security/dummy.c at v2.6.13 · tjh.dev/kernel

tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
kernel / security / dummy.c
at v2.6.13 996 lines 23 kB view raw
  1/*
  2 * Stub functions for the default security function pointers in case no
  3 * security model is loaded.
  4 *
  5 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com>
  6 * Copyright (C) 2001-2002  Greg Kroah-Hartman <greg@kroah.com>
  7 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com>
  8 *
  9 *	This program is free software; you can redistribute it and/or modify
 10 *	it under the terms of the GNU General Public License as published by
 11 *	the Free Software Foundation; either version 2 of the License, or
 12 *	(at your option) any later version.
 13 */
 14
 15#undef DEBUG
 16
 17#include <linux/config.h>
 18#include <linux/module.h>
 19#include <linux/kernel.h>
 20#include <linux/mman.h>
 21#include <linux/pagemap.h>
 22#include <linux/swap.h>
 23#include <linux/security.h>
 24#include <linux/skbuff.h>
 25#include <linux/netlink.h>
 26#include <net/sock.h>
 27#include <linux/xattr.h>
 28#include <linux/hugetlb.h>
 29#include <linux/ptrace.h>
 30#include <linux/file.h>
 31
 32static int dummy_ptrace (struct task_struct *parent, struct task_struct *child)
 33{
 34	return 0;
 35}
 36
 37static int dummy_capget (struct task_struct *target, kernel_cap_t * effective,
 38			 kernel_cap_t * inheritable, kernel_cap_t * permitted)
 39{
 40	*effective = *inheritable = *permitted = 0;
 41	if (!issecure(SECURE_NOROOT)) {
 42		if (target->euid == 0) {
 43			*permitted |= (~0 & ~CAP_FS_MASK);
 44			*effective |= (~0 & ~CAP_TO_MASK(CAP_SETPCAP) & ~CAP_FS_MASK);
 45		}
 46		if (target->fsuid == 0) {
 47			*permitted |= CAP_FS_MASK;
 48			*effective |= CAP_FS_MASK;
 49		}
 50	}
 51	return 0;
 52}
 53
 54static int dummy_capset_check (struct task_struct *target,
 55			       kernel_cap_t * effective,
 56			       kernel_cap_t * inheritable,
 57			       kernel_cap_t * permitted)
 58{
 59	return -EPERM;
 60}
 61
 62static void dummy_capset_set (struct task_struct *target,
 63			      kernel_cap_t * effective,
 64			      kernel_cap_t * inheritable,
 65			      kernel_cap_t * permitted)
 66{
 67	return;
 68}
 69
 70static int dummy_acct (struct file *file)
 71{
 72	return 0;
 73}
 74
 75static int dummy_capable (struct task_struct *tsk, int cap)
 76{
 77	if (cap_raised (tsk->cap_effective, cap))
 78		return 0;
 79	return -EPERM;
 80}
 81
 82static int dummy_sysctl (ctl_table * table, int op)
 83{
 84	return 0;
 85}
 86
 87static int dummy_quotactl (int cmds, int type, int id, struct super_block *sb)
 88{
 89	return 0;
 90}
 91
 92static int dummy_quota_on (struct dentry *dentry)
 93{
 94	return 0;
 95}
 96
 97static int dummy_syslog (int type)
 98{
 99	if ((type != 3 && type != 10) && current->euid)
100		return -EPERM;
101	return 0;
102}
103
104static int dummy_settime(struct timespec *ts, struct timezone *tz)
105{
106	if (!capable(CAP_SYS_TIME))
107		return -EPERM;
108	return 0;
109}
110
111static int dummy_vm_enough_memory(long pages)
112{
113	int cap_sys_admin = 0;
114
115	if (dummy_capable(current, CAP_SYS_ADMIN) == 0)
116		cap_sys_admin = 1;
117	return __vm_enough_memory(pages, cap_sys_admin);
118}
119
120static int dummy_bprm_alloc_security (struct linux_binprm *bprm)
121{
122	return 0;
123}
124
125static void dummy_bprm_free_security (struct linux_binprm *bprm)
126{
127	return;
128}
129
130static void dummy_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
131{
132	if (bprm->e_uid != current->uid || bprm->e_gid != current->gid) {
133		current->mm->dumpable = suid_dumpable;
134
135		if ((unsafe & ~LSM_UNSAFE_PTRACE_CAP) && !capable(CAP_SETUID)) {
136			bprm->e_uid = current->uid;
