
1429 | int (*socket_setsockopt) (struct socket * sock, int level, int optname); | 1429 | int (*socket_setsockopt) (struct socket * sock, int level, int optname); |
1430 | int (*socket_shutdown) (struct socket * sock, int how); | 1430 | int (*socket_shutdown) (struct socket * sock, int how); |
1431 | int (*socket_sock_rcv_skb) (struct sock * sk, struct sk_buff * skb); | 1431 | int (*socket_sock_rcv_skb) (struct sock * sk, struct sk_buff * skb); |
1432 | int (*socket_getpeersec_stream) (struct socket *sock, char __user *optval, int __user *optlen, unsigned len); | 1432 | int (*socket_getpeersec_stream) (struct socket *sock, char __user *optval, int __user *optlen, unsigned len); |
1433 | int (*socket_getpeersec_dgram) (struct socket *sock, struct sk_buff *skb, u32 *secid); | 1433 | int (*socket_getpeersec_dgram) (struct socket *sock, struct sk_buff *skb, u32 *secid); |
1434 | int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority); | 1434 | int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority); |
1435 | void (*sk_free_security) (struct sock *sk); | 1435 | void (*sk_free_security) (struct sock *sk); |
1436 | void (*sk_clone_security) (const struct sock *sk, struct sock *newsk); | 1436 | void (*sk_clone_security) (const struct sock *sk, struct sock *newsk); |
1437 | void (*sk_getsecid) (struct sock *sk, u32 *secid); | 1437 | void (*sk_getsecid) (struct sock *sk, u32 *secid); |
1438 | void (*sock_graft)(struct sock* sk, struct socket *parent); | 1438 | void (*sock_graft)(struct sock* sk, struct socket *parent); |
1439 | int (*inet_conn_request)(struct sock *sk, struct sk_buff *skb, | 1439 | int (*inet_conn_request)(struct sock *sk, struct sk_buff *skb, |
1440 | struct request_sock *req); | 1440 | struct request_sock *req); |
1441 | void (*inet_csk_clone)(struct sock *newsk, const struct request_sock *req); | 1441 | void (*inet_csk_clone)(struct sock *newsk, const struct request_sock *req); |
1442 | void (*inet_conn_established)(struct sock *sk, struct sk_buff *skb); | 1442 | void (*inet_conn_established)(struct sock *sk, struct sk_buff *skb); |
1443 | void (*req_classify_flow)(const struct request_sock *req, struct flowi *fl); | 1443 | void (*req_classify_flow)(const struct request_sock *req, struct flowi *fl); |
1444 | #endif /* CONFIG_SECURITY_NETWORK */ | 1444 | #endif /* CONFIG_SECURITY_NETWORK */ |
1445 | 1445 | ||
1446 | #ifdef CONFIG_SECURITY_NETWORK_XFRM | 1446 | #ifdef CONFIG_SECURITY_NETWORK_XFRM |
1447 | int (*xfrm_policy_alloc_security) (struct xfrm_policy *xp, | 1447 | int (*xfrm_policy_alloc_security) (struct xfrm_policy *xp, |
1448 | struct xfrm_user_sec_ctx *sec_ctx); | 1448 | struct xfrm_user_sec_ctx *sec_ctx); |
1449 | int (*xfrm_policy_clone_security) (struct xfrm_policy *old, struct xfrm_policy *new); | 1449 | int (*xfrm_policy_clone_security) (struct xfrm_policy *old, struct xfrm_policy *new); |
1450 | void (*xfrm_policy_free_security) (struct xfrm_policy *xp); | 1450 | void (*xfrm_policy_free_security) (struct xfrm_policy *xp); |
1451 | int (*xfrm_policy_delete_security) (struct xfrm_policy *xp); | 1451 | int (*xfrm_policy_delete_security) (struct xfrm_policy *xp); |
1452 | int (*xfrm_state_alloc_security) (struct xfrm_state *x, | 1452 | int (*xfrm_state_alloc_security) (struct xfrm_state *x, |
1453 | struct xfrm_user_sec_ctx *sec_ctx, | 1453 | struct xfrm_user_sec_ctx *sec_ctx, |
1454 | u32 secid); | 1454 | u32 secid); |
1455 | void (*xfrm_state_free_security) (struct xfrm_state *x); | 1455 | void (*xfrm_state_free_security) (struct xfrm_state *x); |
1456 | int (*xfrm_state_delete_security) (struct xfrm_state *x); | 1456 | int (*xfrm_state_delete_security) (struct xfrm_state *x); |
1457 | int (*xfrm_policy_lookup)(struct xfrm_policy *xp, u32 fl_secid, u8 dir); | 1457 | int (*xfrm_policy_lookup)(struct xfrm_policy *xp, u32 fl_secid, u8 dir); |
1458 | int (*xfrm_state_pol_flow_match)(struct xfrm_state *x, | 1458 | int (*xfrm_state_pol_flow_match)(struct xfrm_state *x, |
1459 | struct xfrm_policy *xp, struct flowi *fl); | 1459 | struct xfrm_policy *xp, struct flowi *fl); |
1460 | int (*xfrm_decode_session)(struct sk_buff *skb, u32 *secid, int ckall); | 1460 | int (*xfrm_decode_session)(struct sk_buff *skb, u32 *secid, int ckall); |
1461 | #endif /* CONFIG_SECURITY_NETWORK_XFRM */ | 1461 | #endif /* CONFIG_SECURITY_NETWORK_XFRM */ |
1462 | 1462 | ||
1463 | /* key management security hooks */ | 1463 | /* key management security hooks */ |
1464 | #ifdef CONFIG_KEYS | 1464 | #ifdef CONFIG_KEYS |
1465 | int (*key_alloc)(struct key *key, struct task_struct *tsk, unsigned long flags); | 1465 | int (*key_alloc)(struct key *key, struct task_struct *tsk, unsigned long flags); |
1466 | void (*key_free)(struct key *key); | 1466 | void (*key_free)(struct key *key); |
1467 | int (*key_permission)(key_ref_t key_ref, | 1467 | int (*key_permission)(key_ref_t key_ref, |
1468 | struct task_struct *context, | 1468 | struct task_struct *context, |
1469 | key_perm_t perm); | 1469 | key_perm_t perm); |
1470 | 1470 | ||
1471 | #endif /* CONFIG_KEYS */ | 1471 | #endif /* CONFIG_KEYS */ |
1472 | 1472 | ||
1473 | }; | 1473 | }; |
1474 | 1474 | ||
1475 | /* prototypes */ | 1475 | /* prototypes */ |
1476 | extern int security_init (void); | 1476 | extern int security_init (void); |
1477 | extern int register_security (struct security_operations *ops); | 1477 | extern int register_security (struct security_operations *ops); |
1478 | extern int mod_reg_security (const char *name, struct security_operations *ops); | 1478 | extern int mod_reg_security (const char *name, struct security_operations *ops); |
1479 | extern struct dentry *securityfs_create_file(const char *name, mode_t mode, | 1479 | extern struct dentry *securityfs_create_file(const char *name, mode_t mode, |
1480 | struct dentry *parent, void *data, | 1480 | struct dentry *parent, void *data, |
1481 | const struct file_operations *fops); | 1481 | const struct file_operations *fops); |
1482 | extern struct dentry *securityfs_create_dir(const char *name, struct dentry *parent); | 1482 | extern struct dentry *securityfs_create_dir(const char *name, struct dentry *parent); |
1483 | extern void securityfs_remove(struct dentry *dentry); | 1483 | extern void securityfs_remove(struct dentry *dentry); |
1484 | 1484 | ||
1485 | 1485 | ||
1486 | /* Security operations */ | 1486 | /* Security operations */ |
1487 | int security_ptrace(struct task_struct *parent, struct task_struct *child); | 1487 | int security_ptrace(struct task_struct *parent, struct task_struct *child); |
1488 | int security_capget(struct task_struct *target, | 1488 | int security_capget(struct task_struct *target, |
1489 | kernel_cap_t *effective, | 1489 | kernel_cap_t *effective, |
1490 | kernel_cap_t *inheritable, | 1490 | kernel_cap_t *inheritable, |
1491 | kernel_cap_t *permitted); | 1491 | kernel_cap_t *permitted); |
1492 | int security_capset_check(struct task_struct *target, | 1492 | int security_capset_check(struct task_struct *target, |
1493 | kernel_cap_t *effective, | 1493 | kernel_cap_t *effective, |
1494 | kernel_cap_t *inheritable, | 1494 | kernel_cap_t *inheritable, |
1495 | kernel_cap_t *permitted); | 1495 | kernel_cap_t *permitted); |
1496 | void security_capset_set(struct task_struct *target, | 1496 | void security_capset_set(struct task_struct *target, |
1497 | kernel_cap_t *effective, | 1497 | kernel_cap_t *effective, |
1498 | kernel_cap_t *inheritable, | 1498 | kernel_cap_t *inheritable, |
1499 | kernel_cap_t *permitted); | 1499 | kernel_cap_t *permitted); |
1500 | int security_capable(struct task_struct *tsk, int cap); | 1500 | int security_capable(struct task_struct *tsk, int cap); |
1501 | int security_acct(struct file *file); | 1501 | int security_acct(struct file *file); |
1502 | int security_sysctl(struct ctl_table *table, int op); | 1502 | int security_sysctl(struct ctl_table *table, int op); |
1503 | int security_quotactl(int cmds, int type, int id, struct super_block *sb); | 1503 | int security_quotactl(int cmds, int type, int id, struct super_block *sb); |
1504 | int security_quota_on(struct dentry *dentry); | 1504 | int security_quota_on(struct dentry *dentry); |
1505 | int security_syslog(int type); | 1505 | int security_syslog(int type); |
1506 | int security_settime(struct timespec *ts, struct timezone *tz); | 1506 | int security_settime(struct timespec *ts, struct timezone *tz); |
1507 | int security_vm_enough_memory(long pages); | 1507 | int security_vm_enough_memory(long pages); |
1508 | int security_vm_enough_memory_mm(struct mm_struct *mm, long pages); | 1508 | int security_vm_enough_memory_mm(struct mm_struct *mm, long pages); |
1509 | int security_bprm_alloc(struct linux_binprm *bprm); | 1509 | int security_bprm_alloc(struct linux_binprm *bprm); |
1510 | void security_bprm_free(struct linux_binprm *bprm); | 1510 | void security_bprm_free(struct linux_binprm *bprm); |
1511 | void security_bprm_apply_creds(struct linux_binprm *bprm, int unsafe); | 1511 | void security_bprm_apply_creds(struct linux_binprm *bprm, int unsafe); |
1512 | void security_bprm_post_apply_creds(struct linux_binprm *bprm); | 1512 | void security_bprm_post_apply_creds(struct linux_binprm *bprm); |
1513 | int security_bprm_set(struct linux_binprm *bprm); | 1513 | int security_bprm_set(struct linux_binprm *bprm); |
1514 | int security_bprm_check(struct linux_binprm *bprm); | 1514 | int security_bprm_check(struct linux_binprm *bprm); |
1515 | int security_bprm_secureexec(struct linux_binprm *bprm); | 1515 | int security_bprm_secureexec(struct linux_binprm *bprm); |
1516 | int security_sb_alloc(struct super_block *sb); | 1516 | int security_sb_alloc(struct super_block *sb); |
1517 | void security_sb_free(struct super_block *sb); | 1517 | void security_sb_free(struct super_block *sb); |
1518 | int security_sb_copy_data(struct file_system_type *type, void *orig, void *copy); | 1518 | int security_sb_copy_data(struct file_system_type *type, void *orig, void *copy); |
1519 | int security_sb_kern_mount(struct super_block *sb, void *data); | 1519 | int security_sb_kern_mount(struct super_block *sb, void *data); |
1520 | int security_sb_statfs(struct dentry *dentry); | 1520 | int security_sb_statfs(struct dentry *dentry); |
1521 | int security_sb_mount(char *dev_name, struct nameidata *nd, | 1521 | int security_sb_mount(char *dev_name, struct nameidata *nd, |
1522 | char *type, unsigned long flags, void *data); | 1522 | char *type, unsigned long flags, void *data); |
1523 | int security_sb_check_sb(struct vfsmount *mnt, struct nameidata *nd); | 1523 | int security_sb_check_sb(struct vfsmount *mnt, struct nameidata *nd); |
1524 | int security_sb_umount(struct vfsmount *mnt, int flags); | 1524 | int security_sb_umount(struct vfsmount *mnt, int flags); |
1525 | void security_sb_umount_close(struct vfsmount *mnt); | 1525 | void security_sb_umount_close(struct vfsmount *mnt); |
1526 | void security_sb_umount_busy(struct vfsmount *mnt); | 1526 | void security_sb_umount_busy(struct vfsmount *mnt); |
1527 | void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data); | 1527 | void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data); |
1528 | void security_sb_post_addmount(struct vfsmount *mnt, struct nameidata *mountpoint_nd); | 1528 | void security_sb_post_addmount(struct vfsmount *mnt, struct nameidata *mountpoint_nd); |
1529 | int security_sb_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd); | 1529 | int security_sb_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd); |
1530 | void security_sb_post_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd); | 1530 | void security_sb_post_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd); |
1531 | int security_sb_get_mnt_opts(const struct super_block *sb, char ***mount_options, | 1531 | int security_sb_get_mnt_opts(const struct super_block *sb, char ***mount_options, |
1532 | int **flags, int *num_opts); | 1532 | int **flags, int *num_opts); |
1533 | int security_sb_set_mnt_opts(struct super_block *sb, char **mount_options, | 1533 | int security_sb_set_mnt_opts(struct super_block *sb, char **mount_options, |
1534 | int *flags, int num_opts); | 1534 | int *flags, int num_opts); |
1535 | void security_sb_clone_mnt_opts(const struct super_block *oldsb, | 1535 | void security_sb_clone_mnt_opts(const struct super_block *oldsb, |
1536 | struct super_block *newsb); | 1536 | struct super_block *newsb); |
1537 | 1537 | ||
1538 | int security_inode_alloc(struct inode *inode); | 1538 | int security_inode_alloc(struct inode *inode); |
1539 | void security_inode_free(struct inode *inode); | 1539 | void security_inode_free(struct inode *inode); |
1540 | int security_inode_init_security(struct inode *inode, struct inode *dir, | 1540 | int security_inode_init_security(struct inode *inode, struct inode *dir, |
1541 | char **name, void **value, size_t *len); | 1541 | char **name, void **value, size_t *len); |
1542 | int security_inode_create(struct inode *dir, struct dentry *dentry, int mode); | 1542 | int security_inode_create(struct inode *dir, struct dentry *dentry, int mode); |
1543 | int security_inode_link(struct dentry *old_dentry, struct inode *dir, | 1543 | int security_inode_link(struct dentry *old_dentry, struct inode *dir, |
1544 | struct dentry *new_dentry); | 1544 | struct dentry *new_dentry); |
1545 | int security_inode_unlink(struct inode *dir, struct dentry *dentry); | 1545 | int security_inode_unlink(struct inode *dir, struct dentry *dentry); |
1546 | int security_inode_symlink(struct inode *dir, struct dentry *dentry, | 1546 | int security_inode_symlink(struct inode *dir, struct dentry *dentry, |
1547 | const char *old_name); | 1547 | const char *old_name); |
1548 | int security_inode_mkdir(struct inode *dir, struct dentry *dentry, int mode); | 1548 | int security_inode_mkdir(struct inode *dir, struct dentry *dentry, int mode); |
1549 | int security_inode_rmdir(struct inode *dir, struct dentry *dentry); | 1549 | int security_inode_rmdir(struct inode *dir, struct dentry *dentry); |
1550 | int security_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev); | 1550 | int security_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev); |
1551 | int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry, | 1551 | int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry, |
1552 | struct inode *new_dir, struct dentry *new_dentry); | 1552 | struct inode *new_dir, struct dentry *new_dentry); |
1553 | int security_inode_readlink(struct dentry *dentry); | 1553 | int security_inode_readlink(struct dentry *dentry); |
1554 | int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd); | 1554 | int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd); |
1555 | int security_inode_permission(struct inode *inode, int mask, struct nameidata *nd); | 1555 | int security_inode_permission(struct inode *inode, int mask, struct nameidata *nd); |
1556 | int security_inode_setattr(struct dentry *dentry, struct iattr *attr); | 1556 | int security_inode_setattr(struct dentry *dentry, struct iattr *attr); |
1557 | int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry); | 1557 | int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry); |
1558 | void security_inode_delete(struct inode *inode); | 1558 | void security_inode_delete(struct inode *inode); |
1559 | int security_inode_setxattr(struct dentry *dentry, char *name, | 1559 | int security_inode_setxattr(struct dentry *dentry, char *name, |
1560 | void *value, size_t size, int flags); | 1560 | void *value, size_t size, int flags); |
1561 | void security_inode_post_setxattr(struct dentry *dentry, char *name, | 1561 | void security_inode_post_setxattr(struct dentry *dentry, char *name, |
1562 | void *value, size_t size, int flags); | 1562 | void *value, size_t size, int flags); |
1563 | int security_inode_getxattr(struct dentry *dentry, char *name); | 1563 | int security_inode_getxattr(struct dentry *dentry, char *name); |
1564 | int security_inode_listxattr(struct dentry *dentry); | 1564 | int security_inode_listxattr(struct dentry *dentry); |
1565 | int security_inode_removexattr(struct dentry *dentry, char *name); | 1565 | int security_inode_removexattr(struct dentry *dentry, char *name); |
1566 | int security_inode_need_killpriv(struct dentry *dentry); | 1566 | int security_inode_need_killpriv(struct dentry *dentry); |
1567 | int security_inode_killpriv(struct dentry *dentry); | 1567 | int security_inode_killpriv(struct dentry *dentry); |
1568 | int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err); | 1568 | int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err); |
1569 | int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags); | 1569 | int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags); |
1570 | int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size); | 1570 | int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size); |
1571 | int security_file_permission(struct file *file, int mask); | 1571 | int security_file_permission(struct file *file, int mask); |
1572 | int security_file_alloc(struct file *file); | 1572 | int security_file_alloc(struct file *file); |
1573 | void security_file_free(struct file *file); | 1573 | void security_file_free(struct file *file); |
1574 | int security_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg); | 1574 | int security_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg); |
1575 | int security_file_mmap(struct file *file, unsigned long reqprot, | 1575 | int security_file_mmap(struct file *file, unsigned long reqprot, |
1576 | unsigned long prot, unsigned long flags, | 1576 | unsigned long prot, unsigned long flags, |
1577 | unsigned long addr, unsigned long addr_only); | 1577 | unsigned long addr, unsigned long addr_only); |
1578 | int security_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot, | 1578 | int security_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot, |
1579 | unsigned long prot); | 1579 | unsigned long prot); |
1580 | int security_file_lock(struct file *file, unsigned int cmd); | 1580 | int security_file_lock(struct file *file, unsigned int cmd); |
1581 | int security_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg); | 1581 | int security_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg); |
1582 | int security_file_set_fowner(struct file *file); | 1582 | int security_file_set_fowner(struct file *file); |
1583 | int security_file_send_sigiotask(struct task_struct *tsk, | 1583 | int security_file_send_sigiotask(struct task_struct *tsk, |
1584 | struct fown_struct *fown, int sig); | 1584 | struct fown_struct *fown, int sig); |
1585 | int security_file_receive(struct file *file); | 1585 | int security_file_receive(struct file *file); |
1586 | int security_dentry_open(struct file *file); | 1586 | int security_dentry_open(struct file *file); |
1587 | int security_task_create(unsigned long clone_flags); | 1587 | int security_task_create(unsigned long clone_flags); |
1588 | int security_task_alloc(struct task_struct *p); | 1588 | int security_task_alloc(struct task_struct *p); |
1589 | void security_task_free(struct task_struct *p); | 1589 | void security_task_free(struct task_struct *p); |
1590 | int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags); | 1590 | int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags); |
1591 | int security_task_post_setuid(uid_t old_ruid, uid_t old_euid, | 1591 | int security_task_post_setuid(uid_t old_ruid, uid_t old_euid, |
1592 | uid_t old_suid, int flags); | 1592 | uid_t old_suid, int flags); |
1593 | int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags); | 1593 | int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags); |
1594 | int security_task_setpgid(struct task_struct *p, pid_t pgid); | 1594 | int security_task_setpgid(struct task_struct *p, pid_t pgid); |
1595 | int security_task_getpgid(struct task_struct *p); | 1595 | int security_task_getpgid(struct task_struct *p); |
1596 | int security_task_getsid(struct task_struct *p); | 1596 | int security_task_getsid(struct task_struct *p); |
1597 | void security_task_getsecid(struct task_struct *p, u32 *secid); | 1597 | void security_task_getsecid(struct task_struct *p, u32 *secid); |
1598 | int security_task_setgroups(struct group_info *group_info); | 1598 | int security_task_setgroups(struct group_info *group_info); |
1599 | int security_task_setnice(struct task_struct *p, int nice); | 1599 | int security_task_setnice(struct task_struct *p, int nice); |
1600 | int security_task_setioprio(struct task_struct *p, int ioprio); | 1600 | int security_task_setioprio(struct task_struct *p, int ioprio); |
1601 | int security_task_getioprio(struct task_struct *p); | 1601 | int security_task_getioprio(struct task_struct *p); |
1602 | int security_task_setrlimit(unsigned int resource, struct rlimit *new_rlim); | 1602 | int security_task_setrlimit(unsigned int resource, struct rlimit *new_rlim); |
1603 | int security_task_setscheduler(struct task_struct *p, | 1603 | int security_task_setscheduler(struct task_struct *p, |
1604 | int policy, struct sched_param *lp); | 1604 | int policy, struct sched_param *lp); |
1605 | int security_task_getscheduler(struct task_struct *p); | 1605 | int security_task_getscheduler(struct task_struct *p); |
1606 | int security_task_movememory(struct task_struct *p); | 1606 | int security_task_movememory(struct task_struct *p); |
1607 | int security_task_kill(struct task_struct *p, struct siginfo *info, | 1607 | int security_task_kill(struct task_struct *p, struct siginfo *info, |
1608 | int sig, u32 secid); | 1608 | int sig, u32 secid); |
1609 | int security_task_wait(struct task_struct *p); | 1609 | int security_task_wait(struct task_struct *p); |
1610 | int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, | 1610 | int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, |
1611 | unsigned long arg4, unsigned long arg5); | 1611 | unsigned long arg4, unsigned long arg5); |
1612 | void security_task_reparent_to_init(struct task_struct *p); | 1612 | void security_task_reparent_to_init(struct task_struct *p); |
1613 | void security_task_to_inode(struct task_struct *p, struct inode *inode); | 1613 | void security_task_to_inode(struct task_struct *p, struct inode *inode); |
1614 | int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag); | 1614 | int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag); |
1615 | int security_msg_msg_alloc(struct msg_msg *msg); | 1615 | int security_msg_msg_alloc(struct msg_msg *msg); |
1616 | void security_msg_msg_free(struct msg_msg *msg); | 1616 | void security_msg_msg_free(struct msg_msg *msg); |
1617 | int security_msg_queue_alloc(struct msg_queue *msq); | 1617 | int security_msg_queue_alloc(struct msg_queue *msq); |
1618 | void security_msg_queue_free(struct msg_queue *msq); | 1618 | void security_msg_queue_free(struct msg_queue *msq); |
1619 | int security_msg_queue_associate(struct msg_queue *msq, int msqflg); | 1619 | int security_msg_queue_associate(struct msg_queue *msq, int msqflg); |
1620 | int security_msg_queue_msgctl(struct msg_queue *msq, int cmd); | 1620 | int security_msg_queue_msgctl(struct msg_queue *msq, int cmd); |
1621 | int security_msg_queue_msgsnd(struct msg_queue *msq, | 1621 | int security_msg_queue_msgsnd(struct msg_queue *msq, |
1622 | struct msg_msg *msg, int msqflg); | 1622 | struct msg_msg *msg, int msqflg); |
1623 | int security_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, | 1623 | int security_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, |
1624 | struct task_struct *target, long type, int mode); | 1624 | struct task_struct *target, long type, int mode); |
1625 | int security_shm_alloc(struct shmid_kernel *shp); | 1625 | int security_shm_alloc(struct shmid_kernel *shp); |
1626 | void security_shm_free(struct shmid_kernel *shp); | 1626 | void security_shm_free(struct shmid_kernel *shp); |
1627 | int security_shm_associate(struct shmid_kernel *shp, int shmflg); | 1627 | int security_shm_associate(struct shmid_kernel *shp, int shmflg); |
1628 | int security_shm_shmctl(struct shmid_kernel *shp, int cmd); | 1628 | int security_shm_shmctl(struct shmid_kernel *shp, int cmd); |
1629 | int security_shm_shmat(struct shmid_kernel *shp, char __user *shmaddr, int shmflg); | 1629 | int security_shm_shmat(struct shmid_kernel *shp, char __user *shmaddr, int shmflg); |
1630 | int security_sem_alloc(struct sem_array *sma); | 1630 | int security_sem_alloc(struct sem_array *sma); |
1631 | void security_sem_free(struct sem_array *sma); | 1631 | void security_sem_free(struct sem_array *sma); |
1632 | int security_sem_associate(struct sem_array *sma, int semflg); | 1632 | int security_sem_associate(struct sem_array *sma, int semflg); |
1633 | int security_sem_semctl(struct sem_array *sma, int cmd); | 1633 | int security_sem_semctl(struct sem_array *sma, int cmd); |
1634 | int security_sem_semop(struct sem_array *sma, struct sembuf *sops, | 1634 | int security_sem_semop(struct sem_array *sma, struct sembuf *sops, |
1635 | unsigned nsops, int alter); | 1635 | unsigned nsops, int alter); |
1636 | void security_d_instantiate (struct dentry *dentry, struct inode *inode); | 1636 | void security_d_instantiate (struct dentry *dentry, struct inode *inode); |
