security/dummy.c at 33bc227e4e48ddadcf2eacb381c19df338f0a6c8 · tjh.dev/kernel

tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
kernel / security / dummy.c
at 33bc227e4e48ddadcf2eacb381c19df338f0a6c8 981 lines 23 kB view raw
  1/*
  2 * Stub functions for the default security function pointers in case no
  3 * security model is loaded.
  4 *
  5 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com>
  6 * Copyright (C) 2001-2002  Greg Kroah-Hartman <greg@kroah.com>
  7 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com>
  8 *
  9 *	This program is free software; you can redistribute it and/or modify
 10 *	it under the terms of the GNU General Public License as published by
 11 *	the Free Software Foundation; either version 2 of the License, or
 12 *	(at your option) any later version.
 13 */
 14
 15#undef DEBUG
 16
 17#include <linux/config.h>
 18#include <linux/module.h>
 19#include <linux/kernel.h>
 20#include <linux/mman.h>
 21#include <linux/pagemap.h>
 22#include <linux/swap.h>
 23#include <linux/security.h>
 24#include <linux/skbuff.h>
 25#include <linux/netlink.h>
 26#include <net/sock.h>
 27#include <linux/xattr.h>
 28#include <linux/hugetlb.h>
 29#include <linux/ptrace.h>
 30#include <linux/file.h>
 31
 32static int dummy_ptrace (struct task_struct *parent, struct task_struct *child)
 33{
 34	return 0;
 35}
 36
 37static int dummy_capget (struct task_struct *target, kernel_cap_t * effective,
 38			 kernel_cap_t * inheritable, kernel_cap_t * permitted)
 39{
 40	*effective = *inheritable = *permitted = 0;
 41	if (!issecure(SECURE_NOROOT)) {
 42		if (target->euid == 0) {
 43			*permitted |= (~0 & ~CAP_FS_MASK);
 44			*effective |= (~0 & ~CAP_TO_MASK(CAP_SETPCAP) & ~CAP_FS_MASK);
 45		}
 46		if (target->fsuid == 0) {
 47			*permitted |= CAP_FS_MASK;
 48			*effective |= CAP_FS_MASK;
 49		}
 50	}
 51	return 0;
 52}
 53
 54static int dummy_capset_check (struct task_struct *target,
 55			       kernel_cap_t * effective,
 56			       kernel_cap_t * inheritable,
 57			       kernel_cap_t * permitted)
 58{
 59	return -EPERM;
 60}
 61
 62static void dummy_capset_set (struct task_struct *target,
 63			      kernel_cap_t * effective,
 64			      kernel_cap_t * inheritable,
 65			      kernel_cap_t * permitted)
 66{
 67	return;
 68}
 69
 70static int dummy_acct (struct file *file)
 71{
 72	return 0;
 73}
 74
 75static int dummy_capable (struct task_struct *tsk, int cap)
 76{
 77	if (cap_raised (tsk->cap_effective, cap))
 78		return 0;
 79	return -EPERM;
 80}
 81
 82static int dummy_sysctl (ctl_table * table, int op)
 83{
 84	return 0;
 85}
 86
 87static int dummy_quotactl (int cmds, int type, int id, struct super_block *sb)
 88{
 89	return 0;
 90}
 91
 92static int dummy_quota_on (struct dentry *dentry)
 93{
 94	return 0;
 95}
 96
 97static int dummy_syslog (int type)
 98{
 99	if ((type != 3 && type != 10) && current->euid)
100		return -EPERM;
101	return 0;
102}
103
104static int dummy_settime(struct timespec *ts, struct timezone *tz)
105{
106	if (!capable(CAP_SYS_TIME))
107		return -EPERM;
108	return 0;
109}
110
111static int dummy_vm_enough_memory(long pages)
112{
113	int cap_sys_admin = 0;
114
115	if (dummy_capable(current, CAP_SYS_ADMIN) == 0)
116		cap_sys_admin = 1;
117	return __vm_enough_memory(pages, cap_sys_admin);
118}
119
120static int dummy_bprm_alloc_security (struct linux_binprm *bprm)
121{
122	return 0;
123}
124
125static void dummy_bprm_free_security (struct linux_binprm *bprm)
126{
127	return;
128}
129
130static void dummy_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
131{
132	if (bprm->e_uid != current->uid || bprm->e_gid != current->gid) {