137			bprm->e_gid = current->gid;
138		}
139	}
140
141	current->suid = current->euid = current->fsuid = bprm->e_uid;
142	current->sgid = current->egid = current->fsgid = bprm->e_gid;
143
144	dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
145}
146
147static void dummy_bprm_post_apply_creds (struct linux_binprm *bprm)
148{
149	return;
150}
151
152static int dummy_bprm_set_security (struct linux_binprm *bprm)
153{
154	return 0;
155}
156
157static int dummy_bprm_check_security (struct linux_binprm *bprm)
158{
159	return 0;
160}
161
162static int dummy_bprm_secureexec (struct linux_binprm *bprm)
163{
164	/* The new userland will simply use the value provided
165	   in the AT_SECURE field to decide whether secure mode
166	   is required.  Hence, this logic is required to preserve
167	   the legacy decision algorithm used by the old userland. */
168	return (current->euid != current->uid ||
169		current->egid != current->gid);
170}
171
172static int dummy_sb_alloc_security (struct super_block *sb)
173{
174	return 0;
175}
176
177static void dummy_sb_free_security (struct super_block *sb)
178{
179	return;
180}
181
182static int dummy_sb_copy_data (struct file_system_type *type,
183			       void *orig, void *copy)
184{
185	return 0;
186}
187
188static int dummy_sb_kern_mount (struct super_block *sb, void *data)
189{
190	return 0;
191}
192
193static int dummy_sb_statfs (struct super_block *sb)
194{
195	return 0;
196}
197
198static int dummy_sb_mount (char *dev_name, struct nameidata *nd, char *type,
199			   unsigned long flags, void *data)
200{
201	return 0;
202}
203
204static int dummy_sb_check_sb (struct vfsmount *mnt, struct nameidata *nd)
205{
206	return 0;
207}
208
209static int dummy_sb_umount (struct vfsmount *mnt, int flags)
210{
211	return 0;
212}
213
214static void dummy_sb_umount_close (struct vfsmount *mnt)
215{
216	return;
217}
218
219static void dummy_sb_umount_busy (struct vfsmount *mnt)
220{
221	return;
222}
223
224static void dummy_sb_post_remount (struct vfsmount *mnt, unsigned long flags,
225				   void *data)
226{
227	return;
228}
229
230
231static void dummy_sb_post_mountroot (void)
232{
233	return;
234}
235
236static void dummy_sb_post_addmount (struct vfsmount *mnt, struct nameidata *nd)
237{
238	return;
239}
240
241static int dummy_sb_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd)
242{
243	return 0;
244}
245
246static void dummy_sb_post_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd)
247{
248	return;
249}
250
251static int dummy_inode_alloc_security (struct inode *inode)
252{
253	return 0;
254}
255
256static void dummy_inode_free_security (struct inode *inode)
257{
258	return;
259}
260
261static int dummy_inode_create (struct inode *inode, struct dentry *dentry,
262			       int mask)
263{
264	return 0;
265}
266
267static void dummy_inode_post_create (struct inode *inode, struct dentry *dentry,
268				     int mask)
269{
270	return;
271}
272
273static int dummy_inode_link (struct dentry *old_dentry, struct inode *inode,
274			     struct dentry *new_dentry)
275{
276	return 0;
277}
278
279static void dummy_inode_post_link (struct dentry *old_dentry,
280				   struct inode *inode,
281				   struct dentry *new_dentry)
282{
283	return;
284}
285
286static int dummy_inode_unlink (struct inode *inode, struct dentry *dentry)
287{
288	return 0;
289}
290
291static int dummy_inode_symlink (struct inode *inode, struct dentry *dentry,
292				const char *name)
293{
294	return 0;
295}
296
297static void dummy_inode_post_symlink (struct inode *inode,
298				      struct dentry *dentry, const char *name)
299{
300	return;
301}
302
303static int dummy_inode_mkdir (struct inode *inode, struct dentry *dentry,