1637 | int security_getprocattr(struct task_struct *p, char *name, char **value); | 1637 | int security_getprocattr(struct task_struct *p, char *name, char **value); |
1638 | int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size); | 1638 | int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size); |
1639 | int security_netlink_send(struct sock *sk, struct sk_buff *skb); | 1639 | int security_netlink_send(struct sock *sk, struct sk_buff *skb); |
1640 | int security_netlink_recv(struct sk_buff *skb, int cap); | 1640 | int security_netlink_recv(struct sk_buff *skb, int cap); |
1641 | int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); | 1641 | int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); |
1642 | int security_secctx_to_secid(char *secdata, u32 seclen, u32 *secid); | 1642 | int security_secctx_to_secid(char *secdata, u32 seclen, u32 *secid); |
1643 | void security_release_secctx(char *secdata, u32 seclen); | 1643 | void security_release_secctx(char *secdata, u32 seclen); |
1644 | 1644 | ||
1645 | #else /* CONFIG_SECURITY */ | 1645 | #else /* CONFIG_SECURITY */ |
1646 | 1646 | ||
1647 | /* | 1647 | /* |
1648 | * This is the default capabilities functionality. Most of these functions | 1648 | * This is the default capabilities functionality. Most of these functions |
1649 | * are just stubbed out, but a few must call the proper capable code. | 1649 | * are just stubbed out, but a few must call the proper capable code. |
1650 | */ | 1650 | */ |
1651 | 1651 | ||
1652 | static inline int security_init(void) | 1652 | static inline int security_init(void) |
1653 | { | 1653 | { |
1654 | return 0; | 1654 | return 0; |
1655 | } | 1655 | } |
1656 | 1656 | ||
1657 | static inline int security_ptrace (struct task_struct *parent, struct task_struct * child) | 1657 | static inline int security_ptrace (struct task_struct *parent, struct task_struct * child) |
1658 | { | 1658 | { |
1659 | return cap_ptrace (parent, child); | 1659 | return cap_ptrace (parent, child); |
1660 | } | 1660 | } |
1661 | 1661 | ||
1662 | static inline int security_capget (struct task_struct *target, | 1662 | static inline int security_capget (struct task_struct *target, |
1663 | kernel_cap_t *effective, | 1663 | kernel_cap_t *effective, |
1664 | kernel_cap_t *inheritable, | 1664 | kernel_cap_t *inheritable, |
1665 | kernel_cap_t *permitted) | 1665 | kernel_cap_t *permitted) |
1666 | { | 1666 | { |
1667 | return cap_capget (target, effective, inheritable, permitted); | 1667 | return cap_capget (target, effective, inheritable, permitted); |
1668 | } | 1668 | } |
1669 | 1669 | ||
1670 | static inline int security_capset_check (struct task_struct *target, | 1670 | static inline int security_capset_check (struct task_struct *target, |
1671 | kernel_cap_t *effective, | 1671 | kernel_cap_t *effective, |
1672 | kernel_cap_t *inheritable, | 1672 | kernel_cap_t *inheritable, |
1673 | kernel_cap_t *permitted) | 1673 | kernel_cap_t *permitted) |
1674 | { | 1674 | { |
1675 | return cap_capset_check (target, effective, inheritable, permitted); | 1675 | return cap_capset_check (target, effective, inheritable, permitted); |
1676 | } | 1676 | } |
1677 | 1677 | ||
1678 | static inline void security_capset_set (struct task_struct *target, | 1678 | static inline void security_capset_set (struct task_struct *target, |
1679 | kernel_cap_t *effective, | 1679 | kernel_cap_t *effective, |
1680 | kernel_cap_t *inheritable, | 1680 | kernel_cap_t *inheritable, |
1681 | kernel_cap_t *permitted) | 1681 | kernel_cap_t *permitted) |
1682 | { | 1682 | { |
1683 | cap_capset_set (target, effective, inheritable, permitted); | 1683 | cap_capset_set (target, effective, inheritable, permitted); |
1684 | } | 1684 | } |
1685 | 1685 | ||
1686 | static inline int security_capable(struct task_struct *tsk, int cap) | 1686 | static inline int security_capable(struct task_struct *tsk, int cap) |
1687 | { | 1687 | { |
1688 | return cap_capable(tsk, cap); | 1688 | return cap_capable(tsk, cap); |
1689 | } | 1689 | } |
1690 | 1690 | ||
1691 | static inline int security_acct (struct file *file) | 1691 | static inline int security_acct (struct file *file) |
1692 | { | 1692 | { |
1693 | return 0; | 1693 | return 0; |
1694 | } | 1694 | } |
1695 | 1695 | ||
1696 | static inline int security_sysctl(struct ctl_table *table, int op) | 1696 | static inline int security_sysctl(struct ctl_table *table, int op) |
1697 | { | 1697 | { |
1698 | return 0; | 1698 | return 0; |
1699 | } | 1699 | } |
1700 | 1700 | ||
1701 | static inline int security_quotactl (int cmds, int type, int id, | 1701 | static inline int security_quotactl (int cmds, int type, int id, |
1702 | struct super_block * sb) | 1702 | struct super_block * sb) |
1703 | { | 1703 | { |
1704 | return 0; | 1704 | return 0; |
1705 | } | 1705 | } |
1706 | 1706 | ||
1707 | static inline int security_quota_on (struct dentry * dentry) | 1707 | static inline int security_quota_on (struct dentry * dentry) |
1708 | { | 1708 | { |
1709 | return 0; | 1709 | return 0; |
1710 | } | 1710 | } |
1711 | 1711 | ||
1712 | static inline int security_syslog(int type) | 1712 | static inline int security_syslog(int type) |
1713 | { | 1713 | { |
1714 | return cap_syslog(type); | 1714 | return cap_syslog(type); |
1715 | } | 1715 | } |
1716 | 1716 | ||
1717 | static inline int security_settime(struct timespec *ts, struct timezone *tz) | 1717 | static inline int security_settime(struct timespec *ts, struct timezone *tz) |
1718 | { | 1718 | { |
1719 | return cap_settime(ts, tz); | 1719 | return cap_settime(ts, tz); |
1720 | } | 1720 | } |
1721 | 1721 | ||
1722 | static inline int security_vm_enough_memory(long pages) | 1722 | static inline int security_vm_enough_memory(long pages) |
1723 | { | 1723 | { |
1724 | return cap_vm_enough_memory(current->mm, pages); | 1724 | return cap_vm_enough_memory(current->mm, pages); |
1725 | } | 1725 | } |
1726 | 1726 | ||
1727 | static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) | 1727 | static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) |
1728 | { | 1728 | { |
1729 | return cap_vm_enough_memory(mm, pages); | 1729 | return cap_vm_enough_memory(mm, pages); |
1730 | } | 1730 | } |
1731 | 1731 | ||
1732 | static inline int security_bprm_alloc (struct linux_binprm *bprm) | 1732 | static inline int security_bprm_alloc (struct linux_binprm *bprm) |
1733 | { | 1733 | { |
1734 | return 0; | 1734 | return 0; |
1735 | } | 1735 | } |
1736 | 1736 | ||
1737 | static inline void security_bprm_free (struct linux_binprm *bprm) | 1737 | static inline void security_bprm_free (struct linux_binprm *bprm) |
1738 | { } | 1738 | { } |
1739 | 1739 | ||
1740 | static inline void security_bprm_apply_creds (struct linux_binprm *bprm, int unsafe) | 1740 | static inline void security_bprm_apply_creds (struct linux_binprm *bprm, int unsafe) |
1741 | { | 1741 | { |
1742 | cap_bprm_apply_creds (bprm, unsafe); | 1742 | cap_bprm_apply_creds (bprm, unsafe); |
1743 | } | 1743 | } |
1744 | 1744 | ||
1745 | static inline void security_bprm_post_apply_creds (struct linux_binprm *bprm) | 1745 | static inline void security_bprm_post_apply_creds (struct linux_binprm *bprm) |
1746 | { | 1746 | { |
1747 | return; | 1747 | return; |
1748 | } | 1748 | } |
1749 | 1749 | ||
1750 | static inline int security_bprm_set (struct linux_binprm *bprm) | 1750 | static inline int security_bprm_set (struct linux_binprm *bprm) |
1751 | { | 1751 | { |
1752 | return cap_bprm_set_security (bprm); | 1752 | return cap_bprm_set_security (bprm); |
1753 | } | 1753 | } |
1754 | 1754 | ||
1755 | static inline int security_bprm_check (struct linux_binprm *bprm) | 1755 | static inline int security_bprm_check (struct linux_binprm *bprm) |
1756 | { | 1756 | { |
1757 | return 0; | 1757 | return 0; |
1758 | } | 1758 | } |
1759 | 1759 | ||
1760 | static inline int security_bprm_secureexec (struct linux_binprm *bprm) | 1760 | static inline int security_bprm_secureexec (struct linux_binprm *bprm) |
1761 | { | 1761 | { |
1762 | return cap_bprm_secureexec(bprm); | 1762 | return cap_bprm_secureexec(bprm); |
1763 | } | 1763 | } |
1764 | 1764 | ||
1765 | static inline int security_sb_alloc (struct super_block *sb) | 1765 | static inline int security_sb_alloc (struct super_block *sb) |
1766 | { | 1766 | { |
1767 | return 0; | 1767 | return 0; |
1768 | } | 1768 | } |
1769 | 1769 | ||
1770 | static inline void security_sb_free (struct super_block *sb) | 1770 | static inline void security_sb_free (struct super_block *sb) |
1771 | { } | 1771 | { } |
1772 | 1772 | ||
1773 | static inline int security_sb_copy_data (struct file_system_type *type, | 1773 | static inline int security_sb_copy_data (struct file_system_type *type, |
1774 | void *orig, void *copy) | 1774 | void *orig, void *copy) |
1775 | { | 1775 | { |
1776 | return 0; | 1776 | return 0; |
1777 | } | 1777 | } |
1778 | 1778 | ||
1779 | static inline int security_sb_kern_mount (struct super_block *sb, void *data) | 1779 | static inline int security_sb_kern_mount (struct super_block *sb, void *data) |
1780 | { | 1780 | { |
1781 | return 0; | 1781 | return 0; |
1782 | } | 1782 | } |
1783 | 1783 | ||
1784 | static inline int security_sb_statfs (struct dentry *dentry) | 1784 | static inline int security_sb_statfs (struct dentry *dentry) |
1785 | { | 1785 | { |
1786 | return 0; | 1786 | return 0; |
1787 | } | 1787 | } |
1788 | 1788 | ||
1789 | static inline int security_sb_mount (char *dev_name, struct nameidata *nd, | 1789 | static inline int security_sb_mount (char *dev_name, struct nameidata *nd, |
1790 | char *type, unsigned long flags, | 1790 | char *type, unsigned long flags, |
1791 | void *data) | 1791 | void *data) |
1792 | { | 1792 | { |
1793 | return 0; | 1793 | return 0; |
1794 | } | 1794 | } |
1795 | 1795 | ||
1796 | static inline int security_sb_check_sb (struct vfsmount *mnt, | 1796 | static inline int security_sb_check_sb (struct vfsmount *mnt, |
1797 | struct nameidata *nd) | 1797 | struct nameidata *nd) |
1798 | { | 1798 | { |
1799 | return 0; | 1799 | return 0; |
1800 | } | 1800 | } |
1801 | 1801 | ||
1802 | static inline int security_sb_umount (struct vfsmount *mnt, int flags) | 1802 | static inline int security_sb_umount (struct vfsmount *mnt, int flags) |
1803 | { | 1803 | { |
1804 | return 0; | 1804 | return 0; |
1805 | } | 1805 | } |
1806 | 1806 | ||
1807 | static inline void security_sb_umount_close (struct vfsmount *mnt) | 1807 | static inline void security_sb_umount_close (struct vfsmount *mnt) |
1808 | { } | 1808 | { } |
1809 | 1809 | ||
1810 | static inline void security_sb_umount_busy (struct vfsmount *mnt) | 1810 | static inline void security_sb_umount_busy (struct vfsmount *mnt) |
1811 | { } | 1811 | { } |
1812 | 1812 | ||
1813 | static inline void security_sb_post_remount (struct vfsmount *mnt, | 1813 | static inline void security_sb_post_remount (struct vfsmount *mnt, |
1814 | unsigned long flags, void *data) | 1814 | unsigned long flags, void *data) |
1815 | { } | 1815 | { } |
1816 | 1816 | ||
1817 | static inline void security_sb_post_addmount (struct vfsmount *mnt, | 1817 | static inline void security_sb_post_addmount (struct vfsmount *mnt, |
1818 | struct nameidata *mountpoint_nd) | 1818 | struct nameidata *mountpoint_nd) |
1819 | { } | 1819 | { } |
1820 | 1820 | ||
1821 | static inline int security_sb_pivotroot (struct nameidata *old_nd, | 1821 | static inline int security_sb_pivotroot (struct nameidata *old_nd, |
1822 | struct nameidata *new_nd) | 1822 | struct nameidata *new_nd) |
1823 | { | 1823 | { |
1824 | return 0; | 1824 | return 0; |
1825 | } | 1825 | } |
1826 | 1826 | ||
1827 | static inline void security_sb_post_pivotroot (struct nameidata *old_nd, | 1827 | static inline void security_sb_post_pivotroot (struct nameidata *old_nd, |
1828 | struct nameidata *new_nd) | 1828 | struct nameidata *new_nd) |
1829 | { } | 1829 | { } |
1830 | 1830 | ||
1831 | static inline int security_inode_alloc (struct inode *inode) | 1831 | static inline int security_inode_alloc (struct inode *inode) |
1832 | { | 1832 | { |
1833 | return 0; | 1833 | return 0; |
1834 | } | 1834 | } |
1835 | 1835 | ||
1836 | static inline void security_inode_free (struct inode *inode) | 1836 | static inline void security_inode_free (struct inode *inode) |
1837 | { } | 1837 | { } |
1838 | 1838 | ||
1839 | static inline int security_inode_init_security (struct inode *inode, | 1839 | static inline int security_inode_init_security (struct inode *inode, |
1840 | struct inode *dir, | 1840 | struct inode *dir, |
1841 | char **name, | 1841 | char **name, |
1842 | void **value, | 1842 | void **value, |
1843 | size_t *len) | 1843 | size_t *len) |
1844 | { | 1844 | { |
1845 | return -EOPNOTSUPP; | 1845 | return -EOPNOTSUPP; |
1846 | } | 1846 | } |
1847 | 1847 | ||
1848 | static inline int security_inode_create (struct inode *dir, | 1848 | static inline int security_inode_create (struct inode *dir, |
1849 | struct dentry *dentry, | 1849 | struct dentry *dentry, |
1850 | int mode) | 1850 | int mode) |
1851 | { | 1851 | { |
1852 | return 0; | 1852 | return 0; |
1853 | } | 1853 | } |
1854 | 1854 | ||
1855 | static inline int security_inode_link (struct dentry *old_dentry, | 1855 | static inline int security_inode_link (struct dentry *old_dentry, |
1856 | struct inode *dir, | 1856 | struct inode *dir, |
1857 | struct dentry *new_dentry) | 1857 | struct dentry *new_dentry) |
1858 | { | 1858 | { |
1859 | return 0; | 1859 | return 0; |
1860 | } | 1860 | } |
1861 | 1861 | ||
1862 | static inline int security_inode_unlink (struct inode *dir, | 1862 | static inline int security_inode_unlink (struct inode *dir, |
1863 | struct dentry *dentry) | 1863 | struct dentry *dentry) |
1864 | { | 1864 | { |
1865 | return 0; | 1865 | return 0; |
1866 | } | 1866 | } |
1867 | 1867 | ||
1868 | static inline int security_inode_symlink (struct inode *dir, | 1868 | static inline int security_inode_symlink (struct inode *dir, |
1869 | struct dentry *dentry, | 1869 | struct dentry *dentry, |
1870 | const char *old_name) | 1870 | const char *old_name) |
1871 | { | 1871 | { |
1872 | return 0; | 1872 | return 0; |
1873 | } | 1873 | } |
1874 | 1874 | ||
1875 | static inline int security_inode_mkdir (struct inode *dir, | 1875 | static inline int security_inode_mkdir (struct inode *dir, |
1876 | struct dentry *dentry, | 1876 | struct dentry *dentry, |
1877 | int mode) | 1877 | int mode) |
1878 | { | 1878 | { |
1879 | return 0; | 1879 | return 0; |
1880 | } | 1880 | } |
1881 | 1881 | ||
1882 | static inline int security_inode_rmdir (struct inode *dir, | 1882 | static inline int security_inode_rmdir (struct inode *dir, |
1883 | struct dentry *dentry) | 1883 | struct dentry *dentry) |
1884 | { | 1884 | { |
1885 | return 0; | 1885 | return 0; |
1886 | } | 1886 | } |
1887 | 1887 | ||
1888 | static inline int security_inode_mknod (struct inode *dir, | 1888 | static inline int security_inode_mknod (struct inode *dir, |
1889 | struct dentry *dentry, | 1889 | struct dentry *dentry, |
1890 | int mode, dev_t dev) | 1890 | int mode, dev_t dev) |
1891 | { | 1891 | { |
1892 | return 0; | 1892 | return 0; |
1893 | } | 1893 | } |
1894 | 1894 | ||
1895 | static inline int security_inode_rename (struct inode *old_dir, | 1895 | static inline int security_inode_rename (struct inode *old_dir, |
1896 | struct dentry *old_dentry, | 1896 | struct dentry *old_dentry, |
1897 | struct inode *new_dir, | 1897 | struct inode *new_dir, |
1898 | struct dentry *new_dentry) | 1898 | struct dentry *new_dentry) |
1899 | { | 1899 | { |
1900 | return 0; | 1900 | return 0; |
1901 | } | 1901 | } |
1902 | 1902 | ||
1903 | static inline int security_inode_readlink (struct dentry *dentry) | 1903 | static inline int security_inode_readlink (struct dentry *dentry) |
1904 | { | 1904 | { |
1905 | return 0; | 1905 | return 0; |
1906 | } | 1906 | } |
1907 | 1907 | ||
1908 | static inline int security_inode_follow_link (struct dentry *dentry, | 1908 | static inline int security_inode_follow_link (struct dentry *dentry, |
1909 | struct nameidata *nd) | 1909 | struct nameidata *nd) |
1910 | { | 1910 | { |
1911 | return 0; | 1911 | return 0; |
1912 | } | 1912 | } |
1913 | 1913 | ||
1914 | static inline int security_inode_permission (struct inode *inode, int mask, | 1914 | static inline int security_inode_permission (struct inode *inode, int mask, |
1915 | struct nameidata *nd) | 1915 | struct nameidata *nd) |
1916 | { | 1916 | { |
1917 | return 0; | 1917 | return 0; |
1918 | } | 1918 | } |
1919 | 1919 | ||
1920 | static inline int security_inode_setattr (struct dentry *dentry, | 1920 | static inline int security_inode_setattr (struct dentry *dentry, |
1921 | struct iattr *attr) | 1921 | struct iattr *attr) |
1922 | { | 1922 | { |
1923 | return 0; | 1923 | return 0; |
1924 | } | 1924 | } |
1925 | 1925 | ||
1926 | static inline int security_inode_getattr (struct vfsmount *mnt, | 1926 | static inline int security_inode_getattr (struct vfsmount *mnt, |
1927 | struct dentry *dentry) | 1927 | struct dentry *dentry) |
1928 | { | 1928 | { |
1929 | return 0; | 1929 | return 0; |
1930 | } | 1930 | } |
1931 | 1931 | ||
1932 | static inline void security_inode_delete (struct inode *inode) | 1932 | static inline void security_inode_delete (struct inode *inode) |
1933 | { } | 1933 | { } |
1934 | 1934 | ||
1935 | static inline int security_inode_setxattr (struct dentry *dentry, char *name, | 1935 | static inline int security_inode_setxattr (struct dentry *dentry, char *name, |
1936 | void *value, size_t size, int flags) | 1936 | void *value, size_t size, int flags) |
1937 | { | 1937 | { |
1938 | return cap_inode_setxattr(dentry, name, value, size, flags); | 1938 | return cap_inode_setxattr(dentry, name, value, size, flags); |
1939 | } | 1939 | } |
1940 | 1940 | ||
1941 | static inline void security_inode_post_setxattr (struct dentry *dentry, char *name, | 1941 | static inline void security_inode_post_setxattr (struct dentry *dentry, char *name, |
1942 | void *value, size_t size, int flags) | 1942 | void *value, size_t size, int flags) |
1943 | { } | 1943 | { } |
1944 | 1944 | ||
1945 | static inline int security_inode_getxattr (struct dentry *dentry, char *name) | 1945 | static inline int security_inode_getxattr (struct dentry *dentry, char *name) |
1946 | { | 1946 | { |
1947 | return 0; | 1947 | return 0; |
1948 | } | 1948 | } |
1949 | 1949 | ||
1950 | static inline int security_inode_listxattr (struct dentry *dentry) | 1950 | static inline int security_inode_listxattr (struct dentry *dentry) |
1951 | { | 1951 | { |
1952 | return 0; | 1952 | return 0; |
1953 | } | 1953 | } |
1954 | 1954 | ||
1955 | static inline int security_inode_removexattr (struct dentry *dentry, char *name) | 1955 | static inline int security_inode_removexattr (struct dentry *dentry, char *name) |
1956 | { | 1956 | { |
1957 | return cap_inode_removexattr(dentry, name); | 1957 | return cap_inode_removexattr(dentry, name); |
1958 | } | 1958 | } |
1959 | 1959 | ||
1960 | static inline int security_inode_need_killpriv(struct dentry *dentry) | 1960 | static inline int security_inode_need_killpriv(struct dentry *dentry) |
1961 | { | 1961 | { |
1962 | return cap_inode_need_killpriv(dentry); | 1962 | return cap_inode_need_killpriv(dentry); |
1963 | } | 1963 | } |
1964 | 1964 | ||
1965 | static inline int security_inode_killpriv(struct dentry *dentry) | 1965 | static inline int security_inode_killpriv(struct dentry *dentry) |
1966 | { | 1966 | { |
1967 | return cap_inode_killpriv(dentry); | 1967 | return cap_inode_killpriv(dentry); |
1968 | } | 1968 | } |
1969 | 1969 | ||
1970 | static inline int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err) | 1970 | static inline int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err) |
1971 | { | 1971 | { |
1972 | return -EOPNOTSUPP; | 1972 | return -EOPNOTSUPP; |
1973 | } | 1973 | } |
1974 | 1974 | ||
1975 | static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags) | 1975 | static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags) |
1976 | { | 1976 | { |
1977 | return -EOPNOTSUPP; | 1977 | return -EOPNOTSUPP; |
1978 | } | 1978 | } |
1979 | 1979 | ||
1980 | static inline int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size) | 1980 | static inline int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size) |
1981 | { | 1981 | { |
1982 | return 0; | 1982 | return 0; |
1983 | } | 1983 | } |
1984 | 1984 | ||
1985 | static inline int security_file_permission (struct file *file, int mask) | 1985 | static inline int security_file_permission (struct file *file, int mask) |
1986 | { | 1986 | { |
1987 | return 0; | 1987 | return 0; |
1988 | } | 1988 | } |
1989 | 1989 | ||
1990 | static inline int security_file_alloc (struct file *file) | 1990 | static inline int security_file_alloc (struct file *file) |
1991 | { | 1991 | { |
1992 | return 0; | 1992 | return 0; |
1993 | } | 1993 | } |
1994 | 1994 | ||
1995 | static inline void security_file_free (struct file *file) | 1995 | static inline void security_file_free (struct file *file) |
1996 | { } | 1996 | { } |
1997 | 1997 | ||
1998 | static inline int security_file_ioctl (struct file *file, unsigned int cmd, | 1998 | static inline int security_file_ioctl (struct file *file, unsigned int cmd, |
1999 | unsigned long arg) | 1999 | unsigned long arg) |
2000 | { | 2000 | { |
2001 | return 0; | 2001 | return 0; |
2002 | } | 2002 | } |
2003 | 2003 | ||
2004 | static inline int security_file_mmap (struct file *file, unsigned long reqprot, | 2004 | static inline int security_file_mmap (struct file *file, unsigned long reqprot, |
2005 | unsigned long prot, | 2005 | unsigned long prot, |
2006 | unsigned long flags, | 2006 | unsigned long flags, |
2007 | unsigned long addr, | 2007 | unsigned long addr, |
2008 | unsigned long addr_only) | 2008 | unsigned long addr_only) |
2009 | { | 2009 | { |
2010 | return 0; | 2010 | return 0; |
2011 | } | 2011 | } |
2012 | 2012 | ||
2013 | static inline int security_file_mprotect (struct vm_area_struct *vma, | 2013 | static inline int security_file_mprotect (struct vm_area_struct *vma, |
2014 | unsigned long reqprot, | 2014 | unsigned long reqprot, |
2015 | unsigned long prot) | 2015 | unsigned long prot) |
2016 | { | 2016 | { |
2017 | return 0; | 2017 | return 0; |
2018 | } | 2018 | } |
2019 | 2019 | ||
2020 | static inline int security_file_lock (struct file *file, unsigned int cmd) | 2020 | static inline int security_file_lock (struct file *file, unsigned int cmd) |
2021 | { | 2021 | { |
2022 | return 0; | 2022 | return 0; |
2023 | } | 2023 | } |
2024 | 2024 | ||
2025 | static inline int security_file_fcntl (struct file *file, unsigned int cmd, | 2025 | static inline int security_file_fcntl (struct file *file, unsigned int cmd, |
2026 | unsigned long arg) | 2026 | unsigned long arg) |
2027 | { | 2027 | { |
2028 | return 0; | 2028 | return 0; |
2029 | } | 2029 | } |
2030 | 2030 | ||
2031 | static inline int security_file_set_fowner (struct file *file) | 2031 | static inline int security_file_set_fowner (struct file *file) |
2032 | { | 2032 | { |
2033 | return 0; | 2033 | return 0; |
2034 | } | 2034 | } |
2035 | 2035 | ||
2036 | static inline int security_file_send_sigiotask (struct task_struct *tsk, | 2036 | static inline int security_file_send_sigiotask (struct task_struct *tsk, |
2037 | struct fown_struct *fown, | 2037 | struct fown_struct *fown, |
2038 | int sig) | 2038 | int sig) |
2039 | { | 2039 | { |
2040 | return 0; | 2040 | return 0; |
2041 | } | 2041 | } |
2042 | 2042 | ||
2043 | static inline int security_file_receive (struct file *file) | 2043 | static inline int security_file_receive (struct file *file) |
2044 | { | 2044 | { |
2045 | return 0; | 2045 | return 0; |
2046 | } | 2046 | } |
2047 | 2047 | ||
2048 | static inline int security_dentry_open (struct file *file) | 2048 | static inline int security_dentry_open (struct file *file) |
2049 | { | 2049 | { |
2050 | return 0; | 2050 | return 0; |
2051 | } | 2051 | } |
2052 | 2052 | ||
2053 | static inline int security_task_create (unsigned long clone_flags) | 2053 | static inline int security_task_create (unsigned long clone_flags) |
2054 | { | 2054 | { |
2055 | return 0; | 2055 | return 0; |
2056 | } | 2056 | } |
2057 | 2057 | ||
2058 | static inline int security_task_alloc (struct task_struct *p) | 2058 | static inline int security_task_alloc (struct task_struct *p) |
2059 | { | 2059 | { |
2060 | return 0; | 2060 | return 0; |
2061 | } | 2061 | } |
2062 | 2062 | ||
2063 | static inline void security_task_free (struct task_struct *p) | 2063 | static inline void security_task_free (struct task_struct *p) |
2064 | { } | 2064 | { } |
2065 | 2065 | ||
2066 | static inline int security_task_setuid (uid_t id0, uid_t id1, uid_t id2, | 2066 | static inline int security_task_setuid (uid_t id0, uid_t id1, uid_t id2, |
2067 | int flags) | 2067 | int flags) |
2068 | { | 2068 | { |
2069 | return 0; | 2069 | return 0; |
2070 | } | 2070 | } |
2071 | 2071 | ||
2072 | static inline int security_task_post_setuid (uid_t old_ruid, uid_t old_euid, | 2072 | static inline int security_task_post_setuid (uid_t old_ruid, uid_t old_euid, |
2073 | uid_t old_suid, int flags) | 2073 | uid_t old_suid, int flags) |
2074 | { | 2074 | { |
