* [PATCH try #3] security: Convert LSM into a static interface
2007-06-25 16:59 ` Stephen Smalley
@ 2007-06-25 23:56 ` James Morris
0 siblings, 0 replies; 33+ messages in thread
From: James Morris @ 2007-06-25 23:56 UTC (permalink / raw)
To: Chris Wright
Cc: Stephen Smalley, linux-security-module, Serge E. Hallyn,
Andrew Morgan, Andrew Morton, lkml, Arjan van de Ven, Greg KH,
Eric Paris, Petr Vandrovec
Convert LSM into a static interface, as the ability to unload a security
module is not required by in-tree users and potentially complicates the
overall security architecture.
Needlessly exported LSM symbols have been unexported, to help reduce API
abuse.
Parameters for the capability and root_plug modules are now specified
at boot.
The SECURITY_FRAMEWORK_VERSION macro has also been removed.
Signed-off-by: James Morris <jmorris@namei.org>
---
Changes in this version:
- retained module params for root_plug
- unexorted security_ops, moved inlines to security.c, exported some
needed security hooks
Please review, I've done quite a bit of testing, but it's a large change
now.
Documentation/kernel-parameters.txt | 17 +
include/linux/security.h | 1171 ++++++-----------------------------
security/Kconfig | 4 +-
security/capability.c | 24 -
security/commoncap.c | 3 -
security/dummy.c | 1 -
security/root_plug.c | 31 +-
security/security.c | 954 ++++++++++++++++++++++++++++-
security/selinux/hooks.c | 1 -
security/selinux/xfrm.c | 1 -
10 files changed, 1168 insertions(+), 1039 deletions(-)
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index 5d0283c..cd65510 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -74,10 +74,12 @@ parameter is applicable:
PPT Parallel port support is enabled.
PS2 Appropriate PS/2 support is enabled.
RAM RAM disk support is enabled.
+ ROOTPLUG The example Root Plug LSM is enabled.
S390 S390 architecture is enabled.
SCSI Appropriate SCSI support is enabled.
A lot of drivers has their options described inside of
Documentation/scsi/.
+ SECURITY Different security models are enabled.
SELINUX SELinux support is enabled.
SERIAL Serial support is enabled.
SH SuperH architecture is enabled.
@@ -376,6 +378,12 @@ and is between 256 and 4096 characters. It is defined in the file
possible to determine what the correct size should be.
This option provides an override for these situations.
+ capability.disable=
+ [SECURITY] Disable capabilities. This would normally
+ be used only if an alternative security model is to be
+ configured. Potentially dangerous and should only be
+ used if you are entirely sure of the consequences.
+
cdu31a= [HW,CD]
Format: <io>,<irq>[,PAS]
See header of drivers/cdrom/cdu31a.c.
@@ -1541,6 +1549,15 @@ and is between 256 and 4096 characters. It is defined in the file
rootfstype= [KNL] Set root filesystem type
+ root_plug.vendor_id=
+ [ROOTPLUG] Override the default vendor ID
+
+ root_plug.product_id=
+ [ROOTPLUG] Override the default product ID
+
+ root_plug.debug=
+ [ROOTPLUG] Enable debugging output
+
rw [KNL] Mount root device read-write on boot
S [KNL] Run init in single mode
diff --git a/include/linux/security.h b/include/linux/security.h
index 9eb9e0f..5f58808 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1398,730 +1398,8 @@ struct security_operations {
};
-/* global variables */
extern struct security_operations *security_ops;
-/* inline stuff */
-static inline int security_ptrace (struct task_struct * parent, struct task_struct * child)
-{
- return security_ops->ptrace (parent, child);
-}
-
-static inline int security_capget (struct task_struct *target,
- kernel_cap_t *effective,
- kernel_cap_t *inheritable,
- kernel_cap_t *permitted)
-{
- return security_ops->capget (target, effective, inheritable, permitted);
-}
-
-static inline int security_capset_check (struct task_struct *target,
- kernel_cap_t *effective,
- kernel_cap_t *inheritable,
- kernel_cap_t *permitted)
-{
- return security_ops->capset_check (target, effective, inheritable, permitted);
-}
-
-static inline void security_capset_set (struct task_struct *target,
- kernel_cap_t *effective,
- kernel_cap_t *inheritable,
- kernel_cap_t *permitted)
-{
- security_ops->capset_set (target, effective, inheritable, permitted);
-}
-
-static inline int security_capable(struct task_struct *tsk, int cap)
-{
- return security_ops->capable(tsk, cap);
-}
-
-static inline int security_acct (struct file *file)
-{
- return security_ops->acct (file);
-}
-
-static inline int security_sysctl(struct ctl_table *table, int op)
-{
- return security_ops->sysctl(table, op);
-}
-
-static inline int security_quotactl (int cmds, int type, int id,
- struct super_block *sb)
-{
- return security_ops->quotactl (cmds, type, id, sb);
-}
-
-static inline int security_quota_on (struct dentry * dentry)
-{
- return security_ops->quota_on (dentry);
-}
-
-static inline int security_syslog(int type)
-{
- return security_ops->syslog(type);
-}
-
-static inline int security_settime(struct timespec *ts, struct timezone *tz)
-{
- return security_ops->settime(ts, tz);
-}
-
-
-static inline int security_vm_enough_memory(long pages)
-{
- return security_ops->vm_enough_memory(pages);
-}
-
-static inline int security_bprm_alloc (struct linux_binprm *bprm)
-{
- return security_ops->bprm_alloc_security (bprm);
-}
-static inline void security_bprm_free (struct linux_binprm *bprm)
-{
- security_ops->bprm_free_security (bprm);
-}
-static inline void security_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
-{
- security_ops->bprm_apply_creds (bprm, unsafe);
-}
-static inline void security_bprm_post_apply_creds (struct linux_binprm *bprm)
-{
- security_ops->bprm_post_apply_creds (bprm);
-}
-static inline int security_bprm_set (struct linux_binprm *bprm)
-{
- return security_ops->bprm_set_security (bprm);
-}
-
-static inline int security_bprm_check (struct linux_binprm *bprm)
-{
- return security_ops->bprm_check_security (bprm);
-}
-
-static inline int security_bprm_secureexec (struct linux_binprm *bprm)
-{
- return security_ops->bprm_secureexec (bprm);
-}
-
-static inline int security_sb_alloc (struct super_block *sb)
-{
- return security_ops->sb_alloc_security (sb);
-}
-
-static inline void security_sb_free (struct super_block *sb)
-{
- security_ops->sb_free_security (sb);
-}
-
-static inline int security_sb_copy_data (struct file_system_type *type,
- void *orig, void *copy)
-{
- return security_ops->sb_copy_data (type, orig, copy);
-}
-
-static inline int security_sb_kern_mount (struct super_block *sb, void *data)
-{
- return security_ops->sb_kern_mount (sb, data);
-}
-
-static inline int security_sb_statfs (struct dentry *dentry)
-{
- return security_ops->sb_statfs (dentry);
-}
-
-static inline int security_sb_mount (char *dev_name, struct nameidata *nd,
- char *type, unsigned long flags,
- void *data)
-{
- return security_ops->sb_mount (dev_name, nd, type, flags, data);
-}
-
-static inline int security_sb_check_sb (struct vfsmount *mnt,
- struct nameidata *nd)
-{
- return security_ops->sb_check_sb (mnt, nd);
-}
-
-static inline int security_sb_umount (struct vfsmount *mnt, int flags)
-{
- return security_ops->sb_umount (mnt, flags);
-}
-
-static inline void security_sb_umount_close (struct vfsmount *mnt)
-{
- security_ops->sb_umount_close (mnt);
-}
-
-static inline void security_sb_umount_busy (struct vfsmount *mnt)
-{
- security_ops->sb_umount_busy (mnt);
-}
-
-static inline void security_sb_post_remount (struct vfsmount *mnt,
- unsigned long flags, void *data)
-{
- security_ops->sb_post_remount (mnt, flags, data);
-}
-
-static inline void security_sb_post_mountroot (void)
-{
- security_ops->sb_post_mountroot ();
-}
-
-static inline void security_sb_post_addmount (struct vfsmount *mnt,
- struct nameidata *mountpoint_nd)
-{
- security_ops->sb_post_addmount (mnt, mountpoint_nd);
-}
-
-static inline int security_sb_pivotroot (struct nameidata *old_nd,
- struct nameidata *new_nd)
-{
- return security_ops->sb_pivotroot (old_nd, new_nd);
-}
-
-static inline void security_sb_post_pivotroot (struct nameidata *old_nd,
- struct nameidata *new_nd)
-{
- security_ops->sb_post_pivotroot (old_nd, new_nd);
-}
-
-static inline int security_inode_alloc (struct inode *inode)
-{
- inode->i_security = NULL;
- return security_ops->inode_alloc_security (inode);
-}
-
-static inline void security_inode_free (struct inode *inode)
-{
- security_ops->inode_free_security (inode);
-}
-
-static inline int security_inode_init_security (struct inode *inode,
- struct inode *dir,
- char **name,
- void **value,
- size_t *len)
-{
- if (unlikely (IS_PRIVATE (inode)))
- return -EOPNOTSUPP;
- return security_ops->inode_init_security (inode, dir, name, value, len);
-}
-
-static inline int security_inode_create (struct inode *dir,
- struct dentry *dentry,
- int mode)
-{
- if (unlikely (IS_PRIVATE (dir)))
- return 0;
- return security_ops->inode_create (dir, dentry, mode);
-}
-
-static inline int security_inode_link (struct dentry *old_dentry,
- struct inode *dir,
- struct dentry *new_dentry)
-{
- if (unlikely (IS_PRIVATE (old_dentry->d_inode)))
- return 0;
- return security_ops->inode_link (old_dentry, dir, new_dentry);
-}
-
-static inline int security_inode_unlink (struct inode *dir,
- struct dentry *dentry)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_unlink (dir, dentry);
-}
-
-static inline int security_inode_symlink (struct inode *dir,
- struct dentry *dentry,
- const char *old_name)
-{
- if (unlikely (IS_PRIVATE (dir)))
- return 0;
- return security_ops->inode_symlink (dir, dentry, old_name);
-}
-
-static inline int security_inode_mkdir (struct inode *dir,
- struct dentry *dentry,
- int mode)
-{
- if (unlikely (IS_PRIVATE (dir)))
- return 0;
- return security_ops->inode_mkdir (dir, dentry, mode);
-}
-
-static inline int security_inode_rmdir (struct inode *dir,
- struct dentry *dentry)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_rmdir (dir, dentry);
-}
-
-static inline int security_inode_mknod (struct inode *dir,
- struct dentry *dentry,
- int mode, dev_t dev)
-{
- if (unlikely (IS_PRIVATE (dir)))
- return 0;
- return security_ops->inode_mknod (dir, dentry, mode, dev);
-}
-
-static inline int security_inode_rename (struct inode *old_dir,
- struct dentry *old_dentry,
- struct inode *new_dir,
- struct dentry *new_dentry)
-{
- if (unlikely (IS_PRIVATE (old_dentry->d_inode) ||
- (new_dentry->d_inode && IS_PRIVATE (new_dentry->d_inode))))
- return 0;
- return security_ops->inode_rename (old_dir, old_dentry,
- new_dir, new_dentry);
-}
-
-static inline int security_inode_readlink (struct dentry *dentry)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_readlink (dentry);
-}
-
-static inline int security_inode_follow_link (struct dentry *dentry,
- struct nameidata *nd)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_follow_link (dentry, nd);
-}
-
-static inline int security_inode_permission (struct inode *inode, int mask,
- struct nameidata *nd)
-{
- if (unlikely (IS_PRIVATE (inode)))
- return 0;
- return security_ops->inode_permission (inode, mask, nd);
-}
-
-static inline int security_inode_setattr (struct dentry *dentry,
- struct iattr *attr)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_setattr (dentry, attr);
-}
-
-static inline int security_inode_getattr (struct vfsmount *mnt,
- struct dentry *dentry)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_getattr (mnt, dentry);
-}
-
-static inline void security_inode_delete (struct inode *inode)
-{
- if (unlikely (IS_PRIVATE (inode)))
- return;
- security_ops->inode_delete (inode);
-}
-
-static inline int security_inode_setxattr (struct dentry *dentry, char *name,
- void *value, size_t size, int flags)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_setxattr (dentry, name, value, size, flags);
-}
-
-static inline void security_inode_post_setxattr (struct dentry *dentry, char *name,
- void *value, size_t size, int flags)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return;
- security_ops->inode_post_setxattr (dentry, name, value, size, flags);
-}
-
-static inline int security_inode_getxattr (struct dentry *dentry, char *name)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_getxattr (dentry, name);
-}
-
-static inline int security_inode_listxattr (struct dentry *dentry)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_listxattr (dentry);
-}
-
-static inline int security_inode_removexattr (struct dentry *dentry, char *name)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_removexattr (dentry, name);
-}
-
-static inline const char *security_inode_xattr_getsuffix(void)
-{
- return security_ops->inode_xattr_getsuffix();
-}
-
-static inline int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err)
-{
- if (unlikely (IS_PRIVATE (inode)))
- return 0;
- return security_ops->inode_getsecurity(inode, name, buffer, size, err);
-}
-
-static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
-{
- if (unlikely (IS_PRIVATE (inode)))
- return 0;
- return security_ops->inode_setsecurity(inode, name, value, size, flags);
-}
-
-static inline int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)
-{
- if (unlikely (IS_PRIVATE (inode)))
- return 0;
- return security_ops->inode_listsecurity(inode, buffer, buffer_size);
-}
-
-static inline int security_file_permission (struct file *file, int mask)
-{
- return security_ops->file_permission (file, mask);
-}
-
-static inline int security_file_alloc (struct file *file)
-{
- return security_ops->file_alloc_security (file);
-}
-
-static inline void security_file_free (struct file *file)
-{
- security_ops->file_free_security (file);
-}
-
-static inline int security_file_ioctl (struct file *file, unsigned int cmd,
- unsigned long arg)
-{
- return security_ops->file_ioctl (file, cmd, arg);
-}
-
-static inline int security_file_mmap (struct file *file, unsigned long reqprot,
- unsigned long prot,
- unsigned long flags)
-{
- return security_ops->file_mmap (file, reqprot, prot, flags);
-}
-
-static inline int security_file_mprotect (struct vm_area_struct *vma,
- unsigned long reqprot,
- unsigned long prot)
-{
- return security_ops->file_mprotect (vma, reqprot, prot);
-}
-
-static inline int security_file_lock (struct file *file, unsigned int cmd)
-{
- return security_ops->file_lock (file, cmd);
-}
-
-static inline int security_file_fcntl (struct file *file, unsigned int cmd,
- unsigned long arg)
-{
- return security_ops->file_fcntl (file, cmd, arg);
-}
-
-static inline int security_file_set_fowner (struct file *file)
-{
- return security_ops->file_set_fowner (file);
-}
-
-static inline int security_file_send_sigiotask (struct task_struct *tsk,
- struct fown_struct *fown,
- int sig)
-{
- return security_ops->file_send_sigiotask (tsk, fown, sig);
-}
-
-static inline int security_file_receive (struct file *file)
-{
- return security_ops->file_receive (file);
-}
-
-static inline int security_task_create (unsigned long clone_flags)
-{
- return security_ops->task_create (clone_flags);
-}
-
-static inline int security_task_alloc (struct task_struct *p)
-{
- return security_ops->task_alloc_security (p);
-}
-
-static inline void security_task_free (struct task_struct *p)
-{
- security_ops->task_free_security (p);
-}
-
-static inline int security_task_setuid (uid_t id0, uid_t id1, uid_t id2,
- int flags)
-{
- return security_ops->task_setuid (id0, id1, id2, flags);
-}
-
-static inline int security_task_post_setuid (uid_t old_ruid, uid_t old_euid,
- uid_t old_suid, int flags)
-{
- return security_ops->task_post_setuid (old_ruid, old_euid, old_suid, flags);
-}
-
-static inline int security_task_setgid (gid_t id0, gid_t id1, gid_t id2,
- int flags)
-{
- return security_ops->task_setgid (id0, id1, id2, flags);
-}
-
-static inline int security_task_setpgid (struct task_struct *p, pid_t pgid)
-{
- return security_ops->task_setpgid (p, pgid);
-}
-
-static inline int security_task_getpgid (struct task_struct *p)
-{
- return security_ops->task_getpgid (p);
-}
-
-static inline int security_task_getsid (struct task_struct *p)
-{
- return security_ops->task_getsid (p);
-}
-
-static inline void security_task_getsecid (struct task_struct *p, u32 *secid)
-{
- security_ops->task_getsecid (p, secid);
-}
-
-static inline int security_task_setgroups (struct group_info *group_info)
-{
- return security_ops->task_setgroups (group_info);
-}
-
-static inline int security_task_setnice (struct task_struct *p, int nice)
-{
- return security_ops->task_setnice (p, nice);
-}
-
-static inline int security_task_setioprio (struct task_struct *p, int ioprio)
-{
- return security_ops->task_setioprio (p, ioprio);
-}
-
-static inline int security_task_getioprio (struct task_struct *p)
-{
- return security_ops->task_getioprio (p);
-}
-
-static inline int security_task_setrlimit (unsigned int resource,
- struct rlimit *new_rlim)
-{
- return security_ops->task_setrlimit (resource, new_rlim);
-}
-
-static inline int security_task_setscheduler (struct task_struct *p,
- int policy,
- struct sched_param *lp)
-{
- return security_ops->task_setscheduler (p, policy, lp);
-}
-
-static inline int security_task_getscheduler (struct task_struct *p)
-{
- return security_ops->task_getscheduler (p);
-}
-
-static inline int security_task_movememory (struct task_struct *p)
-{
- return security_ops->task_movememory (p);
-}
-
-static inline int security_task_kill (struct task_struct *p,
- struct siginfo *info, int sig,
- u32 secid)
-{
- return security_ops->task_kill (p, info, sig, secid);
-}
-
-static inline int security_task_wait (struct task_struct *p)
-{
- return security_ops->task_wait (p);
-}
-
-static inline int security_task_prctl (int option, unsigned long arg2,
- unsigned long arg3,
- unsigned long arg4,
- unsigned long arg5)
-{
- return security_ops->task_prctl (option, arg2, arg3, arg4, arg5);
-}
-
-static inline void security_task_reparent_to_init (struct task_struct *p)
-{
- security_ops->task_reparent_to_init (p);
-}
-
-static inline void security_task_to_inode(struct task_struct *p, struct inode *inode)
-{
- security_ops->task_to_inode(p, inode);
-}
-
-static inline int security_ipc_permission (struct kern_ipc_perm *ipcp,
- short flag)
-{
- return security_ops->ipc_permission (ipcp, flag);
-}
-
-static inline int security_msg_msg_alloc (struct msg_msg * msg)
-{
- return security_ops->msg_msg_alloc_security (msg);
-}
-
-static inline void security_msg_msg_free (struct msg_msg * msg)
-{
- security_ops->msg_msg_free_security(msg);
-}
-
-static inline int security_msg_queue_alloc (struct msg_queue *msq)
-{
- return security_ops->msg_queue_alloc_security (msq);
-}
-
-static inline void security_msg_queue_free (struct msg_queue *msq)
-{
- security_ops->msg_queue_free_security (msq);
-}
-
-static inline int security_msg_queue_associate (struct msg_queue * msq,
- int msqflg)
-{
- return security_ops->msg_queue_associate (msq, msqflg);
-}
-
-static inline int security_msg_queue_msgctl (struct msg_queue * msq, int cmd)
-{
- return security_ops->msg_queue_msgctl (msq, cmd);
-}
-
-static inline int security_msg_queue_msgsnd (struct msg_queue * msq,
- struct msg_msg * msg, int msqflg)
-{
- return security_ops->msg_queue_msgsnd (msq, msg, msqflg);
-}
-
-static inline int security_msg_queue_msgrcv (struct msg_queue * msq,
- struct msg_msg * msg,
- struct task_struct * target,
- long type, int mode)
-{
- return security_ops->msg_queue_msgrcv (msq, msg, target, type, mode);
-}
-
-static inline int security_shm_alloc (struct shmid_kernel *shp)
-{
- return security_ops->shm_alloc_security (shp);
-}
-
-static inline void security_shm_free (struct shmid_kernel *shp)
-{
- security_ops->shm_free_security (shp);
-}
-
-static inline int security_shm_associate (struct shmid_kernel * shp,
- int shmflg)
-{
- return security_ops->shm_associate(shp, shmflg);
-}
-
-static inline int security_shm_shmctl (struct shmid_kernel * shp, int cmd)
-{
- return security_ops->shm_shmctl (shp, cmd);
-}
-
-static inline int security_shm_shmat (struct shmid_kernel * shp,
- char __user *shmaddr, int shmflg)
-{
- return security_ops->shm_shmat(shp, shmaddr, shmflg);
-}
-
-static inline int security_sem_alloc (struct sem_array *sma)
-{
- return security_ops->sem_alloc_security (sma);
-}
-
-static inline void security_sem_free (struct sem_array *sma)
-{
- security_ops->sem_free_security (sma);
-}
-
-static inline int security_sem_associate (struct sem_array * sma, int semflg)
-{
- return security_ops->sem_associate (sma, semflg);
-}
-
-static inline int security_sem_semctl (struct sem_array * sma, int cmd)
-{
- return security_ops->sem_semctl(sma, cmd);
-}
-
-static inline int security_sem_semop (struct sem_array * sma,
- struct sembuf * sops, unsigned nsops,
- int alter)
-{
- return security_ops->sem_semop(sma, sops, nsops, alter);
-}
-
-static inline void security_d_instantiate (struct dentry *dentry, struct inode *inode)
-{
- if (unlikely (inode && IS_PRIVATE (inode)))
- return;
- security_ops->d_instantiate (dentry, inode);
-}
-
-static inline int security_getprocattr(struct task_struct *p, char *name, char **value)
-{
- return security_ops->getprocattr(p, name, value);
-}
-
-static inline int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size)
-{
- return security_ops->setprocattr(p, name, value, size);
-}
-
-static inline int security_netlink_send(struct sock *sk, struct sk_buff * skb)
-{
- return security_ops->netlink_send(sk, skb);
-}
-
-static inline int security_netlink_recv(struct sk_buff * skb, int cap)
-{
- return security_ops->netlink_recv(skb, cap);
-}
-
-static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
-{
- return security_ops->secid_to_secctx(secid, secdata, seclen);
-}
-
-static inline void security_release_secctx(char *secdata, u32 seclen)
-{
- return security_ops->release_secctx(secdata, seclen);
-}
-
/* prototypes */
extern int security_init (void);
extern int register_security (struct security_operations *ops);
@@ -2135,6 +1413,154 @@ extern struct dentry *securityfs_create_dir(const char *name, struct dentry *par
extern void securityfs_remove(struct dentry *dentry);
+/* Security operations */
+int security_ptrace (struct task_struct * parent, struct task_struct * child);
+int security_capget (struct task_struct *target,
+ kernel_cap_t *effective,
+ kernel_cap_t *inheritable,
+ kernel_cap_t *permitted);
+int security_capset_check (struct task_struct *target,
+ kernel_cap_t *effective,
+ kernel_cap_t *inheritable,
+ kernel_cap_t *permitted);
+void security_capset_set (struct task_struct *target,
+ kernel_cap_t *effective,
+ kernel_cap_t *inheritable,
+ kernel_cap_t *permitted);
+int security_capable(struct task_struct *tsk, int cap);
+int security_acct (struct file *file);
+int security_sysctl(struct ctl_table *table, int op);
+int security_quotactl (int cmds, int type, int id, struct super_block *sb);
+int security_quota_on (struct dentry * dentry);
+int security_syslog(int type);
+int security_settime(struct timespec *ts, struct timezone *tz);
+int security_vm_enough_memory(long pages);
+int security_bprm_alloc (struct linux_binprm *bprm);
+void security_bprm_free (struct linux_binprm *bprm);
+void security_bprm_apply_creds (struct linux_binprm *bprm, int unsafe);
+void security_bprm_post_apply_creds (struct linux_binprm *bprm);
+int security_bprm_set (struct linux_binprm *bprm);
+int security_bprm_check (struct linux_binprm *bprm);
+int security_bprm_secureexec (struct linux_binprm *bprm);
+int security_sb_alloc (struct super_block *sb);
+void security_sb_free (struct super_block *sb);
+int security_sb_copy_data (struct file_system_type *type, void *orig, void *copy);
+int security_sb_kern_mount (struct super_block *sb, void *data);
+int security_sb_statfs (struct dentry *dentry);
+int security_sb_mount (char *dev_name, struct nameidata *nd,
+ char *type, unsigned long flags, void *data);
+int security_sb_check_sb (struct vfsmount *mnt, struct nameidata *nd);
+int security_sb_umount (struct vfsmount *mnt, int flags);
+void security_sb_umount_close (struct vfsmount *mnt);
+void security_sb_umount_busy (struct vfsmount *mnt);
+void security_sb_post_remount (struct vfsmount *mnt, unsigned long flags, void *data);
+void security_sb_post_mountroot (void);
+void security_sb_post_addmount (struct vfsmount *mnt, struct nameidata *mountpoint_nd);
+int security_sb_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd);
+void security_sb_post_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd);
+int security_inode_alloc (struct inode *inode);
+void security_inode_free (struct inode *inode);
+int security_inode_init_security (struct inode *inode, struct inode *dir,
+ char **name, void **value, size_t *len);
+int security_inode_create (struct inode *dir, struct dentry *dentry, int mode);
+int security_inode_link (struct dentry *old_dentry, struct inode *dir,
+ struct dentry *new_dentry);
+int security_inode_unlink (struct inode *dir, struct dentry *dentry);
+int security_inode_symlink (struct inode *dir, struct dentry *dentry,
+ const char *old_name);
+int security_inode_mkdir (struct inode *dir, struct dentry *dentry, int mode);
+int security_inode_rmdir (struct inode *dir, struct dentry *dentry);
+int security_inode_mknod (struct inode *dir, struct dentry *dentry, int mode, dev_t dev);
+int security_inode_rename (struct inode *old_dir, struct dentry *old_dentry,
+ struct inode *new_dir, struct dentry *new_dentry);
+int security_inode_readlink (struct dentry *dentry);
+int security_inode_follow_link (struct dentry *dentry, struct nameidata *nd);
+int security_inode_permission (struct inode *inode, int mask, struct nameidata *nd);
+int security_inode_setattr (struct dentry *dentry, struct iattr *attr);
+int security_inode_getattr (struct vfsmount *mnt, struct dentry *dentry);
+void security_inode_delete (struct inode *inode);
+int security_inode_setxattr (struct dentry *dentry, char *name,
+ void *value, size_t size, int flags);
+void security_inode_post_setxattr (struct dentry *dentry, char *name,
+ void *value, size_t size, int flags);
+int security_inode_getxattr (struct dentry *dentry, char *name);
+int security_inode_listxattr (struct dentry *dentry);
+int security_inode_removexattr (struct dentry *dentry, char *name);
+const char *security_inode_xattr_getsuffix(void);
+int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err);
+int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags);
+int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size);
+int security_file_permission (struct file *file, int mask);
+int security_file_alloc (struct file *file);
+void security_file_free (struct file *file);
+int security_file_ioctl (struct file *file, unsigned int cmd, unsigned long arg);
+int security_file_mmap (struct file *file, unsigned long reqprot,
+ unsigned long prot, unsigned long flags);
+int security_file_mprotect (struct vm_area_struct *vma, unsigned long reqprot,
+ unsigned long prot);
+int security_file_lock (struct file *file, unsigned int cmd);
+int security_file_fcntl (struct file *file, unsigned int cmd, unsigned long arg);
+int security_file_set_fowner (struct file *file);
+int security_file_send_sigiotask (struct task_struct *tsk,
+ struct fown_struct *fown, int sig);
+int security_file_receive (struct file *file);
+int security_task_create (unsigned long clone_flags);
+int security_task_alloc (struct task_struct *p);
+void security_task_free (struct task_struct *p);
+int security_task_setuid (uid_t id0, uid_t id1, uid_t id2, int flags);
+int security_task_post_setuid (uid_t old_ruid, uid_t old_euid,
+ uid_t old_suid, int flags);
+int security_task_setgid (gid_t id0, gid_t id1, gid_t id2, int flags);
+int security_task_setpgid (struct task_struct *p, pid_t pgid);
+int security_task_getpgid (struct task_struct *p);
+int security_task_getsid (struct task_struct *p);
+void security_task_getsecid (struct task_struct *p, u32 *secid);
+int security_task_setgroups (struct group_info *group_info);
+int security_task_setnice (struct task_struct *p, int nice);
+int security_task_setioprio (struct task_struct *p, int ioprio);
+int security_task_getioprio (struct task_struct *p);
+int security_task_setrlimit (unsigned int resource, struct rlimit *new_rlim);
+int security_task_setscheduler (struct task_struct *p,
+ int policy, struct sched_param *lp);
+int security_task_getscheduler (struct task_struct *p);
+int security_task_movememory (struct task_struct *p);
+int security_task_kill (struct task_struct *p, struct siginfo *info,
+ int sig, u32 secid);
+int security_task_wait (struct task_struct *p);
+int security_task_prctl (int option, unsigned long arg2, unsigned long arg3,
+ unsigned long arg4, unsigned long arg5);
+void security_task_reparent_to_init (struct task_struct *p);
+void security_task_to_inode(struct task_struct *p, struct inode *inode);
+int security_ipc_permission (struct kern_ipc_perm *ipcp, short flag);
+int security_msg_msg_alloc (struct msg_msg * msg);
+void security_msg_msg_free (struct msg_msg * msg);
+int security_msg_queue_alloc (struct msg_queue *msq);
+void security_msg_queue_free (struct msg_queue *msq);
+int security_msg_queue_associate (struct msg_queue * msq, int msqflg);
+int security_msg_queue_msgctl (struct msg_queue * msq, int cmd);
+int security_msg_queue_msgsnd (struct msg_queue * msq,
+ struct msg_msg * msg, int msqflg);
+int security_msg_queue_msgrcv (struct msg_queue * msq, struct msg_msg * msg,
+ struct task_struct * target, long type, int mode);
+int security_shm_alloc (struct shmid_kernel *shp);
+void security_shm_free (struct shmid_kernel *shp);
+int security_shm_associate (struct shmid_kernel * shp, int shmflg);
+int security_shm_shmctl (struct shmid_kernel * shp, int cmd);
+int security_shm_shmat (struct shmid_kernel * shp, char __user *shmaddr, int shmflg);
+int security_sem_alloc (struct sem_array *sma);
+void security_sem_free (struct sem_array *sma);
+int security_sem_associate (struct sem_array * sma, int semflg);
+int security_sem_semctl (struct sem_array * sma, int cmd);
+int security_sem_semop (struct sem_array * sma, struct sembuf * sops,
+ unsigned nsops, int alter);
+void security_d_instantiate (struct dentry *dentry, struct inode *inode);
+int security_getprocattr(struct task_struct *p, char *name, char **value);
+int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size);
+int security_netlink_send(struct sock *sk, struct sk_buff * skb);
+int security_netlink_recv(struct sk_buff * skb, int cap);
+int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
+void security_release_secctx(char *secdata, u32 seclen);
+
#else /* CONFIG_SECURITY */
/*
@@ -2799,170 +2225,43 @@ static inline void security_release_secctx(char *secdata, u32 seclen)
#endif /* CONFIG_SECURITY */
#ifdef CONFIG_SECURITY_NETWORK
-static inline int security_unix_stream_connect(struct socket * sock,
- struct socket * other,
- struct sock * newsk)
-{
- return security_ops->unix_stream_connect(sock, other, newsk);
-}
+int security_unix_stream_connect(struct socket * sock, struct socket * other,
+ struct sock * newsk);
+int security_unix_may_send(struct socket * sock, struct socket * other);
+int security_socket_create (int family, int type, int protocol, int kern);
+int security_socket_post_create(struct socket * sock, int family,
+ int type, int protocol, int kern);
+int security_socket_bind(struct socket * sock, struct sockaddr * address, int addrlen);
+int security_socket_connect(struct socket * sock, struct sockaddr * address, int addrlen);
+int security_socket_listen(struct socket * sock, int backlog);
+int security_socket_accept(struct socket * sock, struct socket * newsock);
+void security_socket_post_accept(struct socket * sock, struct socket * newsock);
+int security_socket_sendmsg(struct socket * sock, struct msghdr * msg, int size);
+int security_socket_recvmsg(struct socket * sock, struct msghdr * msg,
+ int size, int flags);
+int security_socket_getsockname(struct socket * sock);
+int security_socket_getpeername(struct socket * sock);
+int security_socket_getsockopt(struct socket * sock, int level, int optname);
+int security_socket_setsockopt(struct socket * sock, int level, int optname);
+int security_socket_shutdown(struct socket * sock, int how);
+int security_sock_rcv_skb (struct sock * sk, struct sk_buff * skb);
+int security_socket_getpeersec_stream(struct socket *sock, char __user *optval,
+ int __user *optlen, unsigned len);
+int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid);
+int security_sk_alloc(struct sock *sk, int family, gfp_t priority);
+void security_sk_free(struct sock *sk);
+void security_sk_clone(const struct sock *sk, struct sock *newsk);
+void security_sk_classify_flow(struct sock *sk, struct flowi *fl);
+void security_req_classify_flow(const struct request_sock *req, struct flowi *fl);
+void security_sock_graft(struct sock* sk, struct socket *parent);
+int security_inet_conn_request(struct sock *sk,
+ struct sk_buff *skb, struct request_sock *req);
+void security_inet_csk_clone(struct sock *newsk,
+ const struct request_sock *req);
+void security_inet_conn_established(struct sock *sk,
+ struct sk_buff *skb);
-static inline int security_unix_may_send(struct socket * sock,
- struct socket * other)
-{
- return security_ops->unix_may_send(sock, other);
-}
-
-static inline int security_socket_create (int family, int type,
- int protocol, int kern)
-{
- return security_ops->socket_create(family, type, protocol, kern);
-}
-
-static inline int security_socket_post_create(struct socket * sock,
- int family,
- int type,
- int protocol, int kern)
-{
- return security_ops->socket_post_create(sock, family, type,
- protocol, kern);
-}
-
-static inline int security_socket_bind(struct socket * sock,
- struct sockaddr * address,
- int addrlen)
-{
- return security_ops->socket_bind(sock, address, addrlen);
-}
-
-static inline int security_socket_connect(struct socket * sock,
- struct sockaddr * address,
- int addrlen)
-{
- return security_ops->socket_connect(sock, address, addrlen);
-}
-
-static inline int security_socket_listen(struct socket * sock, int backlog)
-{
- return security_ops->socket_listen(sock, backlog);
-}
-
-static inline int security_socket_accept(struct socket * sock,
- struct socket * newsock)
-{
- return security_ops->socket_accept(sock, newsock);
-}
-
-static inline void security_socket_post_accept(struct socket * sock,
- struct socket * newsock)
-{
- security_ops->socket_post_accept(sock, newsock);
-}
-
-static inline int security_socket_sendmsg(struct socket * sock,
- struct msghdr * msg, int size)
-{
- return security_ops->socket_sendmsg(sock, msg, size);
-}
-
-static inline int security_socket_recvmsg(struct socket * sock,
- struct msghdr * msg, int size,
- int flags)
-{
- return security_ops->socket_recvmsg(sock, msg, size, flags);
-}
-
-static inline int security_socket_getsockname(struct socket * sock)
-{
- return security_ops->socket_getsockname(sock);
-}
-
-static inline int security_socket_getpeername(struct socket * sock)
-{
- return security_ops->socket_getpeername(sock);
-}
-
-static inline int security_socket_getsockopt(struct socket * sock,
- int level, int optname)
-{
- return security_ops->socket_getsockopt(sock, level, optname);
-}
-
-static inline int security_socket_setsockopt(struct socket * sock,
- int level, int optname)
-{
- return security_ops->socket_setsockopt(sock, level, optname);
-}
-
-static inline int security_socket_shutdown(struct socket * sock, int how)
-{
- return security_ops->socket_shutdown(sock, how);
-}
-
-static inline int security_sock_rcv_skb (struct sock * sk,
- struct sk_buff * skb)
-{
- return security_ops->socket_sock_rcv_skb (sk, skb);
-}
-
-static inline int security_socket_getpeersec_stream(struct socket *sock, char __user *optval,
- int __user *optlen, unsigned len)
-{
- return security_ops->socket_getpeersec_stream(sock, optval, optlen, len);
-}
-
-static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid)
-{
- return security_ops->socket_getpeersec_dgram(sock, skb, secid);
-}
-
-static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority)
-{
- return security_ops->sk_alloc_security(sk, family, priority);
-}
-
-static inline void security_sk_free(struct sock *sk)
-{
- return security_ops->sk_free_security(sk);
-}
-
-static inline void security_sk_clone(const struct sock *sk, struct sock *newsk)
-{
- return security_ops->sk_clone_security(sk, newsk);
-}
-
-static inline void security_sk_classify_flow(struct sock *sk, struct flowi *fl)
-{
- security_ops->sk_getsecid(sk, &fl->secid);
-}
-
-static inline void security_req_classify_flow(const struct request_sock *req, struct flowi *fl)
-{
- security_ops->req_classify_flow(req, fl);
-}
-
-static inline void security_sock_graft(struct sock* sk, struct socket *parent)
-{
- security_ops->sock_graft(sk, parent);
-}
-
-static inline int security_inet_conn_request(struct sock *sk,
- struct sk_buff *skb, struct request_sock *req)
-{
- return security_ops->inet_conn_request(sk, skb, req);
-}
-
-static inline void security_inet_csk_clone(struct sock *newsk,
- const struct request_sock *req)
-{
- security_ops->inet_csk_clone(newsk, req);
-}
-
-static inline void security_inet_conn_established(struct sock *sk,
- struct sk_buff *skb)
-{
- security_ops->inet_conn_established(sk, skb);
-}
#else /* CONFIG_SECURITY_NETWORK */
static inline int security_unix_stream_connect(struct socket * sock,
struct socket * other,
@@ -3120,77 +2419,24 @@ static inline void security_inet_conn_established(struct sock *sk,
#endif /* CONFIG_SECURITY_NETWORK */
#ifdef CONFIG_SECURITY_NETWORK_XFRM
-static inline int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx)
-{
- return security_ops->xfrm_policy_alloc_security(xp, sec_ctx);
-}
-
-static inline int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new)
-{
- return security_ops->xfrm_policy_clone_security(old, new);
-}
-
-static inline void security_xfrm_policy_free(struct xfrm_policy *xp)
-{
- security_ops->xfrm_policy_free_security(xp);
-}
-
-static inline int security_xfrm_policy_delete(struct xfrm_policy *xp)
-{
- return security_ops->xfrm_policy_delete_security(xp);
-}
-
-static inline int security_xfrm_state_alloc(struct xfrm_state *x,
- struct xfrm_user_sec_ctx *sec_ctx)
-{
- return security_ops->xfrm_state_alloc_security(x, sec_ctx, 0);
-}
-
-static inline int security_xfrm_state_alloc_acquire(struct xfrm_state *x,
- struct xfrm_sec_ctx *polsec, u32 secid)
-{
- if (!polsec)
- return 0;
- /*
- * We want the context to be taken from secid which is usually
- * from the sock.