133		current->mm->dumpable = suid_dumpable;
134
135		if ((unsafe & ~LSM_UNSAFE_PTRACE_CAP) && !capable(CAP_SETUID)) {
136			bprm->e_uid = current->uid;
137			bprm->e_gid = current->gid;
138		}
139	}
140
141	current->suid = current->euid = current->fsuid = bprm->e_uid;
142	current->sgid = current->egid = current->fsgid = bprm->e_gid;
143
144	dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
145}
146
147static void dummy_bprm_post_apply_creds (struct linux_binprm *bprm)
148{
149	return;
150}
151
152static int dummy_bprm_set_security (struct linux_binprm *bprm)
153{
154	return 0;
155}
156
157static int dummy_bprm_check_security (struct linux_binprm *bprm)
158{
159	return 0;
160}
161
162static int dummy_bprm_secureexec (struct linux_binprm *bprm)
163{
164	/* The new userland will simply use the value provided
165	   in the AT_SECURE field to decide whether secure mode
166	   is required.  Hence, this logic is required to preserve
167	   the legacy decision algorithm used by the old userland. */
168	return (current->euid != current->uid ||
169		current->egid != current->gid);
170}
171
172static int dummy_sb_alloc_security (struct super_block *sb)
173{
174	return 0;
175}
176
177static void dummy_sb_free_security (struct super_block *sb)
178{
179	return;
180}
181
182static int dummy_sb_copy_data (struct file_system_type *type,
183			       void *orig, void *copy)
184{
185	return 0;
186}
187
188static int dummy_sb_kern_mount (struct super_block *sb, void *data)
189{
190	return 0;
191}
192
193static int dummy_sb_statfs (struct super_block *sb)
194{
195	return 0;
196}
197
198static int dummy_sb_mount (char *dev_name, struct nameidata *nd, char *type,
199			   unsigned long flags, void *data)
200{
201	return 0;
202}
203
204static int dummy_sb_check_sb (struct vfsmount *mnt, struct nameidata *nd)
205{
206	return 0;
207}
208
209static int dummy_sb_umount (struct vfsmount *mnt, int flags)
210{
211	return 0;
212}
213
214static void dummy_sb_umount_close (struct vfsmount *mnt)
215{
216	return;
217}
218
219static void dummy_sb_umount_busy (struct vfsmount *mnt)
220{
221	return;
222}
223
224static void dummy_sb_post_remount (struct vfsmount *mnt, unsigned long flags,
225				   void *data)
226{
227	return;
228}
229
230
231static void dummy_sb_post_mountroot (void)
232{
233	return;
234}
235
236static void dummy_sb_post_addmount (struct vfsmount *mnt, struct nameidata *nd)
237{
238	return;
239}
240
241static int dummy_sb_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd)
242{
243	return 0;
244}
245
246static void dummy_sb_post_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd)
247{
248	return;
249}
250
251static int dummy_inode_alloc_security (struct inode *inode)
252{
253	return 0;
254}
255
256static void dummy_inode_free_security (struct inode *inode)
257{
258	return;
259}
260
261static int dummy_inode_init_security (struct inode *inode, struct inode *dir,
262				      char **name, void **value, size_t *len)
263{
264	return -EOPNOTSUPP;
265}
266
267static int dummy_inode_create (struct inode *inode, struct dentry *dentry,
268			       int mask)
269{
270	return 0;
271}
272
273static int dummy_inode_link (struct dentry *old_dentry, struct inode *inode,
274			     struct dentry *new_dentry)
275{
276	return 0;
277}
278
279static int dummy_inode_unlink (struct inode *inode, struct dentry *dentry)
280{
281	return 0;
282}
283
284static int dummy_inode_symlink (struct inode *inode, struct dentry *dentry,
285				const char *name)
286{
287	return 0;
288}
289
290static int dummy_inode_mkdir (struct inode *inode, struct dentry *dentry,
291			      int mask)
292{
293	return 0;
294}
295
296static int dummy_inode_rmdir (struct inode *inode, struct dentry *dentry)
