security_fixup_ops

[Simon Arlott <simon@arlott.org>]

[-- Attachment #1: Type: text/plain, Size: 1557 bytes --]

Shouldn't security_fixup_ops be exported?

Otherwise I have to include the kernel's security/dummy.c to use it and there's no other way to fix all the ops for a secondary module without copying a list of all the ops, which may change in future kernels, into the module's code.

Unless of course including kernel source in modules is ok, because the module will need to have been compiled with the right version of struct security_operations anyway.

---
/* http://redrum.lp0.eu/portac/portac.c */

#include <../security/dummy.c>

struct security_operations portac_ops = { 
	.register_security = portac_register_security,
	.unregister_security = portac_unregister_security,

	.socket_bind = portac_socket_bind
};
struct security_operations primary_ops;
struct security_operations *secondary_ops = NULL;

int portac_register_security(const char *name, struct security_operations *ops)
{
	struct security_operations tmp;
...
	/* Copy our current ops because they have
	 * been fixed with dummy functions.
	 *
	 * Keep a reference to the secondary ops
	 * for later use.
	 */
	primary_ops = portac_ops;
	secondary_ops = ops;

	/* Copy the secondary ops, override the
	 * functions we use and call security_fixup_ops
	 * to add missing dummy functions.
	 *
	 * Replace our current ops with these ops.
	 */
	tmp = *ops;
	tmp.socket_bind = portac_socket_bind;
	tmp.unregister_security = portac_unregister_security;
	security_fixup_ops(&tmp); /* from security/dummy.c */
	portac_ops = tmp;
...
}

-- 
Simon Arlott


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 829 bytes --]