304			      int mask)
305{
306	return 0;
307}
308
309static void dummy_inode_post_mkdir (struct inode *inode, struct dentry *dentry,
310				    int mask)
311{
312	return;
313}
314
315static int dummy_inode_rmdir (struct inode *inode, struct dentry *dentry)
316{
317	return 0;
318}
319
320static int dummy_inode_mknod (struct inode *inode, struct dentry *dentry,
321			      int mode, dev_t dev)
322{
323	return 0;
324}
325
326static void dummy_inode_post_mknod (struct inode *inode, struct dentry *dentry,
327				    int mode, dev_t dev)
328{
329	return;
330}
331
332static int dummy_inode_rename (struct inode *old_inode,
333			       struct dentry *old_dentry,
334			       struct inode *new_inode,
335			       struct dentry *new_dentry)
336{
337	return 0;
338}
339
340static void dummy_inode_post_rename (struct inode *old_inode,
341				     struct dentry *old_dentry,
342				     struct inode *new_inode,
343				     struct dentry *new_dentry)
344{
345	return;
346}
347
348static int dummy_inode_readlink (struct dentry *dentry)
349{
350	return 0;
351}
352
353static int dummy_inode_follow_link (struct dentry *dentry,
354				    struct nameidata *nameidata)
355{
356	return 0;
357}
358
359static int dummy_inode_permission (struct inode *inode, int mask, struct nameidata *nd)
360{
361	return 0;
362}
363
364static int dummy_inode_setattr (struct dentry *dentry, struct iattr *iattr)
365{
366	return 0;
367}
368
369static int dummy_inode_getattr (struct vfsmount *mnt, struct dentry *dentry)
370{
371	return 0;
372}
373
374static void dummy_inode_delete (struct inode *ino)
375{
376	return;
377}
378
379static int dummy_inode_setxattr (struct dentry *dentry, char *name, void *value,
380				size_t size, int flags)
381{
382	if (!strncmp(name, XATTR_SECURITY_PREFIX,
383		     sizeof(XATTR_SECURITY_PREFIX) - 1) &&
384	    !capable(CAP_SYS_ADMIN))
385		return -EPERM;
386	return 0;
387}
388
389static void dummy_inode_post_setxattr (struct dentry *dentry, char *name, void *value,
390				       size_t size, int flags)
391{
392}
393
394static int dummy_inode_getxattr (struct dentry *dentry, char *name)
395{
396	return 0;
397}
398
399static int dummy_inode_listxattr (struct dentry *dentry)
400{
401	return 0;
402}
403
404static int dummy_inode_removexattr (struct dentry *dentry, char *name)
405{
406	if (!strncmp(name, XATTR_SECURITY_PREFIX,
407		     sizeof(XATTR_SECURITY_PREFIX) - 1) &&
408	    !capable(CAP_SYS_ADMIN))
409		return -EPERM;
410	return 0;
411}
412
413static int dummy_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size)
414{
415	return -EOPNOTSUPP;
416}
417
418static int dummy_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
419{
420	return -EOPNOTSUPP;
421}
422
423static int dummy_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)
424{
425	return 0;
426}
427
428static int dummy_file_permission (struct file *file, int mask)
429{
430	return 0;
431}
432
433static int dummy_file_alloc_security (struct file *file)
434{
435	return 0;
436}
437
438static void dummy_file_free_security (struct file *file)
439{
440	return;
441}
442
443static int dummy_file_ioctl (struct file *file, unsigned int command,
444			     unsigned long arg)
445{
446	return 0;
447}
448
449static int dummy_file_mmap (struct file *file, unsigned long reqprot,
450			    unsigned long prot,
451			    unsigned long flags)
452{
453	return 0;
454}
455
456static int dummy_file_mprotect (struct vm_area_struct *vma,
457				unsigned long reqprot,
458				unsigned long prot)
459{
460	return 0;
461}
462
463static int dummy_file_lock (struct file *file, unsigned int cmd)
464{
465	return 0;
466}
467
468static int dummy_file_fcntl (struct file *file, unsigned int cmd,
469			     unsigned long arg)