297{
298	return 0;
299}
300
301static int dummy_inode_mknod (struct inode *inode, struct dentry *dentry,
302			      int mode, dev_t dev)
303{
304	return 0;
305}
306
307static int dummy_inode_rename (struct inode *old_inode,
308			       struct dentry *old_dentry,
309			       struct inode *new_inode,
310			       struct dentry *new_dentry)
311{
312	return 0;
313}
314
315static int dummy_inode_readlink (struct dentry *dentry)
316{
317	return 0;
318}
319
320static int dummy_inode_follow_link (struct dentry *dentry,
321				    struct nameidata *nameidata)
322{
323	return 0;
324}
325
326static int dummy_inode_permission (struct inode *inode, int mask, struct nameidata *nd)
327{
328	return 0;
329}
330
331static int dummy_inode_setattr (struct dentry *dentry, struct iattr *iattr)
332{
333	return 0;
334}
335
336static int dummy_inode_getattr (struct vfsmount *mnt, struct dentry *dentry)
337{
338	return 0;
339}
340
341static void dummy_inode_delete (struct inode *ino)
342{
343	return;
344}
345
346static int dummy_inode_setxattr (struct dentry *dentry, char *name, void *value,
347				size_t size, int flags)
348{
349	if (!strncmp(name, XATTR_SECURITY_PREFIX,
350		     sizeof(XATTR_SECURITY_PREFIX) - 1) &&
351	    !capable(CAP_SYS_ADMIN))
352		return -EPERM;
353	return 0;
354}
355
356static void dummy_inode_post_setxattr (struct dentry *dentry, char *name, void *value,
357				       size_t size, int flags)
358{
359}
360
361static int dummy_inode_getxattr (struct dentry *dentry, char *name)
362{
363	return 0;
364}
365
366static int dummy_inode_listxattr (struct dentry *dentry)
367{
368	return 0;
369}
370
371static int dummy_inode_removexattr (struct dentry *dentry, char *name)
372{
373	if (!strncmp(name, XATTR_SECURITY_PREFIX,
374		     sizeof(XATTR_SECURITY_PREFIX) - 1) &&
375	    !capable(CAP_SYS_ADMIN))
376		return -EPERM;
377	return 0;
378}
379
380static int dummy_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size, int err)
381{
382	return -EOPNOTSUPP;
383}
384
385static int dummy_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
386{
387	return -EOPNOTSUPP;
388}
389
390static int dummy_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)
391{
392	return 0;
393}
394
395static int dummy_file_permission (struct file *file, int mask)
396{
397	return 0;
398}
399
400static int dummy_file_alloc_security (struct file *file)
401{
402	return 0;
403}
404
405static void dummy_file_free_security (struct file *file)
406{
407	return;
408}
409
410static int dummy_file_ioctl (struct file *file, unsigned int command,
411			     unsigned long arg)
412{
413	return 0;
414}
415
416static int dummy_file_mmap (struct file *file, unsigned long reqprot,
417			    unsigned long prot,
418			    unsigned long flags)
419{
420	return 0;
421}
422
423static int dummy_file_mprotect (struct vm_area_struct *vma,
424				unsigned long reqprot,
425				unsigned long prot)
426{
427	return 0;
428}
429
430static int dummy_file_lock (struct file *file, unsigned int cmd)
431{
432	return 0;
433}
434
435static int dummy_file_fcntl (struct file *file, unsigned int cmd,
436			     unsigned long arg)
437{
438	return 0;
439}
440
441static int dummy_file_set_fowner (struct file *file)
442{
443	return 0;
444}
445
446static int dummy_file_send_sigiotask (struct task_struct *tsk,
447				      struct fown_struct *fown, int sig)
448{
449	return 0;
450}
451
452static int dummy_file_receive (struct file *file)
453{
454	return 0;
455}
456
457static int dummy_task_create (unsigned long clone_flags)
458{
459	return 0;
460}
461
462static int dummy_task_alloc_security (struct task_struct *p)
463{
464	return 0;