- */
- return security_ops->xfrm_state_alloc_security(x, NULL, secid);
-}
-
-static inline int security_xfrm_state_delete(struct xfrm_state *x)
-{
- return security_ops->xfrm_state_delete_security(x);
-}
-
-static inline void security_xfrm_state_free(struct xfrm_state *x)
-{
- security_ops->xfrm_state_free_security(x);
-}
-
-static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir)
-{
- return security_ops->xfrm_policy_lookup(xp, fl_secid, dir);
-}
-
-static inline int security_xfrm_state_pol_flow_match(struct xfrm_state *x,
- struct xfrm_policy *xp, struct flowi *fl)
-{
- return security_ops->xfrm_state_pol_flow_match(x, xp, fl);
-}
-
-static inline int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid)
-{
- return security_ops->xfrm_decode_session(skb, secid, 1);
-}
-static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl)
-{
- int rc = security_ops->xfrm_decode_session(skb, &fl->secid, 0);
+int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx);
+int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new);
+void security_xfrm_policy_free(struct xfrm_policy *xp);
+int security_xfrm_policy_delete(struct xfrm_policy *xp);
+int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx);
+int security_xfrm_state_alloc_acquire(struct xfrm_state *x,
+ struct xfrm_sec_ctx *polsec, u32 secid);
+int security_xfrm_state_delete(struct xfrm_state *x);
+void security_xfrm_state_free(struct xfrm_state *x);
+int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir);
+int security_xfrm_state_pol_flow_match(struct xfrm_state *x,
+ struct xfrm_policy *xp, struct flowi *fl);
+int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid);
+void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl);
- BUG_ON(rc);
-}
#else /* CONFIG_SECURITY_NETWORK_XFRM */
+
static inline int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx)
{
return 0;
@@ -3255,24 +2501,11 @@ static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi
#ifdef CONFIG_KEYS
#ifdef CONFIG_SECURITY
-static inline int security_key_alloc(struct key *key,
- struct task_struct *tsk,
- unsigned long flags)
-{
- return security_ops->key_alloc(key, tsk, flags);
-}
-
-static inline void security_key_free(struct key *key)
-{
- security_ops->key_free(key);
-}
-static inline int security_key_permission(key_ref_t key_ref,
- struct task_struct *context,
- key_perm_t perm)
-{
- return security_ops->key_permission(key_ref, context, perm);
-}
+int security_key_alloc(struct key *key, struct task_struct *tsk, unsigned long flags);
+void security_key_free(struct key *key);
+int security_key_permission(key_ref_t key_ref,
+ struct task_struct *context, key_perm_t perm);
#else
diff --git a/security/Kconfig b/security/Kconfig
index 460e5c9..8ae5490 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -74,14 +74,14 @@ config SECURITY_NETWORK_XFRM
If you are unsure how to answer this question, answer N.
config SECURITY_CAPABILITIES
- tristate "Default Linux Capabilities"
+ bool "Default Linux Capabilities"
depends on SECURITY
help
This enables the "default" Linux capabilities functionality.
If you are unsure how to answer this question, answer Y.
config SECURITY_ROOTPLUG
- tristate "Root Plug Support"
+ bool "Root Plug Support"
depends on USB && SECURITY
help
This is a sample LSM module that should only be used as such.
diff --git a/security/capability.c b/security/capability.c
index 38296a0..fda6a14 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -8,7 +8,6 @@
*
*/
-#include <linux/module.h>
#include <linux/init.h>
#include <linux/kernel.h>
#include <linux/security.h>
@@ -52,7 +51,6 @@ static int secondary;
static int capability_disable;
module_param_named(disable, capability_disable, int, 0);
-MODULE_PARM_DESC(disable, "To disable capabilities module set disable = 1");
static int __init capability_init (void)
{
@@ -75,26 +73,4 @@ static int __init capability_init (void)
return 0;
}
-static void __exit capability_exit (void)
-{
- if (capability_disable)
- return;
- /* remove ourselves from the security framework */
- if (secondary) {
- if (mod_unreg_security (KBUILD_MODNAME, &capability_ops))
- printk (KERN_INFO "Failure unregistering capabilities "
- "with primary module.\n");
- return;
- }
-
- if (unregister_security (&capability_ops)) {
- printk (KERN_INFO
- "Failure unregistering capabilities with the kernel\n");
- }
-}
-
security_initcall (capability_init);
-module_exit (capability_exit);
-
-MODULE_DESCRIPTION("Standard Linux Capabilities Security Module");
-MODULE_LICENSE("GPL");
diff --git a/security/commoncap.c b/security/commoncap.c
index 384379e..04bd44b 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -339,6 +339,3 @@ EXPORT_SYMBOL(cap_task_post_setuid);
EXPORT_SYMBOL(cap_task_reparent_to_init);
EXPORT_SYMBOL(cap_syslog);
EXPORT_SYMBOL(cap_vm_enough_memory);
-
-MODULE_DESCRIPTION("Standard Linux Common Capabilities Security Module");
-MODULE_LICENSE("GPL");
diff --git a/security/dummy.c b/security/dummy.c
index 8ffd764..6d4e34b 100644
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -15,7 +15,6 @@
#undef DEBUG
#include <linux/capability.h>
-#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/mman.h>
#include <linux/pagemap.h>
diff --git a/security/root_plug.c b/security/root_plug.c
index 38dd4f3..870f130 100644
--- a/security/root_plug.c
+++ b/security/root_plug.c
@@ -22,11 +22,11 @@
* License.
*/
-#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/init.h>
#include <linux/security.h>
#include <linux/usb.h>
+#include <linux/moduleparam.h>
/* flag to keep track of how we were registered */
static int secondary;
@@ -36,22 +36,14 @@ static int vendor_id = 0x0557;
static int product_id = 0x2008;
module_param(vendor_id, uint, 0400);
-MODULE_PARM_DESC(vendor_id, "USB Vendor ID of device to look for");
-
module_param(product_id, uint, 0400);
-MODULE_PARM_DESC(product_id, "USB Product ID of device to look for");
/* should we print out debug messages */
static int debug = 0;
module_param(debug, bool, 0600);
-MODULE_PARM_DESC(debug, "Debug enabled or not");
-#if defined(CONFIG_SECURITY_ROOTPLUG_MODULE)
-#define MY_NAME THIS_MODULE->name
-#else
#define MY_NAME "root_plug"
-#endif
#define root_dbg(fmt, arg...) \
do { \
@@ -117,25 +109,4 @@ static int __init rootplug_init (void)
return 0;
}
-static void __exit rootplug_exit (void)
-{
- /* remove ourselves from the security framework */
- if (secondary) {
- if (mod_unreg_security (MY_NAME, &rootplug_security_ops))
- printk (KERN_INFO "Failure unregistering Root Plug "
- " module with primary module.\n");
- } else {
- if (unregister_security (&rootplug_security_ops)) {
- printk (KERN_INFO "Failure unregistering Root Plug "
- "module with the kernel\n");
- }
- }
- printk (KERN_INFO "Root Plug module removed\n");
-}
-
security_initcall (rootplug_init);
-module_exit (rootplug_exit);
-
-MODULE_DESCRIPTION("Root Plug sample LSM module, written for Linux Journal article");
-MODULE_LICENSE("GPL");
-
diff --git a/security/security.c b/security/security.c
index fc8601b..3889cc3 100644
--- a/security/security.c
+++ b/security/security.c
@@ -17,7 +17,6 @@
#include <linux/kernel.h>
#include <linux/security.h>
-#define SECURITY_FRAMEWORK_VERSION "1.0.0"
/* things that live in dummy.c */
extern struct security_operations dummy_security_ops;
@@ -51,8 +50,7 @@ static void __init do_security_initcalls(void)
*/
int __init security_init(void)
{
- printk(KERN_INFO "Security Framework v" SECURITY_FRAMEWORK_VERSION
- " initialized\n");
+ printk(KERN_INFO "Security Framework initialized\n");
if (verify(&dummy_security_ops)) {
printk(KERN_ERR "%s could not verify "
@@ -172,8 +170,948 @@ int mod_unreg_security(const char *name, struct security_operations *ops)
return security_ops->unregister_security(name, ops);
}
-EXPORT_SYMBOL_GPL(register_security);
-EXPORT_SYMBOL_GPL(unregister_security);
-EXPORT_SYMBOL_GPL(mod_reg_security);
-EXPORT_SYMBOL_GPL(mod_unreg_security);
-EXPORT_SYMBOL(security_ops);
+/* Security operations */
+
+int security_ptrace (struct task_struct * parent, struct task_struct * child)
+{
+ return security_ops->ptrace (parent, child);
+}
+
+int security_capget (struct task_struct *target,
+ kernel_cap_t *effective,
+ kernel_cap_t *inheritable,
+ kernel_cap_t *permitted)
+{
+ return security_ops->capget (target, effective, inheritable, permitted);
+}
+
+int security_capset_check (struct task_struct *target,
+ kernel_cap_t *effective,
+ kernel_cap_t *inheritable,
+ kernel_cap_t *permitted)
+{
+ return security_ops->capset_check (target, effective, inheritable, permitted);
+}
+
+void security_capset_set (struct task_struct *target,
+ kernel_cap_t *effective,
+ kernel_cap_t *inheritable,
+ kernel_cap_t *permitted)
+{
+ security_ops->capset_set (target, effective, inheritable, permitted);
+}
+
+int security_capable(struct task_struct *tsk, int cap)
+{
+ return security_ops->capable(tsk, cap);
+}
+
+int security_acct (struct file *file)
+{
+ return security_ops->acct (file);
+}
+
+int security_sysctl(struct ctl_table *table, int op)
+{
+ return security_ops->sysctl(table, op);
+}
+
+int security_quotactl (int cmds, int type, int id, struct super_block *sb)
+{
+ return security_ops->quotactl (cmds, type, id, sb);
+}
+
+int security_quota_on (struct dentry * dentry)
+{
+ return security_ops->quota_on (dentry);
+}
+
+int security_syslog(int type)
+{
+ return security_ops->syslog(type);
+}
+
+int security_settime(struct timespec *ts, struct timezone *tz)
+{
+ return security_ops->settime(ts, tz);
+}
+
+
+int security_vm_enough_memory(long pages)
+{
+ return security_ops->vm_enough_memory(pages);
+}
+
+int security_bprm_alloc (struct linux_binprm *bprm)
+{
+ return security_ops->bprm_alloc_security (bprm);
+}
+
+void security_bprm_free (struct linux_binprm *bprm)
+{
+ security_ops->bprm_free_security (bprm);
+}
+
+void security_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
+{
+ security_ops->bprm_apply_creds (bprm, unsafe);
+}
+
+void security_bprm_post_apply_creds (struct linux_binprm *bprm)
+{
+ security_ops->bprm_post_apply_creds (bprm);
+}
+
+int security_bprm_set (struct linux_binprm *bprm)
+{
+ return security_ops->bprm_set_security (bprm);
+}
+
+int security_bprm_check (struct linux_binprm *bprm)
+{
+ return security_ops->bprm_check_security (bprm);
+}
+
+int security_bprm_secureexec (struct linux_binprm *bprm)
+{
+ return security_ops->bprm_secureexec (bprm);
+}
+
+int security_sb_alloc (struct super_block *sb)
+{
+ return security_ops->sb_alloc_security (sb);
+}
+
+void security_sb_free (struct super_block *sb)
+{
+ security_ops->sb_free_security (sb);
+}
+
+int security_sb_copy_data (struct file_system_type *type, void *orig, void *copy)
+{
+ return security_ops->sb_copy_data (type, orig, copy);
+}
+
+int security_sb_kern_mount (struct super_block *sb, void *data)
+{
+ return security_ops->sb_kern_mount (sb, data);
+}
+
+int security_sb_statfs (struct dentry *dentry)
+{
+ return security_ops->sb_statfs (dentry);
+}
+
+int security_sb_mount (char *dev_name, struct nameidata *nd,
+ char *type, unsigned long flags, void *data)
+{
+ return security_ops->sb_mount (dev_name, nd, type, flags, data);
+}
+
+int security_sb_check_sb (struct vfsmount *mnt, struct nameidata *nd)
+{
+ return security_ops->sb_check_sb (mnt, nd);
+}
+
+int security_sb_umount (struct vfsmount *mnt, int flags)
+{
+ return security_ops->sb_umount (mnt, flags);
+}
+
+void security_sb_umount_close (struct vfsmount *mnt)
+{
+ security_ops->sb_umount_close (mnt);
+}
+
+void security_sb_umount_busy (struct vfsmount *mnt)
+{
+ security_ops->sb_umount_busy (mnt);
+}
+
+void security_sb_post_remount (struct vfsmount *mnt, unsigned long flags, void *data)
+{
+ security_ops->sb_post_remount (mnt, flags, data);
+}
+
+void security_sb_post_mountroot (void)
+{
+ security_ops->sb_post_mountroot ();
+}
+
+void security_sb_post_addmount (struct vfsmount *mnt, struct nameidata *mountpoint_nd)
+{
+ security_ops->sb_post_addmount (mnt, mountpoint_nd);
+}
+
+int security_sb_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd)
+{
+ return security_ops->sb_pivotroot (old_nd, new_nd);
+}
+
+void security_sb_post_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd)
+{
+ security_ops->sb_post_pivotroot (old_nd, new_nd);
+}
+
+int security_inode_alloc (struct inode *inode)
+{
+ inode->i_security = NULL;
+ return security_ops->inode_alloc_security (inode);
+}
+
+void security_inode_free (struct inode *inode)
+{
+ security_ops->inode_free_security (inode);
+}
+
+int security_inode_init_security (struct inode *inode, struct inode *dir,
+ char **name, void **value, size_t *len)
+{
+ if (unlikely (IS_PRIVATE (inode)))
+ return -EOPNOTSUPP;
+ return security_ops->inode_init_security (inode, dir, name, value, len);
+}
+EXPORT_SYMBOL(security_inode_init_security);
+
+int security_inode_create (struct inode *dir, struct dentry *dentry, int mode)
+{
+ if (unlikely (IS_PRIVATE (dir)))
+ return 0;
+ return security_ops->inode_create (dir, dentry, mode);
+}
+
+int security_inode_link (struct dentry *old_dentry, struct inode *dir,
+ struct dentry *new_dentry)
+{
+ if (unlikely (IS_PRIVATE (old_dentry->d_inode)))
+ return 0;
+ return security_ops->inode_link (old_dentry, dir, new_dentry);
+}
+
+int security_inode_unlink (struct inode *dir, struct dentry *dentry)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_unlink (dir, dentry);
+}
+
+int security_inode_symlink (struct inode *dir, struct dentry *dentry,
+ const char *old_name)
+{
+ if (unlikely (IS_PRIVATE (dir)))
+ return 0;
+ return security_ops->inode_symlink (dir, dentry, old_name);
+}
+
+int security_inode_mkdir (struct inode *dir, struct dentry *dentry, int mode)
+{
+ if (unlikely (IS_PRIVATE (dir)))
+ return 0;
+ return security_ops->inode_mkdir (dir, dentry, mode);
+}
+
+int security_inode_rmdir (struct inode *dir, struct dentry *dentry)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_rmdir (dir, dentry);
+}
+
+int security_inode_mknod (struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
+{
+ if (unlikely (IS_PRIVATE (dir)))
+ return 0;
+ return security_ops->inode_mknod (dir, dentry, mode, dev);
+}
+
+int security_inode_rename (struct inode *old_dir, struct dentry *old_dentry,
+ struct inode *new_dir, struct dentry *new_dentry)
+{
+ if (unlikely (IS_PRIVATE (old_dentry->d_inode) ||
+ (new_dentry->d_inode && IS_PRIVATE (new_dentry->d_inode))))
+ return 0;
+ return security_ops->inode_rename (old_dir, old_dentry,
+ new_dir, new_dentry);
+}
+
+int security_inode_readlink (struct dentry *dentry)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_readlink (dentry);
+}
+
+int security_inode_follow_link (struct dentry *dentry, struct nameidata *nd)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_follow_link (dentry, nd);
+}
+
+int security_inode_permission (struct inode *inode, int mask, struct nameidata *nd)
+{
+ if (unlikely (IS_PRIVATE (inode)))
+ return 0;
+ return security_ops->inode_permission (inode, mask, nd);
+}
+
+int security_inode_setattr (struct dentry *dentry, struct iattr *attr)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_setattr (dentry, attr);
+}
+
+int security_inode_getattr (struct vfsmount *mnt, struct dentry *dentry)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_getattr (mnt, dentry);
+}
+
+void security_inode_delete (struct inode *inode)
+{
+ if (unlikely (IS_PRIVATE (inode)))
+ return;
+ security_ops->inode_delete (inode);
+}
+
+int security_inode_setxattr (struct dentry *dentry, char *name,
+ void *value, size_t size, int flags)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_setxattr (dentry, name, value, size, flags);
+}
+
+void security_inode_post_setxattr (struct dentry *dentry, char *name,
+ void *value, size_t size, int flags)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return;
+ security_ops->inode_post_setxattr (dentry, name, value, size, flags);
+}
+
+int security_inode_getxattr (struct dentry *dentry, char *name)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_getxattr (dentry, name);
+}
+
+int security_inode_listxattr (struct dentry *dentry)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_listxattr (dentry);
+}
+
+int security_inode_removexattr (struct dentry *dentry, char *name)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_removexattr (dentry, name);
+}
+
+const char *security_inode_xattr_getsuffix(void)
+{
+ return security_ops->inode_xattr_getsuffix();
+}
+
+int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err)
+{
+ if (unlikely (IS_PRIVATE (inode)))
+ return 0;
+ return security_ops->inode_getsecurity(inode, name, buffer, size, err);
+}
+
+int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
+{
+ if (unlikely (IS_PRIVATE (inode)))
+ return 0;
+ return security_ops->inode_setsecurity(inode, name, value, size, flags);
+}
+
+int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)
+{
+ if (unlikely (IS_PRIVATE (inode)))
+ return 0;
+ return security_ops->inode_listsecurity(inode, buffer, buffer_size);
+}
+
+int security_file_permission (struct file *file, int mask)
+{
+ return security_ops->file_permission (file, mask);
+}
+
+int security_file_alloc (struct file *file)
+{
+ return security_ops->file_alloc_security (file);
+}
+
+void security_file_free (struct file *file)
+{
+ security_ops->file_free_security (file);
+}
+
+int security_file_ioctl (struct file *file, unsigned int cmd, unsigned long arg)
+{
+ return security_ops->file_ioctl (file, cmd, arg);
+}
+
+int security_file_mmap (struct file *file, unsigned long reqprot,
+ unsigned long prot, unsigned long flags)
+{
+ return security_ops->file_mmap (file, reqprot, prot, flags);
+}
+
+int security_file_mprotect (struct vm_area_struct *vma, unsigned long reqprot,
+ unsigned long prot)
+{
+ return security_ops->file_mprotect (vma, reqprot, prot);
+}
+
+int security_file_lock (struct file *file, unsigned int cmd)
+{
+ return security_ops->file_lock (file, cmd);
+}
+
+int security_file_fcntl (struct file *file, unsigned int cmd, unsigned long arg)
+{
+ return security_ops->file_fcntl (file, cmd, arg);
+}
+
+int security_file_set_fowner (struct file *file)
+{
+ return security_ops->file_set_fowner (file);
+}
+
+int security_file_send_sigiotask (struct task_struct *tsk,
+ struct fown_struct *fown, int sig)
+{
+ return security_ops->file_send_sigiotask (tsk, fown, sig);
+}
+
+int security_file_receive (struct file *file)
+{
+ return security_ops->file_receive (file);
+}
+
+int security_task_create (unsigned long clone_flags)
+{
+ return security_ops->task_create (clone_flags);
+}
+
+int security_task_alloc (struct task_struct *p)
+{
+ return security_ops->task_alloc_security (p);
+}
+
+void security_task_free (struct task_struct *p)
+{
+ security_ops->task_free_security (p);
+}
+
+int security_task_setuid (uid_t id0, uid_t id1, uid_t id2, int flags)
+{
+ return security_ops->task_setuid (id0, id1, id2, flags);
+}
+
+int security_task_post_setuid (uid_t old_ruid, uid_t old_euid,
+ uid_t old_suid, int flags)
+{
+ return security_ops->task_post_setuid (old_ruid, old_euid, old_suid, flags);
+}
+
+int security_task_setgid (gid_t id0, gid_t id1, gid_t id2, int flags)
+{
+ return security_ops->task_setgid (id0, id1, id2, flags);
+}
+
+int security_task_setpgid (struct task_struct *p, pid_t pgid)
+{
+ return security_ops->task_setpgid (p, pgid);
+}
+
+int security_task_getpgid (struct task_struct *p)
+{
+ return security_ops->task_getpgid (p);
+}
+
+int security_task_getsid (struct task_struct *p)
+{
+ return security_ops->task_getsid (p);
+}
+
+void security_task_getsecid (struct task_struct *p, u32 *secid)
+{
+ security_ops->task_getsecid (p, secid);
+}
+EXPORT_SYMBOL(security_task_getsecid);
+
+int security_task_setgroups (struct group_info *group_info)
+{
+ return security_ops->task_setgroups (group_info);
+}
+
+int security_task_setnice (struct task_struct *p, int nice)
+{
+ return security_ops->task_setnice (p, nice);
+}
+
+int security_task_setioprio (struct task_struct *p, int ioprio)
+{
+ return security_ops->task_setioprio (p, ioprio);
+}
+
+int security_task_getioprio (struct task_struct *p)
+{
+ return security_ops->task_getioprio (p);
+}
+
+int security_task_setrlimit (unsigned int resource, struct rlimit *new_rlim)
+{
+ return security_ops->task_setrlimit (resource, new_rlim);
+}
+
+int security_task_setscheduler (struct task_struct *p,
+ int policy, struct sched_param *lp)
+{
+ return security_ops->task_setscheduler (p, policy, lp);
+}
+
+int security_task_getscheduler (struct task_struct *p)
+{
+ return security_ops->task_getscheduler (p);
+}
+
+int security_task_movememory (struct task_struct *p)
+{
+ return security_ops->task_movememory (p);
+}
+
+int security_task_kill (struct task_struct *p, struct siginfo *info,
+ int sig, u32 secid)
+{
+ return security_ops->task_kill (p, info, sig, secid);
+}
+
+int security_task_wait (struct task_struct *p)
+{
+ return security_ops->task_wait (p);
+}
+
+int security_task_prctl (int option, unsigned long arg2, unsigned long arg3,
+ unsigned long arg4, unsigned long arg5)
+{
+ return security_ops->task_prctl (option, arg2, arg3, arg4, arg5);
+}
+
+void security_task_reparent_to_init (struct task_struct *p)
+{
+ security_ops->task_reparent_to_init (p);
+}
+
+void security_task_to_inode(struct task_struct *p, struct inode *inode)
+{
+ security_ops->task_to_inode(p, inode);
+}
+
+int security_ipc_permission (struct kern_ipc_perm *ipcp, short flag)
+{
+ return security_ops->ipc_permission (ipcp, flag);
+}
+
+int security_msg_msg_alloc (struct msg_msg * msg)
+{
+ return security_ops->msg_msg_alloc_security (msg);
+}
+
+void security_msg_msg_free (struct msg_msg * msg)
+{
+ security_ops->msg_msg_free_security(msg);
+}
+
+int security_msg_queue_alloc (struct msg_queue *msq)
+{
+ return security_ops->msg_queue_alloc_security (msq);
+}
+
+void security_msg_queue_free (struct msg_queue *msq)
+{
+ security_ops->msg_queue_free_security (msq);
+}
+
+int security_msg_queue_associate (struct msg_queue * msq, int msqflg)
+{
+ return security_ops->msg_queue_associate (msq, msqflg);
+}
+
+int security_msg_queue_msgctl (struct msg_queue * msq, int cmd)
+{
+ return security_ops->msg_queue_msgctl (msq, cmd);
+}
+
+int security_msg_queue_msgsnd (struct msg_queue * msq,
+ struct msg_msg * msg, int msqflg)
+{
+ return security_ops->msg_queue_msgsnd (msq, msg, msqflg);
+}
+
+int security_msg_queue_msgrcv (struct msg_queue * msq, struct msg_msg * msg,
+ struct task_struct * target, long type, int mode)
+{
+ return security_ops->msg_queue_msgrcv (msq, msg, target, type, mode);
+}
+
+int security_shm_alloc (struct shmid_kernel *shp)
+{
+ return security_ops->shm_alloc_security (shp);
+}
+
+void security_shm_free (struct shmid_kernel *shp)
+{
+ security_ops->shm_free_security (shp);
+}
+
+int security_shm_associate (struct shmid_kernel * shp, int shmflg)
+{
+ return security_ops->shm_associate(shp, shmflg);
+}
+
+int security_shm_shmctl (struct shmid_kernel * shp, int cmd)
+{
+ return security_ops->shm_shmctl (shp, cmd);
+}
+
+int security_shm_shmat (struct shmid_kernel * shp, char __user *shmaddr, int shmflg)
+{
+ return security_ops->shm_shmat(shp, shmaddr, shmflg);
+}
+
+int security_sem_alloc (struct sem_array *sma)
+{
+ return security_ops->sem_alloc_security (sma);
+}
+
+void security_sem_free (struct sem_array *sma)
+{
+ security_ops->sem_free_security (sma);
+}
+
+int security_sem_associate (struct sem_array * sma, int semflg)
+{
+ return security_ops->sem_associate (sma, semflg);
+}
+
+int security_sem_semctl (struct sem_array * sma, int cmd)
+{
+ return security_ops->sem_semctl(sma, cmd);
+}
+
+int security_sem_semop (struct sem_array * sma, struct sembuf * sops,
+ unsigned nsops, int alter)
+{
+ return security_ops->sem_semop(sma, sops, nsops, alter);
+}
+
+void security_d_instantiate (struct dentry *dentry, struct inode *inode)
+{
+ if (unlikely (inode && IS_PRIVATE (inode)))
+ return;
+ security_ops->d_instantiate (dentry, inode);
+}
+EXPORT_SYMBOL(security_d_instantiate);
+
+int security_getprocattr(struct task_struct *p, char *name, char **value)
+{
+ return security_ops->getprocattr(p, name, value);
+}
+
+int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size)
+{
+ return security_ops->setprocattr(p, name, value, size);
+}
+
+int security_netlink_send(struct sock *sk, struct sk_buff * skb)
+{
+ return security_ops->netlink_send(sk, skb);
+}
+EXPORT_SYMBOL(security_netlink_send);
+
+int security_netlink_recv(struct sk_buff * skb, int cap)
+{
+ return security_ops->netlink_recv(skb, cap);
+}
+EXPORT_SYMBOL(security_netlink_recv);
+
+int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
+{
+ return security_ops->secid_to_secctx(secid, secdata, seclen);
+}
+EXPORT_SYMBOL(security_secid_to_secctx);
+
+void security_release_secctx(char *secdata, u32 seclen)
+{
+ return security_ops->release_secctx(secdata, seclen);
+}
+EXPORT_SYMBOL(security_release_secctx);
+
+#ifdef CONFIG_SECURITY_NETWORK
+
+int security_unix_stream_connect(struct socket * sock, struct socket * other,
+ struct sock * newsk)
+{
+ return security_ops->unix_stream_connect(sock, other, newsk);
+}
+EXPORT_SYMBOL(security_unix_stream_connect);
+
+int security_unix_may_send(struct socket * sock, struct socket * other)
+{
+ return security_ops->unix_may_send(sock, other);
+}
+EXPORT_SYMBOL(security_unix_may_send);
+
+int security_socket_create (int family, int type, int protocol, int kern)
+{
+ return security_ops->socket_create(family, type, protocol, kern);
+}
+
+int security_socket_post_create(struct socket * sock, int family,
+ int type, int protocol, int kern)
+{
+ return security_ops->socket_post_create(sock, family, type,
+ protocol, kern);
+}
+
+int security_socket_bind(struct socket * sock, struct sockaddr * address, int addrlen)
+{
+ return security_ops->socket_bind(sock, address, addrlen);
+}
+
+int security_socket_connect(struct socket * sock, struct sockaddr * address, int addrlen)
+{
+ return security_ops->socket_connect(sock, address, addrlen);