470{
471	return 0;
472}
473
474static int dummy_file_set_fowner (struct file *file)
475{
476	return 0;
477}
478
479static int dummy_file_send_sigiotask (struct task_struct *tsk,
480				      struct fown_struct *fown, int sig)
481{
482	return 0;
483}
484
485static int dummy_file_receive (struct file *file)
486{
487	return 0;
488}
489
490static int dummy_task_create (unsigned long clone_flags)
491{
492	return 0;
493}
494
495static int dummy_task_alloc_security (struct task_struct *p)
496{
497	return 0;
498}
499
500static void dummy_task_free_security (struct task_struct *p)
501{
502	return;
503}
504
505static int dummy_task_setuid (uid_t id0, uid_t id1, uid_t id2, int flags)
506{
507	return 0;
508}
509
510static int dummy_task_post_setuid (uid_t id0, uid_t id1, uid_t id2, int flags)
511{
512	dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
513	return 0;
514}
515
516static int dummy_task_setgid (gid_t id0, gid_t id1, gid_t id2, int flags)
517{
518	return 0;
519}
520
521static int dummy_task_setpgid (struct task_struct *p, pid_t pgid)
522{
523	return 0;
524}
525
526static int dummy_task_getpgid (struct task_struct *p)
527{
528	return 0;
529}
530
531static int dummy_task_getsid (struct task_struct *p)
532{
533	return 0;
534}
535
536static int dummy_task_setgroups (struct group_info *group_info)
537{
538	return 0;
539}
540
541static int dummy_task_setnice (struct task_struct *p, int nice)
542{
543	return 0;
544}
545
546static int dummy_task_setrlimit (unsigned int resource, struct rlimit *new_rlim)
547{
548	return 0;
549}
550
551static int dummy_task_setscheduler (struct task_struct *p, int policy,
552				    struct sched_param *lp)
553{
554	return 0;
555}
556
557static int dummy_task_getscheduler (struct task_struct *p)
558{
559	return 0;
560}
561
562static int dummy_task_wait (struct task_struct *p)
563{
564	return 0;
565}
566
567static int dummy_task_kill (struct task_struct *p, struct siginfo *info,
568			    int sig)
569{
570	return 0;
571}
572
573static int dummy_task_prctl (int option, unsigned long arg2, unsigned long arg3,
574			     unsigned long arg4, unsigned long arg5)
575{
576	return 0;
577}
578
579static void dummy_task_reparent_to_init (struct task_struct *p)
580{
581	p->euid = p->fsuid = 0;
582	return;
583}
584
585static void dummy_task_to_inode(struct task_struct *p, struct inode *inode)
586{ }
587
588static int dummy_ipc_permission (struct kern_ipc_perm *ipcp, short flag)
589{
590	return 0;
591}
592
593static int dummy_msg_msg_alloc_security (struct msg_msg *msg)
594{
595	return 0;
596}
597
598static void dummy_msg_msg_free_security (struct msg_msg *msg)
599{
600	return;
601}
602
603static int dummy_msg_queue_alloc_security (struct msg_queue *msq)
604{
605	return 0;
606}
607
608static void dummy_msg_queue_free_security (struct msg_queue *msq)
609{
610	return;
611}
612
613static int dummy_msg_queue_associate (struct msg_queue *msq, 
614				      int msqflg)
615{
616	return 0;
617}
618
619static int dummy_msg_queue_msgctl (struct msg_queue *msq, int cmd)
620{
621	return 0;
622}
623
624static int dummy_msg_queue_msgsnd (struct msg_queue *msq, struct msg_msg *msg,
625				   int msgflg)
626{
627	return 0;
628}
629
630static int dummy_msg_queue_msgrcv (struct msg_queue *msq, struct msg_msg *msg,
631				   struct task_struct *target, long type,
632				   int mode)
633{
634	return 0;
635}
636
637static int dummy_shm_alloc_security (struct shmid_kernel *shp)
638{
639	return 0;
640}
641
642static void dummy_shm_free_security (struct shmid_kernel *shp)
643{
644	return;
645}
646
647static int dummy_shm_associate (struct shmid_kernel *shp, int shmflg)
648{
649	return 0;
650}
651
652static int dummy_shm_shmctl (struct shmid_kernel *shp, int cmd)