465}
466
467static void dummy_task_free_security (struct task_struct *p)
468{
469	return;
470}
471
472static int dummy_task_setuid (uid_t id0, uid_t id1, uid_t id2, int flags)
473{
474	return 0;
475}
476
477static int dummy_task_post_setuid (uid_t id0, uid_t id1, uid_t id2, int flags)
478{
479	dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
480	return 0;
481}
482
483static int dummy_task_setgid (gid_t id0, gid_t id1, gid_t id2, int flags)
484{
485	return 0;
486}
487
488static int dummy_task_setpgid (struct task_struct *p, pid_t pgid)
489{
490	return 0;
491}
492
493static int dummy_task_getpgid (struct task_struct *p)
494{
495	return 0;
496}
497
498static int dummy_task_getsid (struct task_struct *p)
499{
500	return 0;
501}
502
503static int dummy_task_setgroups (struct group_info *group_info)
504{
505	return 0;
506}
507
508static int dummy_task_setnice (struct task_struct *p, int nice)
509{
510	return 0;
511}
512
513static int dummy_task_setrlimit (unsigned int resource, struct rlimit *new_rlim)
514{
515	return 0;
516}
517
518static int dummy_task_setscheduler (struct task_struct *p, int policy,
519				    struct sched_param *lp)
520{
521	return 0;
522}
523
524static int dummy_task_getscheduler (struct task_struct *p)
525{
526	return 0;
527}
528
529static int dummy_task_wait (struct task_struct *p)
530{
531	return 0;
532}
533
534static int dummy_task_kill (struct task_struct *p, struct siginfo *info,
535			    int sig)
536{
537	return 0;
538}
539
540static int dummy_task_prctl (int option, unsigned long arg2, unsigned long arg3,
541			     unsigned long arg4, unsigned long arg5)
542{
543	return 0;
544}
545
546static void dummy_task_reparent_to_init (struct task_struct *p)
547{
548	p->euid = p->fsuid = 0;
549	return;
550}
551
552static void dummy_task_to_inode(struct task_struct *p, struct inode *inode)
553{ }
554
555static int dummy_ipc_permission (struct kern_ipc_perm *ipcp, short flag)
556{
557	return 0;
558}
559
560static int dummy_msg_msg_alloc_security (struct msg_msg *msg)
561{
562	return 0;
563}
564
565static void dummy_msg_msg_free_security (struct msg_msg *msg)
566{
567	return;
568}
569
570static int dummy_msg_queue_alloc_security (struct msg_queue *msq)
571{
572	return 0;
573}
574
575static void dummy_msg_queue_free_security (struct msg_queue *msq)
576{
577	return;
578}
579
580static int dummy_msg_queue_associate (struct msg_queue *msq, 
581				      int msqflg)
582{
583	return 0;
584}
585
586static int dummy_msg_queue_msgctl (struct msg_queue *msq, int cmd)
587{
588	return 0;
589}
590
591static int dummy_msg_queue_msgsnd (struct msg_queue *msq, struct msg_msg *msg,
592				   int msgflg)
593{
594	return 0;
595}
596
597static int dummy_msg_queue_msgrcv (struct msg_queue *msq, struct msg_msg *msg,
598				   struct task_struct *target, long type,
599				   int mode)
600{
601	return 0;
602}
603
604static int dummy_shm_alloc_security (struct shmid_kernel *shp)
605{
606	return 0;
607}
608
609static void dummy_shm_free_security (struct shmid_kernel *shp)
610{
611	return;
612}
613
614static int dummy_shm_associate (struct shmid_kernel *shp, int shmflg)
615{
616	return 0;
617}
618
619static int dummy_shm_shmctl (struct shmid_kernel *shp, int cmd)
620{
621	return 0;
622}
623
624static int dummy_shm_shmat (struct shmid_kernel *shp, char __user *shmaddr,
625			    int shmflg)
626{
627	return 0;
628}
629
630static int dummy_sem_alloc_security (struct sem_array *sma)
631{
632	return 0;
633}
634
635static void dummy_sem_free_security (struct sem_array *sma)
636{
637	return;
638}
639
640static int dummy_sem_associate (struct sem_array *sma, int semflg)
641{
642	return 0;
643}
644