2075 | return cap_task_post_setuid (old_ruid, old_euid, old_suid, flags); | 2075 | return cap_task_post_setuid (old_ruid, old_euid, old_suid, flags); |
2076 | } | 2076 | } |
2077 | 2077 | ||
2078 | static inline int security_task_setgid (gid_t id0, gid_t id1, gid_t id2, | 2078 | static inline int security_task_setgid (gid_t id0, gid_t id1, gid_t id2, |
2079 | int flags) | 2079 | int flags) |
2080 | { | 2080 | { |
2081 | return 0; | 2081 | return 0; |
2082 | } | 2082 | } |
2083 | 2083 | ||
2084 | static inline int security_task_setpgid (struct task_struct *p, pid_t pgid) | 2084 | static inline int security_task_setpgid (struct task_struct *p, pid_t pgid) |
2085 | { | 2085 | { |
2086 | return 0; | 2086 | return 0; |
2087 | } | 2087 | } |
2088 | 2088 | ||
2089 | static inline int security_task_getpgid (struct task_struct *p) | 2089 | static inline int security_task_getpgid (struct task_struct *p) |
2090 | { | 2090 | { |
2091 | return 0; | 2091 | return 0; |
2092 | } | 2092 | } |
2093 | 2093 | ||
2094 | static inline int security_task_getsid (struct task_struct *p) | 2094 | static inline int security_task_getsid (struct task_struct *p) |
2095 | { | 2095 | { |
2096 | return 0; | 2096 | return 0; |
2097 | } | 2097 | } |
2098 | 2098 | ||
2099 | static inline void security_task_getsecid (struct task_struct *p, u32 *secid) | 2099 | static inline void security_task_getsecid (struct task_struct *p, u32 *secid) |
2100 | { } | 2100 | { } |
2101 | 2101 | ||
2102 | static inline int security_task_setgroups (struct group_info *group_info) | 2102 | static inline int security_task_setgroups (struct group_info *group_info) |
2103 | { | 2103 | { |
2104 | return 0; | 2104 | return 0; |
2105 | } | 2105 | } |
2106 | 2106 | ||
2107 | static inline int security_task_setnice (struct task_struct *p, int nice) | 2107 | static inline int security_task_setnice (struct task_struct *p, int nice) |
2108 | { | 2108 | { |
2109 | return cap_task_setnice(p, nice); | 2109 | return cap_task_setnice(p, nice); |
2110 | } | 2110 | } |
2111 | 2111 | ||
2112 | static inline int security_task_setioprio (struct task_struct *p, int ioprio) | 2112 | static inline int security_task_setioprio (struct task_struct *p, int ioprio) |
2113 | { | 2113 | { |
2114 | return cap_task_setioprio(p, ioprio); | 2114 | return cap_task_setioprio(p, ioprio); |
2115 | } | 2115 | } |
2116 | 2116 | ||
2117 | static inline int security_task_getioprio (struct task_struct *p) | 2117 | static inline int security_task_getioprio (struct task_struct *p) |
2118 | { | 2118 | { |
2119 | return 0; | 2119 | return 0; |
2120 | } | 2120 | } |
2121 | 2121 | ||
2122 | static inline int security_task_setrlimit (unsigned int resource, | 2122 | static inline int security_task_setrlimit (unsigned int resource, |
2123 | struct rlimit *new_rlim) | 2123 | struct rlimit *new_rlim) |
2124 | { | 2124 | { |
2125 | return 0; | 2125 | return 0; |
2126 | } | 2126 | } |
2127 | 2127 | ||
2128 | static inline int security_task_setscheduler (struct task_struct *p, | 2128 | static inline int security_task_setscheduler (struct task_struct *p, |
2129 | int policy, | 2129 | int policy, |
2130 | struct sched_param *lp) | 2130 | struct sched_param *lp) |
2131 | { | 2131 | { |
2132 | return cap_task_setscheduler(p, policy, lp); | 2132 | return cap_task_setscheduler(p, policy, lp); |
2133 | } | 2133 | } |
2134 | 2134 | ||
2135 | static inline int security_task_getscheduler (struct task_struct *p) | 2135 | static inline int security_task_getscheduler (struct task_struct *p) |
2136 | { | 2136 | { |
2137 | return 0; | 2137 | return 0; |
2138 | } | 2138 | } |
2139 | 2139 | ||
2140 | static inline int security_task_movememory (struct task_struct *p) | 2140 | static inline int security_task_movememory (struct task_struct *p) |
2141 | { | 2141 | { |
2142 | return 0; | 2142 | return 0; |
2143 | } | 2143 | } |
2144 | 2144 | ||
2145 | static inline int security_task_kill (struct task_struct *p, | 2145 | static inline int security_task_kill (struct task_struct *p, |
2146 | struct siginfo *info, int sig, | 2146 | struct siginfo *info, int sig, |
2147 | u32 secid) | 2147 | u32 secid) |
2148 | { | 2148 | { |
2149 | return cap_task_kill(p, info, sig, secid); | 2149 | return cap_task_kill(p, info, sig, secid); |
2150 | } | 2150 | } |
2151 | 2151 | ||
2152 | static inline int security_task_wait (struct task_struct *p) | 2152 | static inline int security_task_wait (struct task_struct *p) |
2153 | { | 2153 | { |
2154 | return 0; | 2154 | return 0; |
2155 | } | 2155 | } |
2156 | 2156 | ||
2157 | static inline int security_task_prctl (int option, unsigned long arg2, | 2157 | static inline int security_task_prctl (int option, unsigned long arg2, |
2158 | unsigned long arg3, | 2158 | unsigned long arg3, |
2159 | unsigned long arg4, | 2159 | unsigned long arg4, |
2160 | unsigned long arg5) | 2160 | unsigned long arg5) |
2161 | { | 2161 | { |
2162 | return 0; | 2162 | return 0; |
2163 | } | 2163 | } |
2164 | 2164 | ||
2165 | static inline void security_task_reparent_to_init (struct task_struct *p) | 2165 | static inline void security_task_reparent_to_init (struct task_struct *p) |
2166 | { | 2166 | { |
2167 | cap_task_reparent_to_init (p); | 2167 | cap_task_reparent_to_init (p); |
2168 | } | 2168 | } |
2169 | 2169 | ||
2170 | static inline void security_task_to_inode(struct task_struct *p, struct inode *inode) | 2170 | static inline void security_task_to_inode(struct task_struct *p, struct inode *inode) |
2171 | { } | 2171 | { } |
2172 | 2172 | ||
2173 | static inline int security_ipc_permission (struct kern_ipc_perm *ipcp, | 2173 | static inline int security_ipc_permission (struct kern_ipc_perm *ipcp, |
2174 | short flag) | 2174 | short flag) |
2175 | { | 2175 | { |
2176 | return 0; | 2176 | return 0; |
2177 | } | 2177 | } |
2178 | 2178 | ||
2179 | static inline int security_msg_msg_alloc (struct msg_msg * msg) | 2179 | static inline int security_msg_msg_alloc (struct msg_msg * msg) |
2180 | { | 2180 | { |
2181 | return 0; | 2181 | return 0; |
2182 | } | 2182 | } |
2183 | 2183 | ||
2184 | static inline void security_msg_msg_free (struct msg_msg * msg) | 2184 | static inline void security_msg_msg_free (struct msg_msg * msg) |
2185 | { } | 2185 | { } |
2186 | 2186 | ||
2187 | static inline int security_msg_queue_alloc (struct msg_queue *msq) | 2187 | static inline int security_msg_queue_alloc (struct msg_queue *msq) |
2188 | { | 2188 | { |
2189 | return 0; | 2189 | return 0; |
2190 | } | 2190 | } |
2191 | 2191 | ||
2192 | static inline void security_msg_queue_free (struct msg_queue *msq) | 2192 | static inline void security_msg_queue_free (struct msg_queue *msq) |
2193 | { } | 2193 | { } |
2194 | 2194 | ||
2195 | static inline int security_msg_queue_associate (struct msg_queue * msq, | 2195 | static inline int security_msg_queue_associate (struct msg_queue * msq, |
2196 | int msqflg) | 2196 | int msqflg) |
2197 | { | 2197 | { |
2198 | return 0; | 2198 | return 0; |
2199 | } | 2199 | } |
2200 | 2200 | ||
2201 | static inline int security_msg_queue_msgctl (struct msg_queue * msq, int cmd) | 2201 | static inline int security_msg_queue_msgctl (struct msg_queue * msq, int cmd) |
2202 | { | 2202 | { |
2203 | return 0; | 2203 | return 0; |
2204 | } | 2204 | } |
2205 | 2205 | ||
2206 | static inline int security_msg_queue_msgsnd (struct msg_queue * msq, | 2206 | static inline int security_msg_queue_msgsnd (struct msg_queue * msq, |
2207 | struct msg_msg * msg, int msqflg) | 2207 | struct msg_msg * msg, int msqflg) |
2208 | { | 2208 | { |
2209 | return 0; | 2209 | return 0; |
2210 | } | 2210 | } |
2211 | 2211 | ||
2212 | static inline int security_msg_queue_msgrcv (struct msg_queue * msq, | 2212 | static inline int security_msg_queue_msgrcv (struct msg_queue * msq, |
2213 | struct msg_msg * msg, | 2213 | struct msg_msg * msg, |
2214 | struct task_struct * target, | 2214 | struct task_struct * target, |
2215 | long type, int mode) | 2215 | long type, int mode) |
2216 | { | 2216 | { |
2217 | return 0; | 2217 | return 0; |
2218 | } | 2218 | } |
2219 | 2219 | ||
2220 | static inline int security_shm_alloc (struct shmid_kernel *shp) | 2220 | static inline int security_shm_alloc (struct shmid_kernel *shp) |
2221 | { | 2221 | { |
2222 | return 0; | 2222 | return 0; |
2223 | } | 2223 | } |
2224 | 2224 | ||
2225 | static inline void security_shm_free (struct shmid_kernel *shp) | 2225 | static inline void security_shm_free (struct shmid_kernel *shp) |
2226 | { } | 2226 | { } |
2227 | 2227 | ||
2228 | static inline int security_shm_associate (struct shmid_kernel * shp, | 2228 | static inline int security_shm_associate (struct shmid_kernel * shp, |
2229 | int shmflg) | 2229 | int shmflg) |
2230 | { | 2230 | { |
2231 | return 0; | 2231 | return 0; |
2232 | } | 2232 | } |
2233 | 2233 | ||
2234 | static inline int security_shm_shmctl (struct shmid_kernel * shp, int cmd) | 2234 | static inline int security_shm_shmctl (struct shmid_kernel * shp, int cmd) |
2235 | { | 2235 | { |
2236 | return 0; | 2236 | return 0; |
2237 | } | 2237 | } |
2238 | 2238 | ||
2239 | static inline int security_shm_shmat (struct shmid_kernel * shp, | 2239 | static inline int security_shm_shmat (struct shmid_kernel * shp, |
2240 | char __user *shmaddr, int shmflg) | 2240 | char __user *shmaddr, int shmflg) |
2241 | { | 2241 | { |
2242 | return 0; | 2242 | return 0; |
2243 | } | 2243 | } |
2244 | 2244 | ||
2245 | static inline int security_sem_alloc (struct sem_array *sma) | 2245 | static inline int security_sem_alloc (struct sem_array *sma) |
2246 | { | 2246 | { |
2247 | return 0; | 2247 | return 0; |
2248 | } | 2248 | } |
2249 | 2249 | ||
2250 | static inline void security_sem_free (struct sem_array *sma) | 2250 | static inline void security_sem_free (struct sem_array *sma) |
2251 | { } | 2251 | { } |
2252 | 2252 | ||
2253 | static inline int security_sem_associate (struct sem_array * sma, int semflg) | 2253 | static inline int security_sem_associate (struct sem_array * sma, int semflg) |
2254 | { | 2254 | { |
2255 | return 0; | 2255 | return 0; |
2256 | } | 2256 | } |
2257 | 2257 | ||
2258 | static inline int security_sem_semctl (struct sem_array * sma, int cmd) | 2258 | static inline int security_sem_semctl (struct sem_array * sma, int cmd) |
2259 | { | 2259 | { |
2260 | return 0; | 2260 | return 0; |
2261 | } | 2261 | } |
2262 | 2262 | ||
2263 | static inline int security_sem_semop (struct sem_array * sma, | 2263 | static inline int security_sem_semop (struct sem_array * sma, |
2264 | struct sembuf * sops, unsigned nsops, | 2264 | struct sembuf * sops, unsigned nsops, |
2265 | int alter) | 2265 | int alter) |
2266 | { | 2266 | { |
2267 | return 0; | 2267 | return 0; |
2268 | } | 2268 | } |
2269 | 2269 | ||
2270 | static inline void security_d_instantiate (struct dentry *dentry, struct inode *inode) | 2270 | static inline void security_d_instantiate (struct dentry *dentry, struct inode *inode) |
2271 | { } | 2271 | { } |
2272 | 2272 | ||
2273 | static inline int security_getprocattr(struct task_struct *p, char *name, char **value) | 2273 | static inline int security_getprocattr(struct task_struct *p, char *name, char **value) |
2274 | { | 2274 | { |
2275 | return -EINVAL; | 2275 | return -EINVAL; |
2276 | } | 2276 | } |
2277 | 2277 | ||
2278 | static inline int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size) | 2278 | static inline int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size) |
2279 | { | 2279 | { |
2280 | return -EINVAL; | 2280 | return -EINVAL; |
2281 | } | 2281 | } |
2282 | 2282 | ||
2283 | static inline int security_netlink_send (struct sock *sk, struct sk_buff *skb) | 2283 | static inline int security_netlink_send (struct sock *sk, struct sk_buff *skb) |
2284 | { | 2284 | { |
2285 | return cap_netlink_send (sk, skb); | 2285 | return cap_netlink_send (sk, skb); |
2286 | } | 2286 | } |
2287 | 2287 | ||
2288 | static inline int security_netlink_recv (struct sk_buff *skb, int cap) | 2288 | static inline int security_netlink_recv (struct sk_buff *skb, int cap) |
2289 | { | 2289 | { |
2290 | return cap_netlink_recv (skb, cap); | 2290 | return cap_netlink_recv (skb, cap); |
2291 | } | 2291 | } |
2292 | 2292 | ||
2293 | static inline struct dentry *securityfs_create_dir(const char *name, | 2293 | static inline struct dentry *securityfs_create_dir(const char *name, |
2294 | struct dentry *parent) | 2294 | struct dentry *parent) |
2295 | { | 2295 | { |
2296 | return ERR_PTR(-ENODEV); | 2296 | return ERR_PTR(-ENODEV); |
2297 | } | 2297 | } |
2298 | 2298 | ||
2299 | static inline struct dentry *securityfs_create_file(const char *name, | 2299 | static inline struct dentry *securityfs_create_file(const char *name, |
2300 | mode_t mode, | 2300 | mode_t mode, |
2301 | struct dentry *parent, | 2301 | struct dentry *parent, |
2302 | void *data, | 2302 | void *data, |
2303 | struct file_operations *fops) | 2303 | const struct file_operations *fops) |
2304 | { | 2304 | { |
2305 | return ERR_PTR(-ENODEV); | 2305 | return ERR_PTR(-ENODEV); |
2306 | } | 2306 | } |
2307 | 2307 | ||
2308 | static inline void securityfs_remove(struct dentry *dentry) | 2308 | static inline void securityfs_remove(struct dentry *dentry) |
2309 | { | 2309 | { |
2310 | } | 2310 | } |
2311 | 2311 | ||
2312 | static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) | 2312 | static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) |
2313 | { | 2313 | { |
2314 | return -EOPNOTSUPP; | 2314 | return -EOPNOTSUPP; |
2315 | } | 2315 | } |
2316 | 2316 | ||
2317 | static inline int security_secctx_to_secid(char *secdata, | 2317 | static inline int security_secctx_to_secid(char *secdata, |
2318 | u32 seclen, | 2318 | u32 seclen, |
2319 | u32 *secid) | 2319 | u32 *secid) |
2320 | { | 2320 | { |
2321 | return -EOPNOTSUPP; | 2321 | return -EOPNOTSUPP; |
2322 | } | 2322 | } |
2323 | 2323 | ||
2324 | static inline void security_release_secctx(char *secdata, u32 seclen) | 2324 | static inline void security_release_secctx(char *secdata, u32 seclen) |
2325 | { | 2325 | { |
2326 | } | 2326 | } |
2327 | #endif /* CONFIG_SECURITY */ | 2327 | #endif /* CONFIG_SECURITY */ |
2328 | 2328 | ||
2329 | #ifdef CONFIG_SECURITY_NETWORK | 2329 | #ifdef CONFIG_SECURITY_NETWORK |
2330 | 2330 | ||
2331 | int security_unix_stream_connect(struct socket *sock, struct socket *other, | 2331 | int security_unix_stream_connect(struct socket *sock, struct socket *other, |
2332 | struct sock *newsk); | 2332 | struct sock *newsk); |
2333 | int security_unix_may_send(struct socket *sock, struct socket *other); | 2333 | int security_unix_may_send(struct socket *sock, struct socket *other); |
2334 | int security_socket_create(int family, int type, int protocol, int kern); | 2334 | int security_socket_create(int family, int type, int protocol, int kern); |
2335 | int security_socket_post_create(struct socket *sock, int family, | 2335 | int security_socket_post_create(struct socket *sock, int family, |
2336 | int type, int protocol, int kern); | 2336 | int type, int protocol, int kern); |
2337 | int security_socket_bind(struct socket *sock, struct sockaddr *address, int addrlen); | 2337 | int security_socket_bind(struct socket *sock, struct sockaddr *address, int addrlen); |
2338 | int security_socket_connect(struct socket *sock, struct sockaddr *address, int addrlen); | 2338 | int security_socket_connect(struct socket *sock, struct sockaddr *address, int addrlen); |
2339 | int security_socket_listen(struct socket *sock, int backlog); | 2339 | int security_socket_listen(struct socket *sock, int backlog); |
2340 | int security_socket_accept(struct socket *sock, struct socket *newsock); | 2340 | int security_socket_accept(struct socket *sock, struct socket *newsock); |
2341 | void security_socket_post_accept(struct socket *sock, struct socket *newsock); | 2341 | void security_socket_post_accept(struct socket *sock, struct socket *newsock); |
2342 | int security_socket_sendmsg(struct socket *sock, struct msghdr *msg, int size); | 2342 | int security_socket_sendmsg(struct socket *sock, struct msghdr *msg, int size); |
2343 | int security_socket_recvmsg(struct socket *sock, struct msghdr *msg, | 2343 | int security_socket_recvmsg(struct socket *sock, struct msghdr *msg, |
2344 | int size, int flags); | 2344 | int size, int flags); |
2345 | int security_socket_getsockname(struct socket *sock); | 2345 | int security_socket_getsockname(struct socket *sock); |
2346 | int security_socket_getpeername(struct socket *sock); | 2346 | int security_socket_getpeername(struct socket *sock); |
2347 | int security_socket_getsockopt(struct socket *sock, int level, int optname); | 2347 | int security_socket_getsockopt(struct socket *sock, int level, int optname); |
2348 | int security_socket_setsockopt(struct socket *sock, int level, int optname); | 2348 | int security_socket_setsockopt(struct socket *sock, int level, int optname); |
2349 | int security_socket_shutdown(struct socket *sock, int how); | 2349 | int security_socket_shutdown(struct socket *sock, int how); |
2350 | int security_sock_rcv_skb(struct sock *sk, struct sk_buff *skb); | 2350 | int security_sock_rcv_skb(struct sock *sk, struct sk_buff *skb); |
2351 | int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, | 2351 | int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, |
2352 | int __user *optlen, unsigned len); | 2352 | int __user *optlen, unsigned len); |
2353 | int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid); | 2353 | int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid); |
2354 | int security_sk_alloc(struct sock *sk, int family, gfp_t priority); | 2354 | int security_sk_alloc(struct sock *sk, int family, gfp_t priority); |
2355 | void security_sk_free(struct sock *sk); | 2355 | void security_sk_free(struct sock *sk); |
2356 | void security_sk_clone(const struct sock *sk, struct sock *newsk); | 2356 | void security_sk_clone(const struct sock *sk, struct sock *newsk); |
2357 | void security_sk_classify_flow(struct sock *sk, struct flowi *fl); | 2357 | void security_sk_classify_flow(struct sock *sk, struct flowi *fl); |
2358 | void security_req_classify_flow(const struct request_sock *req, struct flowi *fl); | 2358 | void security_req_classify_flow(const struct request_sock *req, struct flowi *fl); |
2359 | void security_sock_graft(struct sock*sk, struct socket *parent); | 2359 | void security_sock_graft(struct sock*sk, struct socket *parent); |
2360 | int security_inet_conn_request(struct sock *sk, | 2360 | int security_inet_conn_request(struct sock *sk, |
2361 | struct sk_buff *skb, struct request_sock *req); | 2361 | struct sk_buff *skb, struct request_sock *req); |
2362 | void security_inet_csk_clone(struct sock *newsk, | 2362 | void security_inet_csk_clone(struct sock *newsk, |
2363 | const struct request_sock *req); | 2363 | const struct request_sock *req); |
2364 | void security_inet_conn_established(struct sock *sk, | 2364 | void security_inet_conn_established(struct sock *sk, |
2365 | struct sk_buff *skb); | 2365 | struct sk_buff *skb); |
2366 | 2366 | ||
2367 | #else /* CONFIG_SECURITY_NETWORK */ | 2367 | #else /* CONFIG_SECURITY_NETWORK */ |
2368 | static inline int security_unix_stream_connect(struct socket * sock, | 2368 | static inline int security_unix_stream_connect(struct socket * sock, |
2369 | struct socket * other, | 2369 | struct socket * other, |
2370 | struct sock * newsk) | 2370 | struct sock * newsk) |
2371 | { | 2371 | { |
2372 | return 0; | 2372 | return 0; |
2373 | } | 2373 | } |
2374 | 2374 | ||
2375 | static inline int security_unix_may_send(struct socket * sock, | 2375 | static inline int security_unix_may_send(struct socket * sock, |
2376 | struct socket * other) | 2376 | struct socket * other) |
2377 | { | 2377 | { |
2378 | return 0; | 2378 | return 0; |
2379 | } | 2379 | } |
2380 | 2380 | ||
2381 | static inline int security_socket_create (int family, int type, | 2381 | static inline int security_socket_create (int family, int type, |
2382 | int protocol, int kern) | 2382 | int protocol, int kern) |
2383 | { | 2383 | { |
2384 | return 0; | 2384 | return 0; |
2385 | } | 2385 | } |
2386 | 2386 | ||
2387 | static inline int security_socket_post_create(struct socket * sock, | 2387 | static inline int security_socket_post_create(struct socket * sock, |
2388 | int family, | 2388 | int family, |
2389 | int type, | 2389 | int type, |
2390 | int protocol, int kern) | 2390 | int protocol, int kern) |
2391 | { | 2391 | { |
2392 | return 0; | 2392 | return 0; |
2393 | } | 2393 | } |
2394 | 2394 | ||
2395 | static inline int security_socket_bind(struct socket * sock, | 2395 | static inline int security_socket_bind(struct socket * sock, |
2396 | struct sockaddr * address, | 2396 | struct sockaddr * address, |
2397 | int addrlen) | 2397 | int addrlen) |
2398 | { | 2398 | { |
2399 | return 0; | 2399 | return 0; |
2400 | } | 2400 | } |
2401 | 2401 | ||
2402 | static inline int security_socket_connect(struct socket * sock, | 2402 | static inline int security_socket_connect(struct socket * sock, |
2403 | struct sockaddr * address, | 2403 | struct sockaddr * address, |
2404 | int addrlen) | 2404 | int addrlen) |
2405 | { | 2405 | { |
2406 | return 0; | 2406 | return 0; |
2407 | } | 2407 | } |
2408 | 2408 | ||
2409 | static inline int security_socket_listen(struct socket * sock, int backlog) | 2409 | static inline int security_socket_listen(struct socket * sock, int backlog) |
2410 | { | 2410 | { |
2411 | return 0; | 2411 | return 0; |
2412 | } | 2412 | } |
2413 | 2413 | ||
2414 | static inline int security_socket_accept(struct socket * sock, | 2414 | static inline int security_socket_accept(struct socket * sock, |
2415 | struct socket * newsock) | 2415 | struct socket * newsock) |
2416 | { | 2416 | { |
2417 | return 0; | 2417 | return 0; |
2418 | } | 2418 | } |
2419 | 2419 | ||
2420 | static inline void security_socket_post_accept(struct socket * sock, | 2420 | static inline void security_socket_post_accept(struct socket * sock, |
2421 | struct socket * newsock) | 2421 | struct socket * newsock) |
2422 | { | 2422 | { |
2423 | } | 2423 | } |
2424 | 2424 | ||
2425 | static inline int security_socket_sendmsg(struct socket * sock, | 2425 | static inline int security_socket_sendmsg(struct socket * sock, |
2426 | struct msghdr * msg, int size) | 2426 | struct msghdr * msg, int size) |
2427 | { | 2427 | { |
2428 | return 0; | 2428 | return 0; |
2429 | } | 2429 | } |
2430 | 2430 | ||
2431 | static inline int security_socket_recvmsg(struct socket * sock, | 2431 | static inline int security_socket_recvmsg(struct socket * sock, |
2432 | struct msghdr * msg, int size, | 2432 | struct msghdr * msg, int size, |
2433 | int flags) | 2433 | int flags) |
2434 | { | 2434 | { |
2435 | return 0; | 2435 | return 0; |
2436 | } | 2436 | } |
2437 | 2437 | ||
2438 | static inline int security_socket_getsockname(struct socket * sock) | 2438 | static inline int security_socket_getsockname(struct socket * sock) |
2439 | { | 2439 | { |
2440 | return 0; | 2440 | return 0; |
2441 | } | 2441 | } |
2442 | 2442 | ||
2443 | static inline int security_socket_getpeername(struct socket * sock) | 2443 | static inline int security_socket_getpeername(struct socket * sock) |
2444 | { | 2444 | { |
2445 | return 0; | 2445 | return 0; |
2446 | } | 2446 | } |
2447 | 2447 | ||
2448 | static inline int security_socket_getsockopt(struct socket * sock, | 2448 | static inline int security_socket_getsockopt(struct socket * sock, |
2449 | int level, int optname) | 2449 | int level, int optname) |
2450 | { | 2450 | { |
2451 | return 0; | 2451 | return 0; |
2452 | } | 2452 | } |
2453 | 2453 | ||
2454 | static inline int security_socket_setsockopt(struct socket * sock, | 2454 | static inline int security_socket_setsockopt(struct socket * sock, |
2455 | int level, int optname) | 2455 | int level, int optname) |
2456 | { | 2456 | { |
2457 | return 0; | 2457 | return 0; |
2458 | } | 2458 | } |
2459 | 2459 | ||
2460 | static inline int security_socket_shutdown(struct socket * sock, int how) | 2460 | static inline int security_socket_shutdown(struct socket * sock, int how) |
2461 | { | 2461 | { |
2462 | return 0; | 2462 | return 0; |
2463 | } | 2463 | } |
2464 | static inline int security_sock_rcv_skb (struct sock * sk, | 2464 | static inline int security_sock_rcv_skb (struct sock * sk, |
2465 | struct sk_buff * skb) | 2465 | struct sk_buff * skb) |
2466 | { | 2466 | { |
2467 | return 0; | 2467 | return 0; |
2468 | } | 2468 | } |
2469 | 2469 | ||
2470 | static inline int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, | 2470 | static inline int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, |
2471 | int __user *optlen, unsigned len) | 2471 | int __user *optlen, unsigned len) |
2472 | { | 2472 | { |
2473 | return -ENOPROTOOPT; | 2473 | return -ENOPROTOOPT; |
2474 | } | 2474 | } |
2475 | 2475 | ||
2476 | static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) | 2476 | static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) |
2477 | { | 2477 | { |
2478 | return -ENOPROTOOPT; | 2478 | return -ENOPROTOOPT; |
2479 | } | 2479 | } |
2480 | 2480 | ||
2481 | static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority) | 2481 | static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority) |
2482 | { | 2482 | { |