653{
654	return 0;
655}
656
657static int dummy_shm_shmat (struct shmid_kernel *shp, char __user *shmaddr,
658			    int shmflg)
659{
660	return 0;
661}
662
663static int dummy_sem_alloc_security (struct sem_array *sma)
664{
665	return 0;
666}
667
668static void dummy_sem_free_security (struct sem_array *sma)
669{
670	return;
671}
672
673static int dummy_sem_associate (struct sem_array *sma, int semflg)
674{
675	return 0;
676}
677
678static int dummy_sem_semctl (struct sem_array *sma, int cmd)
679{
680	return 0;
681}
682
683static int dummy_sem_semop (struct sem_array *sma, 
684			    struct sembuf *sops, unsigned nsops, int alter)
685{
686	return 0;
687}
688
689static int dummy_netlink_send (struct sock *sk, struct sk_buff *skb)
690{
691	NETLINK_CB(skb).eff_cap = current->cap_effective;
692	return 0;
693}
694
695static int dummy_netlink_recv (struct sk_buff *skb)
696{
697	if (!cap_raised (NETLINK_CB (skb).eff_cap, CAP_NET_ADMIN))
698		return -EPERM;
699	return 0;
700}
701
702#ifdef CONFIG_SECURITY_NETWORK
703static int dummy_unix_stream_connect (struct socket *sock,
704				      struct socket *other,
705				      struct sock *newsk)
706{
707	return 0;
708}
709
710static int dummy_unix_may_send (struct socket *sock,
711				struct socket *other)
712{
713	return 0;
714}
715
716static int dummy_socket_create (int family, int type,
717				int protocol, int kern)
718{
719	return 0;
720}
721
722static void dummy_socket_post_create (struct socket *sock, int family, int type,
723				      int protocol, int kern)
724{
725	return;
726}
727
728static int dummy_socket_bind (struct socket *sock, struct sockaddr *address,
729			      int addrlen)
730{
731	return 0;
732}
733
734static int dummy_socket_connect (struct socket *sock, struct sockaddr *address,
735				 int addrlen)
736{
737	return 0;
738}
739
740static int dummy_socket_listen (struct socket *sock, int backlog)
741{
742	return 0;
743}
744
745static int dummy_socket_accept (struct socket *sock, struct socket *newsock)
746{
747	return 0;
748}
749
750static void dummy_socket_post_accept (struct socket *sock, 
751				      struct socket *newsock)
752{
753	return;
754}
755
756static int dummy_socket_sendmsg (struct socket *sock, struct msghdr *msg,
757				 int size)
758{
759	return 0;
760}
761
762static int dummy_socket_recvmsg (struct socket *sock, struct msghdr *msg,
763				 int size, int flags)
764{
765	return 0;
766}
767
768static int dummy_socket_getsockname (struct socket *sock)
769{
770	return 0;
771}
772
773static int dummy_socket_getpeername (struct socket *sock)
774{
775	return 0;
776}
777
778static int dummy_socket_setsockopt (struct socket *sock, int level, int optname)
779{
780	return 0;
781}
782
783static int dummy_socket_getsockopt (struct socket *sock, int level, int optname)
784{
785	return 0;
786}
787
788static int dummy_socket_shutdown (struct socket *sock, int how)
789{
790	return 0;
791}
792
793static int dummy_socket_sock_rcv_skb (struct sock *sk, struct sk_buff *skb)
794{
795	return 0;
796}
797
798static int dummy_socket_getpeersec(struct socket *sock, char __user *optval,
799				   int __user *optlen, unsigned len)
800{
801	return -ENOPROTOOPT;
802}
803
804static inline int dummy_sk_alloc_security (struct sock *sk, int family, int priority)
805{
806	return 0;
807}
808
809static inline void dummy_sk_free_security (struct sock *sk)
810{
811}
812#endif	/* CONFIG_SECURITY_NETWORK */
813
814static int dummy_register_security (const char *name, struct security_operations *ops)
815{
816	return -EINVAL;
817}
818
819static int dummy_unregister_security (const char *name, struct security_operations *ops)
820{
821	return -EINVAL;
822}
823
824static void dummy_d_instantiate (struct dentry *dentry, struct inode *inode)