+}
+
+int security_socket_listen(struct socket * sock, int backlog)
+{
+ return security_ops->socket_listen(sock, backlog);
+}
+
+int security_socket_accept(struct socket * sock, struct socket * newsock)
+{
+ return security_ops->socket_accept(sock, newsock);
+}
+
+void security_socket_post_accept(struct socket * sock, struct socket * newsock)
+{
+ security_ops->socket_post_accept(sock, newsock);
+}
+
+int security_socket_sendmsg(struct socket * sock, struct msghdr * msg, int size)
+{
+ return security_ops->socket_sendmsg(sock, msg, size);
+}
+
+int security_socket_recvmsg(struct socket * sock, struct msghdr * msg,
+ int size, int flags)
+{
+ return security_ops->socket_recvmsg(sock, msg, size, flags);
+}
+
+int security_socket_getsockname(struct socket * sock)
+{
+ return security_ops->socket_getsockname(sock);
+}
+
+int security_socket_getpeername(struct socket * sock)
+{
+ return security_ops->socket_getpeername(sock);
+}
+
+int security_socket_getsockopt(struct socket * sock, int level, int optname)
+{
+ return security_ops->socket_getsockopt(sock, level, optname);
+}
+
+int security_socket_setsockopt(struct socket * sock, int level, int optname)
+{
+ return security_ops->socket_setsockopt(sock, level, optname);
+}
+
+int security_socket_shutdown(struct socket * sock, int how)
+{
+ return security_ops->socket_shutdown(sock, how);
+}
+
+int security_sock_rcv_skb (struct sock * sk, struct sk_buff * skb)
+{
+ return security_ops->socket_sock_rcv_skb (sk, skb);
+}
+EXPORT_SYMBOL(security_sock_rcv_skb);
+
+int security_socket_getpeersec_stream(struct socket *sock, char __user *optval,
+ int __user *optlen, unsigned len)
+{
+ return security_ops->socket_getpeersec_stream(sock, optval, optlen, len);
+}
+
+int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid)
+{
+ return security_ops->socket_getpeersec_dgram(sock, skb, secid);
+}
+EXPORT_SYMBOL(security_socket_getpeersec_dgram);
+
+int security_sk_alloc(struct sock *sk, int family, gfp_t priority)
+{
+ return security_ops->sk_alloc_security(sk, family, priority);
+}
+
+void security_sk_free(struct sock *sk)
+{
+ return security_ops->sk_free_security(sk);
+}
+
+void security_sk_clone(const struct sock *sk, struct sock *newsk)
+{
+ return security_ops->sk_clone_security(sk, newsk);
+}
+
+void security_sk_classify_flow(struct sock *sk, struct flowi *fl)
+{
+ security_ops->sk_getsecid(sk, &fl->secid);
+}
+EXPORT_SYMBOL(security_sk_classify_flow);
+
+void security_req_classify_flow(const struct request_sock *req, struct flowi *fl)
+{
+ security_ops->req_classify_flow(req, fl);
+}
+EXPORT_SYMBOL(security_req_classify_flow);
+
+void security_sock_graft(struct sock* sk, struct socket *parent)
+{
+ security_ops->sock_graft(sk, parent);
+}
+EXPORT_SYMBOL(security_sock_graft);
+
+int security_inet_conn_request(struct sock *sk,
+ struct sk_buff *skb, struct request_sock *req)
+{
+ return security_ops->inet_conn_request(sk, skb, req);
+}
+EXPORT_SYMBOL(security_inet_conn_request);
+
+void security_inet_csk_clone(struct sock *newsk,
+ const struct request_sock *req)
+{
+ security_ops->inet_csk_clone(newsk, req);
+}
+
+void security_inet_conn_established(struct sock *sk,
+ struct sk_buff *skb)
+{
+ security_ops->inet_conn_established(sk, skb);
+}
+
+#endif /* CONFIG_SECURITY_NETWORK */
+
+#ifdef CONFIG_SECURITY_NETWORK_XFRM
+
+int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx)
+{
+ return security_ops->xfrm_policy_alloc_security(xp, sec_ctx);
+}
+EXPORT_SYMBOL(security_xfrm_policy_alloc);
+
+int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new)
+{
+ return security_ops->xfrm_policy_clone_security(old, new);
+}
+
+void security_xfrm_policy_free(struct xfrm_policy *xp)
+{
+ security_ops->xfrm_policy_free_security(xp);
+}
+EXPORT_SYMBOL(security_xfrm_policy_free);
+
+int security_xfrm_policy_delete(struct xfrm_policy *xp)
+{
+ return security_ops->xfrm_policy_delete_security(xp);
+}
+
+int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx)
+{
+ return security_ops->xfrm_state_alloc_security(x, sec_ctx, 0);
+}
+EXPORT_SYMBOL(security_xfrm_state_alloc);
+
+int security_xfrm_state_alloc_acquire(struct xfrm_state *x,
+ struct xfrm_sec_ctx *polsec, u32 secid)
+{
+ if (!polsec)
+ return 0;
+ /*
+ * We want the context to be taken from secid which is usually
+ * from the sock.
+ */
+ return security_ops->xfrm_state_alloc_security(x, NULL, secid);
+}
+
+int security_xfrm_state_delete(struct xfrm_state *x)
+{
+ return security_ops->xfrm_state_delete_security(x);
+}
+EXPORT_SYMBOL(security_xfrm_state_delete);
+
+void security_xfrm_state_free(struct xfrm_state *x)
+{
+ security_ops->xfrm_state_free_security(x);
+}
+
+int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir)
+{
+ return security_ops->xfrm_policy_lookup(xp, fl_secid, dir);
+}
+
+int security_xfrm_state_pol_flow_match(struct xfrm_state *x,
+ struct xfrm_policy *xp, struct flowi *fl)
+{
+ return security_ops->xfrm_state_pol_flow_match(x, xp, fl);
+}
+
+int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid)
+{
+ return security_ops->xfrm_decode_session(skb, secid, 1);
+}
+
+void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl)
+{
+ int rc = security_ops->xfrm_decode_session(skb, &fl->secid, 0);
+
+ BUG_ON(rc);
+}
+EXPORT_SYMBOL(security_skb_classify_flow);
+
+#endif /* CONFIG_SECURITY_NETWORK_XFRM */
+
+#ifdef CONFIG_KEYS
+
+int security_key_alloc(struct key *key, struct task_struct *tsk, unsigned long flags)
+{
+ return security_ops->key_alloc(key, tsk, flags);
+}
+
+void security_key_free(struct key *key)
+{
+ security_ops->key_free(key);
+}
+
+int security_key_permission(key_ref_t key_ref,
+ struct task_struct *context, key_perm_t perm)
+{
+ return security_ops->key_permission(key_ref, context, perm);
+}
+
+#endif /* CONFIG_KEYS */
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index ad8dd4e..105319a 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -20,7 +20,6 @@
* as published by the Free Software Foundation.
*/
-#include <linux/module.h>
#include <linux/init.h>
#include <linux/kernel.h>
#include <linux/ptrace.h>
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c
index bd8d1ef..b589238 100644
--- a/security/selinux/xfrm.c
+++ b/security/selinux/xfrm.c
@@ -31,7 +31,6 @@
* 2. Emulating a reasonable SO_PEERSEC across machines
* 3. Testing addition of sk_policy's with security context via setsockopt
*/
-#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/init.h>
#include <linux/security.h>
--
1.5.2.1
^ permalink raw reply related [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
[not found] <Line.LNX.4.64.0706251953020.25122@localhost.localdomain.suse.lists.linux.kernel>
@ 2007-06-26 5:21 ` Marcus Meissner
0 siblings, 0 replies; 33+ messages in thread
From: Marcus Meissner @ 2007-06-26 5:21 UTC (permalink / raw)
To: linux-kernel
In article <Line.LNX.4.64.0706251953020.25122@localhost.localdomain.suse.lists.linux.kernel> you wrote:
> Convert LSM into a static interface, as the ability to unload a security
> module is not required by in-tree users and potentially complicates the
> overall security architecture.
>
> Needlessly exported LSM symbols have been unexported, to help reduce API
> abuse.
>
> Parameters for the capability and root_plug modules are now specified
> at boot.
>
> The SECURITY_FRAMEWORK_VERSION macro has also been removed.
>
> Signed-off-by: James Morris <jmorris@namei.org>
NAK.
First, such an interface should be obsoleted by first making an entry
to Documentation/feature-removal-schedule.txt and waiting for some months.
Second, security modules that cannot be loaded/unloaded can just marked
so and the LSM interface kept as-is.
You are aware of the out of tree users, like AppArmor and other security
modules and there are also several antivirus modules like dazuko, mcafee
(got riddance for the latter, but in general) using LSM.
Ciao, Marcus
^ permalink raw reply [flat|nested] 33+ messages in thread
* [PATCH try #3] security: Convert LSM into a static interface
@ 2007-07-14 16:37 James Morris
2007-07-18 15:28 ` Arjan van de Ven
` (2 more replies)
0 siblings, 3 replies; 33+ messages in thread
From: James Morris @ 2007-07-14 16:37 UTC (permalink / raw)
To: Chris Wright
Cc: Andrew Morton, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
Convert LSM into a static interface, as the ability to unload a security
module is not required by in-tree users and potentially complicates the
overall security architecture.
Needlessly exported LSM symbols have been unexported, to help reduce API
abuse.
Parameters for the capability and root_plug modules are now specified
at boot.
The SECURITY_FRAMEWORK_VERSION macro has also been removed.
Signed-off-by: James Morris <jmorris@namei.org>
---
I've just resynced this patch to the current Linus git and tested various
permutations of configuration options. The only real change to the code
is to account for the extra mmap hook arguments.
Please review and consider for 2.6.23 merge.
Documentation/kernel-parameters.txt | 17 +
include/linux/security.h | 1177 ++++++-----------------------------
security/Kconfig | 4 +-
security/capability.c | 24 -
security/commoncap.c | 3 -
security/dummy.c | 1 -
security/root_plug.c | 31 +-
security/security.c | 955 ++++++++++++++++++++++++++++-
security/selinux/hooks.c | 2 +-
security/selinux/xfrm.c | 1 -
10 files changed, 1171 insertions(+), 1044 deletions(-)
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index 4d880b3..9ad4a46 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -74,10 +74,12 @@ parameter is applicable:
PPT Parallel port support is enabled.
PS2 Appropriate PS/2 support is enabled.
RAM RAM disk support is enabled.
+ ROOTPLUG The example Root Plug LSM is enabled.
S390 S390 architecture is enabled.
SCSI Appropriate SCSI support is enabled.
A lot of drivers has their options described inside of
Documentation/scsi/.
+ SECURITY Different security models are enabled.
SELINUX SELinux support is enabled.
SERIAL Serial support is enabled.
SH SuperH architecture is enabled.
@@ -371,6 +373,12 @@ and is between 256 and 4096 characters. It is defined in the file
possible to determine what the correct size should be.
This option provides an override for these situations.
+ capability.disable=
+ [SECURITY] Disable capabilities. This would normally
+ be used only if an alternative security model is to be
+ configured. Potentially dangerous and should only be
+ used if you are entirely sure of the consequences.
+
cdu31a= [HW,CD]
Format: <io>,<irq>[,PAS]
See header of drivers/cdrom/cdu31a.c.
@@ -1493,6 +1501,15 @@ and is between 256 and 4096 characters. It is defined in the file
rootfstype= [KNL] Set root filesystem type
+ root_plug.vendor_id=
+ [ROOTPLUG] Override the default vendor ID
+
+ root_plug.product_id=
+ [ROOTPLUG] Override the default product ID
+
+ root_plug.debug=
+ [ROOTPLUG] Enable debugging output
+
rw [KNL] Mount root device read-write on boot
S [KNL] Run init in single mode
diff --git a/include/linux/security.h b/include/linux/security.h
index c11dc8a..6bfd974 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1400,733 +1400,6 @@ struct security_operations {
};
-/* global variables */
-extern struct security_operations *security_ops;
-
-/* inline stuff */
-static inline int security_ptrace (struct task_struct * parent, struct task_struct * child)
-{
- return security_ops->ptrace (parent, child);
-}
-
-static inline int security_capget (struct task_struct *target,
- kernel_cap_t *effective,
- kernel_cap_t *inheritable,
- kernel_cap_t *permitted)
-{
- return security_ops->capget (target, effective, inheritable, permitted);
-}
-
-static inline int security_capset_check (struct task_struct *target,
- kernel_cap_t *effective,
- kernel_cap_t *inheritable,
- kernel_cap_t *permitted)
-{
- return security_ops->capset_check (target, effective, inheritable, permitted);
-}
-
-static inline void security_capset_set (struct task_struct *target,
- kernel_cap_t *effective,
- kernel_cap_t *inheritable,
- kernel_cap_t *permitted)
-{
- security_ops->capset_set (target, effective, inheritable, permitted);
-}
-
-static inline int security_capable(struct task_struct *tsk, int cap)
-{
- return security_ops->capable(tsk, cap);
-}
-
-static inline int security_acct (struct file *file)
-{
- return security_ops->acct (file);
-}
-
-static inline int security_sysctl(struct ctl_table *table, int op)
-{
- return security_ops->sysctl(table, op);
-}
-
-static inline int security_quotactl (int cmds, int type, int id,
- struct super_block *sb)
-{
- return security_ops->quotactl (cmds, type, id, sb);
-}
-
-static inline int security_quota_on (struct dentry * dentry)
-{
- return security_ops->quota_on (dentry);
-}
-
-static inline int security_syslog(int type)
-{
- return security_ops->syslog(type);
-}
-
-static inline int security_settime(struct timespec *ts, struct timezone *tz)
-{
- return security_ops->settime(ts, tz);
-}
-
-
-static inline int security_vm_enough_memory(long pages)
-{
- return security_ops->vm_enough_memory(pages);
-}
-
-static inline int security_bprm_alloc (struct linux_binprm *bprm)
-{
- return security_ops->bprm_alloc_security (bprm);
-}
-static inline void security_bprm_free (struct linux_binprm *bprm)
-{
- security_ops->bprm_free_security (bprm);
-}
-static inline void security_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
-{
- security_ops->bprm_apply_creds (bprm, unsafe);
-}
-static inline void security_bprm_post_apply_creds (struct linux_binprm *bprm)
-{
- security_ops->bprm_post_apply_creds (bprm);
-}
-static inline int security_bprm_set (struct linux_binprm *bprm)
-{
- return security_ops->bprm_set_security (bprm);
-}
-
-static inline int security_bprm_check (struct linux_binprm *bprm)
-{
- return security_ops->bprm_check_security (bprm);
-}
-
-static inline int security_bprm_secureexec (struct linux_binprm *bprm)
-{
- return security_ops->bprm_secureexec (bprm);
-}
-
-static inline int security_sb_alloc (struct super_block *sb)
-{
- return security_ops->sb_alloc_security (sb);
-}
-
-static inline void security_sb_free (struct super_block *sb)
-{
- security_ops->sb_free_security (sb);
-}
-
-static inline int security_sb_copy_data (struct file_system_type *type,
- void *orig, void *copy)
-{
- return security_ops->sb_copy_data (type, orig, copy);
-}
-
-static inline int security_sb_kern_mount (struct super_block *sb, void *data)
-{
- return security_ops->sb_kern_mount (sb, data);
-}
-
-static inline int security_sb_statfs (struct dentry *dentry)
-{
- return security_ops->sb_statfs (dentry);
-}
-
-static inline int security_sb_mount (char *dev_name, struct nameidata *nd,
- char *type, unsigned long flags,
- void *data)
-{
- return security_ops->sb_mount (dev_name, nd, type, flags, data);
-}
-
-static inline int security_sb_check_sb (struct vfsmount *mnt,
- struct nameidata *nd)
-{
- return security_ops->sb_check_sb (mnt, nd);
-}
-
-static inline int security_sb_umount (struct vfsmount *mnt, int flags)
-{
- return security_ops->sb_umount (mnt, flags);
-}
-
-static inline void security_sb_umount_close (struct vfsmount *mnt)
-{
- security_ops->sb_umount_close (mnt);
-}
-
-static inline void security_sb_umount_busy (struct vfsmount *mnt)
-{
- security_ops->sb_umount_busy (mnt);
-}
-
-static inline void security_sb_post_remount (struct vfsmount *mnt,
- unsigned long flags, void *data)
-{
- security_ops->sb_post_remount (mnt, flags, data);
-}
-
-static inline void security_sb_post_mountroot (void)
-{
- security_ops->sb_post_mountroot ();
-}
-
-static inline void security_sb_post_addmount (struct vfsmount *mnt,
- struct nameidata *mountpoint_nd)
-{
- security_ops->sb_post_addmount (mnt, mountpoint_nd);
-}
-
-static inline int security_sb_pivotroot (struct nameidata *old_nd,
- struct nameidata *new_nd)
-{
- return security_ops->sb_pivotroot (old_nd, new_nd);
-}
-
-static inline void security_sb_post_pivotroot (struct nameidata *old_nd,
- struct nameidata *new_nd)
-{
- security_ops->sb_post_pivotroot (old_nd, new_nd);
-}
-
-static inline int security_inode_alloc (struct inode *inode)
-{
- inode->i_security = NULL;
- return security_ops->inode_alloc_security (inode);
-}
-
-static inline void security_inode_free (struct inode *inode)
-{
- security_ops->inode_free_security (inode);
-}
-
-static inline int security_inode_init_security (struct inode *inode,
- struct inode *dir,
- char **name,
- void **value,
- size_t *len)
-{
- if (unlikely (IS_PRIVATE (inode)))
- return -EOPNOTSUPP;
- return security_ops->inode_init_security (inode, dir, name, value, len);
-}
-
-static inline int security_inode_create (struct inode *dir,
- struct dentry *dentry,
- int mode)
-{
- if (unlikely (IS_PRIVATE (dir)))
- return 0;
- return security_ops->inode_create (dir, dentry, mode);
-}
-
-static inline int security_inode_link (struct dentry *old_dentry,
- struct inode *dir,
- struct dentry *new_dentry)
-{
- if (unlikely (IS_PRIVATE (old_dentry->d_inode)))
- return 0;
- return security_ops->inode_link (old_dentry, dir, new_dentry);
-}
-
-static inline int security_inode_unlink (struct inode *dir,
- struct dentry *dentry)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_unlink (dir, dentry);
-}
-
-static inline int security_inode_symlink (struct inode *dir,
- struct dentry *dentry,
- const char *old_name)
-{
- if (unlikely (IS_PRIVATE (dir)))
- return 0;
- return security_ops->inode_symlink (dir, dentry, old_name);
-}
-
-static inline int security_inode_mkdir (struct inode *dir,
- struct dentry *dentry,
- int mode)
-{
- if (unlikely (IS_PRIVATE (dir)))
- return 0;
- return security_ops->inode_mkdir (dir, dentry, mode);
-}
-
-static inline int security_inode_rmdir (struct inode *dir,
- struct dentry *dentry)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_rmdir (dir, dentry);
-}
-
-static inline int security_inode_mknod (struct inode *dir,
- struct dentry *dentry,
- int mode, dev_t dev)
-{
- if (unlikely (IS_PRIVATE (dir)))
- return 0;
- return security_ops->inode_mknod (dir, dentry, mode, dev);
-}
-
-static inline int security_inode_rename (struct inode *old_dir,
- struct dentry *old_dentry,
- struct inode *new_dir,
- struct dentry *new_dentry)
-{
- if (unlikely (IS_PRIVATE (old_dentry->d_inode) ||
- (new_dentry->d_inode && IS_PRIVATE (new_dentry->d_inode))))
- return 0;
- return security_ops->inode_rename (old_dir, old_dentry,
- new_dir, new_dentry);
-}
-
-static inline int security_inode_readlink (struct dentry *dentry)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_readlink (dentry);
-}
-
-static inline int security_inode_follow_link (struct dentry *dentry,
- struct nameidata *nd)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_follow_link (dentry, nd);
-}
-
-static inline int security_inode_permission (struct inode *inode, int mask,
- struct nameidata *nd)
-{
- if (unlikely (IS_PRIVATE (inode)))
- return 0;
- return security_ops->inode_permission (inode, mask, nd);
-}
-
-static inline int security_inode_setattr (struct dentry *dentry,
- struct iattr *attr)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_setattr (dentry, attr);
-}
-
-static inline int security_inode_getattr (struct vfsmount *mnt,
- struct dentry *dentry)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_getattr (mnt, dentry);
-}
-
-static inline void security_inode_delete (struct inode *inode)
-{
- if (unlikely (IS_PRIVATE (inode)))
- return;
- security_ops->inode_delete (inode);
-}
-
-static inline int security_inode_setxattr (struct dentry *dentry, char *name,
- void *value, size_t size, int flags)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_setxattr (dentry, name, value, size, flags);
-}
-
-static inline void security_inode_post_setxattr (struct dentry *dentry, char *name,
- void *value, size_t size, int flags)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return;
- security_ops->inode_post_setxattr (dentry, name, value, size, flags);
-}
-
-static inline int security_inode_getxattr (struct dentry *dentry, char *name)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_getxattr (dentry, name);
-}
-
-static inline int security_inode_listxattr (struct dentry *dentry)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_listxattr (dentry);
-}
-
-static inline int security_inode_removexattr (struct dentry *dentry, char *name)
-{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
- return 0;
- return security_ops->inode_removexattr (dentry, name);
-}
-
-static inline const char *security_inode_xattr_getsuffix(void)
-{
- return security_ops->inode_xattr_getsuffix();
-}
-
-static inline int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err)
-{
- if (unlikely (IS_PRIVATE (inode)))
- return 0;
- return security_ops->inode_getsecurity(inode, name, buffer, size, err);
-}
-
-static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
-{
- if (unlikely (IS_PRIVATE (inode)))
- return 0;
- return security_ops->inode_setsecurity(inode, name, value, size, flags);
-}
-
-static inline int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)
-{
- if (unlikely (IS_PRIVATE (inode)))
- return 0;
- return security_ops->inode_listsecurity(inode, buffer, buffer_size);
-}
-
-static inline int security_file_permission (struct file *file, int mask)
-{
- return security_ops->file_permission (file, mask);
-}
-
-static inline int security_file_alloc (struct file *file)
-{
- return security_ops->file_alloc_security (file);
-}
-
-static inline void security_file_free (struct file *file)
-{
- security_ops->file_free_security (file);
-}
-
-static inline int security_file_ioctl (struct file *file, unsigned int cmd,
- unsigned long arg)
-{
- return security_ops->file_ioctl (file, cmd, arg);
-}
-
-static inline int security_file_mmap (struct file *file, unsigned long reqprot,
- unsigned long prot,
- unsigned long flags,
- unsigned long addr,
- unsigned long addr_only)
-{
- return security_ops->file_mmap (file, reqprot, prot, flags, addr,
- addr_only);
-}
-
-static inline int security_file_mprotect (struct vm_area_struct *vma,
- unsigned long reqprot,
- unsigned long prot)
-{
- return security_ops->file_mprotect (vma, reqprot, prot);
-}
-
-static inline int security_file_lock (struct file *file, unsigned int cmd)
-{
- return security_ops->file_lock (file, cmd);
-}
-
-static inline int security_file_fcntl (struct file *file, unsigned int cmd,
- unsigned long arg)
-{
- return security_ops->file_fcntl (file, cmd, arg);
-}
-
-static inline int security_file_set_fowner (struct file *file)
-{
- return security_ops->file_set_fowner (file);
-}
-
-static inline int security_file_send_sigiotask (struct task_struct *tsk,
- struct fown_struct *fown,
- int sig)
-{
- return security_ops->file_send_sigiotask (tsk, fown, sig);
-}
-
-static inline int security_file_receive (struct file *file)
-{
- return security_ops->file_receive (file);
-}
-
-static inline int security_task_create (unsigned long clone_flags)
-{
- return security_ops->task_create (clone_flags);
-}
-
-static inline int security_task_alloc (struct task_struct *p)
-{
- return security_ops->task_alloc_security (p);
-}
-
-static inline void security_task_free (struct task_struct *p)
-{
- security_ops->task_free_security (p);
-}
-
-static inline int security_task_setuid (uid_t id0, uid_t id1, uid_t id2,
- int flags)
-{
- return security_ops->task_setuid (id0, id1, id2, flags);
-}
-
-static inline int security_task_post_setuid (uid_t old_ruid, uid_t old_euid,
- uid_t old_suid, int flags)
-{
- return security_ops->task_post_setuid (old_ruid, old_euid, old_suid, flags);
-}
-
-static inline int security_task_setgid (gid_t id0, gid_t id1, gid_t id2,
- int flags)
-{
- return security_ops->task_setgid (id0, id1, id2, flags);
-}
-
-static inline int security_task_setpgid (struct task_struct *p, pid_t pgid)
-{
- return security_ops->task_setpgid (p, pgid);
-}
-
-static inline int security_task_getpgid (struct task_struct *p)
-{
- return security_ops->task_getpgid (p);
-}
-
-static inline int security_task_getsid (struct task_struct *p)
-{
- return security_ops->task_getsid (p);
-}
-
-static inline void security_task_getsecid (struct task_struct *p, u32 *secid)
-{
- security_ops->task_getsecid (p, secid);
-}
-
-static inline int security_task_setgroups (struct group_info *group_info)
-{
- return security_ops->task_setgroups (group_info);
-}
-
-static inline int security_task_setnice (struct task_struct *p, int nice)
-{
- return security_ops->task_setnice (p, nice);
-}
-
-static inline int security_task_setioprio (struct task_struct *p, int ioprio)
-{
- return security_ops->task_setioprio (p, ioprio);
-}
-
-static inline int security_task_getioprio (struct task_struct *p)
-{
- return security_ops->task_getioprio (p);
-}
-
-static inline int security_task_setrlimit (unsigned int resource,
- struct rlimit *new_rlim)
-{
- return security_ops->task_setrlimit (resource, new_rlim);
-}
-
-static inline int security_task_setscheduler (struct task_struct *p,
- int policy,
- struct sched_param *lp)
-{
- return security_ops->task_setscheduler (p, policy, lp);
-}
-
-static inline int security_task_getscheduler (struct task_struct *p)
-{
- return security_ops->task_getscheduler (p);
-}
-
-static inline int security_task_movememory (struct task_struct *p)
-{
- return security_ops->task_movememory (p);
-}
-
-static inline int security_task_kill (struct task_struct *p,
- struct siginfo *info, int sig,
- u32 secid)
-{
- return security_ops->task_kill (p, info, sig, secid);
-}
-
-static inline int security_task_wait (struct task_struct *p)
-{
- return security_ops->task_wait (p);
-}
-
-static inline int security_task_prctl (int option, unsigned long arg2,
- unsigned long arg3,
- unsigned long arg4,
- unsigned long arg5)
-{
- return security_ops->task_prctl (option, arg2, arg3, arg4, arg5);
-}
-
-static inline void security_task_reparent_to_init (struct task_struct *p)
-{
- security_ops->task_reparent_to_init (p);
-}
-
-static inline void security_task_to_inode(struct task_struct *p, struct inode *inode)