2483 | return 0; | 2483 | return 0; |
2484 | } | 2484 | } |
2485 | 2485 | ||
2486 | static inline void security_sk_free(struct sock *sk) | 2486 | static inline void security_sk_free(struct sock *sk) |
2487 | { | 2487 | { |
2488 | } | 2488 | } |
2489 | 2489 | ||
2490 | static inline void security_sk_clone(const struct sock *sk, struct sock *newsk) | 2490 | static inline void security_sk_clone(const struct sock *sk, struct sock *newsk) |
2491 | { | 2491 | { |
2492 | } | 2492 | } |
2493 | 2493 | ||
2494 | static inline void security_sk_classify_flow(struct sock *sk, struct flowi *fl) | 2494 | static inline void security_sk_classify_flow(struct sock *sk, struct flowi *fl) |
2495 | { | 2495 | { |
2496 | } | 2496 | } |
2497 | 2497 | ||
2498 | static inline void security_req_classify_flow(const struct request_sock *req, struct flowi *fl) | 2498 | static inline void security_req_classify_flow(const struct request_sock *req, struct flowi *fl) |
2499 | { | 2499 | { |
2500 | } | 2500 | } |
2501 | 2501 | ||
2502 | static inline void security_sock_graft(struct sock* sk, struct socket *parent) | 2502 | static inline void security_sock_graft(struct sock* sk, struct socket *parent) |
2503 | { | 2503 | { |
2504 | } | 2504 | } |
2505 | 2505 | ||
2506 | static inline int security_inet_conn_request(struct sock *sk, | 2506 | static inline int security_inet_conn_request(struct sock *sk, |
2507 | struct sk_buff *skb, struct request_sock *req) | 2507 | struct sk_buff *skb, struct request_sock *req) |
2508 | { | 2508 | { |
2509 | return 0; | 2509 | return 0; |
2510 | } | 2510 | } |
2511 | 2511 | ||
2512 | static inline void security_inet_csk_clone(struct sock *newsk, | 2512 | static inline void security_inet_csk_clone(struct sock *newsk, |
2513 | const struct request_sock *req) | 2513 | const struct request_sock *req) |
2514 | { | 2514 | { |
2515 | } | 2515 | } |
2516 | 2516 | ||
2517 | static inline void security_inet_conn_established(struct sock *sk, | 2517 | static inline void security_inet_conn_established(struct sock *sk, |
2518 | struct sk_buff *skb) | 2518 | struct sk_buff *skb) |
2519 | { | 2519 | { |
2520 | } | 2520 | } |
2521 | #endif /* CONFIG_SECURITY_NETWORK */ | 2521 | #endif /* CONFIG_SECURITY_NETWORK */ |
2522 | 2522 | ||
2523 | #ifdef CONFIG_SECURITY_NETWORK_XFRM | 2523 | #ifdef CONFIG_SECURITY_NETWORK_XFRM |
2524 | 2524 | ||
2525 | int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx); | 2525 | int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx); |
2526 | int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new); | 2526 | int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new); |
2527 | void security_xfrm_policy_free(struct xfrm_policy *xp); | 2527 | void security_xfrm_policy_free(struct xfrm_policy *xp); |
2528 | int security_xfrm_policy_delete(struct xfrm_policy *xp); | 2528 | int security_xfrm_policy_delete(struct xfrm_policy *xp); |
2529 | int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx); | 2529 | int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx); |
2530 | int security_xfrm_state_alloc_acquire(struct xfrm_state *x, | 2530 | int security_xfrm_state_alloc_acquire(struct xfrm_state *x, |
2531 | struct xfrm_sec_ctx *polsec, u32 secid); | 2531 | struct xfrm_sec_ctx *polsec, u32 secid); |
2532 | int security_xfrm_state_delete(struct xfrm_state *x); | 2532 | int security_xfrm_state_delete(struct xfrm_state *x); |
2533 | void security_xfrm_state_free(struct xfrm_state *x); | 2533 | void security_xfrm_state_free(struct xfrm_state *x); |
2534 | int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir); | 2534 | int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir); |
2535 | int security_xfrm_state_pol_flow_match(struct xfrm_state *x, | 2535 | int security_xfrm_state_pol_flow_match(struct xfrm_state *x, |
2536 | struct xfrm_policy *xp, struct flowi *fl); | 2536 | struct xfrm_policy *xp, struct flowi *fl); |
2537 | int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid); | 2537 | int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid); |
2538 | void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl); | 2538 | void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl); |
2539 | 2539 | ||
2540 | #else /* CONFIG_SECURITY_NETWORK_XFRM */ | 2540 | #else /* CONFIG_SECURITY_NETWORK_XFRM */ |
2541 | 2541 | ||
2542 | static inline int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx) | 2542 | static inline int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx) |
2543 | { | 2543 | { |
2544 | return 0; | 2544 | return 0; |
2545 | } | 2545 | } |
2546 | 2546 | ||
2547 | static inline int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new) | 2547 | static inline int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new) |
2548 | { | 2548 | { |
2549 | return 0; | 2549 | return 0; |
2550 | } | 2550 | } |
2551 | 2551 | ||
2552 | static inline void security_xfrm_policy_free(struct xfrm_policy *xp) | 2552 | static inline void security_xfrm_policy_free(struct xfrm_policy *xp) |
2553 | { | 2553 | { |
2554 | } | 2554 | } |
2555 | 2555 | ||
2556 | static inline int security_xfrm_policy_delete(struct xfrm_policy *xp) | 2556 | static inline int security_xfrm_policy_delete(struct xfrm_policy *xp) |
2557 | { | 2557 | { |
2558 | return 0; | 2558 | return 0; |
2559 | } | 2559 | } |
2560 | 2560 | ||
2561 | static inline int security_xfrm_state_alloc(struct xfrm_state *x, | 2561 | static inline int security_xfrm_state_alloc(struct xfrm_state *x, |
2562 | struct xfrm_user_sec_ctx *sec_ctx) | 2562 | struct xfrm_user_sec_ctx *sec_ctx) |
2563 | { | 2563 | { |
2564 | return 0; | 2564 | return 0; |
2565 | } | 2565 | } |
2566 | 2566 | ||
2567 | static inline int security_xfrm_state_alloc_acquire(struct xfrm_state *x, | 2567 | static inline int security_xfrm_state_alloc_acquire(struct xfrm_state *x, |
2568 | struct xfrm_sec_ctx *polsec, u32 secid) | 2568 | struct xfrm_sec_ctx *polsec, u32 secid) |
2569 | { | 2569 | { |
2570 | return 0; | 2570 | return 0; |
2571 | } | 2571 | } |
2572 | 2572 | ||
2573 | static inline void security_xfrm_state_free(struct xfrm_state *x) | 2573 | static inline void security_xfrm_state_free(struct xfrm_state *x) |
2574 | { | 2574 | { |
2575 | } | 2575 | } |
2576 | 2576 | ||
2577 | static inline int security_xfrm_state_delete(struct xfrm_state *x) | 2577 | static inline int security_xfrm_state_delete(struct xfrm_state *x) |
2578 | { | 2578 | { |
2579 | return 0; | 2579 | return 0; |
2580 | } | 2580 | } |
2581 | 2581 | ||
2582 | static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir) | 2582 | static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir) |
2583 | { | 2583 | { |
2584 | return 0; | 2584 | return 0; |
2585 | } | 2585 | } |
2586 | 2586 | ||
2587 | static inline int security_xfrm_state_pol_flow_match(struct xfrm_state *x, | 2587 | static inline int security_xfrm_state_pol_flow_match(struct xfrm_state *x, |
2588 | struct xfrm_policy *xp, struct flowi *fl) | 2588 | struct xfrm_policy *xp, struct flowi *fl) |
2589 | { | 2589 | { |
2590 | return 1; | 2590 | return 1; |
2591 | } | 2591 | } |
2592 | 2592 | ||
2593 | static inline int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid) | 2593 | static inline int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid) |
2594 | { | 2594 | { |
2595 | return 0; | 2595 | return 0; |
2596 | } | 2596 | } |
2597 | 2597 | ||
2598 | static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl) | 2598 | static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl) |
2599 | { | 2599 | { |
2600 | } | 2600 | } |
2601 | 2601 | ||
2602 | #endif /* CONFIG_SECURITY_NETWORK_XFRM */ | 2602 | #endif /* CONFIG_SECURITY_NETWORK_XFRM */ |
2603 | 2603 | ||
2604 | #ifdef CONFIG_KEYS | 2604 | #ifdef CONFIG_KEYS |
2605 | #ifdef CONFIG_SECURITY | 2605 | #ifdef CONFIG_SECURITY |
2606 | 2606 | ||
2607 | int security_key_alloc(struct key *key, struct task_struct *tsk, unsigned long flags); | 2607 | int security_key_alloc(struct key *key, struct task_struct *tsk, unsigned long flags); |
2608 | void security_key_free(struct key *key); | 2608 | void security_key_free(struct key *key); |
2609 | int security_key_permission(key_ref_t key_ref, | 2609 | int security_key_permission(key_ref_t key_ref, |
2610 | struct task_struct *context, key_perm_t perm); | 2610 | struct task_struct *context, key_perm_t perm); |
2611 | 2611 | ||
2612 | #else | 2612 | #else |
2613 | 2613 | ||
2614 | static inline int security_key_alloc(struct key *key, | 2614 | static inline int security_key_alloc(struct key *key, |
2615 | struct task_struct *tsk, | 2615 | struct task_struct *tsk, |
2616 | unsigned long flags) | 2616 | unsigned long flags) |
2617 | { | 2617 | { |
2618 | return 0; | 2618 | return 0; |
2619 | } | 2619 | } |
2620 | 2620 | ||
2621 | static inline void security_key_free(struct key *key) | 2621 | static inline void security_key_free(struct key *key) |
2622 | { | 2622 | { |
2623 | } | 2623 | } |
2624 | 2624 | ||
2625 | static inline int security_key_permission(key_ref_t key_ref, | 2625 | static inline int security_key_permission(key_ref_t key_ref, |
2626 | struct task_struct *context, | 2626 | struct task_struct *context, |
2627 | key_perm_t perm) | 2627 | key_perm_t perm) |
2628 | { | 2628 | { |
2629 | return 0; | 2629 | return 0; |
2630 | } | 2630 | } |
2631 | 2631 | ||
2632 | #endif | 2632 | #endif |
2633 | #endif /* CONFIG_KEYS */ | 2633 | #endif /* CONFIG_KEYS */ |
2634 | 2634 | ||
2635 | #endif /* ! __LINUX_SECURITY_H */ | 2635 | #endif /* ! __LINUX_SECURITY_H */ |
2636 | 2636 | ||
2637 | 2637 |
security/keys/proc.c
1 | /* proc.c: proc files for key database enumeration | 1 | /* proc.c: proc files for key database enumeration |
2 | * | 2 | * |
3 | * Copyright (C) 2004 Red Hat, Inc. All Rights Reserved. | 3 | * Copyright (C) 2004 Red Hat, Inc. All Rights Reserved. |
4 | * Written by David Howells (dhowells@redhat.com) | 4 | * Written by David Howells (dhowells@redhat.com) |
5 | * | 5 | * |
6 | * This program is free software; you can redistribute it and/or | 6 | * This program is free software; you can redistribute it and/or |
7 | * modify it under the terms of the GNU General Public License | 7 | * modify it under the terms of the GNU General Public License |
8 | * as published by the Free Software Foundation; either version | 8 | * as published by the Free Software Foundation; either version |
9 | * 2 of the License, or (at your option) any later version. | 9 | * 2 of the License, or (at your option) any later version. |
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include <linux/module.h> | 12 | #include <linux/module.h> |
13 | #include <linux/init.h> | 13 | #include <linux/init.h> |
14 | #include <linux/sched.h> | 14 | #include <linux/sched.h> |
15 | #include <linux/slab.h> | 15 | #include <linux/slab.h> |
16 | #include <linux/fs.h> | 16 | #include <linux/fs.h> |
17 | #include <linux/proc_fs.h> | 17 | #include <linux/proc_fs.h> |
18 | #include <linux/seq_file.h> | 18 | #include <linux/seq_file.h> |
19 | #include <asm/errno.h> | 19 | #include <asm/errno.h> |
20 | #include "internal.h" | 20 | #include "internal.h" |
21 | 21 | ||
22 | #ifdef CONFIG_KEYS_DEBUG_PROC_KEYS | 22 | #ifdef CONFIG_KEYS_DEBUG_PROC_KEYS |
23 | static int proc_keys_open(struct inode *inode, struct file *file); | 23 | static int proc_keys_open(struct inode *inode, struct file *file); |
24 | static void *proc_keys_start(struct seq_file *p, loff_t *_pos); | 24 | static void *proc_keys_start(struct seq_file *p, loff_t *_pos); |
25 | static void *proc_keys_next(struct seq_file *p, void *v, loff_t *_pos); | 25 | static void *proc_keys_next(struct seq_file *p, void *v, loff_t *_pos); |
26 | static void proc_keys_stop(struct seq_file *p, void *v); | 26 | static void proc_keys_stop(struct seq_file *p, void *v); |
27 | static int proc_keys_show(struct seq_file *m, void *v); | 27 | static int proc_keys_show(struct seq_file *m, void *v); |
28 | 28 | ||
29 | static struct seq_operations proc_keys_ops = { | 29 | static const struct seq_operations proc_keys_ops = { |
30 | .start = proc_keys_start, | 30 | .start = proc_keys_start, |
31 | .next = proc_keys_next, | 31 | .next = proc_keys_next, |
32 | .stop = proc_keys_stop, | 32 | .stop = proc_keys_stop, |
33 | .show = proc_keys_show, | 33 | .show = proc_keys_show, |
34 | }; | 34 | }; |
35 | 35 | ||
36 | static const struct file_operations proc_keys_fops = { | 36 | static const struct file_operations proc_keys_fops = { |
37 | .open = proc_keys_open, | 37 | .open = proc_keys_open, |
38 | .read = seq_read, | 38 | .read = seq_read, |
39 | .llseek = seq_lseek, | 39 | .llseek = seq_lseek, |
40 | .release = seq_release, | 40 | .release = seq_release, |
41 | }; | 41 | }; |
42 | #endif | 42 | #endif |
43 | 43 | ||
44 | static int proc_key_users_open(struct inode *inode, struct file *file); | 44 | static int proc_key_users_open(struct inode *inode, struct file *file); |
45 | static void *proc_key_users_start(struct seq_file *p, loff_t *_pos); | 45 | static void *proc_key_users_start(struct seq_file *p, loff_t *_pos); |
46 | static void *proc_key_users_next(struct seq_file *p, void *v, loff_t *_pos); | 46 | static void *proc_key_users_next(struct seq_file *p, void *v, loff_t *_pos); |
47 | static void proc_key_users_stop(struct seq_file *p, void *v); | 47 | static void proc_key_users_stop(struct seq_file *p, void *v); |
48 | static int proc_key_users_show(struct seq_file *m, void *v); | 48 | static int proc_key_users_show(struct seq_file *m, void *v); |
49 | 49 | ||
50 | static struct seq_operations proc_key_users_ops = { | 50 | static const struct seq_operations proc_key_users_ops = { |
51 | .start = proc_key_users_start, | 51 | .start = proc_key_users_start, |
52 | .next = proc_key_users_next, | 52 | .next = proc_key_users_next, |
53 | .stop = proc_key_users_stop, | 53 | .stop = proc_key_users_stop, |
54 | .show = proc_key_users_show, | 54 | .show = proc_key_users_show, |
55 | }; | 55 | }; |
56 | 56 | ||
57 | static const struct file_operations proc_key_users_fops = { | 57 | static const struct file_operations proc_key_users_fops = { |
58 | .open = proc_key_users_open, | 58 | .open = proc_key_users_open, |
59 | .read = seq_read, | 59 | .read = seq_read, |
60 | .llseek = seq_lseek, | 60 | .llseek = seq_lseek, |
61 | .release = seq_release, | 61 | .release = seq_release, |
62 | }; | 62 | }; |
63 | 63 | ||
64 | /*****************************************************************************/ | 64 | /*****************************************************************************/ |
65 | /* | 65 | /* |
66 | * declare the /proc files | 66 | * declare the /proc files |
67 | */ | 67 | */ |
68 | static int __init key_proc_init(void) | 68 | static int __init key_proc_init(void) |
69 | { | 69 | { |
70 | struct proc_dir_entry *p; | 70 | struct proc_dir_entry *p; |
71 | 71 | ||
72 | #ifdef CONFIG_KEYS_DEBUG_PROC_KEYS | 72 | #ifdef CONFIG_KEYS_DEBUG_PROC_KEYS |
73 | p = create_proc_entry("keys", 0, NULL); | 73 | p = create_proc_entry("keys", 0, NULL); |
74 | if (!p) | 74 | if (!p) |
75 | panic("Cannot create /proc/keys\n"); | 75 | panic("Cannot create /proc/keys\n"); |
76 | 76 | ||
77 | p->proc_fops = &proc_keys_fops; | 77 | p->proc_fops = &proc_keys_fops; |
78 | #endif | 78 | #endif |
79 | 79 | ||
80 | p = create_proc_entry("key-users", 0, NULL); | 80 | p = create_proc_entry("key-users", 0, NULL); |
81 | if (!p) | 81 | if (!p) |
82 | panic("Cannot create /proc/key-users\n"); | 82 | panic("Cannot create /proc/key-users\n"); |
83 | 83 | ||
84 | p->proc_fops = &proc_key_users_fops; | 84 | p->proc_fops = &proc_key_users_fops; |
85 | 85 | ||
86 | return 0; | 86 | return 0; |
87 | 87 | ||
88 | } /* end key_proc_init() */ | 88 | } /* end key_proc_init() */ |
89 | 89 | ||
90 | __initcall(key_proc_init); | 90 | __initcall(key_proc_init); |
91 | 91 | ||
92 | /*****************************************************************************/ | 92 | /*****************************************************************************/ |
93 | /* | 93 | /* |
94 | * implement "/proc/keys" to provides a list of the keys on the system | 94 | * implement "/proc/keys" to provides a list of the keys on the system |
95 | */ | 95 | */ |
96 | #ifdef CONFIG_KEYS_DEBUG_PROC_KEYS | 96 | #ifdef CONFIG_KEYS_DEBUG_PROC_KEYS |
97 | 97 | ||
98 | static int proc_keys_open(struct inode *inode, struct file *file) | 98 | static int proc_keys_open(struct inode *inode, struct file *file) |
99 | { | 99 | { |
100 | return seq_open(file, &proc_keys_ops); | 100 | return seq_open(file, &proc_keys_ops); |
101 | 101 | ||
102 | } | 102 | } |
103 | 103 | ||
104 | static void *proc_keys_start(struct seq_file *p, loff_t *_pos) | 104 | static void *proc_keys_start(struct seq_file *p, loff_t *_pos) |
105 | { | 105 | { |
106 | struct rb_node *_p; | 106 | struct rb_node *_p; |
107 | loff_t pos = *_pos; | 107 | loff_t pos = *_pos; |
108 | 108 | ||
109 | spin_lock(&key_serial_lock); | 109 | spin_lock(&key_serial_lock); |
110 | 110 | ||
111 | _p = rb_first(&key_serial_tree); | 111 | _p = rb_first(&key_serial_tree); |
112 | while (pos > 0 && _p) { | 112 | while (pos > 0 && _p) { |
113 | pos--; | 113 | pos--; |
114 | _p = rb_next(_p); | 114 | _p = rb_next(_p); |
115 | } | 115 | } |
116 | 116 | ||
117 | return _p; | 117 | return _p; |
118 | 118 | ||
119 | } | 119 | } |
120 | 120 | ||
121 | static void *proc_keys_next(struct seq_file *p, void *v, loff_t *_pos) | 121 | static void *proc_keys_next(struct seq_file *p, void *v, loff_t *_pos) |
122 | { | 122 | { |
123 | (*_pos)++; | 123 | (*_pos)++; |
124 | return rb_next((struct rb_node *) v); | 124 | return rb_next((struct rb_node *) v); |
125 | 125 | ||
126 | } | 126 | } |
127 | 127 | ||
128 | static void proc_keys_stop(struct seq_file *p, void *v) | 128 | static void proc_keys_stop(struct seq_file *p, void *v) |
129 | { | 129 | { |
130 | spin_unlock(&key_serial_lock); | 130 | spin_unlock(&key_serial_lock); |
131 | } | 131 | } |
132 | 132 | ||
133 | static int proc_keys_show(struct seq_file *m, void *v) | 133 | static int proc_keys_show(struct seq_file *m, void *v) |
134 | { | 134 | { |
135 | struct rb_node *_p = v; | 135 | struct rb_node *_p = v; |
136 | struct key *key = rb_entry(_p, struct key, serial_node); | 136 | struct key *key = rb_entry(_p, struct key, serial_node); |
137 | struct timespec now; | 137 | struct timespec now; |
138 | unsigned long timo; | 138 | unsigned long timo; |
139 | char xbuf[12]; | 139 | char xbuf[12]; |
140 | int rc; | 140 | int rc; |
141 | 141 | ||
142 | /* check whether the current task is allowed to view the key (assuming | 142 | /* check whether the current task is allowed to view the key (assuming |
143 | * non-possession) */ | 143 | * non-possession) */ |
144 | rc = key_task_permission(make_key_ref(key, 0), current, KEY_VIEW); | 144 | rc = key_task_permission(make_key_ref(key, 0), current, KEY_VIEW); |
145 | if (rc < 0) | 145 | if (rc < 0) |
146 | return 0; | 146 | return 0; |
147 | 147 | ||
148 | now = current_kernel_time(); | 148 | now = current_kernel_time(); |
149 | 149 | ||
150 | rcu_read_lock(); | 150 | rcu_read_lock(); |
151 | 151 | ||
152 | /* come up with a suitable timeout value */ | 152 | /* come up with a suitable timeout value */ |
153 | if (key->expiry == 0) { | 153 | if (key->expiry == 0) { |
154 | memcpy(xbuf, "perm", 5); | 154 | memcpy(xbuf, "perm", 5); |
155 | } | 155 | } |
156 | else if (now.tv_sec >= key->expiry) { | 156 | else if (now.tv_sec >= key->expiry) { |
157 | memcpy(xbuf, "expd", 5); | 157 | memcpy(xbuf, "expd", 5); |
158 | } | 158 | } |
159 | else { | 159 | else { |
160 | timo = key->expiry - now.tv_sec; | 160 | timo = key->expiry - now.tv_sec; |
161 | 161 | ||
162 | if (timo < 60) | 162 | if (timo < 60) |
163 | sprintf(xbuf, "%lus", timo); | 163 | sprintf(xbuf, "%lus", timo); |
164 | else if (timo < 60*60) | 164 | else if (timo < 60*60) |
165 | sprintf(xbuf, "%lum", timo / 60); | 165 | sprintf(xbuf, "%lum", timo / 60); |
166 | else if (timo < 60*60*24) | 166 | else if (timo < 60*60*24) |
167 | sprintf(xbuf, "%luh", timo / (60*60)); | 167 | sprintf(xbuf, "%luh", timo / (60*60)); |
168 | else if (timo < 60*60*24*7) | 168 | else if (timo < 60*60*24*7) |
169 | sprintf(xbuf, "%lud", timo / (60*60*24)); | 169 | sprintf(xbuf, "%lud", timo / (60*60*24)); |
170 | else | 170 | else |
171 | sprintf(xbuf, "%luw", timo / (60*60*24*7)); | 171 | sprintf(xbuf, "%luw", timo / (60*60*24*7)); |
172 | } | 172 | } |
173 | 173 | ||
174 | #define showflag(KEY, LETTER, FLAG) \ | 174 | #define showflag(KEY, LETTER, FLAG) \ |
175 | (test_bit(FLAG, &(KEY)->flags) ? LETTER : '-') | 175 | (test_bit(FLAG, &(KEY)->flags) ? LETTER : '-') |
176 | 176 | ||
177 | seq_printf(m, "%08x %c%c%c%c%c%c %5d %4s %08x %5d %5d %-9.9s ", | 177 | seq_printf(m, "%08x %c%c%c%c%c%c %5d %4s %08x %5d %5d %-9.9s ", |
178 | key->serial, | 178 | key->serial, |
179 | showflag(key, 'I', KEY_FLAG_INSTANTIATED), | 179 | showflag(key, 'I', KEY_FLAG_INSTANTIATED), |
180 | showflag(key, 'R', KEY_FLAG_REVOKED), | 180 | showflag(key, 'R', KEY_FLAG_REVOKED), |
181 | showflag(key, 'D', KEY_FLAG_DEAD), | 181 | showflag(key, 'D', KEY_FLAG_DEAD), |
182 | showflag(key, 'Q', KEY_FLAG_IN_QUOTA), | 182 | showflag(key, 'Q', KEY_FLAG_IN_QUOTA), |
183 | showflag(key, 'U', KEY_FLAG_USER_CONSTRUCT), | 183 | showflag(key, 'U', KEY_FLAG_USER_CONSTRUCT), |
184 | showflag(key, 'N', KEY_FLAG_NEGATIVE), | 184 | showflag(key, 'N', KEY_FLAG_NEGATIVE), |
185 | atomic_read(&key->usage), | 185 | atomic_read(&key->usage), |
186 | xbuf, | 186 | xbuf, |
187 | key->perm, | 187 | key->perm, |
188 | key->uid, | 188 | key->uid, |
189 | key->gid, | 189 | key->gid, |
190 | key->type->name); | 190 | key->type->name); |
191 | 191 | ||
192 | #undef showflag | 192 | #undef showflag |
193 | 193 | ||
194 | if (key->type->describe) | 194 | if (key->type->describe) |
195 | key->type->describe(key, m); | 195 | key->type->describe(key, m); |
196 | seq_putc(m, '\n'); | 196 | seq_putc(m, '\n'); |
197 | 197 | ||
198 | rcu_read_unlock(); | 198 | rcu_read_unlock(); |
199 | 199 | ||
200 | return 0; | 200 | return 0; |
201 | 201 | ||
202 | } | 202 | } |
203 | 203 | ||
204 | #endif /* CONFIG_KEYS_DEBUG_PROC_KEYS */ | 204 | #endif /* CONFIG_KEYS_DEBUG_PROC_KEYS */ |
205 | 205 | ||
206 | /*****************************************************************************/ | 206 | /*****************************************************************************/ |
207 | /* | 207 | /* |
208 | * implement "/proc/key-users" to provides a list of the key users | 208 | * implement "/proc/key-users" to provides a list of the key users |
209 | */ | 209 | */ |
210 | static int proc_key_users_open(struct inode *inode, struct file *file) | 210 | static int proc_key_users_open(struct inode *inode, struct file *file) |
211 | { | 211 | { |
212 | return seq_open(file, &proc_key_users_ops); | 212 | return seq_open(file, &proc_key_users_ops); |
213 | 213 | ||
214 | } | 214 | } |
215 | 215 | ||
216 | static void *proc_key_users_start(struct seq_file *p, loff_t *_pos) | 216 | static void *proc_key_users_start(struct seq_file *p, loff_t *_pos) |
217 | { | 217 | { |
218 | struct rb_node *_p; | 218 | struct rb_node *_p; |
219 | loff_t pos = *_pos; | 219 | loff_t pos = *_pos; |
220 | 220 | ||
221 | spin_lock(&key_user_lock); | 221 | spin_lock(&key_user_lock); |
222 | 222 | ||
223 | _p = rb_first(&key_user_tree); | 223 | _p = rb_first(&key_user_tree); |
224 | while (pos > 0 && _p) { | 224 | while (pos > 0 && _p) { |
225 | pos--; | 225 | pos--; |
226 | _p = rb_next(_p); | 226 | _p = rb_next(_p); |
227 | } | 227 | } |
228 | 228 | ||
229 | return _p; | 229 | return _p; |
230 | 230 | ||
231 | } | 231 | } |
232 | 232 | ||
233 | static void *proc_key_users_next(struct seq_file *p, void *v, loff_t *_pos) | 233 | static void *proc_key_users_next(struct seq_file *p, void *v, loff_t *_pos) |
234 | { | 234 | { |
235 | (*_pos)++; | 235 | (*_pos)++; |
236 | return rb_next((struct rb_node *) v); | 236 | return rb_next((struct rb_node *) v); |
237 | 237 | ||
238 | } | 238 | } |
239 | 239 | ||
240 | static void proc_key_users_stop(struct seq_file *p, void *v) | 240 | static void proc_key_users_stop(struct seq_file *p, void *v) |
241 | { | 241 | { |
242 | spin_unlock(&key_user_lock); | 242 | spin_unlock(&key_user_lock); |
243 | } | 243 | } |
244 | 244 | ||
245 | static int proc_key_users_show(struct seq_file *m, void *v) | 245 | static int proc_key_users_show(struct seq_file *m, void *v) |
246 | { | 246 | { |
247 | struct rb_node *_p = v; | 247 | struct rb_node *_p = v; |
248 | struct key_user *user = rb_entry(_p, struct key_user, node); | 248 | struct key_user *user = rb_entry(_p, struct key_user, node); |
249 | 249 | ||
250 | seq_printf(m, "%5u: %5d %d/%d %d/%d %d/%d\n", | 250 | seq_printf(m, "%5u: %5d %d/%d %d/%d %d/%d\n", |
251 | user->uid, | 251 | user->uid, |
252 | atomic_read(&user->usage), | 252 | atomic_read(&user->usage), |
253 | atomic_read(&user->nkeys), | 253 | atomic_read(&user->nkeys), |
254 | atomic_read(&user->nikeys), | 254 | atomic_read(&user->nikeys), |
255 | user->qnkeys, | 255 | user->qnkeys, |
256 | KEYQUOTA_MAX_KEYS, | 256 | KEYQUOTA_MAX_KEYS, |
257 | user->qnbytes, | 257 | user->qnbytes, |
258 | KEYQUOTA_MAX_BYTES | 258 | KEYQUOTA_MAX_BYTES |
259 | ); | 259 | ); |
260 | 260 | ||
261 | return 0; | 261 | return 0; |
262 | 262 | ||