645static int dummy_sem_semctl (struct sem_array *sma, int cmd)
646{
647	return 0;
648}
649
650static int dummy_sem_semop (struct sem_array *sma, 
651			    struct sembuf *sops, unsigned nsops, int alter)
652{
653	return 0;
654}
655
656static int dummy_netlink_send (struct sock *sk, struct sk_buff *skb)
657{
658	NETLINK_CB(skb).eff_cap = current->cap_effective;
659	return 0;
660}
661
662static int dummy_netlink_recv (struct sk_buff *skb)
663{
664	if (!cap_raised (NETLINK_CB (skb).eff_cap, CAP_NET_ADMIN))
665		return -EPERM;
666	return 0;
667}
668
669#ifdef CONFIG_SECURITY_NETWORK
670static int dummy_unix_stream_connect (struct socket *sock,
671				      struct socket *other,
672				      struct sock *newsk)
673{
674	return 0;
675}
676
677static int dummy_unix_may_send (struct socket *sock,
678				struct socket *other)
679{
680	return 0;
681}
682
683static int dummy_socket_create (int family, int type,
684				int protocol, int kern)
685{
686	return 0;
687}
688
689static void dummy_socket_post_create (struct socket *sock, int family, int type,
690				      int protocol, int kern)
691{
692	return;
693}
694
695static int dummy_socket_bind (struct socket *sock, struct sockaddr *address,
696			      int addrlen)
697{
698	return 0;
699}
700
701static int dummy_socket_connect (struct socket *sock, struct sockaddr *address,
702				 int addrlen)
703{
704	return 0;
705}
706
707static int dummy_socket_listen (struct socket *sock, int backlog)
708{
709	return 0;
710}
711
712static int dummy_socket_accept (struct socket *sock, struct socket *newsock)
713{
714	return 0;
715}
716
717static void dummy_socket_post_accept (struct socket *sock, 
718				      struct socket *newsock)
719{
720	return;
721}
722
723static int dummy_socket_sendmsg (struct socket *sock, struct msghdr *msg,
724				 int size)
725{
726	return 0;
727}
728
729static int dummy_socket_recvmsg (struct socket *sock, struct msghdr *msg,
730				 int size, int flags)
731{
732	return 0;
733}
734
735static int dummy_socket_getsockname (struct socket *sock)
736{
737	return 0;
738}
739
740static int dummy_socket_getpeername (struct socket *sock)
741{
742	return 0;
743}
744
745static int dummy_socket_setsockopt (struct socket *sock, int level, int optname)
746{
747	return 0;
748}
749
750static int dummy_socket_getsockopt (struct socket *sock, int level, int optname)
751{
752	return 0;
753}
754
755static int dummy_socket_shutdown (struct socket *sock, int how)
756{
757	return 0;
758}
759
760static int dummy_socket_sock_rcv_skb (struct sock *sk, struct sk_buff *skb)
761{
762	return 0;
763}
764
765static int dummy_socket_getpeersec(struct socket *sock, char __user *optval,
766				   int __user *optlen, unsigned len)
767{
768	return -ENOPROTOOPT;
769}
770
771static inline int dummy_sk_alloc_security (struct sock *sk, int family, gfp_t priority)
772{
773	return 0;
774}
775
776static inline void dummy_sk_free_security (struct sock *sk)
777{
778}
779#endif	/* CONFIG_SECURITY_NETWORK */
780
781static int dummy_register_security (const char *name, struct security_operations *ops)
782{
783	return -EINVAL;
784}
785
786static int dummy_unregister_security (const char *name, struct security_operations *ops)
787{
788	return -EINVAL;
789}
790
791static void dummy_d_instantiate (struct dentry *dentry, struct inode *inode)
792{
793	return;
794}
795
796static int dummy_getprocattr(struct task_struct *p, char *name, void *value, size_t size)
797{
798	return -EINVAL;
799}
800
801static int dummy_setprocattr(struct task_struct *p, char *name, void *value, size_t size)
802{
803	return -EINVAL;
804}
805
806#ifdef CONFIG_KEYS
807static inline int dummy_key_alloc(struct key *key)
808{