825{
826	return;
827}
828
829static int dummy_getprocattr(struct task_struct *p, char *name, void *value, size_t size)
830{
831	return -EINVAL;
832}
833
834static int dummy_setprocattr(struct task_struct *p, char *name, void *value, size_t size)
835{
836	return -EINVAL;
837}
838
839
840struct security_operations dummy_security_ops;
841
842#define set_to_dummy_if_null(ops, function)				\
843	do {								\
844		if (!ops->function) {					\
845			ops->function = dummy_##function;		\
846			pr_debug("Had to override the " #function	\
847				 " security operation with the dummy one.\n");\
848			}						\
849	} while (0)
850
851void security_fixup_ops (struct security_operations *ops)
852{
853	set_to_dummy_if_null(ops, ptrace);
854	set_to_dummy_if_null(ops, capget);
855	set_to_dummy_if_null(ops, capset_check);
856	set_to_dummy_if_null(ops, capset_set);
857	set_to_dummy_if_null(ops, acct);
858	set_to_dummy_if_null(ops, capable);
859	set_to_dummy_if_null(ops, quotactl);
860	set_to_dummy_if_null(ops, quota_on);
861	set_to_dummy_if_null(ops, sysctl);
862	set_to_dummy_if_null(ops, syslog);
863	set_to_dummy_if_null(ops, settime);
864	set_to_dummy_if_null(ops, vm_enough_memory);
865	set_to_dummy_if_null(ops, bprm_alloc_security);
866	set_to_dummy_if_null(ops, bprm_free_security);
867	set_to_dummy_if_null(ops, bprm_apply_creds);
868	set_to_dummy_if_null(ops, bprm_post_apply_creds);
869	set_to_dummy_if_null(ops, bprm_set_security);
870	set_to_dummy_if_null(ops, bprm_check_security);
871	set_to_dummy_if_null(ops, bprm_secureexec);
872	set_to_dummy_if_null(ops, sb_alloc_security);
873	set_to_dummy_if_null(ops, sb_free_security);
874	set_to_dummy_if_null(ops, sb_copy_data);
875	set_to_dummy_if_null(ops, sb_kern_mount);
876	set_to_dummy_if_null(ops, sb_statfs);
877	set_to_dummy_if_null(ops, sb_mount);
878	set_to_dummy_if_null(ops, sb_check_sb);
879	set_to_dummy_if_null(ops, sb_umount);
880	set_to_dummy_if_null(ops, sb_umount_close);
881	set_to_dummy_if_null(ops, sb_umount_busy);
882	set_to_dummy_if_null(ops, sb_post_remount);
883	set_to_dummy_if_null(ops, sb_post_mountroot);
884	set_to_dummy_if_null(ops, sb_post_addmount);
885	set_to_dummy_if_null(ops, sb_pivotroot);
886	set_to_dummy_if_null(ops, sb_post_pivotroot);
887	set_to_dummy_if_null(ops, inode_alloc_security);
888	set_to_dummy_if_null(ops, inode_free_security);
889	set_to_dummy_if_null(ops, inode_create);
890	set_to_dummy_if_null(ops, inode_post_create);
891	set_to_dummy_if_null(ops, inode_link);
892	set_to_dummy_if_null(ops, inode_post_link);
893	set_to_dummy_if_null(ops, inode_unlink);
894	set_to_dummy_if_null(ops, inode_symlink);
895	set_to_dummy_if_null(ops, inode_post_symlink);
896	set_to_dummy_if_null(ops, inode_mkdir);
897	set_to_dummy_if_null(ops, inode_post_mkdir);
898	set_to_dummy_if_null(ops, inode_rmdir);
899	set_to_dummy_if_null(ops, inode_mknod);
900	set_to_dummy_if_null(ops, inode_post_mknod);
901	set_to_dummy_if_null(ops, inode_rename);
902	set_to_dummy_if_null(ops, inode_post_rename);
903	set_to_dummy_if_null(ops, inode_readlink);
904	set_to_dummy_if_null(ops, inode_follow_link);
905	set_to_dummy_if_null(ops, inode_permission);
906	set_to_dummy_if_null(ops, inode_setattr);
907	set_to_dummy_if_null(ops, inode_getattr);
908	set_to_dummy_if_null(ops, inode_delete);
909	set_to_dummy_if_null(ops, inode_setxattr);
910	set_to_dummy_if_null(ops, inode_post_setxattr);
911	set_to_dummy_if_null(ops, inode_getxattr);
912	set_to_dummy_if_null(ops, inode_listxattr);
913	set_to_dummy_if_null(ops, inode_removexattr);
914	set_to_dummy_if_null(ops, inode_getsecurity);
915	set_to_dummy_if_null(ops, inode_setsecurity);
916	set_to_dummy_if_null(ops, inode_listsecurity);