263 | } | 263 | } |
264 | 264 |
security/selinux/selinuxfs.c
1 | /* Updated: Karl MacMillan <kmacmillan@tresys.com> | 1 | /* Updated: Karl MacMillan <kmacmillan@tresys.com> |
2 | * | 2 | * |
3 | * Added conditional policy language extensions | 3 | * Added conditional policy language extensions |
4 | * | 4 | * |
5 | * Copyright (C) 2003 - 2004 Tresys Technology, LLC | 5 | * Copyright (C) 2003 - 2004 Tresys Technology, LLC |
6 | * Copyright (C) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com> | 6 | * Copyright (C) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com> |
7 | * This program is free software; you can redistribute it and/or modify | 7 | * This program is free software; you can redistribute it and/or modify |
8 | * it under the terms of the GNU General Public License as published by | 8 | * it under the terms of the GNU General Public License as published by |
9 | * the Free Software Foundation, version 2. | 9 | * the Free Software Foundation, version 2. |
10 | */ | 10 | */ |
11 | 11 | ||
12 | #include <linux/kernel.h> | 12 | #include <linux/kernel.h> |
13 | #include <linux/pagemap.h> | 13 | #include <linux/pagemap.h> |
14 | #include <linux/slab.h> | 14 | #include <linux/slab.h> |
15 | #include <linux/vmalloc.h> | 15 | #include <linux/vmalloc.h> |
16 | #include <linux/fs.h> | 16 | #include <linux/fs.h> |
17 | #include <linux/mutex.h> | 17 | #include <linux/mutex.h> |
18 | #include <linux/init.h> | 18 | #include <linux/init.h> |
19 | #include <linux/string.h> | 19 | #include <linux/string.h> |
20 | #include <linux/security.h> | 20 | #include <linux/security.h> |
21 | #include <linux/major.h> | 21 | #include <linux/major.h> |
22 | #include <linux/seq_file.h> | 22 | #include <linux/seq_file.h> |
23 | #include <linux/percpu.h> | 23 | #include <linux/percpu.h> |
24 | #include <linux/audit.h> | 24 | #include <linux/audit.h> |
25 | #include <asm/uaccess.h> | 25 | #include <asm/uaccess.h> |
26 | #include <asm/semaphore.h> | 26 | #include <asm/semaphore.h> |
27 | 27 | ||
28 | /* selinuxfs pseudo filesystem for exporting the security policy API. | 28 | /* selinuxfs pseudo filesystem for exporting the security policy API. |
29 | Based on the proc code and the fs/nfsd/nfsctl.c code. */ | 29 | Based on the proc code and the fs/nfsd/nfsctl.c code. */ |
30 | 30 | ||
31 | #include "flask.h" | 31 | #include "flask.h" |
32 | #include "avc.h" | 32 | #include "avc.h" |
33 | #include "avc_ss.h" | 33 | #include "avc_ss.h" |
34 | #include "security.h" | 34 | #include "security.h" |
35 | #include "objsec.h" | 35 | #include "objsec.h" |
36 | #include "conditional.h" | 36 | #include "conditional.h" |
37 | 37 | ||
38 | unsigned int selinux_checkreqprot = CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE; | 38 | unsigned int selinux_checkreqprot = CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE; |
39 | 39 | ||
40 | #ifdef CONFIG_SECURITY_SELINUX_ENABLE_SECMARK_DEFAULT | 40 | #ifdef CONFIG_SECURITY_SELINUX_ENABLE_SECMARK_DEFAULT |
41 | #define SELINUX_COMPAT_NET_VALUE 0 | 41 | #define SELINUX_COMPAT_NET_VALUE 0 |
42 | #else | 42 | #else |
43 | #define SELINUX_COMPAT_NET_VALUE 1 | 43 | #define SELINUX_COMPAT_NET_VALUE 1 |
44 | #endif | 44 | #endif |
45 | 45 | ||
46 | int selinux_compat_net = SELINUX_COMPAT_NET_VALUE; | 46 | int selinux_compat_net = SELINUX_COMPAT_NET_VALUE; |
47 | 47 | ||
48 | static int __init checkreqprot_setup(char *str) | 48 | static int __init checkreqprot_setup(char *str) |
49 | { | 49 | { |
50 | selinux_checkreqprot = simple_strtoul(str,NULL,0) ? 1 : 0; | 50 | selinux_checkreqprot = simple_strtoul(str,NULL,0) ? 1 : 0; |
51 | return 1; | 51 | return 1; |
52 | } | 52 | } |
53 | __setup("checkreqprot=", checkreqprot_setup); | 53 | __setup("checkreqprot=", checkreqprot_setup); |
54 | 54 | ||
55 | static int __init selinux_compat_net_setup(char *str) | 55 | static int __init selinux_compat_net_setup(char *str) |
56 | { | 56 | { |
57 | selinux_compat_net = simple_strtoul(str,NULL,0) ? 1 : 0; | 57 | selinux_compat_net = simple_strtoul(str,NULL,0) ? 1 : 0; |
58 | return 1; | 58 | return 1; |
59 | } | 59 | } |
60 | __setup("selinux_compat_net=", selinux_compat_net_setup); | 60 | __setup("selinux_compat_net=", selinux_compat_net_setup); |
61 | 61 | ||
62 | 62 | ||
63 | static DEFINE_MUTEX(sel_mutex); | 63 | static DEFINE_MUTEX(sel_mutex); |
64 | 64 | ||
65 | /* global data for booleans */ | 65 | /* global data for booleans */ |
66 | static struct dentry *bool_dir = NULL; | 66 | static struct dentry *bool_dir = NULL; |
67 | static int bool_num = 0; | 67 | static int bool_num = 0; |
68 | static char **bool_pending_names; | 68 | static char **bool_pending_names; |
69 | static int *bool_pending_values = NULL; | 69 | static int *bool_pending_values = NULL; |
70 | 70 | ||
71 | /* global data for classes */ | 71 | /* global data for classes */ |
72 | static struct dentry *class_dir = NULL; | 72 | static struct dentry *class_dir = NULL; |
73 | static unsigned long last_class_ino; | 73 | static unsigned long last_class_ino; |
74 | 74 | ||
75 | extern void selnl_notify_setenforce(int val); | 75 | extern void selnl_notify_setenforce(int val); |
76 | 76 | ||
77 | /* Check whether a task is allowed to use a security operation. */ | 77 | /* Check whether a task is allowed to use a security operation. */ |
78 | static int task_has_security(struct task_struct *tsk, | 78 | static int task_has_security(struct task_struct *tsk, |
79 | u32 perms) | 79 | u32 perms) |
80 | { | 80 | { |
81 | struct task_security_struct *tsec; | 81 | struct task_security_struct *tsec; |
82 | 82 | ||
83 | tsec = tsk->security; | 83 | tsec = tsk->security; |
84 | if (!tsec) | 84 | if (!tsec) |
85 | return -EACCES; | 85 | return -EACCES; |
86 | 86 | ||
87 | return avc_has_perm(tsec->sid, SECINITSID_SECURITY, | 87 | return avc_has_perm(tsec->sid, SECINITSID_SECURITY, |
88 | SECCLASS_SECURITY, perms, NULL); | 88 | SECCLASS_SECURITY, perms, NULL); |
89 | } | 89 | } |
90 | 90 | ||
91 | enum sel_inos { | 91 | enum sel_inos { |
92 | SEL_ROOT_INO = 2, | 92 | SEL_ROOT_INO = 2, |
93 | SEL_LOAD, /* load policy */ | 93 | SEL_LOAD, /* load policy */ |
94 | SEL_ENFORCE, /* get or set enforcing status */ | 94 | SEL_ENFORCE, /* get or set enforcing status */ |
95 | SEL_CONTEXT, /* validate context */ | 95 | SEL_CONTEXT, /* validate context */ |
96 | SEL_ACCESS, /* compute access decision */ | 96 | SEL_ACCESS, /* compute access decision */ |
97 | SEL_CREATE, /* compute create labeling decision */ | 97 | SEL_CREATE, /* compute create labeling decision */ |
98 | SEL_RELABEL, /* compute relabeling decision */ | 98 | SEL_RELABEL, /* compute relabeling decision */ |
99 | SEL_USER, /* compute reachable user contexts */ | 99 | SEL_USER, /* compute reachable user contexts */ |
100 | SEL_POLICYVERS, /* return policy version for this kernel */ | 100 | SEL_POLICYVERS, /* return policy version for this kernel */ |
101 | SEL_COMMIT_BOOLS, /* commit new boolean values */ | 101 | SEL_COMMIT_BOOLS, /* commit new boolean values */ |
102 | SEL_MLS, /* return if MLS policy is enabled */ | 102 | SEL_MLS, /* return if MLS policy is enabled */ |
103 | SEL_DISABLE, /* disable SELinux until next reboot */ | 103 | SEL_DISABLE, /* disable SELinux until next reboot */ |
104 | SEL_MEMBER, /* compute polyinstantiation membership decision */ | 104 | SEL_MEMBER, /* compute polyinstantiation membership decision */ |
105 | SEL_CHECKREQPROT, /* check requested protection, not kernel-applied one */ | 105 | SEL_CHECKREQPROT, /* check requested protection, not kernel-applied one */ |
106 | SEL_COMPAT_NET, /* whether to use old compat network packet controls */ | 106 | SEL_COMPAT_NET, /* whether to use old compat network packet controls */ |
107 | SEL_REJECT_UNKNOWN, /* export unknown reject handling to userspace */ | 107 | SEL_REJECT_UNKNOWN, /* export unknown reject handling to userspace */ |
108 | SEL_DENY_UNKNOWN, /* export unknown deny handling to userspace */ | 108 | SEL_DENY_UNKNOWN, /* export unknown deny handling to userspace */ |
109 | SEL_INO_NEXT, /* The next inode number to use */ | 109 | SEL_INO_NEXT, /* The next inode number to use */ |
110 | }; | 110 | }; |
111 | 111 | ||
112 | static unsigned long sel_last_ino = SEL_INO_NEXT - 1; | 112 | static unsigned long sel_last_ino = SEL_INO_NEXT - 1; |
113 | 113 | ||
114 | #define SEL_INITCON_INO_OFFSET 0x01000000 | 114 | #define SEL_INITCON_INO_OFFSET 0x01000000 |
115 | #define SEL_BOOL_INO_OFFSET 0x02000000 | 115 | #define SEL_BOOL_INO_OFFSET 0x02000000 |
116 | #define SEL_CLASS_INO_OFFSET 0x04000000 | 116 | #define SEL_CLASS_INO_OFFSET 0x04000000 |
117 | #define SEL_INO_MASK 0x00ffffff | 117 | #define SEL_INO_MASK 0x00ffffff |
118 | 118 | ||
119 | #define TMPBUFLEN 12 | 119 | #define TMPBUFLEN 12 |
120 | static ssize_t sel_read_enforce(struct file *filp, char __user *buf, | 120 | static ssize_t sel_read_enforce(struct file *filp, char __user *buf, |
121 | size_t count, loff_t *ppos) | 121 | size_t count, loff_t *ppos) |
122 | { | 122 | { |
123 | char tmpbuf[TMPBUFLEN]; | 123 | char tmpbuf[TMPBUFLEN]; |
124 | ssize_t length; | 124 | ssize_t length; |
125 | 125 | ||
126 | length = scnprintf(tmpbuf, TMPBUFLEN, "%d", selinux_enforcing); | 126 | length = scnprintf(tmpbuf, TMPBUFLEN, "%d", selinux_enforcing); |
127 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | 127 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); |
128 | } | 128 | } |
129 | 129 | ||
130 | #ifdef CONFIG_SECURITY_SELINUX_DEVELOP | 130 | #ifdef CONFIG_SECURITY_SELINUX_DEVELOP |
131 | static ssize_t sel_write_enforce(struct file * file, const char __user * buf, | 131 | static ssize_t sel_write_enforce(struct file * file, const char __user * buf, |
132 | size_t count, loff_t *ppos) | 132 | size_t count, loff_t *ppos) |
133 | 133 | ||
134 | { | 134 | { |
135 | char *page; | 135 | char *page; |
136 | ssize_t length; | 136 | ssize_t length; |
137 | int new_value; | 137 | int new_value; |
138 | 138 | ||
139 | if (count >= PAGE_SIZE) | 139 | if (count >= PAGE_SIZE) |
140 | return -ENOMEM; | 140 | return -ENOMEM; |
141 | if (*ppos != 0) { | 141 | if (*ppos != 0) { |
142 | /* No partial writes. */ | 142 | /* No partial writes. */ |
143 | return -EINVAL; | 143 | return -EINVAL; |
144 | } | 144 | } |
145 | page = (char*)get_zeroed_page(GFP_KERNEL); | 145 | page = (char*)get_zeroed_page(GFP_KERNEL); |
146 | if (!page) | 146 | if (!page) |
147 | return -ENOMEM; | 147 | return -ENOMEM; |
148 | length = -EFAULT; | 148 | length = -EFAULT; |
149 | if (copy_from_user(page, buf, count)) | 149 | if (copy_from_user(page, buf, count)) |
150 | goto out; | 150 | goto out; |
151 | 151 | ||
152 | length = -EINVAL; | 152 | length = -EINVAL; |
153 | if (sscanf(page, "%d", &new_value) != 1) | 153 | if (sscanf(page, "%d", &new_value) != 1) |
154 | goto out; | 154 | goto out; |
155 | 155 | ||
156 | if (new_value != selinux_enforcing) { | 156 | if (new_value != selinux_enforcing) { |
157 | length = task_has_security(current, SECURITY__SETENFORCE); | 157 | length = task_has_security(current, SECURITY__SETENFORCE); |
158 | if (length) | 158 | if (length) |
159 | goto out; | 159 | goto out; |
160 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, | 160 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, |
161 | "enforcing=%d old_enforcing=%d auid=%u", new_value, | 161 | "enforcing=%d old_enforcing=%d auid=%u", new_value, |
162 | selinux_enforcing, | 162 | selinux_enforcing, |
163 | audit_get_loginuid(current->audit_context)); | 163 | audit_get_loginuid(current->audit_context)); |
164 | selinux_enforcing = new_value; | 164 | selinux_enforcing = new_value; |
165 | if (selinux_enforcing) | 165 | if (selinux_enforcing) |
166 | avc_ss_reset(0); | 166 | avc_ss_reset(0); |
167 | selnl_notify_setenforce(selinux_enforcing); | 167 | selnl_notify_setenforce(selinux_enforcing); |
168 | } | 168 | } |
169 | length = count; | 169 | length = count; |
170 | out: | 170 | out: |
171 | free_page((unsigned long) page); | 171 | free_page((unsigned long) page); |
172 | return length; | 172 | return length; |
173 | } | 173 | } |
174 | #else | 174 | #else |
175 | #define sel_write_enforce NULL | 175 | #define sel_write_enforce NULL |
176 | #endif | 176 | #endif |
177 | 177 | ||
178 | static const struct file_operations sel_enforce_ops = { | 178 | static const struct file_operations sel_enforce_ops = { |
179 | .read = sel_read_enforce, | 179 | .read = sel_read_enforce, |
180 | .write = sel_write_enforce, | 180 | .write = sel_write_enforce, |
181 | }; | 181 | }; |
182 | 182 | ||
183 | static ssize_t sel_read_handle_unknown(struct file *filp, char __user *buf, | 183 | static ssize_t sel_read_handle_unknown(struct file *filp, char __user *buf, |
184 | size_t count, loff_t *ppos) | 184 | size_t count, loff_t *ppos) |
185 | { | 185 | { |
186 | char tmpbuf[TMPBUFLEN]; | 186 | char tmpbuf[TMPBUFLEN]; |
187 | ssize_t length; | 187 | ssize_t length; |
188 | ino_t ino = filp->f_path.dentry->d_inode->i_ino; | 188 | ino_t ino = filp->f_path.dentry->d_inode->i_ino; |
189 | int handle_unknown = (ino == SEL_REJECT_UNKNOWN) ? | 189 | int handle_unknown = (ino == SEL_REJECT_UNKNOWN) ? |
190 | security_get_reject_unknown() : !security_get_allow_unknown(); | 190 | security_get_reject_unknown() : !security_get_allow_unknown(); |
191 | 191 | ||
192 | length = scnprintf(tmpbuf, TMPBUFLEN, "%d", handle_unknown); | 192 | length = scnprintf(tmpbuf, TMPBUFLEN, "%d", handle_unknown); |
193 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | 193 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); |
194 | } | 194 | } |
195 | 195 | ||
196 | static const struct file_operations sel_handle_unknown_ops = { | 196 | static const struct file_operations sel_handle_unknown_ops = { |
197 | .read = sel_read_handle_unknown, | 197 | .read = sel_read_handle_unknown, |
198 | }; | 198 | }; |
199 | 199 | ||
200 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE | 200 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE |
201 | static ssize_t sel_write_disable(struct file * file, const char __user * buf, | 201 | static ssize_t sel_write_disable(struct file * file, const char __user * buf, |
202 | size_t count, loff_t *ppos) | 202 | size_t count, loff_t *ppos) |
203 | 203 | ||
204 | { | 204 | { |
205 | char *page; | 205 | char *page; |
206 | ssize_t length; | 206 | ssize_t length; |
207 | int new_value; | 207 | int new_value; |
208 | extern int selinux_disable(void); | 208 | extern int selinux_disable(void); |
209 | 209 | ||
210 | if (count >= PAGE_SIZE) | 210 | if (count >= PAGE_SIZE) |
211 | return -ENOMEM; | 211 | return -ENOMEM; |
212 | if (*ppos != 0) { | 212 | if (*ppos != 0) { |
213 | /* No partial writes. */ | 213 | /* No partial writes. */ |
214 | return -EINVAL; | 214 | return -EINVAL; |
215 | } | 215 | } |
216 | page = (char*)get_zeroed_page(GFP_KERNEL); | 216 | page = (char*)get_zeroed_page(GFP_KERNEL); |
217 | if (!page) | 217 | if (!page) |
218 | return -ENOMEM; | 218 | return -ENOMEM; |
219 | length = -EFAULT; | 219 | length = -EFAULT; |
220 | if (copy_from_user(page, buf, count)) | 220 | if (copy_from_user(page, buf, count)) |
221 | goto out; | 221 | goto out; |
222 | 222 | ||
223 | length = -EINVAL; | 223 | length = -EINVAL; |
224 | if (sscanf(page, "%d", &new_value) != 1) | 224 | if (sscanf(page, "%d", &new_value) != 1) |
225 | goto out; | 225 | goto out; |
226 | 226 | ||
227 | if (new_value) { | 227 | if (new_value) { |
228 | length = selinux_disable(); | 228 | length = selinux_disable(); |
229 | if (length < 0) | 229 | if (length < 0) |
230 | goto out; | 230 | goto out; |
231 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, | 231 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_STATUS, |
232 | "selinux=0 auid=%u", | 232 | "selinux=0 auid=%u", |
233 | audit_get_loginuid(current->audit_context)); | 233 | audit_get_loginuid(current->audit_context)); |
234 | } | 234 | } |
235 | 235 | ||
236 | length = count; | 236 | length = count; |
237 | out: | 237 | out: |
238 | free_page((unsigned long) page); | 238 | free_page((unsigned long) page); |
239 | return length; | 239 | return length; |
240 | } | 240 | } |
241 | #else | 241 | #else |
242 | #define sel_write_disable NULL | 242 | #define sel_write_disable NULL |
243 | #endif | 243 | #endif |
244 | 244 | ||
245 | static const struct file_operations sel_disable_ops = { | 245 | static const struct file_operations sel_disable_ops = { |
246 | .write = sel_write_disable, | 246 | .write = sel_write_disable, |
247 | }; | 247 | }; |
248 | 248 | ||
249 | static ssize_t sel_read_policyvers(struct file *filp, char __user *buf, | 249 | static ssize_t sel_read_policyvers(struct file *filp, char __user *buf, |
250 | size_t count, loff_t *ppos) | 250 | size_t count, loff_t *ppos) |
251 | { | 251 | { |
252 | char tmpbuf[TMPBUFLEN]; | 252 | char tmpbuf[TMPBUFLEN]; |
253 | ssize_t length; | 253 | ssize_t length; |
254 | 254 | ||
255 | length = scnprintf(tmpbuf, TMPBUFLEN, "%u", POLICYDB_VERSION_MAX); | 255 | length = scnprintf(tmpbuf, TMPBUFLEN, "%u", POLICYDB_VERSION_MAX); |
256 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | 256 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); |
257 | } | 257 | } |
258 | 258 | ||
259 | static const struct file_operations sel_policyvers_ops = { | 259 | static const struct file_operations sel_policyvers_ops = { |
260 | .read = sel_read_policyvers, | 260 | .read = sel_read_policyvers, |
261 | }; | 261 | }; |
262 | 262 | ||
263 | /* declaration for sel_write_load */ | 263 | /* declaration for sel_write_load */ |
264 | static int sel_make_bools(void); | 264 | static int sel_make_bools(void); |
265 | static int sel_make_classes(void); | 265 | static int sel_make_classes(void); |
266 | 266 | ||
267 | /* declaration for sel_make_class_dirs */ | 267 | /* declaration for sel_make_class_dirs */ |
268 | static int sel_make_dir(struct inode *dir, struct dentry *dentry, | 268 | static int sel_make_dir(struct inode *dir, struct dentry *dentry, |
269 | unsigned long *ino); | 269 | unsigned long *ino); |
270 | 270 | ||
271 | static ssize_t sel_read_mls(struct file *filp, char __user *buf, | 271 | static ssize_t sel_read_mls(struct file *filp, char __user *buf, |
272 | size_t count, loff_t *ppos) | 272 | size_t count, loff_t *ppos) |
273 | { | 273 | { |
274 | char tmpbuf[TMPBUFLEN]; | 274 | char tmpbuf[TMPBUFLEN]; |
275 | ssize_t length; | 275 | ssize_t length; |
276 | 276 | ||
277 | length = scnprintf(tmpbuf, TMPBUFLEN, "%d", selinux_mls_enabled); | 277 | length = scnprintf(tmpbuf, TMPBUFLEN, "%d", selinux_mls_enabled); |
278 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | 278 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); |
279 | } | 279 | } |
280 | 280 | ||
281 | static const struct file_operations sel_mls_ops = { | 281 | static const struct file_operations sel_mls_ops = { |
282 | .read = sel_read_mls, | 282 | .read = sel_read_mls, |
283 | }; | 283 | }; |
284 | 284 | ||
285 | static ssize_t sel_write_load(struct file * file, const char __user * buf, | 285 | static ssize_t sel_write_load(struct file * file, const char __user * buf, |
286 | size_t count, loff_t *ppos) | 286 | size_t count, loff_t *ppos) |
287 | 287 | ||
288 | { | 288 | { |
289 | int ret; | 289 | int ret; |
290 | ssize_t length; | 290 | ssize_t length; |
291 | void *data = NULL; | 291 | void *data = NULL; |
292 | 292 | ||
293 | mutex_lock(&sel_mutex); | 293 | mutex_lock(&sel_mutex); |
294 | 294 | ||
295 | length = task_has_security(current, SECURITY__LOAD_POLICY); | 295 | length = task_has_security(current, SECURITY__LOAD_POLICY); |
296 | if (length) | 296 | if (length) |
297 | goto out; | 297 | goto out; |
298 | 298 | ||
299 | if (*ppos != 0) { | 299 | if (*ppos != 0) { |
300 | /* No partial writes. */ | 300 | /* No partial writes. */ |
301 | length = -EINVAL; | 301 | length = -EINVAL; |
302 | goto out; | 302 | goto out; |
303 | } | 303 | } |
304 | 304 | ||
305 | if ((count > 64 * 1024 * 1024) | 305 | if ((count > 64 * 1024 * 1024) |
306 | || (data = vmalloc(count)) == NULL) { | 306 | || (data = vmalloc(count)) == NULL) { |
307 | length = -ENOMEM; | 307 | length = -ENOMEM; |
308 | goto out; | 308 | goto out; |
309 | } | 309 | } |
310 | 310 | ||
311 | length = -EFAULT; | 311 | length = -EFAULT; |
312 | if (copy_from_user(data, buf, count) != 0) | 312 | if (copy_from_user(data, buf, count) != 0) |
313 | goto out; | 313 | goto out; |
314 | 314 | ||
315 | length = security_load_policy(data, count); | 315 | length = security_load_policy(data, count); |
316 | if (length) | 316 | if (length) |
317 | goto out; | 317 | goto out; |
318 | 318 | ||
319 | ret = sel_make_bools(); | 319 | ret = sel_make_bools(); |
320 | if (ret) { | 320 | if (ret) { |
321 | length = ret; | 321 | length = ret; |
322 | goto out1; | 322 | goto out1; |
323 | } | 323 | } |
324 | 324 | ||
325 | ret = sel_make_classes(); | 325 | ret = sel_make_classes(); |
326 | if (ret) | 326 | if (ret) |
327 | length = ret; | 327 | length = ret; |
328 | else | 328 | else |
329 | length = count; | 329 | length = count; |
330 | 330 | ||
331 | out1: | 331 | out1: |
332 | 332 | ||
333 | printk(KERN_INFO "SELinux: policy loaded with handle_unknown=%s\n", | 333 | printk(KERN_INFO "SELinux: policy loaded with handle_unknown=%s\n", |
334 | (security_get_reject_unknown() ? "reject" : | 334 | (security_get_reject_unknown() ? "reject" : |
335 | (security_get_allow_unknown() ? "allow" : "deny"))); | 335 | (security_get_allow_unknown() ? "allow" : "deny"))); |
336 | 336 | ||
337 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD, | 337 | audit_log(current->audit_context, GFP_KERNEL, AUDIT_MAC_POLICY_LOAD, |
338 | "policy loaded auid=%u", | 338 | "policy loaded auid=%u", |
339 | audit_get_loginuid(current->audit_context)); | 339 | audit_get_loginuid(current->audit_context)); |
340 | out: | 340 | out: |
341 | mutex_unlock(&sel_mutex); | 341 | mutex_unlock(&sel_mutex); |
342 | vfree(data); | 342 | vfree(data); |
343 | return length; | 343 | return length; |
344 | } | 344 | } |
345 | 345 | ||
346 | static const struct file_operations sel_load_ops = { | 346 | static const struct file_operations sel_load_ops = { |
347 | .write = sel_write_load, | 347 | .write = sel_write_load, |
348 | }; | 348 | }; |
349 | 349 | ||
350 | static ssize_t sel_write_context(struct file * file, char *buf, size_t size) | 350 | static ssize_t sel_write_context(struct file * file, char *buf, size_t size) |
351 | { | 351 | { |
352 | char *canon; | 352 | char *canon; |
353 | u32 sid, len; | 353 | u32 sid, len; |
354 | ssize_t length; | 354 | ssize_t length; |
355 | 355 | ||
356 | length = task_has_security(current, SECURITY__CHECK_CONTEXT); | 356 | length = task_has_security(current, SECURITY__CHECK_CONTEXT); |
357 | if (length) | 357 | if (length) |
358 | return length; | 358 | return length; |
359 | 359 | ||
360 | length = security_context_to_sid(buf, size, &sid); | 360 | length = security_context_to_sid(buf, size, &sid); |
361 | if (length < 0) | 361 | if (length < 0) |
362 | return length; | 362 | return length; |
363 | 363 | ||
364 | length = security_sid_to_context(sid, &canon, &len); | 364 | length = security_sid_to_context(sid, &canon, &len); |
365 | if (length < 0) | 365 | if (length < 0) |
366 | return length; | 366 | return length; |
367 | 367 | ||
368 | if (len > SIMPLE_TRANSACTION_LIMIT) { | 368 | if (len > SIMPLE_TRANSACTION_LIMIT) { |
369 | printk(KERN_ERR "%s: context size (%u) exceeds payload " | 369 | printk(KERN_ERR "%s: context size (%u) exceeds payload " |
370 | "max\n", __FUNCTION__, len); | 370 | "max\n", __FUNCTION__, len); |
371 | length = -ERANGE; | 371 | length = -ERANGE; |
372 | goto out; | 372 | goto out; |
373 | } | 373 | } |
374 | 374 | ||
375 | memcpy(buf, canon, len); | 375 | memcpy(buf, canon, len); |
376 | length = len; | 376 | length = len; |
377 | out: | 377 | out: |
378 | kfree(canon); | 378 | kfree(canon); |
379 | return length; | 379 | return length; |
380 | } | 380 | } |
381 | 381 | ||
382 | static ssize_t sel_read_checkreqprot(struct file *filp, char __user *buf, | 382 | static ssize_t sel_read_checkreqprot(struct file *filp, char __user *buf, |
383 | size_t count, loff_t *ppos) | 383 | size_t count, loff_t *ppos) |
384 | { | 384 | { |
385 | char tmpbuf[TMPBUFLEN]; | 385 | char tmpbuf[TMPBUFLEN]; |
386 | ssize_t length; | 386 | ssize_t length; |
387 | 387 | ||
388 | length = scnprintf(tmpbuf, TMPBUFLEN, "%u", selinux_checkreqprot); | 388 | length = scnprintf(tmpbuf, TMPBUFLEN, "%u", selinux_checkreqprot); |
389 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | 389 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); |
390 | } | 390 | } |
391 | 391 | ||
392 | static ssize_t sel_write_checkreqprot(struct file * file, const char __user * buf, | 392 | static ssize_t sel_write_checkreqprot(struct file * file, const char __user * buf, |
393 | size_t count, loff_t *ppos) | 393 | size_t count, loff_t *ppos) |
394 | { | 394 | { |
395 | char *page; | 395 | char *page; |
396 | ssize_t length; | 396 | ssize_t length; |
397 | unsigned int new_value; | 397 | unsigned int new_value; |
398 | 398 | ||
399 | length = task_has_security(current, SECURITY__SETCHECKREQPROT); | 399 | length = task_has_security(current, SECURITY__SETCHECKREQPROT); |
400 | if (length) | 400 | if (length) |
401 | return length; | 401 | return length; |