-{
- security_ops->task_to_inode(p, inode);
-}
-
-static inline int security_ipc_permission (struct kern_ipc_perm *ipcp,
- short flag)
-{
- return security_ops->ipc_permission (ipcp, flag);
-}
-
-static inline int security_msg_msg_alloc (struct msg_msg * msg)
-{
- return security_ops->msg_msg_alloc_security (msg);
-}
-
-static inline void security_msg_msg_free (struct msg_msg * msg)
-{
- security_ops->msg_msg_free_security(msg);
-}
-
-static inline int security_msg_queue_alloc (struct msg_queue *msq)
-{
- return security_ops->msg_queue_alloc_security (msq);
-}
-
-static inline void security_msg_queue_free (struct msg_queue *msq)
-{
- security_ops->msg_queue_free_security (msq);
-}
-
-static inline int security_msg_queue_associate (struct msg_queue * msq,
- int msqflg)
-{
- return security_ops->msg_queue_associate (msq, msqflg);
-}
-
-static inline int security_msg_queue_msgctl (struct msg_queue * msq, int cmd)
-{
- return security_ops->msg_queue_msgctl (msq, cmd);
-}
-
-static inline int security_msg_queue_msgsnd (struct msg_queue * msq,
- struct msg_msg * msg, int msqflg)
-{
- return security_ops->msg_queue_msgsnd (msq, msg, msqflg);
-}
-
-static inline int security_msg_queue_msgrcv (struct msg_queue * msq,
- struct msg_msg * msg,
- struct task_struct * target,
- long type, int mode)
-{
- return security_ops->msg_queue_msgrcv (msq, msg, target, type, mode);
-}
-
-static inline int security_shm_alloc (struct shmid_kernel *shp)
-{
- return security_ops->shm_alloc_security (shp);
-}
-
-static inline void security_shm_free (struct shmid_kernel *shp)
-{
- security_ops->shm_free_security (shp);
-}
-
-static inline int security_shm_associate (struct shmid_kernel * shp,
- int shmflg)
-{
- return security_ops->shm_associate(shp, shmflg);
-}
-
-static inline int security_shm_shmctl (struct shmid_kernel * shp, int cmd)
-{
- return security_ops->shm_shmctl (shp, cmd);
-}
-
-static inline int security_shm_shmat (struct shmid_kernel * shp,
- char __user *shmaddr, int shmflg)
-{
- return security_ops->shm_shmat(shp, shmaddr, shmflg);
-}
-
-static inline int security_sem_alloc (struct sem_array *sma)
-{
- return security_ops->sem_alloc_security (sma);
-}
-
-static inline void security_sem_free (struct sem_array *sma)
-{
- security_ops->sem_free_security (sma);
-}
-
-static inline int security_sem_associate (struct sem_array * sma, int semflg)
-{
- return security_ops->sem_associate (sma, semflg);
-}
-
-static inline int security_sem_semctl (struct sem_array * sma, int cmd)
-{
- return security_ops->sem_semctl(sma, cmd);
-}
-
-static inline int security_sem_semop (struct sem_array * sma,
- struct sembuf * sops, unsigned nsops,
- int alter)
-{
- return security_ops->sem_semop(sma, sops, nsops, alter);
-}
-
-static inline void security_d_instantiate (struct dentry *dentry, struct inode *inode)
-{
- if (unlikely (inode && IS_PRIVATE (inode)))
- return;
- security_ops->d_instantiate (dentry, inode);
-}
-
-static inline int security_getprocattr(struct task_struct *p, char *name, char **value)
-{
- return security_ops->getprocattr(p, name, value);
-}
-
-static inline int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size)
-{
- return security_ops->setprocattr(p, name, value, size);
-}
-
-static inline int security_netlink_send(struct sock *sk, struct sk_buff * skb)
-{
- return security_ops->netlink_send(sk, skb);
-}
-
-static inline int security_netlink_recv(struct sk_buff * skb, int cap)
-{
- return security_ops->netlink_recv(skb, cap);
-}
-
-static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
-{
- return security_ops->secid_to_secctx(secid, secdata, seclen);
-}
-
-static inline void security_release_secctx(char *secdata, u32 seclen)
-{
- return security_ops->release_secctx(secdata, seclen);
-}
-
/* prototypes */
extern int security_init (void);
extern int register_security (struct security_operations *ops);
@@ -2140,6 +1413,155 @@ extern struct dentry *securityfs_create_dir(const char *name, struct dentry *par
extern void securityfs_remove(struct dentry *dentry);
+/* Security operations */
+int security_ptrace (struct task_struct * parent, struct task_struct * child);
+int security_capget (struct task_struct *target,
+ kernel_cap_t *effective,
+ kernel_cap_t *inheritable,
+ kernel_cap_t *permitted);
+int security_capset_check (struct task_struct *target,
+ kernel_cap_t *effective,
+ kernel_cap_t *inheritable,
+ kernel_cap_t *permitted);
+void security_capset_set (struct task_struct *target,
+ kernel_cap_t *effective,
+ kernel_cap_t *inheritable,
+ kernel_cap_t *permitted);
+int security_capable(struct task_struct *tsk, int cap);
+int security_acct (struct file *file);
+int security_sysctl(struct ctl_table *table, int op);
+int security_quotactl (int cmds, int type, int id, struct super_block *sb);
+int security_quota_on (struct dentry * dentry);
+int security_syslog(int type);
+int security_settime(struct timespec *ts, struct timezone *tz);
+int security_vm_enough_memory(long pages);
+int security_bprm_alloc (struct linux_binprm *bprm);
+void security_bprm_free (struct linux_binprm *bprm);
+void security_bprm_apply_creds (struct linux_binprm *bprm, int unsafe);
+void security_bprm_post_apply_creds (struct linux_binprm *bprm);
+int security_bprm_set (struct linux_binprm *bprm);
+int security_bprm_check (struct linux_binprm *bprm);
+int security_bprm_secureexec (struct linux_binprm *bprm);
+int security_sb_alloc (struct super_block *sb);
+void security_sb_free (struct super_block *sb);
+int security_sb_copy_data (struct file_system_type *type, void *orig, void *copy);
+int security_sb_kern_mount (struct super_block *sb, void *data);
+int security_sb_statfs (struct dentry *dentry);
+int security_sb_mount (char *dev_name, struct nameidata *nd,
+ char *type, unsigned long flags, void *data);
+int security_sb_check_sb (struct vfsmount *mnt, struct nameidata *nd);
+int security_sb_umount (struct vfsmount *mnt, int flags);
+void security_sb_umount_close (struct vfsmount *mnt);
+void security_sb_umount_busy (struct vfsmount *mnt);
+void security_sb_post_remount (struct vfsmount *mnt, unsigned long flags, void *data);
+void security_sb_post_mountroot (void);
+void security_sb_post_addmount (struct vfsmount *mnt, struct nameidata *mountpoint_nd);
+int security_sb_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd);
+void security_sb_post_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd);
+int security_inode_alloc (struct inode *inode);
+void security_inode_free (struct inode *inode);
+int security_inode_init_security (struct inode *inode, struct inode *dir,
+ char **name, void **value, size_t *len);
+int security_inode_create (struct inode *dir, struct dentry *dentry, int mode);
+int security_inode_link (struct dentry *old_dentry, struct inode *dir,
+ struct dentry *new_dentry);
+int security_inode_unlink (struct inode *dir, struct dentry *dentry);
+int security_inode_symlink (struct inode *dir, struct dentry *dentry,
+ const char *old_name);
+int security_inode_mkdir (struct inode *dir, struct dentry *dentry, int mode);
+int security_inode_rmdir (struct inode *dir, struct dentry *dentry);
+int security_inode_mknod (struct inode *dir, struct dentry *dentry, int mode, dev_t dev);
+int security_inode_rename (struct inode *old_dir, struct dentry *old_dentry,
+ struct inode *new_dir, struct dentry *new_dentry);
+int security_inode_readlink (struct dentry *dentry);
+int security_inode_follow_link (struct dentry *dentry, struct nameidata *nd);
+int security_inode_permission (struct inode *inode, int mask, struct nameidata *nd);
+int security_inode_setattr (struct dentry *dentry, struct iattr *attr);
+int security_inode_getattr (struct vfsmount *mnt, struct dentry *dentry);
+void security_inode_delete (struct inode *inode);
+int security_inode_setxattr (struct dentry *dentry, char *name,
+ void *value, size_t size, int flags);
+void security_inode_post_setxattr (struct dentry *dentry, char *name,
+ void *value, size_t size, int flags);
+int security_inode_getxattr (struct dentry *dentry, char *name);
+int security_inode_listxattr (struct dentry *dentry);
+int security_inode_removexattr (struct dentry *dentry, char *name);
+const char *security_inode_xattr_getsuffix(void);
+int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err);
+int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags);
+int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size);
+int security_file_permission (struct file *file, int mask);
+int security_file_alloc (struct file *file);
+void security_file_free (struct file *file);
+int security_file_ioctl (struct file *file, unsigned int cmd, unsigned long arg);
+int security_file_mmap (struct file *file, unsigned long reqprot,
+ unsigned long prot, unsigned long flags,
+ unsigned long addr, unsigned long addr_only);
+int security_file_mprotect (struct vm_area_struct *vma, unsigned long reqprot,
+ unsigned long prot);
+int security_file_lock (struct file *file, unsigned int cmd);
+int security_file_fcntl (struct file *file, unsigned int cmd, unsigned long arg);
+int security_file_set_fowner (struct file *file);
+int security_file_send_sigiotask (struct task_struct *tsk,
+ struct fown_struct *fown, int sig);
+int security_file_receive (struct file *file);
+int security_task_create (unsigned long clone_flags);
+int security_task_alloc (struct task_struct *p);
+void security_task_free (struct task_struct *p);
+int security_task_setuid (uid_t id0, uid_t id1, uid_t id2, int flags);
+int security_task_post_setuid (uid_t old_ruid, uid_t old_euid,
+ uid_t old_suid, int flags);
+int security_task_setgid (gid_t id0, gid_t id1, gid_t id2, int flags);
+int security_task_setpgid (struct task_struct *p, pid_t pgid);
+int security_task_getpgid (struct task_struct *p);
+int security_task_getsid (struct task_struct *p);
+void security_task_getsecid (struct task_struct *p, u32 *secid);
+int security_task_setgroups (struct group_info *group_info);
+int security_task_setnice (struct task_struct *p, int nice);
+int security_task_setioprio (struct task_struct *p, int ioprio);
+int security_task_getioprio (struct task_struct *p);
+int security_task_setrlimit (unsigned int resource, struct rlimit *new_rlim);
+int security_task_setscheduler (struct task_struct *p,
+ int policy, struct sched_param *lp);
+int security_task_getscheduler (struct task_struct *p);
+int security_task_movememory (struct task_struct *p);
+int security_task_kill (struct task_struct *p, struct siginfo *info,
+ int sig, u32 secid);
+int security_task_wait (struct task_struct *p);
+int security_task_prctl (int option, unsigned long arg2, unsigned long arg3,
+ unsigned long arg4, unsigned long arg5);
+void security_task_reparent_to_init (struct task_struct *p);
+void security_task_to_inode(struct task_struct *p, struct inode *inode);
+int security_ipc_permission (struct kern_ipc_perm *ipcp, short flag);
+int security_msg_msg_alloc (struct msg_msg * msg);
+void security_msg_msg_free (struct msg_msg * msg);
+int security_msg_queue_alloc (struct msg_queue *msq);
+void security_msg_queue_free (struct msg_queue *msq);
+int security_msg_queue_associate (struct msg_queue * msq, int msqflg);
+int security_msg_queue_msgctl (struct msg_queue * msq, int cmd);
+int security_msg_queue_msgsnd (struct msg_queue * msq,
+ struct msg_msg * msg, int msqflg);
+int security_msg_queue_msgrcv (struct msg_queue * msq, struct msg_msg * msg,
+ struct task_struct * target, long type, int mode);
+int security_shm_alloc (struct shmid_kernel *shp);
+void security_shm_free (struct shmid_kernel *shp);
+int security_shm_associate (struct shmid_kernel * shp, int shmflg);
+int security_shm_shmctl (struct shmid_kernel * shp, int cmd);
+int security_shm_shmat (struct shmid_kernel * shp, char __user *shmaddr, int shmflg);
+int security_sem_alloc (struct sem_array *sma);
+void security_sem_free (struct sem_array *sma);
+int security_sem_associate (struct sem_array * sma, int semflg);
+int security_sem_semctl (struct sem_array * sma, int cmd);
+int security_sem_semop (struct sem_array * sma, struct sembuf * sops,
+ unsigned nsops, int alter);
+void security_d_instantiate (struct dentry *dentry, struct inode *inode);
+int security_getprocattr(struct task_struct *p, char *name, char **value);
+int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size);
+int security_netlink_send(struct sock *sk, struct sk_buff * skb);
+int security_netlink_recv(struct sk_buff * skb, int cap);
+int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
+void security_release_secctx(char *secdata, u32 seclen);
+
#else /* CONFIG_SECURITY */
/*
@@ -2806,170 +2228,43 @@ static inline void security_release_secctx(char *secdata, u32 seclen)
#endif /* CONFIG_SECURITY */
#ifdef CONFIG_SECURITY_NETWORK
-static inline int security_unix_stream_connect(struct socket * sock,
- struct socket * other,
- struct sock * newsk)
-{
- return security_ops->unix_stream_connect(sock, other, newsk);
-}
-
-
-static inline int security_unix_may_send(struct socket * sock,
- struct socket * other)
-{
- return security_ops->unix_may_send(sock, other);
-}
-
-static inline int security_socket_create (int family, int type,
- int protocol, int kern)
-{
- return security_ops->socket_create(family, type, protocol, kern);
-}
-
-static inline int security_socket_post_create(struct socket * sock,
- int family,
- int type,
- int protocol, int kern)
-{
- return security_ops->socket_post_create(sock, family, type,
- protocol, kern);
-}
-
-static inline int security_socket_bind(struct socket * sock,
- struct sockaddr * address,
- int addrlen)
-{
- return security_ops->socket_bind(sock, address, addrlen);
-}
-static inline int security_socket_connect(struct socket * sock,
- struct sockaddr * address,
- int addrlen)
-{
- return security_ops->socket_connect(sock, address, addrlen);
-}
-
-static inline int security_socket_listen(struct socket * sock, int backlog)
-{
- return security_ops->socket_listen(sock, backlog);
-}
-
-static inline int security_socket_accept(struct socket * sock,
- struct socket * newsock)
-{
- return security_ops->socket_accept(sock, newsock);
-}
-
-static inline void security_socket_post_accept(struct socket * sock,
- struct socket * newsock)
-{
- security_ops->socket_post_accept(sock, newsock);
-}
-
-static inline int security_socket_sendmsg(struct socket * sock,
- struct msghdr * msg, int size)
-{
- return security_ops->socket_sendmsg(sock, msg, size);
-}
-
-static inline int security_socket_recvmsg(struct socket * sock,
- struct msghdr * msg, int size,
- int flags)
-{
- return security_ops->socket_recvmsg(sock, msg, size, flags);
-}
-
-static inline int security_socket_getsockname(struct socket * sock)
-{
- return security_ops->socket_getsockname(sock);
-}
-
-static inline int security_socket_getpeername(struct socket * sock)
-{
- return security_ops->socket_getpeername(sock);
-}
-
-static inline int security_socket_getsockopt(struct socket * sock,
- int level, int optname)
-{
- return security_ops->socket_getsockopt(sock, level, optname);
-}
-
-static inline int security_socket_setsockopt(struct socket * sock,
- int level, int optname)
-{
- return security_ops->socket_setsockopt(sock, level, optname);
-}
-
-static inline int security_socket_shutdown(struct socket * sock, int how)
-{
- return security_ops->socket_shutdown(sock, how);
-}
-
-static inline int security_sock_rcv_skb (struct sock * sk,
- struct sk_buff * skb)
-{
- return security_ops->socket_sock_rcv_skb (sk, skb);
-}
-
-static inline int security_socket_getpeersec_stream(struct socket *sock, char __user *optval,
- int __user *optlen, unsigned len)
-{
- return security_ops->socket_getpeersec_stream(sock, optval, optlen, len);
-}
-
-static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid)
-{
- return security_ops->socket_getpeersec_dgram(sock, skb, secid);
-}
-
-static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority)
-{
- return security_ops->sk_alloc_security(sk, family, priority);
-}
-
-static inline void security_sk_free(struct sock *sk)
-{
- return security_ops->sk_free_security(sk);
-}
+int security_unix_stream_connect(struct socket * sock, struct socket * other,
+ struct sock * newsk);
+int security_unix_may_send(struct socket * sock, struct socket * other);
+int security_socket_create (int family, int type, int protocol, int kern);
+int security_socket_post_create(struct socket * sock, int family,
+ int type, int protocol, int kern);
+int security_socket_bind(struct socket * sock, struct sockaddr * address, int addrlen);
+int security_socket_connect(struct socket * sock, struct sockaddr * address, int addrlen);
+int security_socket_listen(struct socket * sock, int backlog);
+int security_socket_accept(struct socket * sock, struct socket * newsock);
+void security_socket_post_accept(struct socket * sock, struct socket * newsock);
+int security_socket_sendmsg(struct socket * sock, struct msghdr * msg, int size);
+int security_socket_recvmsg(struct socket * sock, struct msghdr * msg,
+ int size, int flags);
+int security_socket_getsockname(struct socket * sock);
+int security_socket_getpeername(struct socket * sock);
+int security_socket_getsockopt(struct socket * sock, int level, int optname);
+int security_socket_setsockopt(struct socket * sock, int level, int optname);
+int security_socket_shutdown(struct socket * sock, int how);
+int security_sock_rcv_skb (struct sock * sk, struct sk_buff * skb);
+int security_socket_getpeersec_stream(struct socket *sock, char __user *optval,
+ int __user *optlen, unsigned len);
+int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid);
+int security_sk_alloc(struct sock *sk, int family, gfp_t priority);
+void security_sk_free(struct sock *sk);
+void security_sk_clone(const struct sock *sk, struct sock *newsk);
+void security_sk_classify_flow(struct sock *sk, struct flowi *fl);
+void security_req_classify_flow(const struct request_sock *req, struct flowi *fl);
+void security_sock_graft(struct sock* sk, struct socket *parent);
+int security_inet_conn_request(struct sock *sk,
+ struct sk_buff *skb, struct request_sock *req);
+void security_inet_csk_clone(struct sock *newsk,
+ const struct request_sock *req);
+void security_inet_conn_established(struct sock *sk,
+ struct sk_buff *skb);
-static inline void security_sk_clone(const struct sock *sk, struct sock *newsk)
-{
- return security_ops->sk_clone_security(sk, newsk);
-}
-
-static inline void security_sk_classify_flow(struct sock *sk, struct flowi *fl)
-{
- security_ops->sk_getsecid(sk, &fl->secid);
-}
-
-static inline void security_req_classify_flow(const struct request_sock *req, struct flowi *fl)
-{
- security_ops->req_classify_flow(req, fl);
-}
-
-static inline void security_sock_graft(struct sock* sk, struct socket *parent)
-{
- security_ops->sock_graft(sk, parent);
-}
-
-static inline int security_inet_conn_request(struct sock *sk,
- struct sk_buff *skb, struct request_sock *req)
-{
- return security_ops->inet_conn_request(sk, skb, req);
-}
-
-static inline void security_inet_csk_clone(struct sock *newsk,
- const struct request_sock *req)
-{
- security_ops->inet_csk_clone(newsk, req);
-}
-
-static inline void security_inet_conn_established(struct sock *sk,
- struct sk_buff *skb)
-{
- security_ops->inet_conn_established(sk, skb);
-}
#else /* CONFIG_SECURITY_NETWORK */
static inline int security_unix_stream_connect(struct socket * sock,
struct socket * other,
@@ -3127,77 +2422,24 @@ static inline void security_inet_conn_established(struct sock *sk,
#endif /* CONFIG_SECURITY_NETWORK */
#ifdef CONFIG_SECURITY_NETWORK_XFRM
-static inline int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx)
-{
- return security_ops->xfrm_policy_alloc_security(xp, sec_ctx);
-}
-
-static inline int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new)
-{
- return security_ops->xfrm_policy_clone_security(old, new);
-}
-
-static inline void security_xfrm_policy_free(struct xfrm_policy *xp)
-{
- security_ops->xfrm_policy_free_security(xp);
-}
-
-static inline int security_xfrm_policy_delete(struct xfrm_policy *xp)
-{
- return security_ops->xfrm_policy_delete_security(xp);
-}
-
-static inline int security_xfrm_state_alloc(struct xfrm_state *x,
- struct xfrm_user_sec_ctx *sec_ctx)
-{
- return security_ops->xfrm_state_alloc_security(x, sec_ctx, 0);
-}
-
-static inline int security_xfrm_state_alloc_acquire(struct xfrm_state *x,
- struct xfrm_sec_ctx *polsec, u32 secid)
-{
- if (!polsec)
- return 0;
- /*
- * We want the context to be taken from secid which is usually
- * from the sock.
- */
- return security_ops->xfrm_state_alloc_security(x, NULL, secid);
-}
-
-static inline int security_xfrm_state_delete(struct xfrm_state *x)
-{
- return security_ops->xfrm_state_delete_security(x);
-}
-
-static inline void security_xfrm_state_free(struct xfrm_state *x)
-{
- security_ops->xfrm_state_free_security(x);
-}
-
-static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir)
-{
- return security_ops->xfrm_policy_lookup(xp, fl_secid, dir);
-}
-
-static inline int security_xfrm_state_pol_flow_match(struct xfrm_state *x,
- struct xfrm_policy *xp, struct flowi *fl)
-{
- return security_ops->xfrm_state_pol_flow_match(x, xp, fl);
-}
-
-static inline int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid)
-{
- return security_ops->xfrm_decode_session(skb, secid, 1);
-}
-static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl)
-{
- int rc = security_ops->xfrm_decode_session(skb, &fl->secid, 0);
+int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx);
+int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new);
+void security_xfrm_policy_free(struct xfrm_policy *xp);
+int security_xfrm_policy_delete(struct xfrm_policy *xp);
+int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx);
+int security_xfrm_state_alloc_acquire(struct xfrm_state *x,
+ struct xfrm_sec_ctx *polsec, u32 secid);
+int security_xfrm_state_delete(struct xfrm_state *x);
+void security_xfrm_state_free(struct xfrm_state *x);
+int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir);
+int security_xfrm_state_pol_flow_match(struct xfrm_state *x,
+ struct xfrm_policy *xp, struct flowi *fl);
+int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid);
+void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl);
- BUG_ON(rc);
-}
#else /* CONFIG_SECURITY_NETWORK_XFRM */
+
static inline int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx)
{
return 0;
@@ -3262,24 +2504,11 @@ static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi
#ifdef CONFIG_KEYS
#ifdef CONFIG_SECURITY
-static inline int security_key_alloc(struct key *key,
- struct task_struct *tsk,
- unsigned long flags)
-{
- return security_ops->key_alloc(key, tsk, flags);
-}
-
-static inline void security_key_free(struct key *key)
-{
- security_ops->key_free(key);
-}
-static inline int security_key_permission(key_ref_t key_ref,
- struct task_struct *context,
- key_perm_t perm)
-{
- return security_ops->key_permission(key_ref, context, perm);
-}
+int security_key_alloc(struct key *key, struct task_struct *tsk, unsigned long flags);
+void security_key_free(struct key *key);
+int security_key_permission(key_ref_t key_ref,
+ struct task_struct *context, key_perm_t perm);
#else
diff --git a/security/Kconfig b/security/Kconfig
index 460e5c9..8ae5490 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -74,14 +74,14 @@ config SECURITY_NETWORK_XFRM
If you are unsure how to answer this question, answer N.
config SECURITY_CAPABILITIES
- tristate "Default Linux Capabilities"
+ bool "Default Linux Capabilities"
depends on SECURITY
help
This enables the "default" Linux capabilities functionality.
If you are unsure how to answer this question, answer Y.
config SECURITY_ROOTPLUG
- tristate "Root Plug Support"
+ bool "Root Plug Support"
depends on USB && SECURITY
help
This is a sample LSM module that should only be used as such.
diff --git a/security/capability.c b/security/capability.c
index 38296a0..fda6a14 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -8,7 +8,6 @@
*
*/
-#include <linux/module.h>
#include <linux/init.h>
#include <linux/kernel.h>
#include <linux/security.h>
@@ -52,7 +51,6 @@ static int secondary;
static int capability_disable;
module_param_named(disable, capability_disable, int, 0);
-MODULE_PARM_DESC(disable, "To disable capabilities module set disable = 1");
static int __init capability_init (void)
{
@@ -75,26 +73,4 @@ static int __init capability_init (void)
return 0;
}
-static void __exit capability_exit (void)
-{
- if (capability_disable)
- return;
- /* remove ourselves from the security framework */
- if (secondary) {
- if (mod_unreg_security (KBUILD_MODNAME, &capability_ops))
- printk (KERN_INFO "Failure unregistering capabilities "
- "with primary module.\n");
- return;
- }
-
- if (unregister_security (&capability_ops)) {
- printk (KERN_INFO
- "Failure unregistering capabilities with the kernel\n");
- }
-}
-
security_initcall (capability_init);
-module_exit (capability_exit);
-
-MODULE_DESCRIPTION("Standard Linux Capabilities Security Module");
-MODULE_LICENSE("GPL");
diff --git a/security/commoncap.c b/security/commoncap.c
index 384379e..04bd44b 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -339,6 +339,3 @@ EXPORT_SYMBOL(cap_task_post_setuid);
EXPORT_SYMBOL(cap_task_reparent_to_init);
EXPORT_SYMBOL(cap_syslog);
EXPORT_SYMBOL(cap_vm_enough_memory);
-
-MODULE_DESCRIPTION("Standard Linux Common Capabilities Security Module");
-MODULE_LICENSE("GPL");
diff --git a/security/dummy.c b/security/dummy.c
index d6a112c..427cb93 100644
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -15,7 +15,6 @@
#undef DEBUG
#include <linux/capability.h>
-#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/mman.h>
#include <linux/pagemap.h>
diff --git a/security/root_plug.c b/security/root_plug.c
index 38dd4f3..870f130 100644
--- a/security/root_plug.c
+++ b/security/root_plug.c
@@ -22,11 +22,11 @@
* License.