917	set_to_dummy_if_null(ops, file_permission);
918	set_to_dummy_if_null(ops, file_alloc_security);
919	set_to_dummy_if_null(ops, file_free_security);
920	set_to_dummy_if_null(ops, file_ioctl);
921	set_to_dummy_if_null(ops, file_mmap);
922	set_to_dummy_if_null(ops, file_mprotect);
923	set_to_dummy_if_null(ops, file_lock);
924	set_to_dummy_if_null(ops, file_fcntl);
925	set_to_dummy_if_null(ops, file_set_fowner);
926	set_to_dummy_if_null(ops, file_send_sigiotask);
927	set_to_dummy_if_null(ops, file_receive);
928	set_to_dummy_if_null(ops, task_create);
929	set_to_dummy_if_null(ops, task_alloc_security);
930	set_to_dummy_if_null(ops, task_free_security);
931	set_to_dummy_if_null(ops, task_setuid);
932	set_to_dummy_if_null(ops, task_post_setuid);
933	set_to_dummy_if_null(ops, task_setgid);
934	set_to_dummy_if_null(ops, task_setpgid);
935	set_to_dummy_if_null(ops, task_getpgid);
936	set_to_dummy_if_null(ops, task_getsid);
937	set_to_dummy_if_null(ops, task_setgroups);
938	set_to_dummy_if_null(ops, task_setnice);
939	set_to_dummy_if_null(ops, task_setrlimit);
940	set_to_dummy_if_null(ops, task_setscheduler);
941	set_to_dummy_if_null(ops, task_getscheduler);
942	set_to_dummy_if_null(ops, task_wait);
943	set_to_dummy_if_null(ops, task_kill);
944	set_to_dummy_if_null(ops, task_prctl);
945	set_to_dummy_if_null(ops, task_reparent_to_init);
946 	set_to_dummy_if_null(ops, task_to_inode);
947	set_to_dummy_if_null(ops, ipc_permission);
948	set_to_dummy_if_null(ops, msg_msg_alloc_security);
949	set_to_dummy_if_null(ops, msg_msg_free_security);
950	set_to_dummy_if_null(ops, msg_queue_alloc_security);
951	set_to_dummy_if_null(ops, msg_queue_free_security);
952	set_to_dummy_if_null(ops, msg_queue_associate);
953	set_to_dummy_if_null(ops, msg_queue_msgctl);
954	set_to_dummy_if_null(ops, msg_queue_msgsnd);
955	set_to_dummy_if_null(ops, msg_queue_msgrcv);
956	set_to_dummy_if_null(ops, shm_alloc_security);
957	set_to_dummy_if_null(ops, shm_free_security);
958	set_to_dummy_if_null(ops, shm_associate);
959	set_to_dummy_if_null(ops, shm_shmctl);
960	set_to_dummy_if_null(ops, shm_shmat);
961	set_to_dummy_if_null(ops, sem_alloc_security);
962	set_to_dummy_if_null(ops, sem_free_security);
963	set_to_dummy_if_null(ops, sem_associate);
964	set_to_dummy_if_null(ops, sem_semctl);
965	set_to_dummy_if_null(ops, sem_semop);
966	set_to_dummy_if_null(ops, netlink_send);
967	set_to_dummy_if_null(ops, netlink_recv);
968	set_to_dummy_if_null(ops, register_security);
969	set_to_dummy_if_null(ops, unregister_security);
970	set_to_dummy_if_null(ops, d_instantiate);
971 	set_to_dummy_if_null(ops, getprocattr);
972 	set_to_dummy_if_null(ops, setprocattr);
973#ifdef CONFIG_SECURITY_NETWORK
974	set_to_dummy_if_null(ops, unix_stream_connect);
975	set_to_dummy_if_null(ops, unix_may_send);
976	set_to_dummy_if_null(ops, socket_create);
977	set_to_dummy_if_null(ops, socket_post_create);
978	set_to_dummy_if_null(ops, socket_bind);
979	set_to_dummy_if_null(ops, socket_connect);
980	set_to_dummy_if_null(ops, socket_listen);
981	set_to_dummy_if_null(ops, socket_accept);
982	set_to_dummy_if_null(ops, socket_post_accept);
983	set_to_dummy_if_null(ops, socket_sendmsg);
984	set_to_dummy_if_null(ops, socket_recvmsg);
985	set_to_dummy_if_null(ops, socket_getsockname);
986	set_to_dummy_if_null(ops, socket_getpeername);
987	set_to_dummy_if_null(ops, socket_setsockopt);
988	set_to_dummy_if_null(ops, socket_getsockopt);
989	set_to_dummy_if_null(ops, socket_shutdown);
990	set_to_dummy_if_null(ops, socket_sock_rcv_skb);
991	set_to_dummy_if_null(ops, socket_getpeersec);
992	set_to_dummy_if_null(ops, sk_alloc_security);
993	set_to_dummy_if_null(ops, sk_free_security);
994#endif	/* CONFIG_SECURITY_NETWORK */
995}
996