402 | 402 | ||
403 | if (count >= PAGE_SIZE) | 403 | if (count >= PAGE_SIZE) |
404 | return -ENOMEM; | 404 | return -ENOMEM; |
405 | if (*ppos != 0) { | 405 | if (*ppos != 0) { |
406 | /* No partial writes. */ | 406 | /* No partial writes. */ |
407 | return -EINVAL; | 407 | return -EINVAL; |
408 | } | 408 | } |
409 | page = (char*)get_zeroed_page(GFP_KERNEL); | 409 | page = (char*)get_zeroed_page(GFP_KERNEL); |
410 | if (!page) | 410 | if (!page) |
411 | return -ENOMEM; | 411 | return -ENOMEM; |
412 | length = -EFAULT; | 412 | length = -EFAULT; |
413 | if (copy_from_user(page, buf, count)) | 413 | if (copy_from_user(page, buf, count)) |
414 | goto out; | 414 | goto out; |
415 | 415 | ||
416 | length = -EINVAL; | 416 | length = -EINVAL; |
417 | if (sscanf(page, "%u", &new_value) != 1) | 417 | if (sscanf(page, "%u", &new_value) != 1) |
418 | goto out; | 418 | goto out; |
419 | 419 | ||
420 | selinux_checkreqprot = new_value ? 1 : 0; | 420 | selinux_checkreqprot = new_value ? 1 : 0; |
421 | length = count; | 421 | length = count; |
422 | out: | 422 | out: |
423 | free_page((unsigned long) page); | 423 | free_page((unsigned long) page); |
424 | return length; | 424 | return length; |
425 | } | 425 | } |
426 | static const struct file_operations sel_checkreqprot_ops = { | 426 | static const struct file_operations sel_checkreqprot_ops = { |
427 | .read = sel_read_checkreqprot, | 427 | .read = sel_read_checkreqprot, |
428 | .write = sel_write_checkreqprot, | 428 | .write = sel_write_checkreqprot, |
429 | }; | 429 | }; |
430 | 430 | ||
431 | static ssize_t sel_read_compat_net(struct file *filp, char __user *buf, | 431 | static ssize_t sel_read_compat_net(struct file *filp, char __user *buf, |
432 | size_t count, loff_t *ppos) | 432 | size_t count, loff_t *ppos) |
433 | { | 433 | { |
434 | char tmpbuf[TMPBUFLEN]; | 434 | char tmpbuf[TMPBUFLEN]; |
435 | ssize_t length; | 435 | ssize_t length; |
436 | 436 | ||
437 | length = scnprintf(tmpbuf, TMPBUFLEN, "%d", selinux_compat_net); | 437 | length = scnprintf(tmpbuf, TMPBUFLEN, "%d", selinux_compat_net); |
438 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | 438 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); |
439 | } | 439 | } |
440 | 440 | ||
441 | static ssize_t sel_write_compat_net(struct file * file, const char __user * buf, | 441 | static ssize_t sel_write_compat_net(struct file * file, const char __user * buf, |
442 | size_t count, loff_t *ppos) | 442 | size_t count, loff_t *ppos) |
443 | { | 443 | { |
444 | char *page; | 444 | char *page; |
445 | ssize_t length; | 445 | ssize_t length; |
446 | int new_value; | 446 | int new_value; |
447 | 447 | ||
448 | length = task_has_security(current, SECURITY__LOAD_POLICY); | 448 | length = task_has_security(current, SECURITY__LOAD_POLICY); |
449 | if (length) | 449 | if (length) |
450 | return length; | 450 | return length; |
451 | 451 | ||
452 | if (count >= PAGE_SIZE) | 452 | if (count >= PAGE_SIZE) |
453 | return -ENOMEM; | 453 | return -ENOMEM; |
454 | if (*ppos != 0) { | 454 | if (*ppos != 0) { |
455 | /* No partial writes. */ | 455 | /* No partial writes. */ |
456 | return -EINVAL; | 456 | return -EINVAL; |
457 | } | 457 | } |
458 | page = (char*)get_zeroed_page(GFP_KERNEL); | 458 | page = (char*)get_zeroed_page(GFP_KERNEL); |
459 | if (!page) | 459 | if (!page) |
460 | return -ENOMEM; | 460 | return -ENOMEM; |
461 | length = -EFAULT; | 461 | length = -EFAULT; |
462 | if (copy_from_user(page, buf, count)) | 462 | if (copy_from_user(page, buf, count)) |
463 | goto out; | 463 | goto out; |
464 | 464 | ||
465 | length = -EINVAL; | 465 | length = -EINVAL; |
466 | if (sscanf(page, "%d", &new_value) != 1) | 466 | if (sscanf(page, "%d", &new_value) != 1) |
467 | goto out; | 467 | goto out; |
468 | 468 | ||
469 | selinux_compat_net = new_value ? 1 : 0; | 469 | selinux_compat_net = new_value ? 1 : 0; |
470 | length = count; | 470 | length = count; |
471 | out: | 471 | out: |
472 | free_page((unsigned long) page); | 472 | free_page((unsigned long) page); |
473 | return length; | 473 | return length; |
474 | } | 474 | } |
475 | static const struct file_operations sel_compat_net_ops = { | 475 | static const struct file_operations sel_compat_net_ops = { |
476 | .read = sel_read_compat_net, | 476 | .read = sel_read_compat_net, |
477 | .write = sel_write_compat_net, | 477 | .write = sel_write_compat_net, |
478 | }; | 478 | }; |
479 | 479 | ||
480 | /* | 480 | /* |
481 | * Remaining nodes use transaction based IO methods like nfsd/nfsctl.c | 481 | * Remaining nodes use transaction based IO methods like nfsd/nfsctl.c |
482 | */ | 482 | */ |
483 | static ssize_t sel_write_access(struct file * file, char *buf, size_t size); | 483 | static ssize_t sel_write_access(struct file * file, char *buf, size_t size); |
484 | static ssize_t sel_write_create(struct file * file, char *buf, size_t size); | 484 | static ssize_t sel_write_create(struct file * file, char *buf, size_t size); |
485 | static ssize_t sel_write_relabel(struct file * file, char *buf, size_t size); | 485 | static ssize_t sel_write_relabel(struct file * file, char *buf, size_t size); |
486 | static ssize_t sel_write_user(struct file * file, char *buf, size_t size); | 486 | static ssize_t sel_write_user(struct file * file, char *buf, size_t size); |
487 | static ssize_t sel_write_member(struct file * file, char *buf, size_t size); | 487 | static ssize_t sel_write_member(struct file * file, char *buf, size_t size); |
488 | 488 | ||
489 | static ssize_t (*write_op[])(struct file *, char *, size_t) = { | 489 | static ssize_t (*write_op[])(struct file *, char *, size_t) = { |
490 | [SEL_ACCESS] = sel_write_access, | 490 | [SEL_ACCESS] = sel_write_access, |
491 | [SEL_CREATE] = sel_write_create, | 491 | [SEL_CREATE] = sel_write_create, |
492 | [SEL_RELABEL] = sel_write_relabel, | 492 | [SEL_RELABEL] = sel_write_relabel, |
493 | [SEL_USER] = sel_write_user, | 493 | [SEL_USER] = sel_write_user, |
494 | [SEL_MEMBER] = sel_write_member, | 494 | [SEL_MEMBER] = sel_write_member, |
495 | [SEL_CONTEXT] = sel_write_context, | 495 | [SEL_CONTEXT] = sel_write_context, |
496 | }; | 496 | }; |
497 | 497 | ||
498 | static ssize_t selinux_transaction_write(struct file *file, const char __user *buf, size_t size, loff_t *pos) | 498 | static ssize_t selinux_transaction_write(struct file *file, const char __user *buf, size_t size, loff_t *pos) |
499 | { | 499 | { |
500 | ino_t ino = file->f_path.dentry->d_inode->i_ino; | 500 | ino_t ino = file->f_path.dentry->d_inode->i_ino; |
501 | char *data; | 501 | char *data; |
502 | ssize_t rv; | 502 | ssize_t rv; |
503 | 503 | ||
504 | if (ino >= ARRAY_SIZE(write_op) || !write_op[ino]) | 504 | if (ino >= ARRAY_SIZE(write_op) || !write_op[ino]) |
505 | return -EINVAL; | 505 | return -EINVAL; |
506 | 506 | ||
507 | data = simple_transaction_get(file, buf, size); | 507 | data = simple_transaction_get(file, buf, size); |
508 | if (IS_ERR(data)) | 508 | if (IS_ERR(data)) |
509 | return PTR_ERR(data); | 509 | return PTR_ERR(data); |
510 | 510 | ||
511 | rv = write_op[ino](file, data, size); | 511 | rv = write_op[ino](file, data, size); |
512 | if (rv>0) { | 512 | if (rv>0) { |
513 | simple_transaction_set(file, rv); | 513 | simple_transaction_set(file, rv); |
514 | rv = size; | 514 | rv = size; |
515 | } | 515 | } |
516 | return rv; | 516 | return rv; |
517 | } | 517 | } |
518 | 518 | ||
519 | static const struct file_operations transaction_ops = { | 519 | static const struct file_operations transaction_ops = { |
520 | .write = selinux_transaction_write, | 520 | .write = selinux_transaction_write, |
521 | .read = simple_transaction_read, | 521 | .read = simple_transaction_read, |
522 | .release = simple_transaction_release, | 522 | .release = simple_transaction_release, |
523 | }; | 523 | }; |
524 | 524 | ||
525 | /* | 525 | /* |
526 | * payload - write methods | 526 | * payload - write methods |
527 | * If the method has a response, the response should be put in buf, | 527 | * If the method has a response, the response should be put in buf, |
528 | * and the length returned. Otherwise return 0 or and -error. | 528 | * and the length returned. Otherwise return 0 or and -error. |
529 | */ | 529 | */ |
530 | 530 | ||
531 | static ssize_t sel_write_access(struct file * file, char *buf, size_t size) | 531 | static ssize_t sel_write_access(struct file * file, char *buf, size_t size) |
532 | { | 532 | { |
533 | char *scon, *tcon; | 533 | char *scon, *tcon; |
534 | u32 ssid, tsid; | 534 | u32 ssid, tsid; |
535 | u16 tclass; | 535 | u16 tclass; |
536 | u32 req; | 536 | u32 req; |
537 | struct av_decision avd; | 537 | struct av_decision avd; |
538 | ssize_t length; | 538 | ssize_t length; |
539 | 539 | ||
540 | length = task_has_security(current, SECURITY__COMPUTE_AV); | 540 | length = task_has_security(current, SECURITY__COMPUTE_AV); |
541 | if (length) | 541 | if (length) |
542 | return length; | 542 | return length; |
543 | 543 | ||
544 | length = -ENOMEM; | 544 | length = -ENOMEM; |
545 | scon = kzalloc(size+1, GFP_KERNEL); | 545 | scon = kzalloc(size+1, GFP_KERNEL); |
546 | if (!scon) | 546 | if (!scon) |
547 | return length; | 547 | return length; |
548 | 548 | ||
549 | tcon = kzalloc(size+1, GFP_KERNEL); | 549 | tcon = kzalloc(size+1, GFP_KERNEL); |
550 | if (!tcon) | 550 | if (!tcon) |
551 | goto out; | 551 | goto out; |
552 | 552 | ||
553 | length = -EINVAL; | 553 | length = -EINVAL; |
554 | if (sscanf(buf, "%s %s %hu %x", scon, tcon, &tclass, &req) != 4) | 554 | if (sscanf(buf, "%s %s %hu %x", scon, tcon, &tclass, &req) != 4) |
555 | goto out2; | 555 | goto out2; |
556 | 556 | ||
557 | length = security_context_to_sid(scon, strlen(scon)+1, &ssid); | 557 | length = security_context_to_sid(scon, strlen(scon)+1, &ssid); |
558 | if (length < 0) | 558 | if (length < 0) |
559 | goto out2; | 559 | goto out2; |
560 | length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); | 560 | length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); |
561 | if (length < 0) | 561 | if (length < 0) |
562 | goto out2; | 562 | goto out2; |
563 | 563 | ||
564 | length = security_compute_av(ssid, tsid, tclass, req, &avd); | 564 | length = security_compute_av(ssid, tsid, tclass, req, &avd); |
565 | if (length < 0) | 565 | if (length < 0) |
566 | goto out2; | 566 | goto out2; |
567 | 567 | ||
568 | length = scnprintf(buf, SIMPLE_TRANSACTION_LIMIT, | 568 | length = scnprintf(buf, SIMPLE_TRANSACTION_LIMIT, |
569 | "%x %x %x %x %u", | 569 | "%x %x %x %x %u", |
570 | avd.allowed, avd.decided, | 570 | avd.allowed, avd.decided, |
571 | avd.auditallow, avd.auditdeny, | 571 | avd.auditallow, avd.auditdeny, |
572 | avd.seqno); | 572 | avd.seqno); |
573 | out2: | 573 | out2: |
574 | kfree(tcon); | 574 | kfree(tcon); |
575 | out: | 575 | out: |
576 | kfree(scon); | 576 | kfree(scon); |
577 | return length; | 577 | return length; |
578 | } | 578 | } |
579 | 579 | ||
580 | static ssize_t sel_write_create(struct file * file, char *buf, size_t size) | 580 | static ssize_t sel_write_create(struct file * file, char *buf, size_t size) |
581 | { | 581 | { |
582 | char *scon, *tcon; | 582 | char *scon, *tcon; |
583 | u32 ssid, tsid, newsid; | 583 | u32 ssid, tsid, newsid; |
584 | u16 tclass; | 584 | u16 tclass; |
585 | ssize_t length; | 585 | ssize_t length; |
586 | char *newcon; | 586 | char *newcon; |
587 | u32 len; | 587 | u32 len; |
588 | 588 | ||
589 | length = task_has_security(current, SECURITY__COMPUTE_CREATE); | 589 | length = task_has_security(current, SECURITY__COMPUTE_CREATE); |
590 | if (length) | 590 | if (length) |
591 | return length; | 591 | return length; |
592 | 592 | ||
593 | length = -ENOMEM; | 593 | length = -ENOMEM; |
594 | scon = kzalloc(size+1, GFP_KERNEL); | 594 | scon = kzalloc(size+1, GFP_KERNEL); |
595 | if (!scon) | 595 | if (!scon) |
596 | return length; | 596 | return length; |
597 | 597 | ||
598 | tcon = kzalloc(size+1, GFP_KERNEL); | 598 | tcon = kzalloc(size+1, GFP_KERNEL); |
599 | if (!tcon) | 599 | if (!tcon) |
600 | goto out; | 600 | goto out; |
601 | 601 | ||
602 | length = -EINVAL; | 602 | length = -EINVAL; |
603 | if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) | 603 | if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) |
604 | goto out2; | 604 | goto out2; |
605 | 605 | ||
606 | length = security_context_to_sid(scon, strlen(scon)+1, &ssid); | 606 | length = security_context_to_sid(scon, strlen(scon)+1, &ssid); |
607 | if (length < 0) | 607 | if (length < 0) |
608 | goto out2; | 608 | goto out2; |
609 | length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); | 609 | length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); |
610 | if (length < 0) | 610 | if (length < 0) |
611 | goto out2; | 611 | goto out2; |
612 | 612 | ||
613 | length = security_transition_sid(ssid, tsid, tclass, &newsid); | 613 | length = security_transition_sid(ssid, tsid, tclass, &newsid); |
614 | if (length < 0) | 614 | if (length < 0) |
615 | goto out2; | 615 | goto out2; |
616 | 616 | ||
617 | length = security_sid_to_context(newsid, &newcon, &len); | 617 | length = security_sid_to_context(newsid, &newcon, &len); |
618 | if (length < 0) | 618 | if (length < 0) |
619 | goto out2; | 619 | goto out2; |
620 | 620 | ||
621 | if (len > SIMPLE_TRANSACTION_LIMIT) { | 621 | if (len > SIMPLE_TRANSACTION_LIMIT) { |
622 | printk(KERN_ERR "%s: context size (%u) exceeds payload " | 622 | printk(KERN_ERR "%s: context size (%u) exceeds payload " |
623 | "max\n", __FUNCTION__, len); | 623 | "max\n", __FUNCTION__, len); |
624 | length = -ERANGE; | 624 | length = -ERANGE; |
625 | goto out3; | 625 | goto out3; |
626 | } | 626 | } |
627 | 627 | ||
628 | memcpy(buf, newcon, len); | 628 | memcpy(buf, newcon, len); |
629 | length = len; | 629 | length = len; |
630 | out3: | 630 | out3: |
631 | kfree(newcon); | 631 | kfree(newcon); |
632 | out2: | 632 | out2: |
633 | kfree(tcon); | 633 | kfree(tcon); |
634 | out: | 634 | out: |
635 | kfree(scon); | 635 | kfree(scon); |
636 | return length; | 636 | return length; |
637 | } | 637 | } |
638 | 638 | ||
639 | static ssize_t sel_write_relabel(struct file * file, char *buf, size_t size) | 639 | static ssize_t sel_write_relabel(struct file * file, char *buf, size_t size) |
640 | { | 640 | { |
641 | char *scon, *tcon; | 641 | char *scon, *tcon; |
642 | u32 ssid, tsid, newsid; | 642 | u32 ssid, tsid, newsid; |
643 | u16 tclass; | 643 | u16 tclass; |
644 | ssize_t length; | 644 | ssize_t length; |
645 | char *newcon; | 645 | char *newcon; |
646 | u32 len; | 646 | u32 len; |
647 | 647 | ||
648 | length = task_has_security(current, SECURITY__COMPUTE_RELABEL); | 648 | length = task_has_security(current, SECURITY__COMPUTE_RELABEL); |
649 | if (length) | 649 | if (length) |
650 | return length; | 650 | return length; |
651 | 651 | ||
652 | length = -ENOMEM; | 652 | length = -ENOMEM; |
653 | scon = kzalloc(size+1, GFP_KERNEL); | 653 | scon = kzalloc(size+1, GFP_KERNEL); |
654 | if (!scon) | 654 | if (!scon) |
655 | return length; | 655 | return length; |
656 | 656 | ||
657 | tcon = kzalloc(size+1, GFP_KERNEL); | 657 | tcon = kzalloc(size+1, GFP_KERNEL); |
658 | if (!tcon) | 658 | if (!tcon) |
659 | goto out; | 659 | goto out; |
660 | 660 | ||
661 | length = -EINVAL; | 661 | length = -EINVAL; |
662 | if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) | 662 | if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) |
663 | goto out2; | 663 | goto out2; |
664 | 664 | ||
665 | length = security_context_to_sid(scon, strlen(scon)+1, &ssid); | 665 | length = security_context_to_sid(scon, strlen(scon)+1, &ssid); |
666 | if (length < 0) | 666 | if (length < 0) |
667 | goto out2; | 667 | goto out2; |
668 | length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); | 668 | length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); |
669 | if (length < 0) | 669 | if (length < 0) |
670 | goto out2; | 670 | goto out2; |
671 | 671 | ||
672 | length = security_change_sid(ssid, tsid, tclass, &newsid); | 672 | length = security_change_sid(ssid, tsid, tclass, &newsid); |
673 | if (length < 0) | 673 | if (length < 0) |
674 | goto out2; | 674 | goto out2; |
675 | 675 | ||
676 | length = security_sid_to_context(newsid, &newcon, &len); | 676 | length = security_sid_to_context(newsid, &newcon, &len); |
677 | if (length < 0) | 677 | if (length < 0) |
678 | goto out2; | 678 | goto out2; |
679 | 679 | ||
680 | if (len > SIMPLE_TRANSACTION_LIMIT) { | 680 | if (len > SIMPLE_TRANSACTION_LIMIT) { |
681 | length = -ERANGE; | 681 | length = -ERANGE; |
682 | goto out3; | 682 | goto out3; |
683 | } | 683 | } |
684 | 684 | ||
685 | memcpy(buf, newcon, len); | 685 | memcpy(buf, newcon, len); |
686 | length = len; | 686 | length = len; |
687 | out3: | 687 | out3: |
688 | kfree(newcon); | 688 | kfree(newcon); |
689 | out2: | 689 | out2: |
690 | kfree(tcon); | 690 | kfree(tcon); |
691 | out: | 691 | out: |
692 | kfree(scon); | 692 | kfree(scon); |
693 | return length; | 693 | return length; |
694 | } | 694 | } |
695 | 695 | ||
696 | static ssize_t sel_write_user(struct file * file, char *buf, size_t size) | 696 | static ssize_t sel_write_user(struct file * file, char *buf, size_t size) |
697 | { | 697 | { |
698 | char *con, *user, *ptr; | 698 | char *con, *user, *ptr; |
699 | u32 sid, *sids; | 699 | u32 sid, *sids; |
700 | ssize_t length; | 700 | ssize_t length; |
701 | char *newcon; | 701 | char *newcon; |
702 | int i, rc; | 702 | int i, rc; |
703 | u32 len, nsids; | 703 | u32 len, nsids; |
704 | 704 | ||
705 | length = task_has_security(current, SECURITY__COMPUTE_USER); | 705 | length = task_has_security(current, SECURITY__COMPUTE_USER); |
706 | if (length) | 706 | if (length) |
707 | return length; | 707 | return length; |
708 | 708 | ||
709 | length = -ENOMEM; | 709 | length = -ENOMEM; |
710 | con = kzalloc(size+1, GFP_KERNEL); | 710 | con = kzalloc(size+1, GFP_KERNEL); |
711 | if (!con) | 711 | if (!con) |
712 | return length; | 712 | return length; |
713 | 713 | ||
714 | user = kzalloc(size+1, GFP_KERNEL); | 714 | user = kzalloc(size+1, GFP_KERNEL); |
715 | if (!user) | 715 | if (!user) |
716 | goto out; | 716 | goto out; |
717 | 717 | ||
718 | length = -EINVAL; | 718 | length = -EINVAL; |
719 | if (sscanf(buf, "%s %s", con, user) != 2) | 719 | if (sscanf(buf, "%s %s", con, user) != 2) |
720 | goto out2; | 720 | goto out2; |
721 | 721 | ||
722 | length = security_context_to_sid(con, strlen(con)+1, &sid); | 722 | length = security_context_to_sid(con, strlen(con)+1, &sid); |
723 | if (length < 0) | 723 | if (length < 0) |
724 | goto out2; | 724 | goto out2; |
725 | 725 | ||
726 | length = security_get_user_sids(sid, user, &sids, &nsids); | 726 | length = security_get_user_sids(sid, user, &sids, &nsids); |
727 | if (length < 0) | 727 | if (length < 0) |
728 | goto out2; | 728 | goto out2; |
729 | 729 | ||
730 | length = sprintf(buf, "%u", nsids) + 1; | 730 | length = sprintf(buf, "%u", nsids) + 1; |
731 | ptr = buf + length; | 731 | ptr = buf + length; |
732 | for (i = 0; i < nsids; i++) { | 732 | for (i = 0; i < nsids; i++) { |
733 | rc = security_sid_to_context(sids[i], &newcon, &len); | 733 | rc = security_sid_to_context(sids[i], &newcon, &len); |
734 | if (rc) { | 734 | if (rc) { |
735 | length = rc; | 735 | length = rc; |
736 | goto out3; | 736 | goto out3; |
737 | } | 737 | } |
738 | if ((length + len) >= SIMPLE_TRANSACTION_LIMIT) { | 738 | if ((length + len) >= SIMPLE_TRANSACTION_LIMIT) { |
739 | kfree(newcon); | 739 | kfree(newcon); |
740 | length = -ERANGE; | 740 | length = -ERANGE; |
741 | goto out3; | 741 | goto out3; |
742 | } | 742 | } |
743 | memcpy(ptr, newcon, len); | 743 | memcpy(ptr, newcon, len); |
744 | kfree(newcon); | 744 | kfree(newcon); |
745 | ptr += len; | 745 | ptr += len; |
746 | length += len; | 746 | length += len; |
747 | } | 747 | } |
748 | out3: | 748 | out3: |
749 | kfree(sids); | 749 | kfree(sids); |
750 | out2: | 750 | out2: |
751 | kfree(user); | 751 | kfree(user); |
752 | out: | 752 | out: |
753 | kfree(con); | 753 | kfree(con); |
754 | return length; | 754 | return length; |
755 | } | 755 | } |
756 | 756 | ||
757 | static ssize_t sel_write_member(struct file * file, char *buf, size_t size) | 757 | static ssize_t sel_write_member(struct file * file, char *buf, size_t size) |
758 | { | 758 | { |
759 | char *scon, *tcon; | 759 | char *scon, *tcon; |
760 | u32 ssid, tsid, newsid; | 760 | u32 ssid, tsid, newsid; |
761 | u16 tclass; | 761 | u16 tclass; |
762 | ssize_t length; | 762 | ssize_t length; |
763 | char *newcon; | 763 | char *newcon; |
764 | u32 len; | 764 | u32 len; |
765 | 765 | ||
766 | length = task_has_security(current, SECURITY__COMPUTE_MEMBER); | 766 | length = task_has_security(current, SECURITY__COMPUTE_MEMBER); |
767 | if (length) | 767 | if (length) |
768 | return length; | 768 | return length; |
769 | 769 | ||
770 | length = -ENOMEM; | 770 | length = -ENOMEM; |
771 | scon = kzalloc(size+1, GFP_KERNEL); | 771 | scon = kzalloc(size+1, GFP_KERNEL); |
772 | if (!scon) | 772 | if (!scon) |
773 | return length; | 773 | return length; |
774 | 774 | ||
775 | tcon = kzalloc(size+1, GFP_KERNEL); | 775 | tcon = kzalloc(size+1, GFP_KERNEL); |
776 | if (!tcon) | 776 | if (!tcon) |
777 | goto out; | 777 | goto out; |
778 | 778 | ||
779 | length = -EINVAL; | 779 | length = -EINVAL; |
780 | if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) | 780 | if (sscanf(buf, "%s %s %hu", scon, tcon, &tclass) != 3) |
781 | goto out2; | 781 | goto out2; |
782 | 782 | ||
783 | length = security_context_to_sid(scon, strlen(scon)+1, &ssid); | 783 | length = security_context_to_sid(scon, strlen(scon)+1, &ssid); |
784 | if (length < 0) | 784 | if (length < 0) |
785 | goto out2; | 785 | goto out2; |
786 | length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); | 786 | length = security_context_to_sid(tcon, strlen(tcon)+1, &tsid); |
787 | if (length < 0) | 787 | if (length < 0) |
788 | goto out2; | 788 | goto out2; |
789 | 789 | ||
790 | length = security_member_sid(ssid, tsid, tclass, &newsid); | 790 | length = security_member_sid(ssid, tsid, tclass, &newsid); |
791 | if (length < 0) | 791 | if (length < 0) |
792 | goto out2; | 792 | goto out2; |
793 | 793 | ||
794 | length = security_sid_to_context(newsid, &newcon, &len); | 794 | length = security_sid_to_context(newsid, &newcon, &len); |
795 | if (length < 0) | 795 | if (length < 0) |
796 | goto out2; | 796 | goto out2; |
797 | 797 | ||
798 | if (len > SIMPLE_TRANSACTION_LIMIT) { | 798 | if (len > SIMPLE_TRANSACTION_LIMIT) { |
799 | printk(KERN_ERR "%s: context size (%u) exceeds payload " | 799 | printk(KERN_ERR "%s: context size (%u) exceeds payload " |
800 | "max\n", __FUNCTION__, len); | 800 | "max\n", __FUNCTION__, len); |
801 | length = -ERANGE; | 801 | length = -ERANGE; |
802 | goto out3; | 802 | goto out3; |
803 | } | 803 | } |
804 | 804 | ||
805 | memcpy(buf, newcon, len); | 805 | memcpy(buf, newcon, len); |
806 | length = len; | 806 | length = len; |
807 | out3: | 807 | out3: |
808 | kfree(newcon); | 808 | kfree(newcon); |
809 | out2: | 809 | out2: |
810 | kfree(tcon); | 810 | kfree(tcon); |
811 | out: | 811 | out: |
812 | kfree(scon); | 812 | kfree(scon); |
813 | return length; | 813 | return length; |
814 | } | 814 | } |
815 | 815 | ||
816 | static struct inode *sel_make_inode(struct super_block *sb, int mode) | 816 | static struct inode *sel_make_inode(struct super_block *sb, int mode) |
817 | { | 817 | { |
818 | struct inode *ret = new_inode(sb); | 818 | struct inode *ret = new_inode(sb); |
819 | 819 | ||
820 | if (ret) { | 820 | if (ret) { |
821 | ret->i_mode = mode; | 821 | ret->i_mode = mode; |
822 | ret->i_uid = ret->i_gid = 0; | 822 | ret->i_uid = ret->i_gid = 0; |
823 | ret->i_blocks = 0; | 823 | ret->i_blocks = 0; |
824 | ret->i_atime = ret->i_mtime = ret->i_ctime = CURRENT_TIME; | 824 | ret->i_atime = ret->i_mtime = ret->i_ctime = CURRENT_TIME; |
825 | } | 825 | } |
826 | return ret; | 826 | return ret; |
827 | } | 827 | } |
828 | 828 | ||
829 | static ssize_t sel_read_bool(struct file *filep, char __user *buf, | 829 | static ssize_t sel_read_bool(struct file *filep, char __user *buf, |
830 | size_t count, loff_t *ppos) | 830 | size_t count, loff_t *ppos) |
831 | { | 831 | { |
832 | char *page = NULL; | 832 | char *page = NULL; |
833 | ssize_t length; | 833 | ssize_t length; |
834 | ssize_t ret; | 834 | ssize_t ret; |
835 | int cur_enforcing; | 835 | int cur_enforcing; |
836 | struct inode *inode = filep->f_path.dentry->d_inode; | 836 | struct inode *inode = filep->f_path.dentry->d_inode; |
837 | unsigned index = inode->i_ino & SEL_INO_MASK; | 837 | unsigned index = inode->i_ino & SEL_INO_MASK; |
838 | const char *name = filep->f_path.dentry->d_name.name; | 838 | const char *name = filep->f_path.dentry->d_name.name; |
839 | 839 | ||
840 | mutex_lock(&sel_mutex); | 840 | mutex_lock(&sel_mutex); |
841 | 841 | ||
842 | if (index >= bool_num || strcmp(name, bool_pending_names[index])) { | 842 | if (index >= bool_num || strcmp(name, bool_pending_names[index])) { |
843 | ret = -EINVAL; | 843 | ret = -EINVAL; |
844 | goto out; | 844 | goto out; |
845 | } | 845 | } |
846 | 846 | ||
847 | if (count > PAGE_SIZE) { | 847 | if (count > PAGE_SIZE) { |
848 | ret = -EINVAL; | 848 | ret = -EINVAL; |
849 | goto out; | 849 | goto out; |