*/
-#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/init.h>
#include <linux/security.h>
#include <linux/usb.h>
+#include <linux/moduleparam.h>
/* flag to keep track of how we were registered */
static int secondary;
@@ -36,22 +36,14 @@ static int vendor_id = 0x0557;
static int product_id = 0x2008;
module_param(vendor_id, uint, 0400);
-MODULE_PARM_DESC(vendor_id, "USB Vendor ID of device to look for");
-
module_param(product_id, uint, 0400);
-MODULE_PARM_DESC(product_id, "USB Product ID of device to look for");
/* should we print out debug messages */
static int debug = 0;
module_param(debug, bool, 0600);
-MODULE_PARM_DESC(debug, "Debug enabled or not");
-#if defined(CONFIG_SECURITY_ROOTPLUG_MODULE)
-#define MY_NAME THIS_MODULE->name
-#else
#define MY_NAME "root_plug"
-#endif
#define root_dbg(fmt, arg...) \
do { \
@@ -117,25 +109,4 @@ static int __init rootplug_init (void)
return 0;
}
-static void __exit rootplug_exit (void)
-{
- /* remove ourselves from the security framework */
- if (secondary) {
- if (mod_unreg_security (MY_NAME, &rootplug_security_ops))
- printk (KERN_INFO "Failure unregistering Root Plug "
- " module with primary module.\n");
- } else {
- if (unregister_security (&rootplug_security_ops)) {
- printk (KERN_INFO "Failure unregistering Root Plug "
- "module with the kernel\n");
- }
- }
- printk (KERN_INFO "Root Plug module removed\n");
-}
-
security_initcall (rootplug_init);
-module_exit (rootplug_exit);
-
-MODULE_DESCRIPTION("Root Plug sample LSM module, written for Linux Journal article");
-MODULE_LICENSE("GPL");
-
diff --git a/security/security.c b/security/security.c
index 27e5863..949a22f 100644
--- a/security/security.c
+++ b/security/security.c
@@ -17,7 +17,6 @@
#include <linux/kernel.h>
#include <linux/security.h>
-#define SECURITY_FRAMEWORK_VERSION "1.0.0"
/* things that live in dummy.c */
extern struct security_operations dummy_security_ops;
@@ -52,8 +51,7 @@ static void __init do_security_initcalls(void)
*/
int __init security_init(void)
{
- printk(KERN_INFO "Security Framework v" SECURITY_FRAMEWORK_VERSION
- " initialized\n");
+ printk(KERN_INFO "Security Framework initialized\n");
if (verify(&dummy_security_ops)) {
printk(KERN_ERR "%s could not verify "
@@ -173,8 +171,949 @@ int mod_unreg_security(const char *name, struct security_operations *ops)
return security_ops->unregister_security(name, ops);
}
-EXPORT_SYMBOL_GPL(register_security);
-EXPORT_SYMBOL_GPL(unregister_security);
-EXPORT_SYMBOL_GPL(mod_reg_security);
-EXPORT_SYMBOL_GPL(mod_unreg_security);
-EXPORT_SYMBOL(security_ops);
+/* Security operations */
+
+int security_ptrace (struct task_struct * parent, struct task_struct * child)
+{
+ return security_ops->ptrace (parent, child);
+}
+
+int security_capget (struct task_struct *target,
+ kernel_cap_t *effective,
+ kernel_cap_t *inheritable,
+ kernel_cap_t *permitted)
+{
+ return security_ops->capget (target, effective, inheritable, permitted);
+}
+
+int security_capset_check (struct task_struct *target,
+ kernel_cap_t *effective,
+ kernel_cap_t *inheritable,
+ kernel_cap_t *permitted)
+{
+ return security_ops->capset_check (target, effective, inheritable, permitted);
+}
+
+void security_capset_set (struct task_struct *target,
+ kernel_cap_t *effective,
+ kernel_cap_t *inheritable,
+ kernel_cap_t *permitted)
+{
+ security_ops->capset_set (target, effective, inheritable, permitted);
+}
+
+int security_capable(struct task_struct *tsk, int cap)
+{
+ return security_ops->capable(tsk, cap);
+}
+
+int security_acct (struct file *file)
+{
+ return security_ops->acct (file);
+}
+
+int security_sysctl(struct ctl_table *table, int op)
+{
+ return security_ops->sysctl(table, op);
+}
+
+int security_quotactl (int cmds, int type, int id, struct super_block *sb)
+{
+ return security_ops->quotactl (cmds, type, id, sb);
+}
+
+int security_quota_on (struct dentry * dentry)
+{
+ return security_ops->quota_on (dentry);
+}
+
+int security_syslog(int type)
+{
+ return security_ops->syslog(type);
+}
+
+int security_settime(struct timespec *ts, struct timezone *tz)
+{
+ return security_ops->settime(ts, tz);
+}
+
+
+int security_vm_enough_memory(long pages)
+{
+ return security_ops->vm_enough_memory(pages);
+}
+
+int security_bprm_alloc (struct linux_binprm *bprm)
+{
+ return security_ops->bprm_alloc_security (bprm);
+}
+
+void security_bprm_free (struct linux_binprm *bprm)
+{
+ security_ops->bprm_free_security (bprm);
+}
+
+void security_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
+{
+ security_ops->bprm_apply_creds (bprm, unsafe);
+}
+
+void security_bprm_post_apply_creds (struct linux_binprm *bprm)
+{
+ security_ops->bprm_post_apply_creds (bprm);
+}
+
+int security_bprm_set (struct linux_binprm *bprm)
+{
+ return security_ops->bprm_set_security (bprm);
+}
+
+int security_bprm_check (struct linux_binprm *bprm)
+{
+ return security_ops->bprm_check_security (bprm);
+}
+
+int security_bprm_secureexec (struct linux_binprm *bprm)
+{
+ return security_ops->bprm_secureexec (bprm);
+}
+
+int security_sb_alloc (struct super_block *sb)
+{
+ return security_ops->sb_alloc_security (sb);
+}
+
+void security_sb_free (struct super_block *sb)
+{
+ security_ops->sb_free_security (sb);
+}
+
+int security_sb_copy_data (struct file_system_type *type, void *orig, void *copy)
+{
+ return security_ops->sb_copy_data (type, orig, copy);
+}
+
+int security_sb_kern_mount (struct super_block *sb, void *data)
+{
+ return security_ops->sb_kern_mount (sb, data);
+}
+
+int security_sb_statfs (struct dentry *dentry)
+{
+ return security_ops->sb_statfs (dentry);
+}
+
+int security_sb_mount (char *dev_name, struct nameidata *nd,
+ char *type, unsigned long flags, void *data)
+{
+ return security_ops->sb_mount (dev_name, nd, type, flags, data);
+}
+
+int security_sb_check_sb (struct vfsmount *mnt, struct nameidata *nd)
+{
+ return security_ops->sb_check_sb (mnt, nd);
+}
+
+int security_sb_umount (struct vfsmount *mnt, int flags)
+{
+ return security_ops->sb_umount (mnt, flags);
+}
+
+void security_sb_umount_close (struct vfsmount *mnt)
+{
+ security_ops->sb_umount_close (mnt);
+}
+
+void security_sb_umount_busy (struct vfsmount *mnt)
+{
+ security_ops->sb_umount_busy (mnt);
+}
+
+void security_sb_post_remount (struct vfsmount *mnt, unsigned long flags, void *data)
+{
+ security_ops->sb_post_remount (mnt, flags, data);
+}
+
+void security_sb_post_mountroot (void)
+{
+ security_ops->sb_post_mountroot ();
+}
+
+void security_sb_post_addmount (struct vfsmount *mnt, struct nameidata *mountpoint_nd)
+{
+ security_ops->sb_post_addmount (mnt, mountpoint_nd);
+}
+
+int security_sb_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd)
+{
+ return security_ops->sb_pivotroot (old_nd, new_nd);
+}
+
+void security_sb_post_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd)
+{
+ security_ops->sb_post_pivotroot (old_nd, new_nd);
+}
+
+int security_inode_alloc (struct inode *inode)
+{
+ inode->i_security = NULL;
+ return security_ops->inode_alloc_security (inode);
+}
+
+void security_inode_free (struct inode *inode)
+{
+ security_ops->inode_free_security (inode);
+}
+
+int security_inode_init_security (struct inode *inode, struct inode *dir,
+ char **name, void **value, size_t *len)
+{
+ if (unlikely (IS_PRIVATE (inode)))
+ return -EOPNOTSUPP;
+ return security_ops->inode_init_security (inode, dir, name, value, len);
+}
+EXPORT_SYMBOL(security_inode_init_security);
+
+int security_inode_create (struct inode *dir, struct dentry *dentry, int mode)
+{
+ if (unlikely (IS_PRIVATE (dir)))
+ return 0;
+ return security_ops->inode_create (dir, dentry, mode);
+}
+
+int security_inode_link (struct dentry *old_dentry, struct inode *dir,
+ struct dentry *new_dentry)
+{
+ if (unlikely (IS_PRIVATE (old_dentry->d_inode)))
+ return 0;
+ return security_ops->inode_link (old_dentry, dir, new_dentry);
+}
+
+int security_inode_unlink (struct inode *dir, struct dentry *dentry)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_unlink (dir, dentry);
+}
+
+int security_inode_symlink (struct inode *dir, struct dentry *dentry,
+ const char *old_name)
+{
+ if (unlikely (IS_PRIVATE (dir)))
+ return 0;
+ return security_ops->inode_symlink (dir, dentry, old_name);
+}
+
+int security_inode_mkdir (struct inode *dir, struct dentry *dentry, int mode)
+{
+ if (unlikely (IS_PRIVATE (dir)))
+ return 0;
+ return security_ops->inode_mkdir (dir, dentry, mode);
+}
+
+int security_inode_rmdir (struct inode *dir, struct dentry *dentry)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_rmdir (dir, dentry);
+}
+
+int security_inode_mknod (struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
+{
+ if (unlikely (IS_PRIVATE (dir)))
+ return 0;
+ return security_ops->inode_mknod (dir, dentry, mode, dev);
+}
+
+int security_inode_rename (struct inode *old_dir, struct dentry *old_dentry,
+ struct inode *new_dir, struct dentry *new_dentry)
+{
+ if (unlikely (IS_PRIVATE (old_dentry->d_inode) ||
+ (new_dentry->d_inode && IS_PRIVATE (new_dentry->d_inode))))
+ return 0;
+ return security_ops->inode_rename (old_dir, old_dentry,
+ new_dir, new_dentry);
+}
+
+int security_inode_readlink (struct dentry *dentry)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_readlink (dentry);
+}
+
+int security_inode_follow_link (struct dentry *dentry, struct nameidata *nd)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_follow_link (dentry, nd);
+}
+
+int security_inode_permission (struct inode *inode, int mask, struct nameidata *nd)
+{
+ if (unlikely (IS_PRIVATE (inode)))
+ return 0;
+ return security_ops->inode_permission (inode, mask, nd);
+}
+
+int security_inode_setattr (struct dentry *dentry, struct iattr *attr)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_setattr (dentry, attr);
+}
+
+int security_inode_getattr (struct vfsmount *mnt, struct dentry *dentry)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_getattr (mnt, dentry);
+}
+
+void security_inode_delete (struct inode *inode)
+{
+ if (unlikely (IS_PRIVATE (inode)))
+ return;
+ security_ops->inode_delete (inode);
+}
+
+int security_inode_setxattr (struct dentry *dentry, char *name,
+ void *value, size_t size, int flags)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_setxattr (dentry, name, value, size, flags);
+}
+
+void security_inode_post_setxattr (struct dentry *dentry, char *name,
+ void *value, size_t size, int flags)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return;
+ security_ops->inode_post_setxattr (dentry, name, value, size, flags);
+}
+
+int security_inode_getxattr (struct dentry *dentry, char *name)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_getxattr (dentry, name);
+}
+
+int security_inode_listxattr (struct dentry *dentry)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_listxattr (dentry);
+}
+
+int security_inode_removexattr (struct dentry *dentry, char *name)
+{
+ if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ return 0;
+ return security_ops->inode_removexattr (dentry, name);
+}
+
+const char *security_inode_xattr_getsuffix(void)
+{
+ return security_ops->inode_xattr_getsuffix();
+}
+
+int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err)
+{
+ if (unlikely (IS_PRIVATE (inode)))
+ return 0;
+ return security_ops->inode_getsecurity(inode, name, buffer, size, err);
+}
+
+int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
+{
+ if (unlikely (IS_PRIVATE (inode)))
+ return 0;
+ return security_ops->inode_setsecurity(inode, name, value, size, flags);
+}
+
+int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)
+{
+ if (unlikely (IS_PRIVATE (inode)))
+ return 0;
+ return security_ops->inode_listsecurity(inode, buffer, buffer_size);
+}
+
+int security_file_permission (struct file *file, int mask)
+{
+ return security_ops->file_permission (file, mask);
+}
+
+int security_file_alloc (struct file *file)
+{
+ return security_ops->file_alloc_security (file);
+}
+
+void security_file_free (struct file *file)
+{
+ security_ops->file_free_security (file);
+}
+
+int security_file_ioctl (struct file *file, unsigned int cmd, unsigned long arg)
+{
+ return security_ops->file_ioctl (file, cmd, arg);
+}
+
+int security_file_mmap (struct file *file, unsigned long reqprot,
+ unsigned long prot, unsigned long flags,
+ unsigned long addr, unsigned long addr_only)
+{
+ return security_ops->file_mmap (file, reqprot, prot, flags, addr, addr_only);
+}
+
+int security_file_mprotect (struct vm_area_struct *vma, unsigned long reqprot,
+ unsigned long prot)
+{
+ return security_ops->file_mprotect (vma, reqprot, prot);
+}
+
+int security_file_lock (struct file *file, unsigned int cmd)
+{
+ return security_ops->file_lock (file, cmd);
+}
+
+int security_file_fcntl (struct file *file, unsigned int cmd, unsigned long arg)
+{
+ return security_ops->file_fcntl (file, cmd, arg);
+}
+
+int security_file_set_fowner (struct file *file)
+{
+ return security_ops->file_set_fowner (file);
+}
+
+int security_file_send_sigiotask (struct task_struct *tsk,
+ struct fown_struct *fown, int sig)
+{
+ return security_ops->file_send_sigiotask (tsk, fown, sig);
+}
+
+int security_file_receive (struct file *file)
+{
+ return security_ops->file_receive (file);
+}
+
+int security_task_create (unsigned long clone_flags)
+{
+ return security_ops->task_create (clone_flags);
+}
+
+int security_task_alloc (struct task_struct *p)
+{
+ return security_ops->task_alloc_security (p);
+}
+
+void security_task_free (struct task_struct *p)
+{
+ security_ops->task_free_security (p);
+}
+
+int security_task_setuid (uid_t id0, uid_t id1, uid_t id2, int flags)
+{
+ return security_ops->task_setuid (id0, id1, id2, flags);
+}
+
+int security_task_post_setuid (uid_t old_ruid, uid_t old_euid,
+ uid_t old_suid, int flags)
+{
+ return security_ops->task_post_setuid (old_ruid, old_euid, old_suid, flags);
+}
+
+int security_task_setgid (gid_t id0, gid_t id1, gid_t id2, int flags)
+{
+ return security_ops->task_setgid (id0, id1, id2, flags);
+}
+
+int security_task_setpgid (struct task_struct *p, pid_t pgid)
+{
+ return security_ops->task_setpgid (p, pgid);
+}
+
+int security_task_getpgid (struct task_struct *p)
+{
+ return security_ops->task_getpgid (p);
+}
+
+int security_task_getsid (struct task_struct *p)
+{
+ return security_ops->task_getsid (p);
+}
+
+void security_task_getsecid (struct task_struct *p, u32 *secid)
+{
+ security_ops->task_getsecid (p, secid);
+}
+EXPORT_SYMBOL(security_task_getsecid);
+
+int security_task_setgroups (struct group_info *group_info)
+{
+ return security_ops->task_setgroups (group_info);
+}
+
+int security_task_setnice (struct task_struct *p, int nice)
+{
+ return security_ops->task_setnice (p, nice);
+}
+
+int security_task_setioprio (struct task_struct *p, int ioprio)
+{
+ return security_ops->task_setioprio (p, ioprio);
+}
+
+int security_task_getioprio (struct task_struct *p)
+{
+ return security_ops->task_getioprio (p);
+}
+
+int security_task_setrlimit (unsigned int resource, struct rlimit *new_rlim)
+{
+ return security_ops->task_setrlimit (resource, new_rlim);
+}
+
+int security_task_setscheduler (struct task_struct *p,
+ int policy, struct sched_param *lp)
+{
+ return security_ops->task_setscheduler (p, policy, lp);
+}
+
+int security_task_getscheduler (struct task_struct *p)
+{
+ return security_ops->task_getscheduler (p);
+}
+
+int security_task_movememory (struct task_struct *p)
+{
+ return security_ops->task_movememory (p);
+}
+
+int security_task_kill (struct task_struct *p, struct siginfo *info,
+ int sig, u32 secid)
+{
+ return security_ops->task_kill (p, info, sig, secid);
+}
+
+int security_task_wait (struct task_struct *p)
+{
+ return security_ops->task_wait (p);
+}
+
+int security_task_prctl (int option, unsigned long arg2, unsigned long arg3,
+ unsigned long arg4, unsigned long arg5)
+{
+ return security_ops->task_prctl (option, arg2, arg3, arg4, arg5);
+}
+
+void security_task_reparent_to_init (struct task_struct *p)
+{
+ security_ops->task_reparent_to_init (p);
+}
+
+void security_task_to_inode(struct task_struct *p, struct inode *inode)
+{
+ security_ops->task_to_inode(p, inode);
+}
+
+int security_ipc_permission (struct kern_ipc_perm *ipcp, short flag)
+{
+ return security_ops->ipc_permission (ipcp, flag);
+}
+
+int security_msg_msg_alloc (struct msg_msg * msg)
+{
+ return security_ops->msg_msg_alloc_security (msg);
+}
+
+void security_msg_msg_free (struct msg_msg * msg)
+{
+ security_ops->msg_msg_free_security(msg);
+}
+
+int security_msg_queue_alloc (struct msg_queue *msq)
+{
+ return security_ops->msg_queue_alloc_security (msq);
+}
+
+void security_msg_queue_free (struct msg_queue *msq)
+{
+ security_ops->msg_queue_free_security (msq);
+}
+
+int security_msg_queue_associate (struct msg_queue * msq, int msqflg)
+{
+ return security_ops->msg_queue_associate (msq, msqflg);
+}
+
+int security_msg_queue_msgctl (struct msg_queue * msq, int cmd)
+{
+ return security_ops->msg_queue_msgctl (msq, cmd);
+}
+
+int security_msg_queue_msgsnd (struct msg_queue * msq,
+ struct msg_msg * msg, int msqflg)
+{
+ return security_ops->msg_queue_msgsnd (msq, msg, msqflg);
+}
+
+int security_msg_queue_msgrcv (struct msg_queue * msq, struct msg_msg * msg,
+ struct task_struct * target, long type, int mode)
+{
+ return security_ops->msg_queue_msgrcv (msq, msg, target, type, mode);
+}
+
+int security_shm_alloc (struct shmid_kernel *shp)
+{
+ return security_ops->shm_alloc_security (shp);
+}
+
+void security_shm_free (struct shmid_kernel *shp)
+{
+ security_ops->shm_free_security (shp);
+}
+
+int security_shm_associate (struct shmid_kernel * shp, int shmflg)
+{
+ return security_ops->shm_associate(shp, shmflg);
+}
+
+int security_shm_shmctl (struct shmid_kernel * shp, int cmd)
+{
+ return security_ops->shm_shmctl (shp, cmd);
+}
+
+int security_shm_shmat (struct shmid_kernel * shp, char __user *shmaddr, int shmflg)
+{
+ return security_ops->shm_shmat(shp, shmaddr, shmflg);
+}
+
+int security_sem_alloc (struct sem_array *sma)
+{
+ return security_ops->sem_alloc_security (sma);
+}
+
+void security_sem_free (struct sem_array *sma)
+{
+ security_ops->sem_free_security (sma);
+}
+
+int security_sem_associate (struct sem_array * sma, int semflg)
+{
+ return security_ops->sem_associate (sma, semflg);
+}
+
+int security_sem_semctl (struct sem_array * sma, int cmd)
+{
+ return security_ops->sem_semctl(sma, cmd);
+}
+
+int security_sem_semop (struct sem_array * sma, struct sembuf * sops,
+ unsigned nsops, int alter)
+{
+ return security_ops->sem_semop(sma, sops, nsops, alter);
+}
+
+void security_d_instantiate (struct dentry *dentry, struct inode *inode)
+{
+ if (unlikely (inode && IS_PRIVATE (inode)))
+ return;
+ security_ops->d_instantiate (dentry, inode);
+}
+EXPORT_SYMBOL(security_d_instantiate);
+
+int security_getprocattr(struct task_struct *p, char *name, char **value)
+{
+ return security_ops->getprocattr(p, name, value);
+}
+
+int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size)
+{
+ return security_ops->setprocattr(p, name, value, size);
+}
+
+int security_netlink_send(struct sock *sk, struct sk_buff * skb)
+{
+ return security_ops->netlink_send(sk, skb);
+}
+EXPORT_SYMBOL(security_netlink_send);
+
+int security_netlink_recv(struct sk_buff * skb, int cap)
+{
+ return security_ops->netlink_recv(skb, cap);
+}
+EXPORT_SYMBOL(security_netlink_recv);
+
+int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
+{
+ return security_ops->secid_to_secctx(secid, secdata, seclen);
+}
+EXPORT_SYMBOL(security_secid_to_secctx);
+
+void security_release_secctx(char *secdata, u32 seclen)
+{
+ return security_ops->release_secctx(secdata, seclen);
+}
+EXPORT_SYMBOL(security_release_secctx);
+
+#ifdef CONFIG_SECURITY_NETWORK
+
+int security_unix_stream_connect(struct socket * sock, struct socket * other,
+ struct sock * newsk)
+{
+ return security_ops->unix_stream_connect(sock, other, newsk);
+}
+EXPORT_SYMBOL(security_unix_stream_connect);
+
+int security_unix_may_send(struct socket * sock, struct socket * other)
+{
+ return security_ops->unix_may_send(sock, other);
+}
+EXPORT_SYMBOL(security_unix_may_send);
+
+int security_socket_create (int family, int type, int protocol, int kern)
+{
+ return security_ops->socket_create(family, type, protocol, kern);
+}
+
+int security_socket_post_create(struct socket * sock, int family,
+ int type, int protocol, int kern)
+{
+ return security_ops->socket_post_create(sock, family, type,
+ protocol, kern);
+}
+
+int security_socket_bind(struct socket * sock, struct sockaddr * address, int addrlen)
+{
+ return security_ops->socket_bind(sock, address, addrlen);
+}
+
+int security_socket_connect(struct socket * sock, struct sockaddr * address, int addrlen)
+{
+ return security_ops->socket_connect(sock, address, addrlen);
+}
+
+int security_socket_listen(struct socket * sock, int backlog)
+{
+ return security_ops->socket_listen(sock, backlog);
+}
+
+int security_socket_accept(struct socket * sock, struct socket * newsock)
+{
+ return security_ops->socket_accept(sock, newsock);
+}
+
+void security_socket_post_accept(struct socket * sock, struct socket * newsock)
+{
+ security_ops->socket_post_accept(sock, newsock);
+}
+
+int security_socket_sendmsg(struct socket * sock, struct msghdr * msg, int size)
+{
+ return security_ops->socket_sendmsg(sock, msg, size);
+}
+
+int security_socket_recvmsg(struct socket * sock, struct msghdr * msg,
+ int size, int flags)
+{
+ return security_ops->socket_recvmsg(sock, msg, size, flags);
+}
+
+int security_socket_getsockname(struct socket * sock)
+{
+ return security_ops->socket_getsockname(sock);
+}
+
+int security_socket_getpeername(struct socket * sock)
+{
+ return security_ops->socket_getpeername(sock);
+}
+
+int security_socket_getsockopt(struct socket * sock, int level, int optname)
+{
+ return security_ops->socket_getsockopt(sock, level, optname);
+}
+
+int security_socket_setsockopt(struct socket * sock, int level, int optname)
+{
+ return security_ops->socket_setsockopt(sock, level, optname);
+}
+
+int security_socket_shutdown(struct socket * sock, int how)
+{
+ return security_ops->socket_shutdown(sock, how);
+}
+
+int security_sock_rcv_skb (struct sock * sk, struct sk_buff * skb)
+{
+ return security_ops->socket_sock_rcv_skb (sk, skb);
+}
+EXPORT_SYMBOL(security_sock_rcv_skb);
+
+int security_socket_getpeersec_stream(struct socket *sock, char __user *optval,
+ int __user *optlen, unsigned len)
+{
+ return security_ops->socket_getpeersec_stream(sock, optval, optlen, len);
+}
+
+int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid)
+{
+ return security_ops->socket_getpeersec_dgram(sock, skb, secid);
+}
+EXPORT_SYMBOL(security_socket_getpeersec_dgram);
+
+int security_sk_alloc(struct sock *sk, int family, gfp_t priority)
+{
+ return security_ops->sk_alloc_security(sk, family, priority);
+}
+
+void security_sk_free(struct sock *sk)
+{
+ return security_ops->sk_free_security(sk);
+}
+
+void security_sk_clone(const struct sock *sk, struct sock *newsk)
+{
+ return security_ops->sk_clone_security(sk, newsk);
+}
+
+void security_sk_classify_flow(struct sock *sk, struct flowi *fl)
+{
+ security_ops->sk_getsecid(sk, &fl->secid);
+}
+EXPORT_SYMBOL(security_sk_classify_flow);
+
+void security_req_classify_flow(const struct request_sock *req, struct flowi *fl)
+{
+ security_ops->req_classify_flow(req, fl);
+}
+EXPORT_SYMBOL(security_req_classify_flow);
+
+void security_sock_graft(struct sock* sk, struct socket *parent)
+{
+ security_ops->sock_graft(sk, parent);
+}
+EXPORT_SYMBOL(security_sock_graft);
+
+int security_inet_conn_request(struct sock *sk,
+ struct sk_buff *skb, struct request_sock *req)
+{
+ return security_ops->inet_conn_request(sk, skb, req);
+}
+EXPORT_SYMBOL(security_inet_conn_request);
+
+void security_inet_csk_clone(struct sock *newsk,
+ const struct request_sock *req)
+{
+ security_ops->inet_csk_clone(newsk, req);
+}
+
+void security_inet_conn_established(struct sock *sk,
+ struct sk_buff *skb)
+{
+ security_ops->inet_conn_established(sk, skb);
+}
+
+#endif /* CONFIG_SECURITY_NETWORK */
+
+#ifdef CONFIG_SECURITY_NETWORK_XFRM
+
+int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx)
+{
+ return security_ops->xfrm_policy_alloc_security(xp, sec_ctx);
+}
+EXPORT_SYMBOL(security_xfrm_policy_alloc);
+
+int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new)
+{
+ return security_ops->xfrm_policy_clone_security(old, new);
+}
+
+void security_xfrm_policy_free(struct xfrm_policy *xp)
+{
+ security_ops->xfrm_policy_free_security(xp);
+}
+EXPORT_SYMBOL(security_xfrm_policy_free);
+
+int security_xfrm_policy_delete(struct xfrm_policy *xp)
+{
+ return security_ops->xfrm_policy_delete_security(xp);
+}
+
+int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx)
+{
+ return security_ops->xfrm_state_alloc_security(x, sec_ctx, 0);
+}
+EXPORT_SYMBOL(security_xfrm_state_alloc);
+
+int security_xfrm_state_alloc_acquire(struct xfrm_state *x,
+ struct xfrm_sec_ctx *polsec, u32 secid)
+{
+ if (!polsec)
+ return 0;
+ /*
+ * We want the context to be taken from secid which is usually
+ * from the sock.
+ */
+ return security_ops->xfrm_state_alloc_security(x, NULL, secid);
+}
+
+int security_xfrm_state_delete(struct xfrm_state *x)
+{
+ return security_ops->xfrm_state_delete_security(x);
+}
+EXPORT_SYMBOL(security_xfrm_state_delete);
+
+void security_xfrm_state_free(struct xfrm_state *x)
+{
+ security_ops->xfrm_state_free_security(x);
+}
+
+int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir)
+{
+ return security_ops->xfrm_policy_lookup(xp, fl_secid, dir);
+}
+
+int security_xfrm_state_pol_flow_match(struct xfrm_state *x,
+ struct xfrm_policy *xp, struct flowi *fl)
+{
+ return security_ops->xfrm_state_pol_flow_match(x, xp, fl);
+}
+
+int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid)
+{
+ return security_ops->xfrm_decode_session(skb, secid, 1);
+}
+
+void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl)
+{
+ int rc = security_ops->xfrm_decode_session(skb, &fl->secid, 0);
+
+ BUG_ON(rc);
+}
+EXPORT_SYMBOL(security_skb_classify_flow);
+
+#endif /* CONFIG_SECURITY_NETWORK_XFRM */
+
+#ifdef CONFIG_KEYS
+
+int security_key_alloc(struct key *key, struct task_struct *tsk, unsigned long flags)
+{
+ return security_ops->key_alloc(key, tsk, flags);
+}
+
+void security_key_free(struct key *key)
+{
+ security_ops->key_free(key);
+}
+
+int security_key_permission(key_ref_t key_ref,
+ struct task_struct *context, key_perm_t perm)
+{
+ return security_ops->key_permission(key_ref, context, perm);
+}
+
+#endif /* CONFIG_KEYS */
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 78c3f98..c312428 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -20,7 +20,6 @@
* as published by the Free Software Foundation.
*/
-#include <linux/module.h>
#include <linux/init.h>
#include <linux/kernel.h>
#include <linux/ptrace.h>
@@ -84,6 +83,7 @@
extern unsigned int policydb_loaded_version;
extern int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm);
extern int selinux_compat_net;
+extern struct security_operations *security_ops;
#ifdef CONFIG_SECURITY_SELINUX_DEVELOP
int selinux_enforcing = 0;
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c
index bd8d1ef..b589238 100644
--- a/security/selinux/xfrm.c
+++ b/security/selinux/xfrm.c
@@ -31,7 +31,6 @@
* 2. Emulating a reasonable SO_PEERSEC across machines
* 3. Testing addition of sk_policy's with security context via setsockopt
*/
-#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/init.h>
#include <linux/security.h>
--
1.5.2.1
^ permalink raw reply related [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-14 16:37 [PATCH try #3] security: Convert LSM into a static interface James Morris
@ 2007-07-18 15:28 ` Arjan van de Ven
2007-07-19 1:35 ` Andrew Morton
2007-07-24 8:02 ` Andrew Morton
2 siblings, 0 replies; 33+ messages in thread
From: Arjan van de Ven @ 2007-07-18 15:28 UTC (permalink / raw)
To: James Morris
Cc: Chris Wright, Andrew Morton, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn
On Sat, 2007-07-14 at 12:37 -0400, James Morris wrote:
> Convert LSM into a static interface, as the ability to unload a security
> module is not required by in-tree users and potentially complicates the
> overall security architecture.
>
> Needlessly exported LSM symbols have been unexported, to help reduce API
> abuse.
>
> Parameters for the capability and root_plug modules are now specified
> at boot.
>
> The SECURITY_FRAMEWORK_VERSION macro has also been removed.
>
> Signed-off-by: James Morris <jmorris@namei.org>
This is a good cleanup since modular LSM modules just aren't working,
and prepares for the option of removing the runtime overhead of LSM
altogether for selected configs... that is going to be a big step
forward to make SELinux and any other model be more acceptable for
people who care about performance.
Acked-by: Arjan van de Ven <arjan@linux.intel.com>
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-14 16:37 [PATCH try #3] security: Convert LSM into a static interface James Morris
2007-07-18 15:28 ` Arjan van de Ven
@ 2007-07-19 1:35 ` Andrew Morton
2007-07-19 2:42 ` James Morris
2007-07-19 7:39 ` Christian Ehrhardt
2007-07-24 8:02 ` Andrew Morton
2 siblings, 2 replies; 33+ messages in thread
From: Andrew Morton @ 2007-07-19 1:35 UTC (permalink / raw)
To: James Morris
Cc: Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
On Sat, 14 Jul 2007 12:37:01 -0400 (EDT)
James Morris <jmorris@namei.org> wrote:
> Convert LSM into a static interface, as the ability to unload a security
> module is not required by in-tree users and potentially complicates the
> overall security architecture.
>
> Needlessly exported LSM symbols have been unexported, to help reduce API
> abuse.
>
> Parameters for the capability and root_plug modules are now specified
> at boot.
>
> The SECURITY_FRAMEWORK_VERSION macro has also been removed.
I'd like to understand who is (or claims to be) adversely affected by this
change, and what their complaints (if any) will be.
Because I prefer my flamewars pre- rather than post-merge.
> +int security_ptrace (struct task_struct * parent, struct task_struct * child);
> +int security_capget (struct task_struct *target,
> + kernel_cap_t *effective,
> + kernel_cap_t *inheritable,
> + kernel_cap_t *permitted);
> +int security_capset_check (struct task_struct *target,
> + kernel_cap_t *effective,
> + kernel_cap_t *inheritable,
> + kernel_cap_t *permitted);
> +void security_capset_set (struct task_struct *target,
> + kernel_cap_t *effective,
> + kernel_cap_t *inheritable,
> + kernel_cap_t *permitted);
> +int security_capable(struct task_struct *tsk, int cap);
> +int security_acct (struct file *file);
>
aww man, you passed over an opportunity to fix vast amounts of coding style
cruftiness.