809	return 0;
810}
811
812static inline void dummy_key_free(struct key *key)
813{
814}
815
816static inline int dummy_key_permission(key_ref_t key_ref,
817				       struct task_struct *context,
818				       key_perm_t perm)
819{
820	return 0;
821}
822#endif /* CONFIG_KEYS */
823
824struct security_operations dummy_security_ops;
825
826#define set_to_dummy_if_null(ops, function)				\
827	do {								\
828		if (!ops->function) {					\
829			ops->function = dummy_##function;		\
830			pr_debug("Had to override the " #function	\
831				 " security operation with the dummy one.\n");\
832			}						\
833	} while (0)
834
835void security_fixup_ops (struct security_operations *ops)
836{
837	set_to_dummy_if_null(ops, ptrace);
838	set_to_dummy_if_null(ops, capget);
839	set_to_dummy_if_null(ops, capset_check);
840	set_to_dummy_if_null(ops, capset_set);
841	set_to_dummy_if_null(ops, acct);
842	set_to_dummy_if_null(ops, capable);
843	set_to_dummy_if_null(ops, quotactl);
844	set_to_dummy_if_null(ops, quota_on);
845	set_to_dummy_if_null(ops, sysctl);
846	set_to_dummy_if_null(ops, syslog);
847	set_to_dummy_if_null(ops, settime);
848	set_to_dummy_if_null(ops, vm_enough_memory);
849	set_to_dummy_if_null(ops, bprm_alloc_security);
850	set_to_dummy_if_null(ops, bprm_free_security);
851	set_to_dummy_if_null(ops, bprm_apply_creds);
852	set_to_dummy_if_null(ops, bprm_post_apply_creds);
853	set_to_dummy_if_null(ops, bprm_set_security);
854	set_to_dummy_if_null(ops, bprm_check_security);
855	set_to_dummy_if_null(ops, bprm_secureexec);
856	set_to_dummy_if_null(ops, sb_alloc_security);
857	set_to_dummy_if_null(ops, sb_free_security);
858	set_to_dummy_if_null(ops, sb_copy_data);
859	set_to_dummy_if_null(ops, sb_kern_mount);
860	set_to_dummy_if_null(ops, sb_statfs);
861	set_to_dummy_if_null(ops, sb_mount);
862	set_to_dummy_if_null(ops, sb_check_sb);
863	set_to_dummy_if_null(ops, sb_umount);
864	set_to_dummy_if_null(ops, sb_umount_close);
865	set_to_dummy_if_null(ops, sb_umount_busy);
866	set_to_dummy_if_null(ops, sb_post_remount);
867	set_to_dummy_if_null(ops, sb_post_mountroot);
868	set_to_dummy_if_null(ops, sb_post_addmount);
869	set_to_dummy_if_null(ops, sb_pivotroot);
870	set_to_dummy_if_null(ops, sb_post_pivotroot);
871	set_to_dummy_if_null(ops, inode_alloc_security);
872	set_to_dummy_if_null(ops, inode_free_security);
873	set_to_dummy_if_null(ops, inode_init_security);
874	set_to_dummy_if_null(ops, inode_create);
875	set_to_dummy_if_null(ops, inode_link);
876	set_to_dummy_if_null(ops, inode_unlink);
877	set_to_dummy_if_null(ops, inode_symlink);
878	set_to_dummy_if_null(ops, inode_mkdir);
879	set_to_dummy_if_null(ops, inode_rmdir);
880	set_to_dummy_if_null(ops, inode_mknod);
881	set_to_dummy_if_null(ops, inode_rename);
882	set_to_dummy_if_null(ops, inode_readlink);
883	set_to_dummy_if_null(ops, inode_follow_link);
884	set_to_dummy_if_null(ops, inode_permission);
885	set_to_dummy_if_null(ops, inode_setattr);
886	set_to_dummy_if_null(ops, inode_getattr);
887	set_to_dummy_if_null(ops, inode_delete);
888	set_to_dummy_if_null(ops, inode_setxattr);
889	set_to_dummy_if_null(ops, inode_post_setxattr);
890	set_to_dummy_if_null(ops, inode_getxattr);
891	set_to_dummy_if_null(ops, inode_listxattr);
892	set_to_dummy_if_null(ops, inode_removexattr);
893	set_to_dummy_if_null(ops, inode_getsecurity);
894	set_to_dummy_if_null(ops, inode_setsecurity);
895	set_to_dummy_if_null(ops, inode_listsecurity);
896	set_to_dummy_if_null(ops, file_permission);
897	set_to_dummy_if_null(ops, file_alloc_security);
898	set_to_dummy_if_null(ops, file_free_security);
899	set_to_dummy_if_null(ops, file_ioctl);
900	set_to_dummy_if_null(ops, file_mmap);