850 | } | 850 | } |
851 | if (!(page = (char*)get_zeroed_page(GFP_KERNEL))) { | 851 | if (!(page = (char*)get_zeroed_page(GFP_KERNEL))) { |
852 | ret = -ENOMEM; | 852 | ret = -ENOMEM; |
853 | goto out; | 853 | goto out; |
854 | } | 854 | } |
855 | 855 | ||
856 | cur_enforcing = security_get_bool_value(index); | 856 | cur_enforcing = security_get_bool_value(index); |
857 | if (cur_enforcing < 0) { | 857 | if (cur_enforcing < 0) { |
858 | ret = cur_enforcing; | 858 | ret = cur_enforcing; |
859 | goto out; | 859 | goto out; |
860 | } | 860 | } |
861 | length = scnprintf(page, PAGE_SIZE, "%d %d", cur_enforcing, | 861 | length = scnprintf(page, PAGE_SIZE, "%d %d", cur_enforcing, |
862 | bool_pending_values[index]); | 862 | bool_pending_values[index]); |
863 | ret = simple_read_from_buffer(buf, count, ppos, page, length); | 863 | ret = simple_read_from_buffer(buf, count, ppos, page, length); |
864 | out: | 864 | out: |
865 | mutex_unlock(&sel_mutex); | 865 | mutex_unlock(&sel_mutex); |
866 | if (page) | 866 | if (page) |
867 | free_page((unsigned long)page); | 867 | free_page((unsigned long)page); |
868 | return ret; | 868 | return ret; |
869 | } | 869 | } |
870 | 870 | ||
871 | static ssize_t sel_write_bool(struct file *filep, const char __user *buf, | 871 | static ssize_t sel_write_bool(struct file *filep, const char __user *buf, |
872 | size_t count, loff_t *ppos) | 872 | size_t count, loff_t *ppos) |
873 | { | 873 | { |
874 | char *page = NULL; | 874 | char *page = NULL; |
875 | ssize_t length; | 875 | ssize_t length; |
876 | int new_value; | 876 | int new_value; |
877 | struct inode *inode = filep->f_path.dentry->d_inode; | 877 | struct inode *inode = filep->f_path.dentry->d_inode; |
878 | unsigned index = inode->i_ino & SEL_INO_MASK; | 878 | unsigned index = inode->i_ino & SEL_INO_MASK; |
879 | const char *name = filep->f_path.dentry->d_name.name; | 879 | const char *name = filep->f_path.dentry->d_name.name; |
880 | 880 | ||
881 | mutex_lock(&sel_mutex); | 881 | mutex_lock(&sel_mutex); |
882 | 882 | ||
883 | length = task_has_security(current, SECURITY__SETBOOL); | 883 | length = task_has_security(current, SECURITY__SETBOOL); |
884 | if (length) | 884 | if (length) |
885 | goto out; | 885 | goto out; |
886 | 886 | ||
887 | if (index >= bool_num || strcmp(name, bool_pending_names[index])) { | 887 | if (index >= bool_num || strcmp(name, bool_pending_names[index])) { |
888 | length = -EINVAL; | 888 | length = -EINVAL; |
889 | goto out; | 889 | goto out; |
890 | } | 890 | } |
891 | 891 | ||
892 | if (count >= PAGE_SIZE) { | 892 | if (count >= PAGE_SIZE) { |
893 | length = -ENOMEM; | 893 | length = -ENOMEM; |
894 | goto out; | 894 | goto out; |
895 | } | 895 | } |
896 | 896 | ||
897 | if (*ppos != 0) { | 897 | if (*ppos != 0) { |
898 | /* No partial writes. */ | 898 | /* No partial writes. */ |
899 | length = -EINVAL; | 899 | length = -EINVAL; |
900 | goto out; | 900 | goto out; |
901 | } | 901 | } |
902 | page = (char*)get_zeroed_page(GFP_KERNEL); | 902 | page = (char*)get_zeroed_page(GFP_KERNEL); |
903 | if (!page) { | 903 | if (!page) { |
904 | length = -ENOMEM; | 904 | length = -ENOMEM; |
905 | goto out; | 905 | goto out; |
906 | } | 906 | } |
907 | 907 | ||
908 | length = -EFAULT; | 908 | length = -EFAULT; |
909 | if (copy_from_user(page, buf, count)) | 909 | if (copy_from_user(page, buf, count)) |
910 | goto out; | 910 | goto out; |
911 | 911 | ||
912 | length = -EINVAL; | 912 | length = -EINVAL; |
913 | if (sscanf(page, "%d", &new_value) != 1) | 913 | if (sscanf(page, "%d", &new_value) != 1) |
914 | goto out; | 914 | goto out; |
915 | 915 | ||
916 | if (new_value) | 916 | if (new_value) |
917 | new_value = 1; | 917 | new_value = 1; |
918 | 918 | ||
919 | bool_pending_values[index] = new_value; | 919 | bool_pending_values[index] = new_value; |
920 | length = count; | 920 | length = count; |
921 | 921 | ||
922 | out: | 922 | out: |
923 | mutex_unlock(&sel_mutex); | 923 | mutex_unlock(&sel_mutex); |
924 | if (page) | 924 | if (page) |
925 | free_page((unsigned long) page); | 925 | free_page((unsigned long) page); |
926 | return length; | 926 | return length; |
927 | } | 927 | } |
928 | 928 | ||
929 | static const struct file_operations sel_bool_ops = { | 929 | static const struct file_operations sel_bool_ops = { |
930 | .read = sel_read_bool, | 930 | .read = sel_read_bool, |
931 | .write = sel_write_bool, | 931 | .write = sel_write_bool, |
932 | }; | 932 | }; |
933 | 933 | ||
934 | static ssize_t sel_commit_bools_write(struct file *filep, | 934 | static ssize_t sel_commit_bools_write(struct file *filep, |
935 | const char __user *buf, | 935 | const char __user *buf, |
936 | size_t count, loff_t *ppos) | 936 | size_t count, loff_t *ppos) |
937 | { | 937 | { |
938 | char *page = NULL; | 938 | char *page = NULL; |
939 | ssize_t length; | 939 | ssize_t length; |
940 | int new_value; | 940 | int new_value; |
941 | 941 | ||
942 | mutex_lock(&sel_mutex); | 942 | mutex_lock(&sel_mutex); |
943 | 943 | ||
944 | length = task_has_security(current, SECURITY__SETBOOL); | 944 | length = task_has_security(current, SECURITY__SETBOOL); |
945 | if (length) | 945 | if (length) |
946 | goto out; | 946 | goto out; |
947 | 947 | ||
948 | if (count >= PAGE_SIZE) { | 948 | if (count >= PAGE_SIZE) { |
949 | length = -ENOMEM; | 949 | length = -ENOMEM; |
950 | goto out; | 950 | goto out; |
951 | } | 951 | } |
952 | if (*ppos != 0) { | 952 | if (*ppos != 0) { |
953 | /* No partial writes. */ | 953 | /* No partial writes. */ |
954 | goto out; | 954 | goto out; |
955 | } | 955 | } |
956 | page = (char*)get_zeroed_page(GFP_KERNEL); | 956 | page = (char*)get_zeroed_page(GFP_KERNEL); |
957 | if (!page) { | 957 | if (!page) { |
958 | length = -ENOMEM; | 958 | length = -ENOMEM; |
959 | goto out; | 959 | goto out; |
960 | } | 960 | } |
961 | 961 | ||
962 | length = -EFAULT; | 962 | length = -EFAULT; |
963 | if (copy_from_user(page, buf, count)) | 963 | if (copy_from_user(page, buf, count)) |
964 | goto out; | 964 | goto out; |
965 | 965 | ||
966 | length = -EINVAL; | 966 | length = -EINVAL; |
967 | if (sscanf(page, "%d", &new_value) != 1) | 967 | if (sscanf(page, "%d", &new_value) != 1) |
968 | goto out; | 968 | goto out; |
969 | 969 | ||
970 | if (new_value && bool_pending_values) { | 970 | if (new_value && bool_pending_values) { |
971 | security_set_bools(bool_num, bool_pending_values); | 971 | security_set_bools(bool_num, bool_pending_values); |
972 | } | 972 | } |
973 | 973 | ||
974 | length = count; | 974 | length = count; |
975 | 975 | ||
976 | out: | 976 | out: |
977 | mutex_unlock(&sel_mutex); | 977 | mutex_unlock(&sel_mutex); |
978 | if (page) | 978 | if (page) |
979 | free_page((unsigned long) page); | 979 | free_page((unsigned long) page); |
980 | return length; | 980 | return length; |
981 | } | 981 | } |
982 | 982 | ||
983 | static const struct file_operations sel_commit_bools_ops = { | 983 | static const struct file_operations sel_commit_bools_ops = { |
984 | .write = sel_commit_bools_write, | 984 | .write = sel_commit_bools_write, |
985 | }; | 985 | }; |
986 | 986 | ||
987 | static void sel_remove_entries(struct dentry *de) | 987 | static void sel_remove_entries(struct dentry *de) |
988 | { | 988 | { |
989 | struct list_head *node; | 989 | struct list_head *node; |
990 | 990 | ||
991 | spin_lock(&dcache_lock); | 991 | spin_lock(&dcache_lock); |
992 | node = de->d_subdirs.next; | 992 | node = de->d_subdirs.next; |
993 | while (node != &de->d_subdirs) { | 993 | while (node != &de->d_subdirs) { |
994 | struct dentry *d = list_entry(node, struct dentry, d_u.d_child); | 994 | struct dentry *d = list_entry(node, struct dentry, d_u.d_child); |
995 | list_del_init(node); | 995 | list_del_init(node); |
996 | 996 | ||
997 | if (d->d_inode) { | 997 | if (d->d_inode) { |
998 | d = dget_locked(d); | 998 | d = dget_locked(d); |
999 | spin_unlock(&dcache_lock); | 999 | spin_unlock(&dcache_lock); |
1000 | d_delete(d); | 1000 | d_delete(d); |
1001 | simple_unlink(de->d_inode, d); | 1001 | simple_unlink(de->d_inode, d); |
1002 | dput(d); | 1002 | dput(d); |
1003 | spin_lock(&dcache_lock); | 1003 | spin_lock(&dcache_lock); |
1004 | } | 1004 | } |
1005 | node = de->d_subdirs.next; | 1005 | node = de->d_subdirs.next; |
1006 | } | 1006 | } |
1007 | 1007 | ||
1008 | spin_unlock(&dcache_lock); | 1008 | spin_unlock(&dcache_lock); |
1009 | } | 1009 | } |
1010 | 1010 | ||
1011 | #define BOOL_DIR_NAME "booleans" | 1011 | #define BOOL_DIR_NAME "booleans" |
1012 | 1012 | ||
1013 | static int sel_make_bools(void) | 1013 | static int sel_make_bools(void) |
1014 | { | 1014 | { |
1015 | int i, ret = 0; | 1015 | int i, ret = 0; |
1016 | ssize_t len; | 1016 | ssize_t len; |
1017 | struct dentry *dentry = NULL; | 1017 | struct dentry *dentry = NULL; |
1018 | struct dentry *dir = bool_dir; | 1018 | struct dentry *dir = bool_dir; |
1019 | struct inode *inode = NULL; | 1019 | struct inode *inode = NULL; |
1020 | struct inode_security_struct *isec; | 1020 | struct inode_security_struct *isec; |
1021 | char **names = NULL, *page; | 1021 | char **names = NULL, *page; |
1022 | int num; | 1022 | int num; |
1023 | int *values = NULL; | 1023 | int *values = NULL; |
1024 | u32 sid; | 1024 | u32 sid; |
1025 | 1025 | ||
1026 | /* remove any existing files */ | 1026 | /* remove any existing files */ |
1027 | kfree(bool_pending_names); | 1027 | kfree(bool_pending_names); |
1028 | kfree(bool_pending_values); | 1028 | kfree(bool_pending_values); |
1029 | bool_pending_names = NULL; | 1029 | bool_pending_names = NULL; |
1030 | bool_pending_values = NULL; | 1030 | bool_pending_values = NULL; |
1031 | 1031 | ||
1032 | sel_remove_entries(dir); | 1032 | sel_remove_entries(dir); |
1033 | 1033 | ||
1034 | if (!(page = (char*)get_zeroed_page(GFP_KERNEL))) | 1034 | if (!(page = (char*)get_zeroed_page(GFP_KERNEL))) |
1035 | return -ENOMEM; | 1035 | return -ENOMEM; |
1036 | 1036 | ||
1037 | ret = security_get_bools(&num, &names, &values); | 1037 | ret = security_get_bools(&num, &names, &values); |
1038 | if (ret != 0) | 1038 | if (ret != 0) |
1039 | goto out; | 1039 | goto out; |
1040 | 1040 | ||
1041 | for (i = 0; i < num; i++) { | 1041 | for (i = 0; i < num; i++) { |
1042 | dentry = d_alloc_name(dir, names[i]); | 1042 | dentry = d_alloc_name(dir, names[i]); |
1043 | if (!dentry) { | 1043 | if (!dentry) { |
1044 | ret = -ENOMEM; | 1044 | ret = -ENOMEM; |
1045 | goto err; | 1045 | goto err; |
1046 | } | 1046 | } |
1047 | inode = sel_make_inode(dir->d_sb, S_IFREG | S_IRUGO | S_IWUSR); | 1047 | inode = sel_make_inode(dir->d_sb, S_IFREG | S_IRUGO | S_IWUSR); |
1048 | if (!inode) { | 1048 | if (!inode) { |
1049 | ret = -ENOMEM; | 1049 | ret = -ENOMEM; |
1050 | goto err; | 1050 | goto err; |
1051 | } | 1051 | } |
1052 | 1052 | ||
1053 | len = snprintf(page, PAGE_SIZE, "/%s/%s", BOOL_DIR_NAME, names[i]); | 1053 | len = snprintf(page, PAGE_SIZE, "/%s/%s", BOOL_DIR_NAME, names[i]); |
1054 | if (len < 0) { | 1054 | if (len < 0) { |
1055 | ret = -EINVAL; | 1055 | ret = -EINVAL; |
1056 | goto err; | 1056 | goto err; |
1057 | } else if (len >= PAGE_SIZE) { | 1057 | } else if (len >= PAGE_SIZE) { |
1058 | ret = -ENAMETOOLONG; | 1058 | ret = -ENAMETOOLONG; |
1059 | goto err; | 1059 | goto err; |
1060 | } | 1060 | } |
1061 | isec = (struct inode_security_struct*)inode->i_security; | 1061 | isec = (struct inode_security_struct*)inode->i_security; |
1062 | if ((ret = security_genfs_sid("selinuxfs", page, SECCLASS_FILE, &sid))) | 1062 | if ((ret = security_genfs_sid("selinuxfs", page, SECCLASS_FILE, &sid))) |
1063 | goto err; | 1063 | goto err; |
1064 | isec->sid = sid; | 1064 | isec->sid = sid; |
1065 | isec->initialized = 1; | 1065 | isec->initialized = 1; |
1066 | inode->i_fop = &sel_bool_ops; | 1066 | inode->i_fop = &sel_bool_ops; |
1067 | inode->i_ino = i|SEL_BOOL_INO_OFFSET; | 1067 | inode->i_ino = i|SEL_BOOL_INO_OFFSET; |
1068 | d_add(dentry, inode); | 1068 | d_add(dentry, inode); |
1069 | } | 1069 | } |
1070 | bool_num = num; | 1070 | bool_num = num; |
1071 | bool_pending_names = names; | 1071 | bool_pending_names = names; |
1072 | bool_pending_values = values; | 1072 | bool_pending_values = values; |
1073 | out: | 1073 | out: |
1074 | free_page((unsigned long)page); | 1074 | free_page((unsigned long)page); |
1075 | return ret; | 1075 | return ret; |
1076 | err: | 1076 | err: |
1077 | if (names) { | 1077 | if (names) { |
1078 | for (i = 0; i < num; i++) | 1078 | for (i = 0; i < num; i++) |
1079 | kfree(names[i]); | 1079 | kfree(names[i]); |
1080 | kfree(names); | 1080 | kfree(names); |
1081 | } | 1081 | } |
1082 | kfree(values); | 1082 | kfree(values); |
1083 | sel_remove_entries(dir); | 1083 | sel_remove_entries(dir); |
1084 | ret = -ENOMEM; | 1084 | ret = -ENOMEM; |
1085 | goto out; | 1085 | goto out; |
1086 | } | 1086 | } |
1087 | 1087 | ||
1088 | #define NULL_FILE_NAME "null" | 1088 | #define NULL_FILE_NAME "null" |
1089 | 1089 | ||
1090 | struct dentry *selinux_null = NULL; | 1090 | struct dentry *selinux_null = NULL; |
1091 | 1091 | ||
1092 | static ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf, | 1092 | static ssize_t sel_read_avc_cache_threshold(struct file *filp, char __user *buf, |
1093 | size_t count, loff_t *ppos) | 1093 | size_t count, loff_t *ppos) |
1094 | { | 1094 | { |
1095 | char tmpbuf[TMPBUFLEN]; | 1095 | char tmpbuf[TMPBUFLEN]; |
1096 | ssize_t length; | 1096 | ssize_t length; |
1097 | 1097 | ||
1098 | length = scnprintf(tmpbuf, TMPBUFLEN, "%u", avc_cache_threshold); | 1098 | length = scnprintf(tmpbuf, TMPBUFLEN, "%u", avc_cache_threshold); |
1099 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); | 1099 | return simple_read_from_buffer(buf, count, ppos, tmpbuf, length); |
1100 | } | 1100 | } |
1101 | 1101 | ||
1102 | static ssize_t sel_write_avc_cache_threshold(struct file * file, | 1102 | static ssize_t sel_write_avc_cache_threshold(struct file * file, |
1103 | const char __user * buf, | 1103 | const char __user * buf, |
1104 | size_t count, loff_t *ppos) | 1104 | size_t count, loff_t *ppos) |
1105 | 1105 | ||
1106 | { | 1106 | { |
1107 | char *page; | 1107 | char *page; |
1108 | ssize_t ret; | 1108 | ssize_t ret; |
1109 | int new_value; | 1109 | int new_value; |
1110 | 1110 | ||
1111 | if (count >= PAGE_SIZE) { | 1111 | if (count >= PAGE_SIZE) { |
1112 | ret = -ENOMEM; | 1112 | ret = -ENOMEM; |
1113 | goto out; | 1113 | goto out; |
1114 | } | 1114 | } |
1115 | 1115 | ||
1116 | if (*ppos != 0) { | 1116 | if (*ppos != 0) { |
1117 | /* No partial writes. */ | 1117 | /* No partial writes. */ |
1118 | ret = -EINVAL; | 1118 | ret = -EINVAL; |
1119 | goto out; | 1119 | goto out; |
1120 | } | 1120 | } |
1121 | 1121 | ||
1122 | page = (char*)get_zeroed_page(GFP_KERNEL); | 1122 | page = (char*)get_zeroed_page(GFP_KERNEL); |
1123 | if (!page) { | 1123 | if (!page) { |
1124 | ret = -ENOMEM; | 1124 | ret = -ENOMEM; |
1125 | goto out; | 1125 | goto out; |
1126 | } | 1126 | } |
1127 | 1127 | ||
1128 | if (copy_from_user(page, buf, count)) { | 1128 | if (copy_from_user(page, buf, count)) { |
1129 | ret = -EFAULT; | 1129 | ret = -EFAULT; |
1130 | goto out_free; | 1130 | goto out_free; |
1131 | } | 1131 | } |
1132 | 1132 | ||
1133 | if (sscanf(page, "%u", &new_value) != 1) { | 1133 | if (sscanf(page, "%u", &new_value) != 1) { |
1134 | ret = -EINVAL; | 1134 | ret = -EINVAL; |
1135 | goto out; | 1135 | goto out; |
1136 | } | 1136 | } |
1137 | 1137 | ||
1138 | if (new_value != avc_cache_threshold) { | 1138 | if (new_value != avc_cache_threshold) { |
1139 | ret = task_has_security(current, SECURITY__SETSECPARAM); | 1139 | ret = task_has_security(current, SECURITY__SETSECPARAM); |
1140 | if (ret) | 1140 | if (ret) |
1141 | goto out_free; | 1141 | goto out_free; |
1142 | avc_cache_threshold = new_value; | 1142 | avc_cache_threshold = new_value; |
1143 | } | 1143 | } |
1144 | ret = count; | 1144 | ret = count; |
1145 | out_free: | 1145 | out_free: |
1146 | free_page((unsigned long)page); | 1146 | free_page((unsigned long)page); |
1147 | out: | 1147 | out: |
1148 | return ret; | 1148 | return ret; |
1149 | } | 1149 | } |
1150 | 1150 | ||
1151 | static ssize_t sel_read_avc_hash_stats(struct file *filp, char __user *buf, | 1151 | static ssize_t sel_read_avc_hash_stats(struct file *filp, char __user *buf, |
1152 | size_t count, loff_t *ppos) | 1152 | size_t count, loff_t *ppos) |
1153 | { | 1153 | { |
1154 | char *page; | 1154 | char *page; |
1155 | ssize_t ret = 0; | 1155 | ssize_t ret = 0; |
1156 | 1156 | ||
1157 | page = (char *)__get_free_page(GFP_KERNEL); | 1157 | page = (char *)__get_free_page(GFP_KERNEL); |
1158 | if (!page) { | 1158 | if (!page) { |
1159 | ret = -ENOMEM; | 1159 | ret = -ENOMEM; |
1160 | goto out; | 1160 | goto out; |
1161 | } | 1161 | } |
1162 | ret = avc_get_hash_stats(page); | 1162 | ret = avc_get_hash_stats(page); |
1163 | if (ret >= 0) | 1163 | if (ret >= 0) |
1164 | ret = simple_read_from_buffer(buf, count, ppos, page, ret); | 1164 | ret = simple_read_from_buffer(buf, count, ppos, page, ret); |
1165 | free_page((unsigned long)page); | 1165 | free_page((unsigned long)page); |
1166 | out: | 1166 | out: |
1167 | return ret; | 1167 | return ret; |
1168 | } | 1168 | } |
1169 | 1169 | ||
1170 | static const struct file_operations sel_avc_cache_threshold_ops = { | 1170 | static const struct file_operations sel_avc_cache_threshold_ops = { |
1171 | .read = sel_read_avc_cache_threshold, | 1171 | .read = sel_read_avc_cache_threshold, |
1172 | .write = sel_write_avc_cache_threshold, | 1172 | .write = sel_write_avc_cache_threshold, |
1173 | }; | 1173 | }; |
1174 | 1174 | ||
1175 | static const struct file_operations sel_avc_hash_stats_ops = { | 1175 | static const struct file_operations sel_avc_hash_stats_ops = { |
1176 | .read = sel_read_avc_hash_stats, | 1176 | .read = sel_read_avc_hash_stats, |
1177 | }; | 1177 | }; |
1178 | 1178 | ||
1179 | #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS | 1179 | #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS |
1180 | static struct avc_cache_stats *sel_avc_get_stat_idx(loff_t *idx) | 1180 | static struct avc_cache_stats *sel_avc_get_stat_idx(loff_t *idx) |
1181 | { | 1181 | { |
1182 | int cpu; | 1182 | int cpu; |
1183 | 1183 | ||
1184 | for (cpu = *idx; cpu < NR_CPUS; ++cpu) { | 1184 | for (cpu = *idx; cpu < NR_CPUS; ++cpu) { |
1185 | if (!cpu_possible(cpu)) | 1185 | if (!cpu_possible(cpu)) |
1186 | continue; | 1186 | continue; |
1187 | *idx = cpu + 1; | 1187 | *idx = cpu + 1; |
1188 | return &per_cpu(avc_cache_stats, cpu); | 1188 | return &per_cpu(avc_cache_stats, cpu); |
1189 | } | 1189 | } |
1190 | return NULL; | 1190 | return NULL; |
1191 | } | 1191 | } |
1192 | 1192 | ||
1193 | static void *sel_avc_stats_seq_start(struct seq_file *seq, loff_t *pos) | 1193 | static void *sel_avc_stats_seq_start(struct seq_file *seq, loff_t *pos) |
1194 | { | 1194 | { |
1195 | loff_t n = *pos - 1; | 1195 | loff_t n = *pos - 1; |
1196 | 1196 | ||
1197 | if (*pos == 0) | 1197 | if (*pos == 0) |
1198 | return SEQ_START_TOKEN; | 1198 | return SEQ_START_TOKEN; |
1199 | 1199 | ||
1200 | return sel_avc_get_stat_idx(&n); | 1200 | return sel_avc_get_stat_idx(&n); |
1201 | } | 1201 | } |
1202 | 1202 | ||
1203 | static void *sel_avc_stats_seq_next(struct seq_file *seq, void *v, loff_t *pos) | 1203 | static void *sel_avc_stats_seq_next(struct seq_file *seq, void *v, loff_t *pos) |
1204 | { | 1204 | { |
1205 | return sel_avc_get_stat_idx(pos); | 1205 | return sel_avc_get_stat_idx(pos); |
1206 | } | 1206 | } |
1207 | 1207 | ||
1208 | static int sel_avc_stats_seq_show(struct seq_file *seq, void *v) | 1208 | static int sel_avc_stats_seq_show(struct seq_file *seq, void *v) |
1209 | { | 1209 | { |
1210 | struct avc_cache_stats *st = v; | 1210 | struct avc_cache_stats *st = v; |
1211 | 1211 | ||
1212 | if (v == SEQ_START_TOKEN) | 1212 | if (v == SEQ_START_TOKEN) |
1213 | seq_printf(seq, "lookups hits misses allocations reclaims " | 1213 | seq_printf(seq, "lookups hits misses allocations reclaims " |
1214 | "frees\n"); | 1214 | "frees\n"); |
1215 | else | 1215 | else |
1216 | seq_printf(seq, "%u %u %u %u %u %u\n", st->lookups, | 1216 | seq_printf(seq, "%u %u %u %u %u %u\n", st->lookups, |
1217 | st->hits, st->misses, st->allocations, | 1217 | st->hits, st->misses, st->allocations, |
1218 | st->reclaims, st->frees); | 1218 | st->reclaims, st->frees); |
1219 | return 0; | 1219 | return 0; |
1220 | } | 1220 | } |
1221 | 1221 | ||
1222 | static void sel_avc_stats_seq_stop(struct seq_file *seq, void *v) | 1222 | static void sel_avc_stats_seq_stop(struct seq_file *seq, void *v) |
1223 | { } | 1223 | { } |
1224 | 1224 | ||
1225 | static struct seq_operations sel_avc_cache_stats_seq_ops = { | 1225 | static const struct seq_operations sel_avc_cache_stats_seq_ops = { |
1226 | .start = sel_avc_stats_seq_start, | 1226 | .start = sel_avc_stats_seq_start, |
1227 | .next = sel_avc_stats_seq_next, | 1227 | .next = sel_avc_stats_seq_next, |
1228 | .show = sel_avc_stats_seq_show, | 1228 | .show = sel_avc_stats_seq_show, |
1229 | .stop = sel_avc_stats_seq_stop, | 1229 | .stop = sel_avc_stats_seq_stop, |
1230 | }; | 1230 | }; |
1231 | 1231 | ||
1232 | static int sel_open_avc_cache_stats(struct inode *inode, struct file *file) | 1232 | static int sel_open_avc_cache_stats(struct inode *inode, struct file *file) |
1233 | { | 1233 | { |
1234 | return seq_open(file, &sel_avc_cache_stats_seq_ops); | 1234 | return seq_open(file, &sel_avc_cache_stats_seq_ops); |
1235 | } | 1235 | } |
1236 | 1236 | ||
1237 | static const struct file_operations sel_avc_cache_stats_ops = { | 1237 | static const struct file_operations sel_avc_cache_stats_ops = { |
1238 | .open = sel_open_avc_cache_stats, | 1238 | .open = sel_open_avc_cache_stats, |
1239 | .read = seq_read, | 1239 | .read = seq_read, |
1240 | .llseek = seq_lseek, | 1240 | .llseek = seq_lseek, |
1241 | .release = seq_release, | 1241 | .release = seq_release, |
1242 | }; | 1242 | }; |
1243 | #endif | 1243 | #endif |
1244 | 1244 | ||
1245 | static int sel_make_avc_files(struct dentry *dir) | 1245 | static int sel_make_avc_files(struct dentry *dir) |
1246 | { | 1246 | { |
1247 | int i, ret = 0; | 1247 | int i, ret = 0; |
1248 | static struct tree_descr files[] = { | 1248 | static struct tree_descr files[] = { |
1249 | { "cache_threshold", | 1249 | { "cache_threshold", |
1250 | &sel_avc_cache_threshold_ops, S_IRUGO|S_IWUSR }, | 1250 | &sel_avc_cache_threshold_ops, S_IRUGO|S_IWUSR }, |
1251 | { "hash_stats", &sel_avc_hash_stats_ops, S_IRUGO }, | 1251 | { "hash_stats", &sel_avc_hash_stats_ops, S_IRUGO }, |
1252 | #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS | 1252 | #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS |
1253 | { "cache_stats", &sel_avc_cache_stats_ops, S_IRUGO }, | 1253 | { "cache_stats", &sel_avc_cache_stats_ops, S_IRUGO }, |
1254 | #endif | 1254 | #endif |
1255 | }; | 1255 | }; |
1256 | 1256 | ||
1257 | for (i = 0; i < ARRAY_SIZE(files); i++) { | 1257 | for (i = 0; i < ARRAY_SIZE(files); i++) { |
1258 | struct inode *inode; | 1258 | struct inode *inode; |
1259 | struct dentry *dentry; | 1259 | struct dentry *dentry; |
1260 | 1260 | ||
1261 | dentry = d_alloc_name(dir, files[i].name); | 1261 | dentry = d_alloc_name(dir, files[i].name); |
1262 | if (!dentry) { | 1262 | if (!dentry) { |
1263 | ret = -ENOMEM; | 1263 | ret = -ENOMEM; |
1264 | goto out; | 1264 | goto out; |
1265 | } | 1265 | } |
1266 | 1266 | ||
1267 | inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode); | 1267 | inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode); |
1268 | if (!inode) { | 1268 | if (!inode) { |
1269 | ret = -ENOMEM; | 1269 | ret = -ENOMEM; |
1270 | goto out; | 1270 | goto out; |
1271 | } | 1271 | } |
1272 | inode->i_fop = files[i].ops; | 1272 | inode->i_fop = files[i].ops; |
1273 | inode->i_ino = ++sel_last_ino; | 1273 | inode->i_ino = ++sel_last_ino; |
1274 | d_add(dentry, inode); | 1274 | d_add(dentry, inode); |
1275 | } | 1275 | } |
1276 | out: | 1276 | out: |
1277 | return ret; | 1277 | return ret; |
1278 | } | 1278 | } |
1279 | 1279 | ||
1280 | static ssize_t sel_read_initcon(struct file * file, char __user *buf, | 1280 | static ssize_t sel_read_initcon(struct file * file, char __user *buf, |
1281 | size_t count, loff_t *ppos) | 1281 | size_t count, loff_t *ppos) |
1282 | { | 1282 | { |
1283 | struct inode *inode; | 1283 | struct inode *inode; |
1284 | char *con; | 1284 | char *con; |
1285 | u32 sid, len; | 1285 | u32 sid, len; |
1286 | ssize_t ret; | 1286 | ssize_t ret; |
1287 | 1287 | ||
1288 | inode = file->f_path.dentry->d_inode; | 1288 | inode = file->f_path.dentry->d_inode; |
1289 | sid = inode->i_ino&SEL_INO_MASK; | 1289 | sid = inode->i_ino&SEL_INO_MASK; |
1290 | ret = security_sid_to_context(sid, &con, &len); | 1290 | ret = security_sid_to_context(sid, &con, &len); |
1291 | if (ret < 0) | 1291 | if (ret < 0) |
1292 | return ret; | 1292 | return ret; |
1293 | 1293 | ||
1294 | ret = simple_read_from_buffer(buf, count, ppos, con, len); | 1294 | ret = simple_read_from_buffer(buf, count, ppos, con, len); |
1295 | kfree(con); | 1295 | kfree(con); |
1296 | return ret; | 1296 | return ret; |
1297 | } | 1297 | } |
1298 | 1298 | ||
1299 | static const struct file_operations sel_initcon_ops = { | 1299 | static const struct file_operations sel_initcon_ops = { |
1300 | .read = sel_read_initcon, | 1300 | .read = sel_read_initcon, |