<does whizzy things>
Here you go..
include/linux/security.h | 252 +++++++++---------
security/security.c | 504 ++++++++++++++++++-------------------
2 files changed, 378 insertions(+), 378 deletions(-)
diff -puN include/linux/security.h~security-convert-lsm-into-a-static-interface-fix include/linux/security.h
--- a/include/linux/security.h~security-convert-lsm-into-a-static-interface-fix
+++ a/include/linux/security.h
@@ -1414,151 +1414,151 @@ extern void securityfs_remove(struct den
/* Security operations */
-int security_ptrace (struct task_struct * parent, struct task_struct * child);
-int security_capget (struct task_struct *target,
+int security_ptrace(struct task_struct *parent, struct task_struct *child);
+int security_capget(struct task_struct *target,
kernel_cap_t *effective,
kernel_cap_t *inheritable,
kernel_cap_t *permitted);
-int security_capset_check (struct task_struct *target,
+int security_capset_check(struct task_struct *target,
kernel_cap_t *effective,
kernel_cap_t *inheritable,
kernel_cap_t *permitted);
-void security_capset_set (struct task_struct *target,
+void security_capset_set(struct task_struct *target,
kernel_cap_t *effective,
kernel_cap_t *inheritable,
kernel_cap_t *permitted);
int security_capable(struct task_struct *tsk, int cap);
-int security_acct (struct file *file);
+int security_acct(struct file *file);
int security_sysctl(struct ctl_table *table, int op);
-int security_quotactl (int cmds, int type, int id, struct super_block *sb);
-int security_quota_on (struct dentry * dentry);
+int security_quotactl(int cmds, int type, int id, struct super_block *sb);
+int security_quota_on(struct dentry *dentry);
int security_syslog(int type);
int security_settime(struct timespec *ts, struct timezone *tz);
int security_vm_enough_memory(long pages);
-int security_bprm_alloc (struct linux_binprm *bprm);
-void security_bprm_free (struct linux_binprm *bprm);
-void security_bprm_apply_creds (struct linux_binprm *bprm, int unsafe);
-void security_bprm_post_apply_creds (struct linux_binprm *bprm);
-int security_bprm_set (struct linux_binprm *bprm);
-int security_bprm_check (struct linux_binprm *bprm);
-int security_bprm_secureexec (struct linux_binprm *bprm);
-int security_sb_alloc (struct super_block *sb);
-void security_sb_free (struct super_block *sb);
-int security_sb_copy_data (struct file_system_type *type, void *orig, void *copy);
-int security_sb_kern_mount (struct super_block *sb, void *data);
-int security_sb_statfs (struct dentry *dentry);
-int security_sb_mount (char *dev_name, struct nameidata *nd,
+int security_bprm_alloc(struct linux_binprm *bprm);
+void security_bprm_free(struct linux_binprm *bprm);
+void security_bprm_apply_creds(struct linux_binprm *bprm, int unsafe);
+void security_bprm_post_apply_creds(struct linux_binprm *bprm);
+int security_bprm_set(struct linux_binprm *bprm);
+int security_bprm_check(struct linux_binprm *bprm);
+int security_bprm_secureexec(struct linux_binprm *bprm);
+int security_sb_alloc(struct super_block *sb);
+void security_sb_free(struct super_block *sb);
+int security_sb_copy_data(struct file_system_type *type, void *orig, void *copy);
+int security_sb_kern_mount(struct super_block *sb, void *data);
+int security_sb_statfs(struct dentry *dentry);
+int security_sb_mount(char *dev_name, struct nameidata *nd,
char *type, unsigned long flags, void *data);
-int security_sb_check_sb (struct vfsmount *mnt, struct nameidata *nd);
-int security_sb_umount (struct vfsmount *mnt, int flags);
-void security_sb_umount_close (struct vfsmount *mnt);
-void security_sb_umount_busy (struct vfsmount *mnt);
-void security_sb_post_remount (struct vfsmount *mnt, unsigned long flags, void *data);
-void security_sb_post_mountroot (void);
-void security_sb_post_addmount (struct vfsmount *mnt, struct nameidata *mountpoint_nd);
-int security_sb_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd);
-void security_sb_post_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd);
-int security_inode_alloc (struct inode *inode);
-void security_inode_free (struct inode *inode);
-int security_inode_init_security (struct inode *inode, struct inode *dir,
+int security_sb_check_sb(struct vfsmount *mnt, struct nameidata *nd);
+int security_sb_umount(struct vfsmount *mnt, int flags);
+void security_sb_umount_close(struct vfsmount *mnt);
+void security_sb_umount_busy(struct vfsmount *mnt);
+void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data);
+void security_sb_post_mountroot(void);
+void security_sb_post_addmount(struct vfsmount *mnt, struct nameidata *mountpoint_nd);
+int security_sb_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd);
+void security_sb_post_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd);
+int security_inode_alloc(struct inode *inode);
+void security_inode_free(struct inode *inode);
+int security_inode_init_security(struct inode *inode, struct inode *dir,
char **name, void **value, size_t *len);
-int security_inode_create (struct inode *dir, struct dentry *dentry, int mode);
-int security_inode_link (struct dentry *old_dentry, struct inode *dir,
+int security_inode_create(struct inode *dir, struct dentry *dentry, int mode);
+int security_inode_link(struct dentry *old_dentry, struct inode *dir,
struct dentry *new_dentry);
-int security_inode_unlink (struct inode *dir, struct dentry *dentry);
-int security_inode_symlink (struct inode *dir, struct dentry *dentry,
+int security_inode_unlink(struct inode *dir, struct dentry *dentry);
+int security_inode_symlink(struct inode *dir, struct dentry *dentry,
const char *old_name);
-int security_inode_mkdir (struct inode *dir, struct dentry *dentry, int mode);
-int security_inode_rmdir (struct inode *dir, struct dentry *dentry);
-int security_inode_mknod (struct inode *dir, struct dentry *dentry, int mode, dev_t dev);
-int security_inode_rename (struct inode *old_dir, struct dentry *old_dentry,
+int security_inode_mkdir(struct inode *dir, struct dentry *dentry, int mode);
+int security_inode_rmdir(struct inode *dir, struct dentry *dentry);
+int security_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev);
+int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry,
struct inode *new_dir, struct dentry *new_dentry);
-int security_inode_readlink (struct dentry *dentry);
-int security_inode_follow_link (struct dentry *dentry, struct nameidata *nd);
-int security_inode_permission (struct inode *inode, int mask, struct nameidata *nd);
-int security_inode_setattr (struct dentry *dentry, struct iattr *attr);
-int security_inode_getattr (struct vfsmount *mnt, struct dentry *dentry);
-void security_inode_delete (struct inode *inode);
-int security_inode_setxattr (struct dentry *dentry, char *name,
+int security_inode_readlink(struct dentry *dentry);
+int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd);
+int security_inode_permission(struct inode *inode, int mask, struct nameidata *nd);
+int security_inode_setattr(struct dentry *dentry, struct iattr *attr);
+int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry);
+void security_inode_delete(struct inode *inode);
+int security_inode_setxattr(struct dentry *dentry, char *name,
void *value, size_t size, int flags);
-void security_inode_post_setxattr (struct dentry *dentry, char *name,
+void security_inode_post_setxattr(struct dentry *dentry, char *name,
void *value, size_t size, int flags);
-int security_inode_getxattr (struct dentry *dentry, char *name);
-int security_inode_listxattr (struct dentry *dentry);
-int security_inode_removexattr (struct dentry *dentry, char *name);
+int security_inode_getxattr(struct dentry *dentry, char *name);
+int security_inode_listxattr(struct dentry *dentry);
+int security_inode_removexattr(struct dentry *dentry, char *name);
const char *security_inode_xattr_getsuffix(void);
int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err);
int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags);
int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size);
-int security_file_permission (struct file *file, int mask);
-int security_file_alloc (struct file *file);
-void security_file_free (struct file *file);
-int security_file_ioctl (struct file *file, unsigned int cmd, unsigned long arg);
-int security_file_mmap (struct file *file, unsigned long reqprot,
+int security_file_permission(struct file *file, int mask);
+int security_file_alloc(struct file *file);
+void security_file_free(struct file *file);
+int security_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
+int security_file_mmap(struct file *file, unsigned long reqprot,
unsigned long prot, unsigned long flags,
unsigned long addr, unsigned long addr_only);
-int security_file_mprotect (struct vm_area_struct *vma, unsigned long reqprot,
+int security_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
unsigned long prot);
-int security_file_lock (struct file *file, unsigned int cmd);
-int security_file_fcntl (struct file *file, unsigned int cmd, unsigned long arg);
-int security_file_set_fowner (struct file *file);
-int security_file_send_sigiotask (struct task_struct *tsk,
+int security_file_lock(struct file *file, unsigned int cmd);
+int security_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg);
+int security_file_set_fowner(struct file *file);
+int security_file_send_sigiotask(struct task_struct *tsk,
struct fown_struct *fown, int sig);
-int security_file_receive (struct file *file);
-int security_task_create (unsigned long clone_flags);
-int security_task_alloc (struct task_struct *p);
-void security_task_free (struct task_struct *p);
-int security_task_setuid (uid_t id0, uid_t id1, uid_t id2, int flags);
-int security_task_post_setuid (uid_t old_ruid, uid_t old_euid,
+int security_file_receive(struct file *file);
+int security_task_create(unsigned long clone_flags);
+int security_task_alloc(struct task_struct *p);
+void security_task_free(struct task_struct *p);
+int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags);
+int security_task_post_setuid(uid_t old_ruid, uid_t old_euid,
uid_t old_suid, int flags);
-int security_task_setgid (gid_t id0, gid_t id1, gid_t id2, int flags);
-int security_task_setpgid (struct task_struct *p, pid_t pgid);
-int security_task_getpgid (struct task_struct *p);
-int security_task_getsid (struct task_struct *p);
-void security_task_getsecid (struct task_struct *p, u32 *secid);
-int security_task_setgroups (struct group_info *group_info);
-int security_task_setnice (struct task_struct *p, int nice);
-int security_task_setioprio (struct task_struct *p, int ioprio);
-int security_task_getioprio (struct task_struct *p);
-int security_task_setrlimit (unsigned int resource, struct rlimit *new_rlim);
-int security_task_setscheduler (struct task_struct *p,
+int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags);
+int security_task_setpgid(struct task_struct *p, pid_t pgid);
+int security_task_getpgid(struct task_struct *p);
+int security_task_getsid(struct task_struct *p);
+void security_task_getsecid(struct task_struct *p, u32 *secid);
+int security_task_setgroups(struct group_info *group_info);
+int security_task_setnice(struct task_struct *p, int nice);
+int security_task_setioprio(struct task_struct *p, int ioprio);
+int security_task_getioprio(struct task_struct *p);
+int security_task_setrlimit(unsigned int resource, struct rlimit *new_rlim);
+int security_task_setscheduler(struct task_struct *p,
int policy, struct sched_param *lp);
-int security_task_getscheduler (struct task_struct *p);
-int security_task_movememory (struct task_struct *p);
-int security_task_kill (struct task_struct *p, struct siginfo *info,
+int security_task_getscheduler(struct task_struct *p);
+int security_task_movememory(struct task_struct *p);
+int security_task_kill(struct task_struct *p, struct siginfo *info,
int sig, u32 secid);
-int security_task_wait (struct task_struct *p);
-int security_task_prctl (int option, unsigned long arg2, unsigned long arg3,
+int security_task_wait(struct task_struct *p);
+int security_task_prctl(int option, unsigned long arg2, unsigned long arg3,
unsigned long arg4, unsigned long arg5);
-void security_task_reparent_to_init (struct task_struct *p);
+void security_task_reparent_to_init(struct task_struct *p);
void security_task_to_inode(struct task_struct *p, struct inode *inode);
-int security_ipc_permission (struct kern_ipc_perm *ipcp, short flag);
-int security_msg_msg_alloc (struct msg_msg * msg);
-void security_msg_msg_free (struct msg_msg * msg);
-int security_msg_queue_alloc (struct msg_queue *msq);
-void security_msg_queue_free (struct msg_queue *msq);
-int security_msg_queue_associate (struct msg_queue * msq, int msqflg);
-int security_msg_queue_msgctl (struct msg_queue * msq, int cmd);
-int security_msg_queue_msgsnd (struct msg_queue * msq,
- struct msg_msg * msg, int msqflg);
-int security_msg_queue_msgrcv (struct msg_queue * msq, struct msg_msg * msg,
- struct task_struct * target, long type, int mode);
-int security_shm_alloc (struct shmid_kernel *shp);
-void security_shm_free (struct shmid_kernel *shp);
-int security_shm_associate (struct shmid_kernel * shp, int shmflg);
-int security_shm_shmctl (struct shmid_kernel * shp, int cmd);
-int security_shm_shmat (struct shmid_kernel * shp, char __user *shmaddr, int shmflg);
-int security_sem_alloc (struct sem_array *sma);
-void security_sem_free (struct sem_array *sma);
-int security_sem_associate (struct sem_array * sma, int semflg);
-int security_sem_semctl (struct sem_array * sma, int cmd);
-int security_sem_semop (struct sem_array * sma, struct sembuf * sops,
+int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag);
+int security_msg_msg_alloc(struct msg_msg *msg);
+void security_msg_msg_free(struct msg_msg *msg);
+int security_msg_queue_alloc(struct msg_queue *msq);
+void security_msg_queue_free(struct msg_queue *msq);
+int security_msg_queue_associate(struct msg_queue *msq, int msqflg);
+int security_msg_queue_msgctl(struct msg_queue *msq, int cmd);
+int security_msg_queue_msgsnd(struct msg_queue *msq,
+ struct msg_msg *msg, int msqflg);
+int security_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg,
+ struct task_struct *target, long type, int mode);
+int security_shm_alloc(struct shmid_kernel *shp);
+void security_shm_free(struct shmid_kernel *shp);
+int security_shm_associate(struct shmid_kernel *shp, int shmflg);
+int security_shm_shmctl(struct shmid_kernel *shp, int cmd);
+int security_shm_shmat(struct shmid_kernel *shp, char __user *shmaddr, int shmflg);
+int security_sem_alloc(struct sem_array *sma);
+void security_sem_free(struct sem_array *sma);
+int security_sem_associate(struct sem_array *sma, int semflg);
+int security_sem_semctl(struct sem_array *sma, int cmd);
+int security_sem_semop(struct sem_array *sma, struct sembuf *sops,
unsigned nsops, int alter);
void security_d_instantiate (struct dentry *dentry, struct inode *inode);
int security_getprocattr(struct task_struct *p, char *name, char **value);
int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size);
-int security_netlink_send(struct sock *sk, struct sk_buff * skb);
-int security_netlink_recv(struct sk_buff * skb, int cap);
+int security_netlink_send(struct sock *sk, struct sk_buff *skb);
+int security_netlink_recv(struct sk_buff *skb, int cap);
int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
void security_release_secctx(char *secdata, u32 seclen);
@@ -2229,26 +2229,26 @@ static inline void security_release_secc
#ifdef CONFIG_SECURITY_NETWORK
-int security_unix_stream_connect(struct socket * sock, struct socket * other,
- struct sock * newsk);
-int security_unix_may_send(struct socket * sock, struct socket * other);
-int security_socket_create (int family, int type, int protocol, int kern);
-int security_socket_post_create(struct socket * sock, int family,
+int security_unix_stream_connect(struct socket *sock, struct socket *other,
+ struct sock *newsk);
+int security_unix_may_send(struct socket *sock, struct socket *other);
+int security_socket_create(int family, int type, int protocol, int kern);
+int security_socket_post_create(struct socket *sock, int family,
int type, int protocol, int kern);
-int security_socket_bind(struct socket * sock, struct sockaddr * address, int addrlen);
-int security_socket_connect(struct socket * sock, struct sockaddr * address, int addrlen);
-int security_socket_listen(struct socket * sock, int backlog);
-int security_socket_accept(struct socket * sock, struct socket * newsock);
-void security_socket_post_accept(struct socket * sock, struct socket * newsock);
-int security_socket_sendmsg(struct socket * sock, struct msghdr * msg, int size);
-int security_socket_recvmsg(struct socket * sock, struct msghdr * msg,
+int security_socket_bind(struct socket *sock, struct sockaddr *address, int addrlen);
+int security_socket_connect(struct socket *sock, struct sockaddr *address, int addrlen);
+int security_socket_listen(struct socket *sock, int backlog);
+int security_socket_accept(struct socket *sock, struct socket *newsock);
+void security_socket_post_accept(struct socket *sock, struct socket *newsock);
+int security_socket_sendmsg(struct socket *sock, struct msghdr *msg, int size);
+int security_socket_recvmsg(struct socket *sock, struct msghdr *msg,
int size, int flags);
-int security_socket_getsockname(struct socket * sock);
-int security_socket_getpeername(struct socket * sock);
-int security_socket_getsockopt(struct socket * sock, int level, int optname);
-int security_socket_setsockopt(struct socket * sock, int level, int optname);
-int security_socket_shutdown(struct socket * sock, int how);
-int security_sock_rcv_skb (struct sock * sk, struct sk_buff * skb);
+int security_socket_getsockname(struct socket *sock);
+int security_socket_getpeername(struct socket *sock);
+int security_socket_getsockopt(struct socket *sock, int level, int optname);
+int security_socket_setsockopt(struct socket *sock, int level, int optname);
+int security_socket_shutdown(struct socket *sock, int how);
+int security_sock_rcv_skb(struct sock *sk, struct sk_buff *skb);
int security_socket_getpeersec_stream(struct socket *sock, char __user *optval,
int __user *optlen, unsigned len);
int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid);
@@ -2257,7 +2257,7 @@ void security_sk_free(struct sock *sk);
void security_sk_clone(const struct sock *sk, struct sock *newsk);
void security_sk_classify_flow(struct sock *sk, struct flowi *fl);
void security_req_classify_flow(const struct request_sock *req, struct flowi *fl);
-void security_sock_graft(struct sock* sk, struct socket *parent);
+void security_sock_graft(struct sock*sk, struct socket *parent);
int security_inet_conn_request(struct sock *sk,
struct sk_buff *skb, struct request_sock *req);
void security_inet_csk_clone(struct sock *newsk,
diff -puN security/security.c~security-convert-lsm-into-a-static-interface-fix security/security.c
--- a/security/security.c~security-convert-lsm-into-a-static-interface-fix
+++ a/security/security.c
@@ -173,33 +173,33 @@ int mod_unreg_security(const char *name,
/* Security operations */
-int security_ptrace (struct task_struct * parent, struct task_struct * child)
+int security_ptrace(struct task_struct *parent, struct task_struct *child)
{
- return security_ops->ptrace (parent, child);
+ return security_ops->ptrace(parent, child);
}
-int security_capget (struct task_struct *target,
+int security_capget(struct task_struct *target,
kernel_cap_t *effective,
kernel_cap_t *inheritable,
kernel_cap_t *permitted)
{
- return security_ops->capget (target, effective, inheritable, permitted);
+ return security_ops->capget(target, effective, inheritable, permitted);
}
-int security_capset_check (struct task_struct *target,
+int security_capset_check(struct task_struct *target,
kernel_cap_t *effective,
kernel_cap_t *inheritable,
kernel_cap_t *permitted)
{
- return security_ops->capset_check (target, effective, inheritable, permitted);
+ return security_ops->capset_check(target, effective, inheritable, permitted);
}
-void security_capset_set (struct task_struct *target,
+void security_capset_set(struct task_struct *target,
kernel_cap_t *effective,
kernel_cap_t *inheritable,
kernel_cap_t *permitted)
{
- security_ops->capset_set (target, effective, inheritable, permitted);
+ security_ops->capset_set(target, effective, inheritable, permitted);
}
int security_capable(struct task_struct *tsk, int cap)
@@ -207,9 +207,9 @@ int security_capable(struct task_struct
return security_ops->capable(tsk, cap);
}
-int security_acct (struct file *file)
+int security_acct(struct file *file)
{
- return security_ops->acct (file);
+ return security_ops->acct(file);
}
int security_sysctl(struct ctl_table *table, int op)
@@ -217,14 +217,14 @@ int security_sysctl(struct ctl_table *ta
return security_ops->sysctl(table, op);
}
-int security_quotactl (int cmds, int type, int id, struct super_block *sb)
+int security_quotactl(int cmds, int type, int id, struct super_block *sb)
{
- return security_ops->quotactl (cmds, type, id, sb);
+ return security_ops->quotactl(cmds, type, id, sb);
}
-int security_quota_on (struct dentry * dentry)
+int security_quota_on(struct dentry *dentry)
{
- return security_ops->quota_on (dentry);
+ return security_ops->quota_on(dentry);
}
int security_syslog(int type)
@@ -243,275 +243,275 @@ int security_vm_enough_memory(long pages
return security_ops->vm_enough_memory(pages);
}
-int security_bprm_alloc (struct linux_binprm *bprm)
+int security_bprm_alloc(struct linux_binprm *bprm)
{
- return security_ops->bprm_alloc_security (bprm);
+ return security_ops->bprm_alloc_security(bprm);
}
-void security_bprm_free (struct linux_binprm *bprm)
+void security_bprm_free(struct linux_binprm *bprm)
{
- security_ops->bprm_free_security (bprm);
+ security_ops->bprm_free_security(bprm);
}
-void security_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
+void security_bprm_apply_creds(struct linux_binprm *bprm, int unsafe)
{
- security_ops->bprm_apply_creds (bprm, unsafe);
+ security_ops->bprm_apply_creds(bprm, unsafe);
}
-void security_bprm_post_apply_creds (struct linux_binprm *bprm)
+void security_bprm_post_apply_creds(struct linux_binprm *bprm)
{
- security_ops->bprm_post_apply_creds (bprm);
+ security_ops->bprm_post_apply_creds(bprm);
}
-int security_bprm_set (struct linux_binprm *bprm)
+int security_bprm_set(struct linux_binprm *bprm)
{
- return security_ops->bprm_set_security (bprm);
+ return security_ops->bprm_set_security(bprm);
}
-int security_bprm_check (struct linux_binprm *bprm)
+int security_bprm_check(struct linux_binprm *bprm)
{
- return security_ops->bprm_check_security (bprm);
+ return security_ops->bprm_check_security(bprm);
}
-int security_bprm_secureexec (struct linux_binprm *bprm)
+int security_bprm_secureexec(struct linux_binprm *bprm)
{
- return security_ops->bprm_secureexec (bprm);
+ return security_ops->bprm_secureexec(bprm);
}
-int security_sb_alloc (struct super_block *sb)
+int security_sb_alloc(struct super_block *sb)
{
- return security_ops->sb_alloc_security (sb);
+ return security_ops->sb_alloc_security(sb);
}
-void security_sb_free (struct super_block *sb)
+void security_sb_free(struct super_block *sb)
{
- security_ops->sb_free_security (sb);
+ security_ops->sb_free_security(sb);
}
-int security_sb_copy_data (struct file_system_type *type, void *orig, void *copy)
+int security_sb_copy_data(struct file_system_type *type, void *orig, void *copy)
{
- return security_ops->sb_copy_data (type, orig, copy);
+ return security_ops->sb_copy_data(type, orig, copy);
}
-int security_sb_kern_mount (struct super_block *sb, void *data)
+int security_sb_kern_mount(struct super_block *sb, void *data)
{
- return security_ops->sb_kern_mount (sb, data);
+ return security_ops->sb_kern_mount(sb, data);
}
-int security_sb_statfs (struct dentry *dentry)
+int security_sb_statfs(struct dentry *dentry)
{
- return security_ops->sb_statfs (dentry);
+ return security_ops->sb_statfs(dentry);
}
-int security_sb_mount (char *dev_name, struct nameidata *nd,
+int security_sb_mount(char *dev_name, struct nameidata *nd,
char *type, unsigned long flags, void *data)
{
- return security_ops->sb_mount (dev_name, nd, type, flags, data);
+ return security_ops->sb_mount(dev_name, nd, type, flags, data);
}
-int security_sb_check_sb (struct vfsmount *mnt, struct nameidata *nd)
+int security_sb_check_sb(struct vfsmount *mnt, struct nameidata *nd)
{
- return security_ops->sb_check_sb (mnt, nd);
+ return security_ops->sb_check_sb(mnt, nd);
}
-int security_sb_umount (struct vfsmount *mnt, int flags)
+int security_sb_umount(struct vfsmount *mnt, int flags)
{
- return security_ops->sb_umount (mnt, flags);
+ return security_ops->sb_umount(mnt, flags);
}
-void security_sb_umount_close (struct vfsmount *mnt)
+void security_sb_umount_close(struct vfsmount *mnt)
{
- security_ops->sb_umount_close (mnt);
+ security_ops->sb_umount_close(mnt);
}
-void security_sb_umount_busy (struct vfsmount *mnt)
+void security_sb_umount_busy(struct vfsmount *mnt)
{
- security_ops->sb_umount_busy (mnt);
+ security_ops->sb_umount_busy(mnt);
}
-void security_sb_post_remount (struct vfsmount *mnt, unsigned long flags, void *data)
+void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data)
{
- security_ops->sb_post_remount (mnt, flags, data);
+ security_ops->sb_post_remount(mnt, flags, data);
}
-void security_sb_post_mountroot (void)
+void security_sb_post_mountroot(void)
{
- security_ops->sb_post_mountroot ();
+ security_ops->sb_post_mountroot();
}
-void security_sb_post_addmount (struct vfsmount *mnt, struct nameidata *mountpoint_nd)
+void security_sb_post_addmount(struct vfsmount *mnt, struct nameidata *mountpoint_nd)
{
- security_ops->sb_post_addmount (mnt, mountpoint_nd);
+ security_ops->sb_post_addmount(mnt, mountpoint_nd);
}
-int security_sb_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd)
+int security_sb_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd)
{
- return security_ops->sb_pivotroot (old_nd, new_nd);
+ return security_ops->sb_pivotroot(old_nd, new_nd);
}
-void security_sb_post_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd)
+void security_sb_post_pivotroot(struct nameidata *old_nd, struct nameidata *new_nd)
{
- security_ops->sb_post_pivotroot (old_nd, new_nd);
+ security_ops->sb_post_pivotroot(old_nd, new_nd);
}
-int security_inode_alloc (struct inode *inode)
+int security_inode_alloc(struct inode *inode)
{
inode->i_security = NULL;
- return security_ops->inode_alloc_security (inode);
+ return security_ops->inode_alloc_security(inode);
}
-void security_inode_free (struct inode *inode)
+void security_inode_free(struct inode *inode)
{
- security_ops->inode_free_security (inode);
+ security_ops->inode_free_security(inode);
}
-int security_inode_init_security (struct inode *inode, struct inode *dir,
+int security_inode_init_security(struct inode *inode, struct inode *dir,
char **name, void **value, size_t *len)
{
- if (unlikely (IS_PRIVATE (inode)))
+ if (unlikely(IS_PRIVATE(inode)))
return -EOPNOTSUPP;
- return security_ops->inode_init_security (inode, dir, name, value, len);
+ return security_ops->inode_init_security(inode, dir, name, value, len);
}
EXPORT_SYMBOL(security_inode_init_security);
-int security_inode_create (struct inode *dir, struct dentry *dentry, int mode)
+int security_inode_create(struct inode *dir, struct dentry *dentry, int mode)
{
- if (unlikely (IS_PRIVATE (dir)))
+ if (unlikely(IS_PRIVATE(dir)))
return 0;
- return security_ops->inode_create (dir, dentry, mode);
+ return security_ops->inode_create(dir, dentry, mode);
}
-int security_inode_link (struct dentry *old_dentry, struct inode *dir,
+int security_inode_link(struct dentry *old_dentry, struct inode *dir,
struct dentry *new_dentry)
{
- if (unlikely (IS_PRIVATE (old_dentry->d_inode)))
+ if (unlikely(IS_PRIVATE(old_dentry->d_inode)))
return 0;
- return security_ops->inode_link (old_dentry, dir, new_dentry);
+ return security_ops->inode_link(old_dentry, dir, new_dentry);
}
-int security_inode_unlink (struct inode *dir, struct dentry *dentry)
+int security_inode_unlink(struct inode *dir, struct dentry *dentry)
{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ if (unlikely(IS_PRIVATE(dentry->d_inode)))
return 0;
- return security_ops->inode_unlink (dir, dentry);
+ return security_ops->inode_unlink(dir, dentry);
}
-int security_inode_symlink (struct inode *dir, struct dentry *dentry,
+int security_inode_symlink(struct inode *dir, struct dentry *dentry,
const char *old_name)
{
- if (unlikely (IS_PRIVATE (dir)))
+ if (unlikely(IS_PRIVATE(dir)))
return 0;
- return security_ops->inode_symlink (dir, dentry, old_name);
+ return security_ops->inode_symlink(dir, dentry, old_name);
}
-int security_inode_mkdir (struct inode *dir, struct dentry *dentry, int mode)
+int security_inode_mkdir(struct inode *dir, struct dentry *dentry, int mode)
{
- if (unlikely (IS_PRIVATE (dir)))
+ if (unlikely(IS_PRIVATE(dir)))
return 0;
- return security_ops->inode_mkdir (dir, dentry, mode);
+ return security_ops->inode_mkdir(dir, dentry, mode);
}
-int security_inode_rmdir (struct inode *dir, struct dentry *dentry)
+int security_inode_rmdir(struct inode *dir, struct dentry *dentry)
{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ if (unlikely(IS_PRIVATE(dentry->d_inode)))
return 0;
- return security_ops->inode_rmdir (dir, dentry);
+ return security_ops->inode_rmdir(dir, dentry);
}
-int security_inode_mknod (struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
+int security_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
{
- if (unlikely (IS_PRIVATE (dir)))
+ if (unlikely(IS_PRIVATE(dir)))
return 0;
- return security_ops->inode_mknod (dir, dentry, mode, dev);
+ return security_ops->inode_mknod(dir, dentry, mode, dev);
}
-int security_inode_rename (struct inode *old_dir, struct dentry *old_dentry,
+int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry,
struct inode *new_dir, struct dentry *new_dentry)
{
- if (unlikely (IS_PRIVATE (old_dentry->d_inode) ||
- (new_dentry->d_inode && IS_PRIVATE (new_dentry->d_inode))))
+ if (unlikely(IS_PRIVATE(old_dentry->d_inode) ||
+ (new_dentry->d_inode && IS_PRIVATE(new_dentry->d_inode))))
return 0;
- return security_ops->inode_rename (old_dir, old_dentry,
+ return security_ops->inode_rename(old_dir, old_dentry,
new_dir, new_dentry);
}