901	set_to_dummy_if_null(ops, file_mprotect);
902	set_to_dummy_if_null(ops, file_lock);
903	set_to_dummy_if_null(ops, file_fcntl);
904	set_to_dummy_if_null(ops, file_set_fowner);
905	set_to_dummy_if_null(ops, file_send_sigiotask);
906	set_to_dummy_if_null(ops, file_receive);
907	set_to_dummy_if_null(ops, task_create);
908	set_to_dummy_if_null(ops, task_alloc_security);
909	set_to_dummy_if_null(ops, task_free_security);
910	set_to_dummy_if_null(ops, task_setuid);
911	set_to_dummy_if_null(ops, task_post_setuid);
912	set_to_dummy_if_null(ops, task_setgid);
913	set_to_dummy_if_null(ops, task_setpgid);
914	set_to_dummy_if_null(ops, task_getpgid);
915	set_to_dummy_if_null(ops, task_getsid);
916	set_to_dummy_if_null(ops, task_setgroups);
917	set_to_dummy_if_null(ops, task_setnice);
918	set_to_dummy_if_null(ops, task_setrlimit);
919	set_to_dummy_if_null(ops, task_setscheduler);
920	set_to_dummy_if_null(ops, task_getscheduler);
921	set_to_dummy_if_null(ops, task_wait);
922	set_to_dummy_if_null(ops, task_kill);
923	set_to_dummy_if_null(ops, task_prctl);
924	set_to_dummy_if_null(ops, task_reparent_to_init);
925 	set_to_dummy_if_null(ops, task_to_inode);
926	set_to_dummy_if_null(ops, ipc_permission);
927	set_to_dummy_if_null(ops, msg_msg_alloc_security);
928	set_to_dummy_if_null(ops, msg_msg_free_security);
929	set_to_dummy_if_null(ops, msg_queue_alloc_security);
930	set_to_dummy_if_null(ops, msg_queue_free_security);
931	set_to_dummy_if_null(ops, msg_queue_associate);
932	set_to_dummy_if_null(ops, msg_queue_msgctl);
933	set_to_dummy_if_null(ops, msg_queue_msgsnd);
934	set_to_dummy_if_null(ops, msg_queue_msgrcv);
935	set_to_dummy_if_null(ops, shm_alloc_security);
936	set_to_dummy_if_null(ops, shm_free_security);
937	set_to_dummy_if_null(ops, shm_associate);
938	set_to_dummy_if_null(ops, shm_shmctl);
939	set_to_dummy_if_null(ops, shm_shmat);
940	set_to_dummy_if_null(ops, sem_alloc_security);
941	set_to_dummy_if_null(ops, sem_free_security);
942	set_to_dummy_if_null(ops, sem_associate);
943	set_to_dummy_if_null(ops, sem_semctl);
944	set_to_dummy_if_null(ops, sem_semop);
945	set_to_dummy_if_null(ops, netlink_send);
946	set_to_dummy_if_null(ops, netlink_recv);
947	set_to_dummy_if_null(ops, register_security);
948	set_to_dummy_if_null(ops, unregister_security);
949	set_to_dummy_if_null(ops, d_instantiate);
950 	set_to_dummy_if_null(ops, getprocattr);
951 	set_to_dummy_if_null(ops, setprocattr);
952#ifdef CONFIG_SECURITY_NETWORK
953	set_to_dummy_if_null(ops, unix_stream_connect);
954	set_to_dummy_if_null(ops, unix_may_send);
955	set_to_dummy_if_null(ops, socket_create);
956	set_to_dummy_if_null(ops, socket_post_create);
957	set_to_dummy_if_null(ops, socket_bind);
958	set_to_dummy_if_null(ops, socket_connect);
959	set_to_dummy_if_null(ops, socket_listen);
960	set_to_dummy_if_null(ops, socket_accept);
961	set_to_dummy_if_null(ops, socket_post_accept);
962	set_to_dummy_if_null(ops, socket_sendmsg);
963	set_to_dummy_if_null(ops, socket_recvmsg);
964	set_to_dummy_if_null(ops, socket_getsockname);
965	set_to_dummy_if_null(ops, socket_getpeername);
966	set_to_dummy_if_null(ops, socket_setsockopt);
967	set_to_dummy_if_null(ops, socket_getsockopt);
968	set_to_dummy_if_null(ops, socket_shutdown);
969	set_to_dummy_if_null(ops, socket_sock_rcv_skb);
970	set_to_dummy_if_null(ops, socket_getpeersec);
971	set_to_dummy_if_null(ops, sk_alloc_security);
972	set_to_dummy_if_null(ops, sk_free_security);
973#endif	/* CONFIG_SECURITY_NETWORK */
974#ifdef CONFIG_KEYS
975	set_to_dummy_if_null(ops, key_alloc);
976	set_to_dummy_if_null(ops, key_free);
977	set_to_dummy_if_null(ops, key_permission);
978#endif	/* CONFIG_KEYS */
979
980}
981