1301 | }; | 1301 | }; |
1302 | 1302 | ||
1303 | static int sel_make_initcon_files(struct dentry *dir) | 1303 | static int sel_make_initcon_files(struct dentry *dir) |
1304 | { | 1304 | { |
1305 | int i, ret = 0; | 1305 | int i, ret = 0; |
1306 | 1306 | ||
1307 | for (i = 1; i <= SECINITSID_NUM; i++) { | 1307 | for (i = 1; i <= SECINITSID_NUM; i++) { |
1308 | struct inode *inode; | 1308 | struct inode *inode; |
1309 | struct dentry *dentry; | 1309 | struct dentry *dentry; |
1310 | dentry = d_alloc_name(dir, security_get_initial_sid_context(i)); | 1310 | dentry = d_alloc_name(dir, security_get_initial_sid_context(i)); |
1311 | if (!dentry) { | 1311 | if (!dentry) { |
1312 | ret = -ENOMEM; | 1312 | ret = -ENOMEM; |
1313 | goto out; | 1313 | goto out; |
1314 | } | 1314 | } |
1315 | 1315 | ||
1316 | inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); | 1316 | inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); |
1317 | if (!inode) { | 1317 | if (!inode) { |
1318 | ret = -ENOMEM; | 1318 | ret = -ENOMEM; |
1319 | goto out; | 1319 | goto out; |
1320 | } | 1320 | } |
1321 | inode->i_fop = &sel_initcon_ops; | 1321 | inode->i_fop = &sel_initcon_ops; |
1322 | inode->i_ino = i|SEL_INITCON_INO_OFFSET; | 1322 | inode->i_ino = i|SEL_INITCON_INO_OFFSET; |
1323 | d_add(dentry, inode); | 1323 | d_add(dentry, inode); |
1324 | } | 1324 | } |
1325 | out: | 1325 | out: |
1326 | return ret; | 1326 | return ret; |
1327 | } | 1327 | } |
1328 | 1328 | ||
1329 | static inline unsigned int sel_div(unsigned long a, unsigned long b) | 1329 | static inline unsigned int sel_div(unsigned long a, unsigned long b) |
1330 | { | 1330 | { |
1331 | return a / b - (a % b < 0); | 1331 | return a / b - (a % b < 0); |
1332 | } | 1332 | } |
1333 | 1333 | ||
1334 | static inline unsigned long sel_class_to_ino(u16 class) | 1334 | static inline unsigned long sel_class_to_ino(u16 class) |
1335 | { | 1335 | { |
1336 | return (class * (SEL_VEC_MAX + 1)) | SEL_CLASS_INO_OFFSET; | 1336 | return (class * (SEL_VEC_MAX + 1)) | SEL_CLASS_INO_OFFSET; |
1337 | } | 1337 | } |
1338 | 1338 | ||
1339 | static inline u16 sel_ino_to_class(unsigned long ino) | 1339 | static inline u16 sel_ino_to_class(unsigned long ino) |
1340 | { | 1340 | { |
1341 | return sel_div(ino & SEL_INO_MASK, SEL_VEC_MAX + 1); | 1341 | return sel_div(ino & SEL_INO_MASK, SEL_VEC_MAX + 1); |
1342 | } | 1342 | } |
1343 | 1343 | ||
1344 | static inline unsigned long sel_perm_to_ino(u16 class, u32 perm) | 1344 | static inline unsigned long sel_perm_to_ino(u16 class, u32 perm) |
1345 | { | 1345 | { |
1346 | return (class * (SEL_VEC_MAX + 1) + perm) | SEL_CLASS_INO_OFFSET; | 1346 | return (class * (SEL_VEC_MAX + 1) + perm) | SEL_CLASS_INO_OFFSET; |
1347 | } | 1347 | } |
1348 | 1348 | ||
1349 | static inline u32 sel_ino_to_perm(unsigned long ino) | 1349 | static inline u32 sel_ino_to_perm(unsigned long ino) |
1350 | { | 1350 | { |
1351 | return (ino & SEL_INO_MASK) % (SEL_VEC_MAX + 1); | 1351 | return (ino & SEL_INO_MASK) % (SEL_VEC_MAX + 1); |
1352 | } | 1352 | } |
1353 | 1353 | ||
1354 | static ssize_t sel_read_class(struct file * file, char __user *buf, | 1354 | static ssize_t sel_read_class(struct file * file, char __user *buf, |
1355 | size_t count, loff_t *ppos) | 1355 | size_t count, loff_t *ppos) |
1356 | { | 1356 | { |
1357 | ssize_t rc, len; | 1357 | ssize_t rc, len; |
1358 | char *page; | 1358 | char *page; |
1359 | unsigned long ino = file->f_path.dentry->d_inode->i_ino; | 1359 | unsigned long ino = file->f_path.dentry->d_inode->i_ino; |
1360 | 1360 | ||
1361 | page = (char *)__get_free_page(GFP_KERNEL); | 1361 | page = (char *)__get_free_page(GFP_KERNEL); |
1362 | if (!page) { | 1362 | if (!page) { |
1363 | rc = -ENOMEM; | 1363 | rc = -ENOMEM; |
1364 | goto out; | 1364 | goto out; |
1365 | } | 1365 | } |
1366 | 1366 | ||
1367 | len = snprintf(page, PAGE_SIZE, "%d", sel_ino_to_class(ino)); | 1367 | len = snprintf(page, PAGE_SIZE, "%d", sel_ino_to_class(ino)); |
1368 | rc = simple_read_from_buffer(buf, count, ppos, page, len); | 1368 | rc = simple_read_from_buffer(buf, count, ppos, page, len); |
1369 | free_page((unsigned long)page); | 1369 | free_page((unsigned long)page); |
1370 | out: | 1370 | out: |
1371 | return rc; | 1371 | return rc; |
1372 | } | 1372 | } |
1373 | 1373 | ||
1374 | static const struct file_operations sel_class_ops = { | 1374 | static const struct file_operations sel_class_ops = { |
1375 | .read = sel_read_class, | 1375 | .read = sel_read_class, |
1376 | }; | 1376 | }; |
1377 | 1377 | ||
1378 | static ssize_t sel_read_perm(struct file * file, char __user *buf, | 1378 | static ssize_t sel_read_perm(struct file * file, char __user *buf, |
1379 | size_t count, loff_t *ppos) | 1379 | size_t count, loff_t *ppos) |
1380 | { | 1380 | { |
1381 | ssize_t rc, len; | 1381 | ssize_t rc, len; |
1382 | char *page; | 1382 | char *page; |
1383 | unsigned long ino = file->f_path.dentry->d_inode->i_ino; | 1383 | unsigned long ino = file->f_path.dentry->d_inode->i_ino; |
1384 | 1384 | ||
1385 | page = (char *)__get_free_page(GFP_KERNEL); | 1385 | page = (char *)__get_free_page(GFP_KERNEL); |
1386 | if (!page) { | 1386 | if (!page) { |
1387 | rc = -ENOMEM; | 1387 | rc = -ENOMEM; |
1388 | goto out; | 1388 | goto out; |
1389 | } | 1389 | } |
1390 | 1390 | ||
1391 | len = snprintf(page, PAGE_SIZE,"%d", sel_ino_to_perm(ino)); | 1391 | len = snprintf(page, PAGE_SIZE,"%d", sel_ino_to_perm(ino)); |
1392 | rc = simple_read_from_buffer(buf, count, ppos, page, len); | 1392 | rc = simple_read_from_buffer(buf, count, ppos, page, len); |
1393 | free_page((unsigned long)page); | 1393 | free_page((unsigned long)page); |
1394 | out: | 1394 | out: |
1395 | return rc; | 1395 | return rc; |
1396 | } | 1396 | } |
1397 | 1397 | ||
1398 | static const struct file_operations sel_perm_ops = { | 1398 | static const struct file_operations sel_perm_ops = { |
1399 | .read = sel_read_perm, | 1399 | .read = sel_read_perm, |
1400 | }; | 1400 | }; |
1401 | 1401 | ||
1402 | static int sel_make_perm_files(char *objclass, int classvalue, | 1402 | static int sel_make_perm_files(char *objclass, int classvalue, |
1403 | struct dentry *dir) | 1403 | struct dentry *dir) |
1404 | { | 1404 | { |
1405 | int i, rc = 0, nperms; | 1405 | int i, rc = 0, nperms; |
1406 | char **perms; | 1406 | char **perms; |
1407 | 1407 | ||
1408 | rc = security_get_permissions(objclass, &perms, &nperms); | 1408 | rc = security_get_permissions(objclass, &perms, &nperms); |
1409 | if (rc) | 1409 | if (rc) |
1410 | goto out; | 1410 | goto out; |
1411 | 1411 | ||
1412 | for (i = 0; i < nperms; i++) { | 1412 | for (i = 0; i < nperms; i++) { |
1413 | struct inode *inode; | 1413 | struct inode *inode; |
1414 | struct dentry *dentry; | 1414 | struct dentry *dentry; |
1415 | 1415 | ||
1416 | dentry = d_alloc_name(dir, perms[i]); | 1416 | dentry = d_alloc_name(dir, perms[i]); |
1417 | if (!dentry) { | 1417 | if (!dentry) { |
1418 | rc = -ENOMEM; | 1418 | rc = -ENOMEM; |
1419 | goto out1; | 1419 | goto out1; |
1420 | } | 1420 | } |
1421 | 1421 | ||
1422 | inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); | 1422 | inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); |
1423 | if (!inode) { | 1423 | if (!inode) { |
1424 | rc = -ENOMEM; | 1424 | rc = -ENOMEM; |
1425 | goto out1; | 1425 | goto out1; |
1426 | } | 1426 | } |
1427 | inode->i_fop = &sel_perm_ops; | 1427 | inode->i_fop = &sel_perm_ops; |
1428 | /* i+1 since perm values are 1-indexed */ | 1428 | /* i+1 since perm values are 1-indexed */ |
1429 | inode->i_ino = sel_perm_to_ino(classvalue, i+1); | 1429 | inode->i_ino = sel_perm_to_ino(classvalue, i+1); |
1430 | d_add(dentry, inode); | 1430 | d_add(dentry, inode); |
1431 | } | 1431 | } |
1432 | 1432 | ||
1433 | out1: | 1433 | out1: |
1434 | for (i = 0; i < nperms; i++) | 1434 | for (i = 0; i < nperms; i++) |
1435 | kfree(perms[i]); | 1435 | kfree(perms[i]); |
1436 | kfree(perms); | 1436 | kfree(perms); |
1437 | out: | 1437 | out: |
1438 | return rc; | 1438 | return rc; |
1439 | } | 1439 | } |
1440 | 1440 | ||
1441 | static int sel_make_class_dir_entries(char *classname, int index, | 1441 | static int sel_make_class_dir_entries(char *classname, int index, |
1442 | struct dentry *dir) | 1442 | struct dentry *dir) |
1443 | { | 1443 | { |
1444 | struct dentry *dentry = NULL; | 1444 | struct dentry *dentry = NULL; |
1445 | struct inode *inode = NULL; | 1445 | struct inode *inode = NULL; |
1446 | int rc; | 1446 | int rc; |
1447 | 1447 | ||
1448 | dentry = d_alloc_name(dir, "index"); | 1448 | dentry = d_alloc_name(dir, "index"); |
1449 | if (!dentry) { | 1449 | if (!dentry) { |
1450 | rc = -ENOMEM; | 1450 | rc = -ENOMEM; |
1451 | goto out; | 1451 | goto out; |
1452 | } | 1452 | } |
1453 | 1453 | ||
1454 | inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); | 1454 | inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO); |
1455 | if (!inode) { | 1455 | if (!inode) { |
1456 | rc = -ENOMEM; | 1456 | rc = -ENOMEM; |
1457 | goto out; | 1457 | goto out; |
1458 | } | 1458 | } |
1459 | 1459 | ||
1460 | inode->i_fop = &sel_class_ops; | 1460 | inode->i_fop = &sel_class_ops; |
1461 | inode->i_ino = sel_class_to_ino(index); | 1461 | inode->i_ino = sel_class_to_ino(index); |
1462 | d_add(dentry, inode); | 1462 | d_add(dentry, inode); |
1463 | 1463 | ||
1464 | dentry = d_alloc_name(dir, "perms"); | 1464 | dentry = d_alloc_name(dir, "perms"); |
1465 | if (!dentry) { | 1465 | if (!dentry) { |
1466 | rc = -ENOMEM; | 1466 | rc = -ENOMEM; |
1467 | goto out; | 1467 | goto out; |
1468 | } | 1468 | } |
1469 | 1469 | ||
1470 | rc = sel_make_dir(dir->d_inode, dentry, &last_class_ino); | 1470 | rc = sel_make_dir(dir->d_inode, dentry, &last_class_ino); |
1471 | if (rc) | 1471 | if (rc) |
1472 | goto out; | 1472 | goto out; |
1473 | 1473 | ||
1474 | rc = sel_make_perm_files(classname, index, dentry); | 1474 | rc = sel_make_perm_files(classname, index, dentry); |
1475 | 1475 | ||
1476 | out: | 1476 | out: |
1477 | return rc; | 1477 | return rc; |
1478 | } | 1478 | } |
1479 | 1479 | ||
1480 | static void sel_remove_classes(void) | 1480 | static void sel_remove_classes(void) |
1481 | { | 1481 | { |
1482 | struct list_head *class_node; | 1482 | struct list_head *class_node; |
1483 | 1483 | ||
1484 | list_for_each(class_node, &class_dir->d_subdirs) { | 1484 | list_for_each(class_node, &class_dir->d_subdirs) { |
1485 | struct dentry *class_subdir = list_entry(class_node, | 1485 | struct dentry *class_subdir = list_entry(class_node, |
1486 | struct dentry, d_u.d_child); | 1486 | struct dentry, d_u.d_child); |
1487 | struct list_head *class_subdir_node; | 1487 | struct list_head *class_subdir_node; |
1488 | 1488 | ||
1489 | list_for_each(class_subdir_node, &class_subdir->d_subdirs) { | 1489 | list_for_each(class_subdir_node, &class_subdir->d_subdirs) { |
1490 | struct dentry *d = list_entry(class_subdir_node, | 1490 | struct dentry *d = list_entry(class_subdir_node, |
1491 | struct dentry, d_u.d_child); | 1491 | struct dentry, d_u.d_child); |
1492 | 1492 | ||
1493 | if (d->d_inode) | 1493 | if (d->d_inode) |
1494 | if (d->d_inode->i_mode & S_IFDIR) | 1494 | if (d->d_inode->i_mode & S_IFDIR) |
1495 | sel_remove_entries(d); | 1495 | sel_remove_entries(d); |
1496 | } | 1496 | } |
1497 | 1497 | ||
1498 | sel_remove_entries(class_subdir); | 1498 | sel_remove_entries(class_subdir); |
1499 | } | 1499 | } |
1500 | 1500 | ||
1501 | sel_remove_entries(class_dir); | 1501 | sel_remove_entries(class_dir); |
1502 | } | 1502 | } |
1503 | 1503 | ||
1504 | static int sel_make_classes(void) | 1504 | static int sel_make_classes(void) |
1505 | { | 1505 | { |
1506 | int rc = 0, nclasses, i; | 1506 | int rc = 0, nclasses, i; |
1507 | char **classes; | 1507 | char **classes; |
1508 | 1508 | ||
1509 | /* delete any existing entries */ | 1509 | /* delete any existing entries */ |
1510 | sel_remove_classes(); | 1510 | sel_remove_classes(); |
1511 | 1511 | ||
1512 | rc = security_get_classes(&classes, &nclasses); | 1512 | rc = security_get_classes(&classes, &nclasses); |
1513 | if (rc < 0) | 1513 | if (rc < 0) |
1514 | goto out; | 1514 | goto out; |
1515 | 1515 | ||
1516 | /* +2 since classes are 1-indexed */ | 1516 | /* +2 since classes are 1-indexed */ |
1517 | last_class_ino = sel_class_to_ino(nclasses+2); | 1517 | last_class_ino = sel_class_to_ino(nclasses+2); |
1518 | 1518 | ||
1519 | for (i = 0; i < nclasses; i++) { | 1519 | for (i = 0; i < nclasses; i++) { |
1520 | struct dentry *class_name_dir; | 1520 | struct dentry *class_name_dir; |
1521 | 1521 | ||
1522 | class_name_dir = d_alloc_name(class_dir, classes[i]); | 1522 | class_name_dir = d_alloc_name(class_dir, classes[i]); |
1523 | if (!class_name_dir) { | 1523 | if (!class_name_dir) { |
1524 | rc = -ENOMEM; | 1524 | rc = -ENOMEM; |
1525 | goto out1; | 1525 | goto out1; |
1526 | } | 1526 | } |
1527 | 1527 | ||
1528 | rc = sel_make_dir(class_dir->d_inode, class_name_dir, | 1528 | rc = sel_make_dir(class_dir->d_inode, class_name_dir, |
1529 | &last_class_ino); | 1529 | &last_class_ino); |
1530 | if (rc) | 1530 | if (rc) |
1531 | goto out1; | 1531 | goto out1; |
1532 | 1532 | ||
1533 | /* i+1 since class values are 1-indexed */ | 1533 | /* i+1 since class values are 1-indexed */ |
1534 | rc = sel_make_class_dir_entries(classes[i], i+1, | 1534 | rc = sel_make_class_dir_entries(classes[i], i+1, |
1535 | class_name_dir); | 1535 | class_name_dir); |
1536 | if (rc) | 1536 | if (rc) |
1537 | goto out1; | 1537 | goto out1; |
1538 | } | 1538 | } |
1539 | 1539 | ||
1540 | out1: | 1540 | out1: |
1541 | for (i = 0; i < nclasses; i++) | 1541 | for (i = 0; i < nclasses; i++) |
1542 | kfree(classes[i]); | 1542 | kfree(classes[i]); |
1543 | kfree(classes); | 1543 | kfree(classes); |
1544 | out: | 1544 | out: |
1545 | return rc; | 1545 | return rc; |
1546 | } | 1546 | } |
1547 | 1547 | ||
1548 | static int sel_make_dir(struct inode *dir, struct dentry *dentry, | 1548 | static int sel_make_dir(struct inode *dir, struct dentry *dentry, |
1549 | unsigned long *ino) | 1549 | unsigned long *ino) |
1550 | { | 1550 | { |
1551 | int ret = 0; | 1551 | int ret = 0; |
1552 | struct inode *inode; | 1552 | struct inode *inode; |
1553 | 1553 | ||
1554 | inode = sel_make_inode(dir->i_sb, S_IFDIR | S_IRUGO | S_IXUGO); | 1554 | inode = sel_make_inode(dir->i_sb, S_IFDIR | S_IRUGO | S_IXUGO); |
1555 | if (!inode) { | 1555 | if (!inode) { |
1556 | ret = -ENOMEM; | 1556 | ret = -ENOMEM; |
1557 | goto out; | 1557 | goto out; |
1558 | } | 1558 | } |
1559 | inode->i_op = &simple_dir_inode_operations; | 1559 | inode->i_op = &simple_dir_inode_operations; |
1560 | inode->i_fop = &simple_dir_operations; | 1560 | inode->i_fop = &simple_dir_operations; |
1561 | inode->i_ino = ++(*ino); | 1561 | inode->i_ino = ++(*ino); |
1562 | /* directory inodes start off with i_nlink == 2 (for "." entry) */ | 1562 | /* directory inodes start off with i_nlink == 2 (for "." entry) */ |
1563 | inc_nlink(inode); | 1563 | inc_nlink(inode); |
1564 | d_add(dentry, inode); | 1564 | d_add(dentry, inode); |
1565 | /* bump link count on parent directory, too */ | 1565 | /* bump link count on parent directory, too */ |
1566 | inc_nlink(dir); | 1566 | inc_nlink(dir); |
1567 | out: | 1567 | out: |
1568 | return ret; | 1568 | return ret; |
1569 | } | 1569 | } |
1570 | 1570 | ||
1571 | static int sel_fill_super(struct super_block * sb, void * data, int silent) | 1571 | static int sel_fill_super(struct super_block * sb, void * data, int silent) |
1572 | { | 1572 | { |
1573 | int ret; | 1573 | int ret; |
1574 | struct dentry *dentry; | 1574 | struct dentry *dentry; |
1575 | struct inode *inode, *root_inode; | 1575 | struct inode *inode, *root_inode; |
1576 | struct inode_security_struct *isec; | 1576 | struct inode_security_struct *isec; |
1577 | 1577 | ||
1578 | static struct tree_descr selinux_files[] = { | 1578 | static struct tree_descr selinux_files[] = { |
1579 | [SEL_LOAD] = {"load", &sel_load_ops, S_IRUSR|S_IWUSR}, | 1579 | [SEL_LOAD] = {"load", &sel_load_ops, S_IRUSR|S_IWUSR}, |
1580 | [SEL_ENFORCE] = {"enforce", &sel_enforce_ops, S_IRUGO|S_IWUSR}, | 1580 | [SEL_ENFORCE] = {"enforce", &sel_enforce_ops, S_IRUGO|S_IWUSR}, |
1581 | [SEL_CONTEXT] = {"context", &transaction_ops, S_IRUGO|S_IWUGO}, | 1581 | [SEL_CONTEXT] = {"context", &transaction_ops, S_IRUGO|S_IWUGO}, |
1582 | [SEL_ACCESS] = {"access", &transaction_ops, S_IRUGO|S_IWUGO}, | 1582 | [SEL_ACCESS] = {"access", &transaction_ops, S_IRUGO|S_IWUGO}, |
1583 | [SEL_CREATE] = {"create", &transaction_ops, S_IRUGO|S_IWUGO}, | 1583 | [SEL_CREATE] = {"create", &transaction_ops, S_IRUGO|S_IWUGO}, |
1584 | [SEL_RELABEL] = {"relabel", &transaction_ops, S_IRUGO|S_IWUGO}, | 1584 | [SEL_RELABEL] = {"relabel", &transaction_ops, S_IRUGO|S_IWUGO}, |
1585 | [SEL_USER] = {"user", &transaction_ops, S_IRUGO|S_IWUGO}, | 1585 | [SEL_USER] = {"user", &transaction_ops, S_IRUGO|S_IWUGO}, |
1586 | [SEL_POLICYVERS] = {"policyvers", &sel_policyvers_ops, S_IRUGO}, | 1586 | [SEL_POLICYVERS] = {"policyvers", &sel_policyvers_ops, S_IRUGO}, |
1587 | [SEL_COMMIT_BOOLS] = {"commit_pending_bools", &sel_commit_bools_ops, S_IWUSR}, | 1587 | [SEL_COMMIT_BOOLS] = {"commit_pending_bools", &sel_commit_bools_ops, S_IWUSR}, |
1588 | [SEL_MLS] = {"mls", &sel_mls_ops, S_IRUGO}, | 1588 | [SEL_MLS] = {"mls", &sel_mls_ops, S_IRUGO}, |
1589 | [SEL_DISABLE] = {"disable", &sel_disable_ops, S_IWUSR}, | 1589 | [SEL_DISABLE] = {"disable", &sel_disable_ops, S_IWUSR}, |
1590 | [SEL_MEMBER] = {"member", &transaction_ops, S_IRUGO|S_IWUGO}, | 1590 | [SEL_MEMBER] = {"member", &transaction_ops, S_IRUGO|S_IWUGO}, |
1591 | [SEL_CHECKREQPROT] = {"checkreqprot", &sel_checkreqprot_ops, S_IRUGO|S_IWUSR}, | 1591 | [SEL_CHECKREQPROT] = {"checkreqprot", &sel_checkreqprot_ops, S_IRUGO|S_IWUSR}, |
1592 | [SEL_COMPAT_NET] = {"compat_net", &sel_compat_net_ops, S_IRUGO|S_IWUSR}, | 1592 | [SEL_COMPAT_NET] = {"compat_net", &sel_compat_net_ops, S_IRUGO|S_IWUSR}, |
1593 | [SEL_REJECT_UNKNOWN] = {"reject_unknown", &sel_handle_unknown_ops, S_IRUGO}, | 1593 | [SEL_REJECT_UNKNOWN] = {"reject_unknown", &sel_handle_unknown_ops, S_IRUGO}, |
1594 | [SEL_DENY_UNKNOWN] = {"deny_unknown", &sel_handle_unknown_ops, S_IRUGO}, | 1594 | [SEL_DENY_UNKNOWN] = {"deny_unknown", &sel_handle_unknown_ops, S_IRUGO}, |
1595 | /* last one */ {""} | 1595 | /* last one */ {""} |
1596 | }; | 1596 | }; |
1597 | ret = simple_fill_super(sb, SELINUX_MAGIC, selinux_files); | 1597 | ret = simple_fill_super(sb, SELINUX_MAGIC, selinux_files); |
1598 | if (ret) | 1598 | if (ret) |
1599 | goto err; | 1599 | goto err; |
1600 | 1600 | ||
1601 | root_inode = sb->s_root->d_inode; | 1601 | root_inode = sb->s_root->d_inode; |
1602 | 1602 | ||
1603 | dentry = d_alloc_name(sb->s_root, BOOL_DIR_NAME); | 1603 | dentry = d_alloc_name(sb->s_root, BOOL_DIR_NAME); |
1604 | if (!dentry) { | 1604 | if (!dentry) { |
1605 | ret = -ENOMEM; | 1605 | ret = -ENOMEM; |
1606 | goto err; | 1606 | goto err; |
1607 | } | 1607 | } |
1608 | 1608 | ||
1609 | ret = sel_make_dir(root_inode, dentry, &sel_last_ino); | 1609 | ret = sel_make_dir(root_inode, dentry, &sel_last_ino); |
1610 | if (ret) | 1610 | if (ret) |
1611 | goto err; | 1611 | goto err; |
1612 | 1612 | ||
1613 | bool_dir = dentry; | 1613 | bool_dir = dentry; |
1614 | 1614 | ||
1615 | dentry = d_alloc_name(sb->s_root, NULL_FILE_NAME); | 1615 | dentry = d_alloc_name(sb->s_root, NULL_FILE_NAME); |
1616 | if (!dentry) { | 1616 | if (!dentry) { |
1617 | ret = -ENOMEM; | 1617 | ret = -ENOMEM; |
1618 | goto err; | 1618 | goto err; |
1619 | } | 1619 | } |
1620 | 1620 | ||
1621 | inode = sel_make_inode(sb, S_IFCHR | S_IRUGO | S_IWUGO); | 1621 | inode = sel_make_inode(sb, S_IFCHR | S_IRUGO | S_IWUGO); |
1622 | if (!inode) { | 1622 | if (!inode) { |
1623 | ret = -ENOMEM; | 1623 | ret = -ENOMEM; |
1624 | goto err; | 1624 | goto err; |
1625 | } | 1625 | } |
1626 | inode->i_ino = ++sel_last_ino; | 1626 | inode->i_ino = ++sel_last_ino; |
1627 | isec = (struct inode_security_struct*)inode->i_security; | 1627 | isec = (struct inode_security_struct*)inode->i_security; |
1628 | isec->sid = SECINITSID_DEVNULL; | 1628 | isec->sid = SECINITSID_DEVNULL; |
1629 | isec->sclass = SECCLASS_CHR_FILE; | 1629 | isec->sclass = SECCLASS_CHR_FILE; |
1630 | isec->initialized = 1; | 1630 | isec->initialized = 1; |
1631 | 1631 | ||
1632 | init_special_inode(inode, S_IFCHR | S_IRUGO | S_IWUGO, MKDEV(MEM_MAJOR, 3)); | 1632 | init_special_inode(inode, S_IFCHR | S_IRUGO | S_IWUGO, MKDEV(MEM_MAJOR, 3)); |
1633 | d_add(dentry, inode); | 1633 | d_add(dentry, inode); |
1634 | selinux_null = dentry; | 1634 | selinux_null = dentry; |
1635 | 1635 | ||
1636 | dentry = d_alloc_name(sb->s_root, "avc"); | 1636 | dentry = d_alloc_name(sb->s_root, "avc"); |
1637 | if (!dentry) { | 1637 | if (!dentry) { |
1638 | ret = -ENOMEM; | 1638 | ret = -ENOMEM; |
1639 | goto err; | 1639 | goto err; |
1640 | } | 1640 | } |
1641 | 1641 | ||
1642 | ret = sel_make_dir(root_inode, dentry, &sel_last_ino); | 1642 | ret = sel_make_dir(root_inode, dentry, &sel_last_ino); |
1643 | if (ret) | 1643 | if (ret) |
1644 | goto err; | 1644 | goto err; |
1645 | 1645 | ||
1646 | ret = sel_make_avc_files(dentry); | 1646 | ret = sel_make_avc_files(dentry); |
1647 | if (ret) | 1647 | if (ret) |
1648 | goto err; | 1648 | goto err; |
1649 | 1649 | ||
1650 | dentry = d_alloc_name(sb->s_root, "initial_contexts"); | 1650 | dentry = d_alloc_name(sb->s_root, "initial_contexts"); |
1651 | if (!dentry) { | 1651 | if (!dentry) { |
1652 | ret = -ENOMEM; | 1652 | ret = -ENOMEM; |
1653 | goto err; | 1653 | goto err; |
1654 | } | 1654 | } |
1655 | 1655 | ||
1656 | ret = sel_make_dir(root_inode, dentry, &sel_last_ino); | 1656 | ret = sel_make_dir(root_inode, dentry, &sel_last_ino); |
1657 | if (ret) | 1657 | if (ret) |
1658 | goto err; | 1658 | goto err; |
1659 | 1659 | ||
1660 | ret = sel_make_initcon_files(dentry); | 1660 | ret = sel_make_initcon_files(dentry); |
1661 | if (ret) | 1661 | if (ret) |
1662 | goto err; | 1662 | goto err; |
1663 | 1663 | ||
1664 | dentry = d_alloc_name(sb->s_root, "class"); | 1664 | dentry = d_alloc_name(sb->s_root, "class"); |
1665 | if (!dentry) { | 1665 | if (!dentry) { |
1666 | ret = -ENOMEM; | 1666 | ret = -ENOMEM; |
1667 | goto err; | 1667 | goto err; |
1668 | } | 1668 | } |
1669 | 1669 | ||
1670 | ret = sel_make_dir(root_inode, dentry, &sel_last_ino); | 1670 | ret = sel_make_dir(root_inode, dentry, &sel_last_ino); |
1671 | if (ret) | 1671 | if (ret) |
1672 | goto err; | 1672 | goto err; |
1673 | 1673 | ||
1674 | class_dir = dentry; | 1674 | class_dir = dentry; |
1675 | 1675 | ||
1676 | out: | 1676 | out: |
1677 | return ret; | 1677 | return ret; |
1678 | err: | 1678 | err: |
1679 | printk(KERN_ERR "%s: failed while creating inodes\n", __FUNCTION__); | 1679 | printk(KERN_ERR "%s: failed while creating inodes\n", __FUNCTION__); |
1680 | goto out; | 1680 | goto out; |
1681 | } | 1681 | } |
1682 | 1682 | ||
1683 | static int sel_get_sb(struct file_system_type *fs_type, | 1683 | static int sel_get_sb(struct file_system_type *fs_type, |
1684 | int flags, const char *dev_name, void *data, | 1684 | int flags, const char *dev_name, void *data, |
1685 | struct vfsmount *mnt) | 1685 | struct vfsmount *mnt) |
1686 | { | 1686 | { |
1687 | return get_sb_single(fs_type, flags, data, sel_fill_super, mnt); | 1687 | return get_sb_single(fs_type, flags, data, sel_fill_super, mnt); |
1688 | } | 1688 | } |
1689 | 1689 | ||
1690 | static struct file_system_type sel_fs_type = { | 1690 | static struct file_system_type sel_fs_type = { |
1691 | .name = "selinuxfs", | 1691 | .name = "selinuxfs", |
1692 | .get_sb = sel_get_sb, | 1692 | .get_sb = sel_get_sb, |
1693 | .kill_sb = kill_litter_super, | 1693 | .kill_sb = kill_litter_super, |
1694 | }; | 1694 | }; |
1695 | 1695 | ||
1696 | struct vfsmount *selinuxfs_mount; | 1696 | struct vfsmount *selinuxfs_mount; |
1697 | 1697 | ||
1698 | static int __init init_sel_fs(void) | 1698 | static int __init init_sel_fs(void) |
1699 | { | 1699 | { |
1700 | int err; | 1700 | int err; |
1701 | 1701 | ||
1702 | if (!selinux_enabled) | 1702 | if (!selinux_enabled) |
1703 | return 0; | 1703 | return 0; |
1704 | err = register_filesystem(&sel_fs_type); | 1704 | err = register_filesystem(&sel_fs_type); |
1705 | if (!err) { | 1705 | if (!err) { |
1706 | selinuxfs_mount = kern_mount(&sel_fs_type); | 1706 | selinuxfs_mount = kern_mount(&sel_fs_type); |
1707 | if (IS_ERR(selinuxfs_mount)) { | 1707 | if (IS_ERR(selinuxfs_mount)) { |
1708 | printk(KERN_ERR "selinuxfs: could not mount!\n"); | 1708 | printk(KERN_ERR "selinuxfs: could not mount!\n"); |
1709 | err = PTR_ERR(selinuxfs_mount); | 1709 | err = PTR_ERR(selinuxfs_mount); |
1710 | selinuxfs_mount = NULL; | 1710 | selinuxfs_mount = NULL; |
1711 | } | 1711 | } |
1712 | } | 1712 | } |
1713 | return err; | 1713 | return err; |
1714 | } | 1714 | } |
1715 | 1715 | ||
1716 | __initcall(init_sel_fs); | 1716 | __initcall(init_sel_fs); |
1717 | 1717 | ||
1718 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE | 1718 | #ifdef CONFIG_SECURITY_SELINUX_DISABLE |
1719 | void exit_sel_fs(void) | 1719 | void exit_sel_fs(void) |
1720 | { | 1720 | { |
1721 | unregister_filesystem(&sel_fs_type); | 1721 | unregister_filesystem(&sel_fs_type); |
1722 | } | 1722 | } |
1723 | #endif | 1723 | #endif |
1724 | 1724 |