-int security_inode_readlink (struct dentry *dentry)
+int security_inode_readlink(struct dentry *dentry)
{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ if (unlikely(IS_PRIVATE(dentry->d_inode)))
return 0;
- return security_ops->inode_readlink (dentry);
+ return security_ops->inode_readlink(dentry);
}
-int security_inode_follow_link (struct dentry *dentry, struct nameidata *nd)
+int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd)
{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ if (unlikely(IS_PRIVATE(dentry->d_inode)))
return 0;
- return security_ops->inode_follow_link (dentry, nd);
+ return security_ops->inode_follow_link(dentry, nd);
}
-int security_inode_permission (struct inode *inode, int mask, struct nameidata *nd)
+int security_inode_permission(struct inode *inode, int mask, struct nameidata *nd)
{
- if (unlikely (IS_PRIVATE (inode)))
+ if (unlikely(IS_PRIVATE(inode)))
return 0;
- return security_ops->inode_permission (inode, mask, nd);
+ return security_ops->inode_permission(inode, mask, nd);
}
-int security_inode_setattr (struct dentry *dentry, struct iattr *attr)
+int security_inode_setattr(struct dentry *dentry, struct iattr *attr)
{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ if (unlikely(IS_PRIVATE(dentry->d_inode)))
return 0;
- return security_ops->inode_setattr (dentry, attr);
+ return security_ops->inode_setattr(dentry, attr);
}
-int security_inode_getattr (struct vfsmount *mnt, struct dentry *dentry)
+int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry)
{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ if (unlikely(IS_PRIVATE(dentry->d_inode)))
return 0;
- return security_ops->inode_getattr (mnt, dentry);
+ return security_ops->inode_getattr(mnt, dentry);
}
-void security_inode_delete (struct inode *inode)
+void security_inode_delete(struct inode *inode)
{
- if (unlikely (IS_PRIVATE (inode)))
+ if (unlikely(IS_PRIVATE(inode)))
return;
- security_ops->inode_delete (inode);
+ security_ops->inode_delete(inode);
}
-int security_inode_setxattr (struct dentry *dentry, char *name,
+int security_inode_setxattr(struct dentry *dentry, char *name,
void *value, size_t size, int flags)
{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ if (unlikely(IS_PRIVATE(dentry->d_inode)))
return 0;
- return security_ops->inode_setxattr (dentry, name, value, size, flags);
+ return security_ops->inode_setxattr(dentry, name, value, size, flags);
}
-void security_inode_post_setxattr (struct dentry *dentry, char *name,
+void security_inode_post_setxattr(struct dentry *dentry, char *name,
void *value, size_t size, int flags)
{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ if (unlikely(IS_PRIVATE(dentry->d_inode)))
return;
- security_ops->inode_post_setxattr (dentry, name, value, size, flags);
+ security_ops->inode_post_setxattr(dentry, name, value, size, flags);
}
-int security_inode_getxattr (struct dentry *dentry, char *name)
+int security_inode_getxattr(struct dentry *dentry, char *name)
{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ if (unlikely(IS_PRIVATE(dentry->d_inode)))
return 0;
- return security_ops->inode_getxattr (dentry, name);
+ return security_ops->inode_getxattr(dentry, name);
}
-int security_inode_listxattr (struct dentry *dentry)
+int security_inode_listxattr(struct dentry *dentry)
{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ if (unlikely(IS_PRIVATE(dentry->d_inode)))
return 0;
- return security_ops->inode_listxattr (dentry);
+ return security_ops->inode_listxattr(dentry);
}
-int security_inode_removexattr (struct dentry *dentry, char *name)
+int security_inode_removexattr(struct dentry *dentry, char *name)
{
- if (unlikely (IS_PRIVATE (dentry->d_inode)))
+ if (unlikely(IS_PRIVATE(dentry->d_inode)))
return 0;
- return security_ops->inode_removexattr (dentry, name);
+ return security_ops->inode_removexattr(dentry, name);
}
const char *security_inode_xattr_getsuffix(void)
@@ -521,197 +521,197 @@ const char *security_inode_xattr_getsuff
int security_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err)
{
- if (unlikely (IS_PRIVATE (inode)))
+ if (unlikely(IS_PRIVATE(inode)))
return 0;
return security_ops->inode_getsecurity(inode, name, buffer, size, err);
}
int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
{
- if (unlikely (IS_PRIVATE (inode)))
+ if (unlikely(IS_PRIVATE(inode)))
return 0;
return security_ops->inode_setsecurity(inode, name, value, size, flags);
}
int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)
{
- if (unlikely (IS_PRIVATE (inode)))
+ if (unlikely(IS_PRIVATE(inode)))
return 0;
return security_ops->inode_listsecurity(inode, buffer, buffer_size);
}
-int security_file_permission (struct file *file, int mask)
+int security_file_permission(struct file *file, int mask)
{
- return security_ops->file_permission (file, mask);
+ return security_ops->file_permission(file, mask);
}
-int security_file_alloc (struct file *file)
+int security_file_alloc(struct file *file)
{
- return security_ops->file_alloc_security (file);
+ return security_ops->file_alloc_security(file);
}
-void security_file_free (struct file *file)
+void security_file_free(struct file *file)
{
- security_ops->file_free_security (file);
+ security_ops->file_free_security(file);
}
-int security_file_ioctl (struct file *file, unsigned int cmd, unsigned long arg)
+int security_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
{
- return security_ops->file_ioctl (file, cmd, arg);
+ return security_ops->file_ioctl(file, cmd, arg);
}
-int security_file_mmap (struct file *file, unsigned long reqprot,
+int security_file_mmap(struct file *file, unsigned long reqprot,
unsigned long prot, unsigned long flags,
unsigned long addr, unsigned long addr_only)
{
- return security_ops->file_mmap (file, reqprot, prot, flags, addr, addr_only);
+ return security_ops->file_mmap(file, reqprot, prot, flags, addr, addr_only);
}
-int security_file_mprotect (struct vm_area_struct *vma, unsigned long reqprot,
+int security_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
unsigned long prot)
{
- return security_ops->file_mprotect (vma, reqprot, prot);
+ return security_ops->file_mprotect(vma, reqprot, prot);
}
-int security_file_lock (struct file *file, unsigned int cmd)
+int security_file_lock(struct file *file, unsigned int cmd)
{
- return security_ops->file_lock (file, cmd);
+ return security_ops->file_lock(file, cmd);
}
-int security_file_fcntl (struct file *file, unsigned int cmd, unsigned long arg)
+int security_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg)
{
- return security_ops->file_fcntl (file, cmd, arg);
+ return security_ops->file_fcntl(file, cmd, arg);
}
-int security_file_set_fowner (struct file *file)
+int security_file_set_fowner(struct file *file)
{
- return security_ops->file_set_fowner (file);
+ return security_ops->file_set_fowner(file);
}
-int security_file_send_sigiotask (struct task_struct *tsk,
+int security_file_send_sigiotask(struct task_struct *tsk,
struct fown_struct *fown, int sig)
{
- return security_ops->file_send_sigiotask (tsk, fown, sig);
+ return security_ops->file_send_sigiotask(tsk, fown, sig);
}
-int security_file_receive (struct file *file)
+int security_file_receive(struct file *file)
{
- return security_ops->file_receive (file);
+ return security_ops->file_receive(file);
}
-int security_task_create (unsigned long clone_flags)
+int security_task_create(unsigned long clone_flags)
{
- return security_ops->task_create (clone_flags);
+ return security_ops->task_create(clone_flags);
}
-int security_task_alloc (struct task_struct *p)
+int security_task_alloc(struct task_struct *p)
{
- return security_ops->task_alloc_security (p);
+ return security_ops->task_alloc_security(p);
}
-void security_task_free (struct task_struct *p)
+void security_task_free(struct task_struct *p)
{
- security_ops->task_free_security (p);
+ security_ops->task_free_security(p);
}
-int security_task_setuid (uid_t id0, uid_t id1, uid_t id2, int flags)
+int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags)
{
- return security_ops->task_setuid (id0, id1, id2, flags);
+ return security_ops->task_setuid(id0, id1, id2, flags);
}
-int security_task_post_setuid (uid_t old_ruid, uid_t old_euid,
+int security_task_post_setuid(uid_t old_ruid, uid_t old_euid,
uid_t old_suid, int flags)
{
- return security_ops->task_post_setuid (old_ruid, old_euid, old_suid, flags);
+ return security_ops->task_post_setuid(old_ruid, old_euid, old_suid, flags);
}
-int security_task_setgid (gid_t id0, gid_t id1, gid_t id2, int flags)
+int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags)
{
- return security_ops->task_setgid (id0, id1, id2, flags);
+ return security_ops->task_setgid(id0, id1, id2, flags);
}
-int security_task_setpgid (struct task_struct *p, pid_t pgid)
+int security_task_setpgid(struct task_struct *p, pid_t pgid)
{
- return security_ops->task_setpgid (p, pgid);
+ return security_ops->task_setpgid(p, pgid);
}
-int security_task_getpgid (struct task_struct *p)
+int security_task_getpgid(struct task_struct *p)
{
- return security_ops->task_getpgid (p);
+ return security_ops->task_getpgid(p);
}
-int security_task_getsid (struct task_struct *p)
+int security_task_getsid(struct task_struct *p)
{
- return security_ops->task_getsid (p);
+ return security_ops->task_getsid(p);
}
-void security_task_getsecid (struct task_struct *p, u32 *secid)
+void security_task_getsecid(struct task_struct *p, u32 *secid)
{
- security_ops->task_getsecid (p, secid);
+ security_ops->task_getsecid(p, secid);
}
EXPORT_SYMBOL(security_task_getsecid);
-int security_task_setgroups (struct group_info *group_info)
+int security_task_setgroups(struct group_info *group_info)
{
- return security_ops->task_setgroups (group_info);
+ return security_ops->task_setgroups(group_info);
}
-int security_task_setnice (struct task_struct *p, int nice)
+int security_task_setnice(struct task_struct *p, int nice)
{
- return security_ops->task_setnice (p, nice);
+ return security_ops->task_setnice(p, nice);
}
-int security_task_setioprio (struct task_struct *p, int ioprio)
+int security_task_setioprio(struct task_struct *p, int ioprio)
{
- return security_ops->task_setioprio (p, ioprio);
+ return security_ops->task_setioprio(p, ioprio);
}
-int security_task_getioprio (struct task_struct *p)
+int security_task_getioprio(struct task_struct *p)
{
- return security_ops->task_getioprio (p);
+ return security_ops->task_getioprio(p);
}
-int security_task_setrlimit (unsigned int resource, struct rlimit *new_rlim)
+int security_task_setrlimit(unsigned int resource, struct rlimit *new_rlim)
{
- return security_ops->task_setrlimit (resource, new_rlim);
+ return security_ops->task_setrlimit(resource, new_rlim);
}
-int security_task_setscheduler (struct task_struct *p,
+int security_task_setscheduler(struct task_struct *p,
int policy, struct sched_param *lp)
{
- return security_ops->task_setscheduler (p, policy, lp);
+ return security_ops->task_setscheduler(p, policy, lp);
}
-int security_task_getscheduler (struct task_struct *p)
+int security_task_getscheduler(struct task_struct *p)
{
- return security_ops->task_getscheduler (p);
+ return security_ops->task_getscheduler(p);
}
-int security_task_movememory (struct task_struct *p)
+int security_task_movememory(struct task_struct *p)
{
- return security_ops->task_movememory (p);
+ return security_ops->task_movememory(p);
}
-int security_task_kill (struct task_struct *p, struct siginfo *info,
+int security_task_kill(struct task_struct *p, struct siginfo *info,
int sig, u32 secid)
{
- return security_ops->task_kill (p, info, sig, secid);
+ return security_ops->task_kill(p, info, sig, secid);
}
-int security_task_wait (struct task_struct *p)
+int security_task_wait(struct task_struct *p)
{
- return security_ops->task_wait (p);
+ return security_ops->task_wait(p);
}
-int security_task_prctl (int option, unsigned long arg2, unsigned long arg3,
+int security_task_prctl(int option, unsigned long arg2, unsigned long arg3,
unsigned long arg4, unsigned long arg5)
{
- return security_ops->task_prctl (option, arg2, arg3, arg4, arg5);
+ return security_ops->task_prctl(option, arg2, arg3, arg4, arg5);
}
-void security_task_reparent_to_init (struct task_struct *p)
+void security_task_reparent_to_init(struct task_struct *p)
{
- security_ops->task_reparent_to_init (p);
+ security_ops->task_reparent_to_init(p);
}
void security_task_to_inode(struct task_struct *p, struct inode *inode)
@@ -719,109 +719,109 @@ void security_task_to_inode(struct task_
security_ops->task_to_inode(p, inode);
}
-int security_ipc_permission (struct kern_ipc_perm *ipcp, short flag)
+int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag)
{
- return security_ops->ipc_permission (ipcp, flag);
+ return security_ops->ipc_permission(ipcp, flag);
}
-int security_msg_msg_alloc (struct msg_msg * msg)
+int security_msg_msg_alloc(struct msg_msg *msg)
{
- return security_ops->msg_msg_alloc_security (msg);
+ return security_ops->msg_msg_alloc_security(msg);
}
-void security_msg_msg_free (struct msg_msg * msg)
+void security_msg_msg_free(struct msg_msg *msg)
{
security_ops->msg_msg_free_security(msg);
}
-int security_msg_queue_alloc (struct msg_queue *msq)
+int security_msg_queue_alloc(struct msg_queue *msq)
{
- return security_ops->msg_queue_alloc_security (msq);
+ return security_ops->msg_queue_alloc_security(msq);
}
-void security_msg_queue_free (struct msg_queue *msq)
+void security_msg_queue_free(struct msg_queue *msq)
{
- security_ops->msg_queue_free_security (msq);
+ security_ops->msg_queue_free_security(msq);
}
-int security_msg_queue_associate (struct msg_queue * msq, int msqflg)
+int security_msg_queue_associate(struct msg_queue *msq, int msqflg)
{
- return security_ops->msg_queue_associate (msq, msqflg);
+ return security_ops->msg_queue_associate(msq, msqflg);
}
-int security_msg_queue_msgctl (struct msg_queue * msq, int cmd)
+int security_msg_queue_msgctl(struct msg_queue *msq, int cmd)
{
- return security_ops->msg_queue_msgctl (msq, cmd);
+ return security_ops->msg_queue_msgctl(msq, cmd);
}
-int security_msg_queue_msgsnd (struct msg_queue * msq,
- struct msg_msg * msg, int msqflg)
+int security_msg_queue_msgsnd(struct msg_queue *msq,
+ struct msg_msg *msg, int msqflg)
{
- return security_ops->msg_queue_msgsnd (msq, msg, msqflg);
+ return security_ops->msg_queue_msgsnd(msq, msg, msqflg);
}
-int security_msg_queue_msgrcv (struct msg_queue * msq, struct msg_msg * msg,
- struct task_struct * target, long type, int mode)
+int security_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg,
+ struct task_struct *target, long type, int mode)
{
- return security_ops->msg_queue_msgrcv (msq, msg, target, type, mode);
+ return security_ops->msg_queue_msgrcv(msq, msg, target, type, mode);
}
-int security_shm_alloc (struct shmid_kernel *shp)
+int security_shm_alloc(struct shmid_kernel *shp)
{
- return security_ops->shm_alloc_security (shp);
+ return security_ops->shm_alloc_security(shp);
}
-void security_shm_free (struct shmid_kernel *shp)
+void security_shm_free(struct shmid_kernel *shp)
{
- security_ops->shm_free_security (shp);
+ security_ops->shm_free_security(shp);
}
-int security_shm_associate (struct shmid_kernel * shp, int shmflg)
+int security_shm_associate(struct shmid_kernel *shp, int shmflg)
{
return security_ops->shm_associate(shp, shmflg);
}
-int security_shm_shmctl (struct shmid_kernel * shp, int cmd)
+int security_shm_shmctl(struct shmid_kernel *shp, int cmd)
{
- return security_ops->shm_shmctl (shp, cmd);
+ return security_ops->shm_shmctl(shp, cmd);
}
-int security_shm_shmat (struct shmid_kernel * shp, char __user *shmaddr, int shmflg)
+int security_shm_shmat(struct shmid_kernel *shp, char __user *shmaddr, int shmflg)
{
return security_ops->shm_shmat(shp, shmaddr, shmflg);
}
-int security_sem_alloc (struct sem_array *sma)
+int security_sem_alloc(struct sem_array *sma)
{
- return security_ops->sem_alloc_security (sma);
+ return security_ops->sem_alloc_security(sma);
}
-void security_sem_free (struct sem_array *sma)
+void security_sem_free(struct sem_array *sma)
{
- security_ops->sem_free_security (sma);
+ security_ops->sem_free_security(sma);
}
-int security_sem_associate (struct sem_array * sma, int semflg)
+int security_sem_associate(struct sem_array *sma, int semflg)
{
- return security_ops->sem_associate (sma, semflg);
+ return security_ops->sem_associate(sma, semflg);
}
-int security_sem_semctl (struct sem_array * sma, int cmd)
+int security_sem_semctl(struct sem_array *sma, int cmd)
{
return security_ops->sem_semctl(sma, cmd);
}
-int security_sem_semop (struct sem_array * sma, struct sembuf * sops,
+int security_sem_semop(struct sem_array *sma, struct sembuf *sops,
unsigned nsops, int alter)
{
return security_ops->sem_semop(sma, sops, nsops, alter);
}
-void security_d_instantiate (struct dentry *dentry, struct inode *inode)
+void security_d_instantiate(struct dentry *dentry, struct inode *inode)
{
- if (unlikely (inode && IS_PRIVATE (inode)))
+ if (unlikely(inode && IS_PRIVATE(inode)))
return;
- security_ops->d_instantiate (dentry, inode);
+ security_ops->d_instantiate(dentry, inode);
}
EXPORT_SYMBOL(security_d_instantiate);
@@ -835,13 +835,13 @@ int security_setprocattr(struct task_str
return security_ops->setprocattr(p, name, value, size);
}
-int security_netlink_send(struct sock *sk, struct sk_buff * skb)
+int security_netlink_send(struct sock *sk, struct sk_buff *skb)
{
return security_ops->netlink_send(sk, skb);
}
EXPORT_SYMBOL(security_netlink_send);
-int security_netlink_recv(struct sk_buff * skb, int cap)
+int security_netlink_recv(struct sk_buff *skb, int cap)
{
return security_ops->netlink_recv(skb, cap);
}
@@ -861,95 +861,95 @@ EXPORT_SYMBOL(security_release_secctx);
#ifdef CONFIG_SECURITY_NETWORK
-int security_unix_stream_connect(struct socket * sock, struct socket * other,
- struct sock * newsk)
+int security_unix_stream_connect(struct socket *sock, struct socket *other,
+ struct sock *newsk)
{
return security_ops->unix_stream_connect(sock, other, newsk);
}
EXPORT_SYMBOL(security_unix_stream_connect);
-int security_unix_may_send(struct socket * sock, struct socket * other)
+int security_unix_may_send(struct socket *sock, struct socket *other)
{
return security_ops->unix_may_send(sock, other);
}
EXPORT_SYMBOL(security_unix_may_send);
-int security_socket_create (int family, int type, int protocol, int kern)
+int security_socket_create(int family, int type, int protocol, int kern)
{
return security_ops->socket_create(family, type, protocol, kern);
}
-int security_socket_post_create(struct socket * sock, int family,
+int security_socket_post_create(struct socket *sock, int family,
int type, int protocol, int kern)
{
return security_ops->socket_post_create(sock, family, type,
protocol, kern);
}
-int security_socket_bind(struct socket * sock, struct sockaddr * address, int addrlen)
+int security_socket_bind(struct socket *sock, struct sockaddr *address, int addrlen)
{
return security_ops->socket_bind(sock, address, addrlen);
}
-int security_socket_connect(struct socket * sock, struct sockaddr * address, int addrlen)
+int security_socket_connect(struct socket *sock, struct sockaddr *address, int addrlen)
{
return security_ops->socket_connect(sock, address, addrlen);
}
-int security_socket_listen(struct socket * sock, int backlog)
+int security_socket_listen(struct socket *sock, int backlog)
{
return security_ops->socket_listen(sock, backlog);
}
-int security_socket_accept(struct socket * sock, struct socket * newsock)
+int security_socket_accept(struct socket *sock, struct socket *newsock)
{
return security_ops->socket_accept(sock, newsock);
}
-void security_socket_post_accept(struct socket * sock, struct socket * newsock)
+void security_socket_post_accept(struct socket *sock, struct socket *newsock)
{
security_ops->socket_post_accept(sock, newsock);
}
-int security_socket_sendmsg(struct socket * sock, struct msghdr * msg, int size)
+int security_socket_sendmsg(struct socket *sock, struct msghdr *msg, int size)
{
return security_ops->socket_sendmsg(sock, msg, size);
}
-int security_socket_recvmsg(struct socket * sock, struct msghdr * msg,
+int security_socket_recvmsg(struct socket *sock, struct msghdr *msg,
int size, int flags)
{
return security_ops->socket_recvmsg(sock, msg, size, flags);
}
-int security_socket_getsockname(struct socket * sock)
+int security_socket_getsockname(struct socket *sock)
{
return security_ops->socket_getsockname(sock);
}
-int security_socket_getpeername(struct socket * sock)
+int security_socket_getpeername(struct socket *sock)
{
return security_ops->socket_getpeername(sock);
}
-int security_socket_getsockopt(struct socket * sock, int level, int optname)
+int security_socket_getsockopt(struct socket *sock, int level, int optname)
{
return security_ops->socket_getsockopt(sock, level, optname);
}
-int security_socket_setsockopt(struct socket * sock, int level, int optname)
+int security_socket_setsockopt(struct socket *sock, int level, int optname)
{
return security_ops->socket_setsockopt(sock, level, optname);
}
-int security_socket_shutdown(struct socket * sock, int how)
+int security_socket_shutdown(struct socket *sock, int how)
{
return security_ops->socket_shutdown(sock, how);
}
-int security_sock_rcv_skb (struct sock * sk, struct sk_buff * skb)
+int security_sock_rcv_skb(struct sock *sk, struct sk_buff *skb)
{
- return security_ops->socket_sock_rcv_skb (sk, skb);
+ return security_ops->socket_sock_rcv_skb(sk, skb);
}
EXPORT_SYMBOL(security_sock_rcv_skb);
@@ -992,7 +992,7 @@ void security_req_classify_flow(const st
}
EXPORT_SYMBOL(security_req_classify_flow);
-void security_sock_graft(struct sock* sk, struct socket *parent)
+void security_sock_graft(struct sock *sk, struct socket *parent)
{
security_ops->sock_graft(sk, parent);
}
_
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 1:35 ` Andrew Morton
@ 2007-07-19 2:42 ` James Morris
2007-07-19 3:35 ` david
2007-07-19 5:31 ` Greg KH
2007-07-19 7:39 ` Christian Ehrhardt
1 sibling, 2 replies; 33+ messages in thread
From: James Morris @ 2007-07-19 2:42 UTC (permalink / raw)
To: Andrew Morton
Cc: Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
On Wed, 18 Jul 2007, Andrew Morton wrote:
> > The SECURITY_FRAMEWORK_VERSION macro has also been removed.
>
> I'd like to understand who is (or claims to be) adversely affected by this
> change, and what their complaints (if any) will be.
>
> Because I prefer my flamewars pre- rather than post-merge.
This was already discussed and resolved during previous postings of the
patch.
In a nutshell, there is no safe way to unload an LSM. The modular
interface is thus unecessary and broken infrastructure. It is used only
by out-of-tree modules, which are often binary-only, illegal, abusive of
the API and dangerous, e.g. silently re-vectoring SELinux.
Chris has already agreed to take the patch:
http://lkml.org/lkml/2007/6/24/152
> aww man, you passed over an opportunity to fix vast amounts of coding style
> cruftiness.
GregKH-esque :-)
> <does whizzy things>
>
> Here you go..
Thanks.
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 2:42 ` James Morris
@ 2007-07-19 3:35 ` david
2007-07-19 5:31 ` Greg KH
1 sibling, 0 replies; 33+ messages in thread
From: david @ 2007-07-19 3:35 UTC (permalink / raw)
To: James Morris
Cc: Andrew Morton, Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
On Wed, 18 Jul 2007, James Morris wrote:
>
> On Wed, 18 Jul 2007, Andrew Morton wrote:
>
>>> The SECURITY_FRAMEWORK_VERSION macro has also been removed.
>>
>> I'd like to understand who is (or claims to be) adversely affected by this
>> change, and what their complaints (if any) will be.
>>
>> Because I prefer my flamewars pre- rather than post-merge.
>
> This was already discussed and resolved during previous postings of the
> patch.
>
> In a nutshell, there is no safe way to unload an LSM. The modular
> interface is thus unecessary and broken infrastructure. It is used only
> by out-of-tree modules, which are often binary-only, illegal, abusive of
> the API and dangerous, e.g. silently re-vectoring SELinux.
there's a difference between 'often' and 'always'. I really don't think
you want to start that sort of argument (after all, would you like it if
the MPAA argued "dvd burners are often used to make pirate copies, let's
make it so that they won't burn anything without being given a special
key"?)
and arguing that the LSM is only used by out-of-tree modules and then
strenuously opposing mergeing of such modules means that one of your
arguments is bogus
David Lang
> Chris has already agreed to take the patch:
> http://lkml.org/lkml/2007/6/24/152
>
>
>> aww man, you passed over an opportunity to fix vast amounts of coding style
>> cruftiness.
>
> GregKH-esque :-)
>
>> <does whizzy things>
>>
>> Here you go..
>
> Thanks.
>
>
>
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 2:42 ` James Morris
2007-07-19 3:35 ` david
@ 2007-07-19 5:31 ` Greg KH
1 sibling, 0 replies; 33+ messages in thread
From: Greg KH @ 2007-07-19 5:31 UTC (permalink / raw)
To: James Morris
Cc: Andrew Morton, Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
On Wed, Jul 18, 2007 at 10:42:09PM -0400, James Morris wrote:
> On Wed, 18 Jul 2007, Andrew Morton wrote:
> > aww man, you passed over an opportunity to fix vast amounts of coding style
> > cruftiness.
>
> GregKH-esque :-)
Yeah, sorry, that was when I was young and foolish and liked to bang on
the spacebar more than I should have :)
greg k-h
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 1:35 ` Andrew Morton
2007-07-19 2:42 ` James Morris
@ 2007-07-19 7:39 ` Christian Ehrhardt
2007-07-19 12:24 ` Serge E. Hallyn
1 sibling, 1 reply; 33+ messages in thread
From: Christian Ehrhardt @ 2007-07-19 7:39 UTC (permalink / raw)
To: Andrew Morton
Cc: James Morris, Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
[-- Attachment #1: Type: text/plain, Size: 1588 bytes --]
On Wed, Jul 18, 2007 at 06:35:03PM -0700, Andrew Morton wrote:
> On Sat, 14 Jul 2007 12:37:01 -0400 (EDT)
> James Morris <jmorris@namei.org> wrote:
>
> > Convert LSM into a static interface, as the ability to unload a security
> > module is not required by in-tree users and potentially complicates the
> > overall security architecture.
> >
> > Needlessly exported LSM symbols have been unexported, to help reduce API
> > abuse.
> >
> > Parameters for the capability and root_plug modules are now specified
> > at boot.
> >
> > The SECURITY_FRAMEWORK_VERSION macro has also been removed.
>
> I'd like to understand who is (or claims to be) adversely affected by this
> change, and what their complaints (if any) will be.
I am currently loading and unloading a prototype like security module
on a regular basis. The fact that such a module can be loaded and
unloaded (albeit in an unsecure way) greatly simplifies development.
Thus this change will adversely affect me and probably also others that
develop LSMs.
Additionally deployment of and choice among legitimate security modules
that may or may not (yet) be part of the main kernel tree is simplified by
an option to load these security modules (e.g. at boot time) into a running
kernel. This way a distribution can provide AppArmor, SELinux, SecLevl and
whatever as options very much in the same way that this works for a driver.
> Because I prefer my flamewars pre- rather than post-merge.
You asked for oppinion. I do not plan to engage in any flamewars.
regards Christian
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 7:39 ` Christian Ehrhardt
@ 2007-07-19 12:24 ` Serge E. Hallyn
2007-07-19 12:37 ` James Morris
2007-07-19 16:54 ` Arjan van de Ven
0 siblings, 2 replies; 33+ messages in thread
From: Serge E. Hallyn @ 2007-07-19 12:24 UTC (permalink / raw)
To: Christian Ehrhardt
Cc: Andrew Morton, James Morris, Chris Wright, linux-kernel,
linux-security-module, Stephen Smalley, Serge E. Hallyn,
Arjan van de Ven
Quoting Christian Ehrhardt (lk@c--e.de):
> On Wed, Jul 18, 2007 at 06:35:03PM -0700, Andrew Morton wrote:
> > On Sat, 14 Jul 2007 12:37:01 -0400 (EDT)
> > James Morris <jmorris@namei.org> wrote:
> >
> > > Convert LSM into a static interface, as the ability to unload a security
> > > module is not required by in-tree users and potentially complicates the
> > > overall security architecture.
> > >
> > > Needlessly exported LSM symbols have been unexported, to help reduce API
> > > abuse.
> > >
> > > Parameters for the capability and root_plug modules are now specified
> > > at boot.
> > >
> > > The SECURITY_FRAMEWORK_VERSION macro has also been removed.
> >
> > I'd like to understand who is (or claims to be) adversely affected by this
> > change, and what their complaints (if any) will be.
>
> I am currently loading and unloading a prototype like security module
> on a regular basis. The fact that such a module can be loaded and
> unloaded (albeit in an unsecure way) greatly simplifies development.
> Thus this change will adversely affect me and probably also others that
> develop LSMs.
>
> Additionally deployment of and choice among legitimate security modules
> that may or may not (yet) be part of the main kernel tree is simplified by
> an option to load these security modules (e.g. at boot time) into a running
Right, the ability to boot with security.capability=disabpled (or
whatever) and then load a custom module without having to use a whole
new kernel is something I'm sure end-users want.
Especially since compiling a kernel which works with, say, a default
fedora install, with lvm etc, is not imo for a novice (where novice
!= security novice).
Maybe there are no out of tree modules being used this way, or maybe
there are but I just don't know about them, or maybe like James says
they are all illegal modules and kill a puppy every time they are
loaded.
> kernel. This way a distribution can provide AppArmor, SELinux, SecLevl and
> whatever as options very much in the same way that this works for a driver.
>
> > Because I prefer my flamewars pre- rather than post-merge.
>
> You asked for oppinion. I do not plan to engage in any flamewars.
Ditto. There is very loud support for this - which may mean there is
*broad* support for it.
If we could get a few (non-afilliated :) people who work with
customers in the security field to tell us whether this is being
used, that would be very helpful. Not sure how to get that.
Or we just apply the patch and see who yells :)
-serge
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 12:24 ` Serge E. Hallyn
@ 2007-07-19 12:37 ` James Morris
2007-07-19 12:42 ` Serge E. Hallyn
2007-07-19 12:56 ` Scott Preece
2007-07-19 16:54 ` Arjan van de Ven
1 sibling, 2 replies; 33+ messages in thread
From: James Morris @ 2007-07-19 12:37 UTC (permalink / raw)
To: Serge E. Hallyn
Cc: Christian Ehrhardt, Andrew Morton, Chris Wright, linux-kernel,
linux-security-module, Stephen Smalley, Serge E. Hallyn,
Arjan van de Ven
On Thu, 19 Jul 2007, Serge E. Hallyn wrote:
> If we could get a few (non-afilliated :) people who work with
> customers in the security field to tell us whether this is being
> used, that would be very helpful. Not sure how to get that.
The mainline kernel does not cater to out of tree code.
> Or we just apply the patch and see who yells :)
It's already pretty clear.
- James
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 12:37 ` James Morris
@ 2007-07-19 12:42 ` Serge E. Hallyn
2007-07-19 13:00 ` James Morris
2007-07-19 12:56 ` Scott Preece
1 sibling, 1 reply; 33+ messages in thread
From: Serge E. Hallyn @ 2007-07-19 12:42 UTC (permalink / raw)
To: James Morris
Cc: Serge E. Hallyn, Christian Ehrhardt, Andrew Morton, Chris Wright,
linux-kernel, linux-security-module, Stephen Smalley,
Serge E. Hallyn, Arjan van de Ven
Quoting James Morris (jmorris@namei.org):
> On Thu, 19 Jul 2007, Serge E. Hallyn wrote:
>
> > If we could get a few (non-afilliated :) people who work with
> > customers in the security field to tell us whether this is being
> > used, that would be very helpful. Not sure how to get that.
>
> The mainline kernel does not cater to out of tree code.
(Must... resist...)
> > Or we just apply the patch and see who yells :)
>
>
> It's already pretty clear.
I doubt anyone not on lkml or linux-security-module has heard of this.
So we'll see.
(I was, obviously, talking about end-users)
-serge
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 12:37 ` James Morris
2007-07-19 12:42 ` Serge E. Hallyn
@ 2007-07-19 12:56 ` Scott Preece
2007-07-19 13:15 ` Alan Cox
2007-07-19 13:16 ` Adrian Bunk
1 sibling, 2 replies; 33+ messages in thread
From: Scott Preece @ 2007-07-19 12:56 UTC (permalink / raw)
To: James Morris
Cc: Serge E. Hallyn, Christian Ehrhardt, Andrew Morton, Chris Wright,
linux-kernel, linux-security-module, Stephen Smalley,
Serge E. Hallyn, Arjan van de Ven
On 7/19/07, James Morris <jmorris@namei.org> wrote:
> On Thu, 19 Jul 2007, Serge E. Hallyn wrote:
>
> > If we could get a few (non-afilliated :) people who work with
> > customers in the security field to tell us whether this is being
> > used, that would be very helpful. Not sure how to get that.
>
> The mainline kernel does not cater to out of tree code.
Please distinguish between "cater to" and "support". If the kernel
didn't worry about supporting out-of-tree code, then why would there
be loadable module at all?
Christian Ehrhardt already pointed to two reasons for loadable LSMs
that are sufficient to justify keeping them - so you can replace them
iteratively while you're developing them or choose between
alternatives.
Another twist is to use a tool to generate the module from a
policy-definition file; this could be done at boot-time or could be
done to replace the current policy on a running system (perhaps to add
a new domain corresponding to a newly added service). Yes, this would
need to be done with a lot of care, but part of providing mechanism
(rather than policy) is enabling people to use the mechanism in the
ways they prefer.
scott
--
scott preece
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 12:42 ` Serge E. Hallyn
@ 2007-07-19 13:00 ` James Morris
2007-07-19 13:37 ` Serge E. Hallyn
0 siblings, 1 reply; 33+ messages in thread
From: James Morris @ 2007-07-19 13:00 UTC (permalink / raw)
To: Serge E. Hallyn
Cc: Andrew Morton, Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
On Thu, 19 Jul 2007, Serge E. Hallyn wrote:
> > It's already pretty clear.
>
> I doubt anyone not on lkml or linux-security-module has heard of this.
>
> So we'll see.
>
> (I was, obviously, talking about end-users)
If distributions are shipping binary modules and other out of tree code to
their users, then they should bear responsibility for supporting and
maintaining the infrastructure required for it, and not expect upstream
maintainers to do it for them.
Additionally, if they want to expose their users to risks arising from
broken and unecessary infrastructure, then they should bear the cost and
responsibility of doing that and not expect others to do so as well.
I don't see how this is even slightly difficult to understand.
- James
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
[not found] <OF54A17BCF.9A1D7004-ON8725731D.0044828E-8625731D.0046CAED@us.ibm.com>
@ 2007-07-19 13:01 ` James Morris
2007-07-19 13:19 ` James Morris
0 siblings, 1 reply; 33+ messages in thread
From: James Morris @ 2007-07-19 13:01 UTC (permalink / raw)
To: Jim Kovaric
Cc: Serge E. Hallyn, Andrew Morton, Arjan van de Ven, Chris Wright,
linux-kernel, linux-security-module, Christian Ehrhardt,
Stephen Smalley, serue
On Thu, 19 Jul 2007, Jim Kovaric wrote:
> IBMs TAMOS (Tivoli Access Manager for Operating systems) contains a
> loadable module,
> which is an "out of tree module", and registers "itself" as a security
> module during the TAMOS startup
> process. It also requires that SElinux be "disabled"
Please provide a link to the source code, so we can understand how you're
using the API.
- James
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 12:56 ` Scott Preece
@ 2007-07-19 13:15 ` Alan Cox
2007-07-19 13:30 ` Scott Preece
2007-07-19 13:16 ` Adrian Bunk
1 sibling, 1 reply; 33+ messages in thread
From: Alan Cox @ 2007-07-19 13:15 UTC (permalink / raw)
To: Scott Preece
Cc: James Morris, Serge E. Hallyn, Christian Ehrhardt, Andrew Morton,
Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
> Please distinguish between "cater to" and "support". If the kernel
> didn't worry about supporting out-of-tree code, then why would there
> be loadable module at all?
Memory usage, flexibility, debugging.
Module support was not added for external modules.
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 12:56 ` Scott Preece
2007-07-19 13:15 ` Alan Cox
@ 2007-07-19 13:16 ` Adrian Bunk
1 sibling, 0 replies; 33+ messages in thread
From: Adrian Bunk @ 2007-07-19 13:16 UTC (permalink / raw)
To: Scott Preece
Cc: James Morris, Serge E. Hallyn, Christian Ehrhardt, Andrew Morton,
Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
On Thu, Jul 19, 2007 at 07:56:53AM -0500, Scott Preece wrote:
> On 7/19/07, James Morris <jmorris@namei.org> wrote:
>> On Thu, 19 Jul 2007, Serge E. Hallyn wrote:
>>
>> > If we could get a few (non-afilliated :) people who work with
>> > customers in the security field to tell us whether this is being
>> > used, that would be very helpful. Not sure how to get that.
>>
>> The mainline kernel does not cater to out of tree code.
>
> Please distinguish between "cater to" and "support". If the kernel
> didn't worry about supporting out-of-tree code, then why would there
> be loadable module at all?
>...
Distribution kernels need modules or the kernel images would be
extremely large.
> Another twist is to use a tool to generate the module from a
> policy-definition file; this could be done at boot-time or could be
> done to replace the current policy on a running system (perhaps to add
> a new domain corresponding to a newly added service). Yes, this would
> need to be done with a lot of care, but part of providing mechanism
> (rather than policy) is enabling people to use the mechanism in the
> ways they prefer.
Why do you need to generate a module for changing a policy?
Software like SELinux contains the mechanisms to change the policy
without having to change the kernel.
> scott
cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 13:01 ` James Morris
@ 2007-07-19 13:19 ` James Morris
2007-07-19 13:58 ` Christoph Hellwig
2007-07-19 16:01 ` Greg KH
0 siblings, 2 replies; 33+ messages in thread
From: James Morris @ 2007-07-19 13:19 UTC (permalink / raw)
To: Jim Kovaric
Cc: Serge E. Hallyn, Andrew Morton, Arjan van de Ven, Chris Wright,
linux-kernel, linux-security-module, Stephen Smalley, serue
On Thu, 19 Jul 2007, James Morris wrote:
> On Thu, 19 Jul 2007, Jim Kovaric wrote:
>
> > IBMs TAMOS (Tivoli Access Manager for Operating systems) contains a
> > loadable module,
> > which is an "out of tree module", and registers "itself" as a security
> > module during the TAMOS startup
> > process. It also requires that SElinux be "disabled"
>
> Please provide a link to the source code, so we can understand how you're
> using the API.
I think I've found it:
ftp://ftp.software.ibm.com/software/tivoli_support/patches/patches_6.0.0/6.0.0-TIV-PDO-FP0007/6.0.0-TIV-PDO-Linux.i386-FP0007.tar
Is that correct?
kail_trap_syscalls()
seems to be revectoring the syscall table and siliently disabling any
active LSM.
kail_restore_syscalls()
attempts to restore them on module unload.
Is my understanding correct?
You're shipping this to customers as a security feature?
- James
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 13:15 ` Alan Cox
@ 2007-07-19 13:30 ` Scott Preece
0 siblings, 0 replies; 33+ messages in thread
From: Scott Preece @ 2007-07-19 13:30 UTC (permalink / raw)
To: Alan Cox
Cc: James Morris, Serge E. Hallyn, Christian Ehrhardt, Andrew Morton,
Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
On 7/19/07, Alan Cox <alan@lxorguk.ukuu.org.uk> wrote:
>
> > Please distinguish between "cater to" and "support". If the kernel
> > didn't worry about supporting out-of-tree code, then why would there
> > be loadable module at all?
>
> Memory usage, flexibility, debugging.
>
> Module support was not added for external modules.
>
Code that is being debugged is, often [usually, I hope], out-of-tree
code, though it may be aimed at future inclusion.
However, I do agree that there is value to having loadable modules for
in-tree functionality, too.
scott
--
scott preece
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 13:00 ` James Morris
@ 2007-07-19 13:37 ` Serge E. Hallyn
2007-07-19 16:25 ` Adrian Bunk
0 siblings, 1 reply; 33+ messages in thread
From: Serge E. Hallyn @ 2007-07-19 13:37 UTC (permalink / raw)
To: James Morris
Cc: Serge E. Hallyn, Andrew Morton, Chris Wright, linux-kernel,
linux-security-module, Stephen Smalley, Serge E. Hallyn,
Arjan van de Ven
Quoting James Morris (jmorris@namei.org):
> On Thu, 19 Jul 2007, Serge E. Hallyn wrote:
>
> > > It's already pretty clear.
> >
> > I doubt anyone not on lkml or linux-security-module has heard of this.
> >
> > So we'll see.
> >
> > (I was, obviously, talking about end-users)
>
> If distributions are shipping binary modules and other out of tree code to
> their users, then they should bear responsibility for supporting and
> maintaining the infrastructure required for it, and not expect upstream
> maintainers to do it for them.
>
> Additionally, if they want to expose their users to risks arising from
> broken and unecessary infrastructure, then they should bear the cost and
> responsibility of doing that and not expect others to do so as well.
>
> I don't see how this is even slightly difficult to understand.
I'm not talking about distros - I don't see how this is even slightly
difficult to understand :)
The situation I have in mind is someone who decideds to use, say, SLIM,
but wants to otherwise use the distro kernel.
James, relax, I'm done arguing against your patch, I just think
end-users/customers might complain.
-serge
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 13:19 ` James Morris
@ 2007-07-19 13:58 ` Christoph Hellwig
2007-07-19 16:01 ` Greg KH
1 sibling, 0 replies; 33+ messages in thread
From: Christoph Hellwig @ 2007-07-19 13:58 UTC (permalink / raw)
To: James Morris
Cc: Jim Kovaric, Serge E. Hallyn, Andrew Morton, Arjan van de Ven,
Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, serue
On Thu, Jul 19, 2007 at 09:19:56AM -0400, James Morris wrote:
> Is my understanding correct?
>
> You're shipping this to customers as a security feature?
It's the usual Tivoli crap, what would you expect?
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 13:19 ` James Morris
2007-07-19 13:58 ` Christoph Hellwig
@ 2007-07-19 16:01 ` Greg KH
1 sibling, 0 replies; 33+ messages in thread
From: Greg KH @ 2007-07-19 16:01 UTC (permalink / raw)
To: Jim Kovaric
Cc: Serge E. Hallyn, James Morris, Andrew Morton, Arjan van de Ven,
Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, serue
On Thu, Jul 19, 2007 at 09:19:56AM -0400, James Morris wrote:
> On Thu, 19 Jul 2007, James Morris wrote:
>
> > On Thu, 19 Jul 2007, Jim Kovaric wrote:
> >
> > > IBMs TAMOS (Tivoli Access Manager for Operating systems) contains a
> > > loadable module,
> > > which is an "out of tree module", and registers "itself" as a security
> > > module during the TAMOS startup
> > > process. It also requires that SElinux be "disabled"
> >
> > Please provide a link to the source code, so we can understand how you're
> > using the API.
>
> I think I've found it:
>
> ftp://ftp.software.ibm.com/software/tivoli_support/patches/patches_6.0.0/6.0.0-TIV-PDO-FP0007/6.0.0-TIV-PDO-Linux.i386-FP0007.tar
>
> Is that correct?
If so, that code seems to have been run through a "code obfuscator" and
as such, is not abiding by the GPL. Can IBM please post the real code
as the GPL requires?
Jim, if you are not the person to make this request too, can you point
me at the correct person?
thanks,
greg k-h
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 13:37 ` Serge E. Hallyn
@ 2007-07-19 16:25 ` Adrian Bunk
0 siblings, 0 replies; 33+ messages in thread
From: Adrian Bunk @ 2007-07-19 16:25 UTC (permalink / raw)
To: Serge E. Hallyn
Cc: James Morris, Serge E. Hallyn, Andrew Morton, Chris Wright,
linux-kernel, linux-security-module, Stephen Smalley,
Arjan van de Ven
On Thu, Jul 19, 2007 at 08:37:27AM -0500, Serge E. Hallyn wrote:
> Quoting James Morris (jmorris@namei.org):
> > On Thu, 19 Jul 2007, Serge E. Hallyn wrote:
> >
> > > > It's already pretty clear.
> > >
> > > I doubt anyone not on lkml or linux-security-module has heard of this.
> > >
> > > So we'll see.
> > >
> > > (I was, obviously, talking about end-users)
> >
> > If distributions are shipping binary modules and other out of tree code to
> > their users, then they should bear responsibility for supporting and
> > maintaining the infrastructure required for it, and not expect upstream
> > maintainers to do it for them.
> >
> > Additionally, if they want to expose their users to risks arising from
> > broken and unecessary infrastructure, then they should bear the cost and
> > responsibility of doing that and not expect others to do so as well.
> >
> > I don't see how this is even slightly difficult to understand.
>
> I'm not talking about distros - I don't see how this is even slightly
> difficult to understand :)
>
> The situation I have in mind is someone who decideds to use, say, SLIM,
> but wants to otherwise use the distro kernel.
>...
AFAIR this does anyway not work because at least the version of SLIM
that once was in -mm required some patching of the kernel.
> -serge
cu
Adrian
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 12:24 ` Serge E. Hallyn
2007-07-19 12:37 ` James Morris
@ 2007-07-19 16:54 ` Arjan van de Ven
2007-07-19 17:19 ` Serge E. Hallyn
2007-07-19 17:24 ` Christian Ehrhardt
1 sibling, 2 replies; 33+ messages in thread
From: Arjan van de Ven @ 2007-07-19 16:54 UTC (permalink / raw)
To: Serge E. Hallyn
Cc: Christian Ehrhardt, Andrew Morton, James Morris, Chris Wright,
linux-kernel, linux-security-module, Stephen Smalley,
Serge E. Hallyn
> Right, the ability to boot with security.capability=disabpled (or
> whatever) and then load a custom module without having to use a whole
> new kernel is something I'm sure end-users want.
>
> Especially since compiling a kernel which works with, say, a default
> fedora install, with lvm etc, is not imo for a novice (where novice
> != security novice).
the next step after this patch is to have an option to get rid of all
the function pointer chasing (which is expensive) for the case where you
know you only want one security module (which you then can turn on or
off)... that advantage is a performance gain for a lot of people.... but
if the person configuring the kernel selects this, it does mean there's
no way to load modules. I don't know what Fedora will do, but they might
select such an option. That's CHOICE... they chose a performance
improvement over enabling external kernel modules that they don't ship
anyway...
but is it really worth blocking such clear improvements in performance?
--
if you want to mail me at work (you don't), use arjan (at) linux.intel.com
Test the interaction between Linux and your BIOS via http://www.linuxfirmwarekit.org
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 16:54 ` Arjan van de Ven
@ 2007-07-19 17:19 ` Serge E. Hallyn
2007-07-19 17:34 ` Chris Wright
2007-07-19 18:00 ` Arjan van de Ven
2007-07-19 17:24 ` Christian Ehrhardt
1 sibling, 2 replies; 33+ messages in thread
From: Serge E. Hallyn @ 2007-07-19 17:19 UTC (permalink / raw)
To: Arjan van de Ven
Cc: Serge E. Hallyn, Christian Ehrhardt, Andrew Morton, James Morris,
Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn
Quoting Arjan van de Ven (arjan@infradead.org):
>
> > Right, the ability to boot with security.capability=disabpled (or
> > whatever) and then load a custom module without having to use a whole
> > new kernel is something I'm sure end-users want.
> >
> > Especially since compiling a kernel which works with, say, a default
> > fedora install, with lvm etc, is not imo for a novice (where novice
> > != security novice).
>
> the next step after this patch is to have an option to get rid of all
> the function pointer chasing (which is expensive) for the case where you
> know you only want one security module (which you then can turn on or
> off)... that advantage is a performance gain for a lot of people.... but
> if the person configuring the kernel selects this, it does mean there's
> no way to load modules. I don't know what Fedora will do, but they might
> select such an option. That's CHOICE...
War is peace
Freedom is slavery
Ignorance is strength
-1984
:)
Actually, given that when lsm was being introduced, lsm seemed to
improve performance overall, have you taken any measurements to show
that this is actually the case? Of course it makes sense that it would,
but witjout measurements we do not know.
> they chose a performance
> improvement over enabling external kernel modules that they don't ship
> anyway...
>
> but is it really worth blocking such clear improvements in performance?
I'm blocking nothing.
In fact I concede that this patch might force any out of tree module
authors to come to the table, which is a good thing.
-serge
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 16:54 ` Arjan van de Ven
2007-07-19 17:19 ` Serge E. Hallyn
@ 2007-07-19 17:24 ` Christian Ehrhardt
1 sibling, 0 replies; 33+ messages in thread
From: Christian Ehrhardt @ 2007-07-19 17:24 UTC (permalink / raw)
To: Arjan van de Ven
Cc: Serge E. Hallyn, Christian Ehrhardt, Andrew Morton, James Morris,
Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn
[-- Attachment #1: Type: text/plain, Size: 943 bytes --]
On Thu, Jul 19, 2007 at 09:54:30AM -0700, Arjan van de Ven wrote:
> the next step after this patch is to have an option to get rid of all
> the function pointer chasing (which is expensive) for the case where you
> know you only want one security module (which you then can turn on or
> off)... that advantage is a performance gain for a lot of people....
I'm pretty sure that at least the security_ops function pointers could be
resolved statically with some proprocessor trickery right now.
E.g. define macros for the security_* hooks in the single security module that
is configured statically and include those defines in security.h instead
of the prototypes for the inline functions. Am I missing something?
If a distribution enables such an option there is no way to load a
security module, true. This is what we have right now if the distro disables
loadable module support or disables security modules.
regards Christian
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 17:19 ` Serge E. Hallyn
@ 2007-07-19 17:34 ` Chris Wright
2007-07-19 18:00 ` Arjan van de Ven
1 sibling, 0 replies; 33+ messages in thread
From: Chris Wright @ 2007-07-19 17:34 UTC (permalink / raw)
To: Serge E. Hallyn
Cc: Arjan van de Ven, Serge E. Hallyn, Christian Ehrhardt,
Andrew Morton, James Morris, Chris Wright, linux-kernel,
linux-security-module, Stephen Smalley
* Serge E. Hallyn (serue@us.ibm.com) wrote:
> Actually, given that when lsm was being introduced, lsm seemed to
> improve performance overall, have you taken any measurements to show
> that this is actually the case? Of course it makes sense that it would,
> but witjout measurements we do not know.
Yes, it does. I have measured it as have others (esp. after Kurt
Garloff pointed out issues on ia64).
thanks,
-chris
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 17:19 ` Serge E. Hallyn
2007-07-19 17:34 ` Chris Wright
@ 2007-07-19 18:00 ` Arjan van de Ven
2007-07-19 18:10 ` Serge E. Hallyn
1 sibling, 1 reply; 33+ messages in thread
From: Arjan van de Ven @ 2007-07-19 18:00 UTC (permalink / raw)
To: Serge E. Hallyn
Cc: Serge E. Hallyn, Christian Ehrhardt, Andrew Morton, James Morris,
Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley
>
> :)
>
> Actually, given that when lsm was being introduced, lsm seemed to
> improve performance overall, have you taken any measurements to show
> that this is actually the case? Of course it makes sense that it would,
> but witjout measurements we do not know.
SuSE did a bunch of measurement I think a year ago and they showed a
several percent performance increase with a hack similar to the proposed
next step..
--
if you want to mail me at work (you don't), use arjan (at) linux.intel.com
Test the interaction between Linux and your BIOS via http://www.linuxfirmwarekit.org
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-19 18:00 ` Arjan van de Ven
@ 2007-07-19 18:10 ` Serge E. Hallyn
0 siblings, 0 replies; 33+ messages in thread
From: Serge E. Hallyn @ 2007-07-19 18:10 UTC (permalink / raw)
To: Arjan van de Ven
Cc: Serge E. Hallyn, Serge E. Hallyn, Christian Ehrhardt,
Andrew Morton, James Morris, Chris Wright, linux-kernel,
linux-security-module, Stephen Smalley
Quoting Arjan van de Ven (arjan@infradead.org):
>
> >
> > :)
> >
> > Actually, given that when lsm was being introduced, lsm seemed to
> > improve performance overall, have you taken any measurements to show
> > that this is actually the case? Of course it makes sense that it would,
> > but witjout measurements we do not know.
>
> SuSE did a bunch of measurement I think a year ago and they showed a
> several percent performance increase with a hack similar to the proposed
> next step..
Very good.
-serge
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-14 16:37 [PATCH try #3] security: Convert LSM into a static interface James Morris
2007-07-18 15:28 ` Arjan van de Ven
2007-07-19 1:35 ` Andrew Morton
@ 2007-07-24 8:02 ` Andrew Morton
2007-07-24 8:53 ` Greg KH
2 siblings, 1 reply; 33+ messages in thread
From: Andrew Morton @ 2007-07-24 8:02 UTC (permalink / raw)
To: James Morris
Cc: Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
On Sat, 14 Jul 2007 12:37:01 -0400 (EDT) James Morris <jmorris@namei.org> wrote:
> Convert LSM into a static interface
allmodconfig broke
security/built-in.o: In function `rootplug_bprm_check_security':
security/root_plug.c:64: undefined reference to `usb_find_device'
security/root_plug.c:70: undefined reference to `usb_put_dev'
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-24 8:02 ` Andrew Morton
@ 2007-07-24 8:53 ` Greg KH
2007-07-24 8:58 ` Andrew Morton
0 siblings, 1 reply; 33+ messages in thread
From: Greg KH @ 2007-07-24 8:53 UTC (permalink / raw)
To: Andrew Morton
Cc: James Morris, Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
On Tue, Jul 24, 2007 at 01:02:24AM -0700, Andrew Morton wrote:
> On Sat, 14 Jul 2007 12:37:01 -0400 (EDT) James Morris <jmorris@namei.org> wrote:
>
> > Convert LSM into a static interface
>
> allmodconfig broke
>
> security/built-in.o: In function `rootplug_bprm_check_security':
> security/root_plug.c:64: undefined reference to `usb_find_device'
> security/root_plug.c:70: undefined reference to `usb_put_dev'
That's wierd, who would have disabled the exports of those functions or
removed the "#include <linux/usb.h>" from this file?
thanks,
greg k-h
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-24 8:53 ` Greg KH
@ 2007-07-24 8:58 ` Andrew Morton
2007-07-24 18:25 ` Greg KH
0 siblings, 1 reply; 33+ messages in thread
From: Andrew Morton @ 2007-07-24 8:58 UTC (permalink / raw)
To: Greg KH
Cc: James Morris, Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
On Tue, 24 Jul 2007 01:53:58 -0700 Greg KH <greg@kroah.com> wrote:
> On Tue, Jul 24, 2007 at 01:02:24AM -0700, Andrew Morton wrote:
> > On Sat, 14 Jul 2007 12:37:01 -0400 (EDT) James Morris <jmorris@namei.org> wrote:
> >
> > > Convert LSM into a static interface
> >
> > allmodconfig broke
> >
> > security/built-in.o: In function `rootplug_bprm_check_security':
> > security/root_plug.c:64: undefined reference to `usb_find_device'
> > security/root_plug.c:70: undefined reference to `usb_put_dev'
>
> That's wierd, who would have disabled the exports of those functions or
> removed the "#include <linux/usb.h>" from this file?
>
root_plug is linked into vmlinux and usb is modular. I did this:
--- a/security/Kconfig~security-convert-lsm-into-a-static-interface-fix-2
+++ a/security/Kconfig
@@ -82,7 +82,7 @@ config SECURITY_CAPABILITIES
config SECURITY_ROOTPLUG
bool "Root Plug Support"
- depends on USB && SECURITY
+ depends on USB=y && SECURITY
help
This is a sample LSM module that should only be used as such.
It prevents any programs running with egid == 0 if a specific
_
I suppose we could do SECURITY_ROOTPLUG=m if USB=m, but I thought the
whole point was to disallow modular LSM clients?
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: [PATCH try #3] security: Convert LSM into a static interface
2007-07-24 8:58 ` Andrew Morton
@ 2007-07-24 18:25 ` Greg KH
0 siblings, 0 replies; 33+ messages in thread
From: Greg KH @ 2007-07-24 18:25 UTC (permalink / raw)
To: Andrew Morton
Cc: James Morris, Chris Wright, linux-kernel, linux-security-module,
Stephen Smalley, Serge E. Hallyn, Arjan van de Ven
On Tue, Jul 24, 2007 at 01:58:46AM -0700, Andrew Morton wrote:
> On Tue, 24 Jul 2007 01:53:58 -0700 Greg KH <greg@kroah.com> wrote:
>
> > On Tue, Jul 24, 2007 at 01:02:24AM -0700, Andrew Morton wrote:
> > > On Sat, 14 Jul 2007 12:37:01 -0400 (EDT) James Morris <jmorris@namei.org> wrote:
> > >
> > > > Convert LSM into a static interface
> > >
> > > allmodconfig broke
> > >
> > > security/built-in.o: In function `rootplug_bprm_check_security':
> > > security/root_plug.c:64: undefined reference to `usb_find_device'
> > > security/root_plug.c:70: undefined reference to `usb_put_dev'
> >
> > That's wierd, who would have disabled the exports of those functions or
> > removed the "#include <linux/usb.h>" from this file?
> >
>
> root_plug is linked into vmlinux and usb is modular. I did this:
>
> --- a/security/Kconfig~security-convert-lsm-into-a-static-interface-fix-2
> +++ a/security/Kconfig
> @@ -82,7 +82,7 @@ config SECURITY_CAPABILITIES
>
> config SECURITY_ROOTPLUG
> bool "Root Plug Support"
> - depends on USB && SECURITY
> + depends on USB=y && SECURITY
> help
> This is a sample LSM module that should only be used as such.
> It prevents any programs running with egid == 0 if a specific
That looks correct to me.
thanks,
greg k-h
^ permalink raw reply [flat|nested] 33+ messages in thread
end of thread, other threads:[~2007-07-24 20:02 UTC | newest]
Thread overview: 33+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-07-14 16:37 [PATCH try #3] security: Convert LSM into a static interface James Morris
2007-07-18 15:28 ` Arjan van de Ven
2007-07-19 1:35 ` Andrew Morton
2007-07-19 2:42 ` James Morris
2007-07-19 3:35 ` david
2007-07-19 5:31 ` Greg KH
2007-07-19 7:39 ` Christian Ehrhardt
2007-07-19 12:24 ` Serge E. Hallyn
2007-07-19 12:37 ` James Morris
2007-07-19 12:42 ` Serge E. Hallyn
2007-07-19 13:00 ` James Morris
2007-07-19 13:37 ` Serge E. Hallyn
2007-07-19 16:25 ` Adrian Bunk
2007-07-19 12:56 ` Scott Preece
2007-07-19 13:15 ` Alan Cox
2007-07-19 13:30 ` Scott Preece
2007-07-19 13:16 ` Adrian Bunk
2007-07-19 16:54 ` Arjan van de Ven
2007-07-19 17:19 ` Serge E. Hallyn
2007-07-19 17:34 ` Chris Wright
2007-07-19 18:00 ` Arjan van de Ven
2007-07-19 18:10 ` Serge E. Hallyn
2007-07-19 17:24 ` Christian Ehrhardt
2007-07-24 8:02 ` Andrew Morton
2007-07-24 8:53 ` Greg KH
2007-07-24 8:58 ` Andrew Morton
2007-07-24 18:25 ` Greg KH
[not found] <OF54A17BCF.9A1D7004-ON8725731D.0044828E-8625731D.0046CAED@us.ibm.com>
2007-07-19 13:01 ` James Morris
2007-07-19 13:19 ` James Morris
2007-07-19 13:58 ` Christoph Hellwig
2007-07-19 16:01 ` Greg KH
[not found] <Line.LNX.4.64.0706251953020.25122@localhost.localdomain.suse.lists.linux.kernel>
2007-06-26 5:21 ` Marcus Meissner
[not found] <20070617135239.GA17689@sergelap>
[not found] ` <4676007F.7060503@kernel.org>
[not found] ` <20070618044017.GW3723@sequoia.sous-sol.org>
[not found] ` <20070620171037.GA28670@sergelap.ibm.com>
[not found] ` <20070620174613.GF3723@sequoia.sous-sol.org>
2007-06-21 16:00 ` implement-file-posix-capabilities.patch Serge E. Hallyn
2007-06-23 8:13 ` implement-file-posix-capabilities.patch Andrew Morgan
2007-06-24 15:51 ` implement-file-posix-capabilities.patch Serge E. Hallyn
2007-06-24 16:18 ` implement-file-posix-capabilities.patch James Morris
2007-06-24 20:58 ` [PATCH][RFC] security: Convert LSM into a static interface James Morris
2007-06-24 22:09 ` Chris Wright
2007-06-25 4:33 ` [PATCH try #2] " James Morris
2007-06-25 16:59 ` Stephen Smalley
2007-06-25 23:56 ` [PATCH try #3] " James Morris
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox