tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom
kernel / include / linux / security.h
at v2.6.34 118 kB view raw
1/* 2 * Linux Security plug 3 * 4 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com> 5 * Copyright (C) 2001 Greg Kroah-Hartman <greg@kroah.com> 6 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> 7 * Copyright (C) 2001 James Morris <jmorris@intercode.com.au> 8 * Copyright (C) 2001 Silicon Graphics, Inc. (Trust Technology Group) 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License as published by 12 * the Free Software Foundation; either version 2 of the License, or 13 * (at your option) any later version. 14 * 15 * Due to this file being licensed under the GPL there is controversy over 16 * whether this permits you to write a module that #includes this file 17 * without placing your module under the GPL. Please consult a lawyer for 18 * advice before doing this. 19 * 20 */ 21 22#ifndef __LINUX_SECURITY_H 23#define __LINUX_SECURITY_H 24 25#include <linux/fs.h> 26#include <linux/binfmts.h> 27#include <linux/signal.h> 28#include <linux/resource.h> 29#include <linux/sem.h> 30#include <linux/shm.h> 31#include <linux/mm.h> /* PAGE_ALIGN */ 32#include <linux/msg.h> 33#include <linux/sched.h> 34#include <linux/key.h> 35#include <linux/xfrm.h> 36#include <linux/slab.h> 37#include <net/flow.h> 38 39/* Maximum number of letters for an LSM name string */ 40#define SECURITY_NAME_MAX 10 41 42/* If capable should audit the security request */ 43#define SECURITY_CAP_NOAUDIT 0 44#define SECURITY_CAP_AUDIT 1 45 46struct ctl_table; 47struct audit_krule; 48 49/* 50 * These functions are in security/capability.c and are used 51 * as the default capabilities functions 52 */ 53extern int cap_capable(struct task_struct *tsk, const struct cred *cred, 54 int cap, int audit); 55extern int cap_settime(struct timespec *ts, struct timezone *tz); 56extern int cap_ptrace_access_check(struct task_struct *child, unsigned int mode); 57extern int cap_ptrace_traceme(struct task_struct *parent); 58extern int cap_capget(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); 59extern int cap_capset(struct cred *new, const struct cred *old, 60 const kernel_cap_t *effective, 61 const kernel_cap_t *inheritable, 62 const kernel_cap_t *permitted); 63extern int cap_bprm_set_creds(struct linux_binprm *bprm); 64extern int cap_bprm_secureexec(struct linux_binprm *bprm); 65extern int cap_inode_setxattr(struct dentry *dentry, const char *name, 66 const void *value, size_t size, int flags); 67extern int cap_inode_removexattr(struct dentry *dentry, const char *name); 68extern int cap_inode_need_killpriv(struct dentry *dentry); 69extern int cap_inode_killpriv(struct dentry *dentry); 70extern int cap_file_mmap(struct file *file, unsigned long reqprot, 71 unsigned long prot, unsigned long flags, 72 unsigned long addr, unsigned long addr_only); 73extern int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags); 74extern int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3, 75 unsigned long arg4, unsigned long arg5); 76extern int cap_task_setscheduler(struct task_struct *p, int policy, struct sched_param *lp); 77extern int cap_task_setioprio(struct task_struct *p, int ioprio); 78extern int cap_task_setnice(struct task_struct *p, int nice); 79extern int cap_syslog(int type, bool from_file); 80extern int cap_vm_enough_memory(struct mm_struct *mm, long pages); 81 82struct msghdr; 83struct sk_buff; 84struct sock; 85struct sockaddr; 86struct socket; 87struct flowi; 88struct dst_entry; 89struct xfrm_selector; 90struct xfrm_policy; 91struct xfrm_state; 92struct xfrm_user_sec_ctx; 93struct seq_file; 94 95extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb); 96extern int cap_netlink_recv(struct sk_buff *skb, int cap); 97 98void reset_security_ops(void); 99 100#ifdef CONFIG_MMU 101extern unsigned long mmap_min_addr; 102extern unsigned long dac_mmap_min_addr; 103#else 104#define dac_mmap_min_addr 0UL 105#endif 106 107/* 108 * Values used in the task_security_ops calls 109 */ 110/* setuid or setgid, id0 == uid or gid */ 111#define LSM_SETID_ID 1 112 113/* setreuid or setregid, id0 == real, id1 == eff */ 114#define LSM_SETID_RE 2 115 116/* setresuid or setresgid, id0 == real, id1 == eff, uid2 == saved */ 117#define LSM_SETID_RES 4 118 119/* setfsuid or setfsgid, id0 == fsuid or fsgid */ 120#define LSM_SETID_FS 8 121 122/* forward declares to avoid warnings */ 123struct sched_param; 124struct request_sock; 125 126/* bprm->unsafe reasons */ 127#define LSM_UNSAFE_SHARE 1 128#define LSM_UNSAFE_PTRACE 2 129#define LSM_UNSAFE_PTRACE_CAP 4 130 131#ifdef CONFIG_MMU 132/* 133 * If a hint addr is less than mmap_min_addr change hint to be as 134 * low as possible but still greater than mmap_min_addr 135 */ 136static inline unsigned long round_hint_to_min(unsigned long hint) 137{ 138 hint &= PAGE_MASK; 139 if (((void *)hint != NULL) && 140 (hint < mmap_min_addr)) 141 return PAGE_ALIGN(mmap_min_addr); 142 return hint; 143} 144extern int mmap_min_addr_handler(struct ctl_table *table, int write, 145 void __user *buffer, size_t *lenp, loff_t *ppos); 146#endif 147 148#ifdef CONFIG_SECURITY 149 150struct security_mnt_opts { 151 char **mnt_opts; 152 int *mnt_opts_flags; 153 int num_mnt_opts; 154}; 155 156static inline void security_init_mnt_opts(struct security_mnt_opts *opts) 157{ 158 opts->mnt_opts = NULL; 159 opts->mnt_opts_flags = NULL; 160 opts->num_mnt_opts = 0; 161} 162 163static inline void security_free_mnt_opts(struct security_mnt_opts *opts) 164{ 165 int i; 166 if (opts->mnt_opts) 167 for (i = 0; i < opts->num_mnt_opts; i++) 168 kfree(opts->mnt_opts[i]); 169 kfree(opts->mnt_opts); 170 opts->mnt_opts = NULL; 171 kfree(opts->mnt_opts_flags); 172 opts->mnt_opts_flags = NULL; 173 opts->num_mnt_opts = 0; 174} 175 176/** 177 * struct security_operations - main security structure 178 * 179 * Security module identifier. 180 * 181 * @name: 182 * A string that acts as a unique identifeir for the LSM with max number 183 * of characters = SECURITY_NAME_MAX. 184 * 185 * Security hooks for program execution operations. 186 * 187 * @bprm_set_creds: 188 * Save security information in the bprm->security field, typically based 189 * on information about the bprm->file, for later use by the apply_creds 190 * hook. This hook may also optionally check permissions (e.g. for 191 * transitions between security domains). 192 * This hook may be called multiple times during a single execve, e.g. for 193 * interpreters. The hook can tell whether it has already been called by 194 * checking to see if @bprm->security is non-NULL. If so, then the hook 195 * may decide either to retain the security information saved earlier or 196 * to replace it. 197 * @bprm contains the linux_binprm structure. 198 * Return 0 if the hook is successful and permission is granted. 199 * @bprm_check_security: 200 * This hook mediates the point when a search for a binary handler will 201 * begin. It allows a check the @bprm->security value which is set in the 202 * preceding set_creds call. The primary difference from set_creds is 203 * that the argv list and envp list are reliably available in @bprm. This 204 * hook may be called multiple times during a single execve; and in each 205 * pass set_creds is called first. 206 * @bprm contains the linux_binprm structure. 207 * Return 0 if the hook is successful and permission is granted. 208 * @bprm_committing_creds: 209 * Prepare to install the new security attributes of a process being 210 * transformed by an execve operation, based on the old credentials 211 * pointed to by @current->cred and the information set in @bprm->cred by 212 * the bprm_set_creds hook. @bprm points to the linux_binprm structure. 213 * This hook is a good place to perform state changes on the process such 214 * as closing open file descriptors to which access will no longer be 215 * granted when the attributes are changed. This is called immediately 216 * before commit_creds(). 217 * @bprm_committed_creds: 218 * Tidy up after the installation of the new security attributes of a 219 * process being transformed by an execve operation. The new credentials 220 * have, by this point, been set to @current->cred. @bprm points to the 221 * linux_binprm structure. This hook is a good place to perform state 222 * changes on the process such as clearing out non-inheritable signal 223 * state. This is called immediately after commit_creds(). 224 * @bprm_secureexec: 225 * Return a boolean value (0 or 1) indicating whether a "secure exec" 226 * is required. The flag is passed in the auxiliary table 227 * on the initial stack to the ELF interpreter to indicate whether libc 228 * should enable secure mode. 229 * @bprm contains the linux_binprm structure. 230 * 231 * Security hooks for filesystem operations. 232 * 233 * @sb_alloc_security: 234 * Allocate and attach a security structure to the sb->s_security field. 235 * The s_security field is initialized to NULL when the structure is 236 * allocated. 237 * @sb contains the super_block structure to be modified. 238 * Return 0 if operation was successful. 239 * @sb_free_security: 240 * Deallocate and clear the sb->s_security field. 241 * @sb contains the super_block structure to be modified. 242 * @sb_statfs: 243 * Check permission before obtaining filesystem statistics for the @mnt 244 * mountpoint. 245 * @dentry is a handle on the superblock for the filesystem. 246 * Return 0 if permission is granted. 247 * @sb_mount: 248 * Check permission before an object specified by @dev_name is mounted on 249 * the mount point named by @nd. For an ordinary mount, @dev_name 250 * identifies a device if the file system type requires a device. For a 251 * remount (@flags & MS_REMOUNT), @dev_name is irrelevant. For a 252 * loopback/bind mount (@flags & MS_BIND), @dev_name identifies the 253 * pathname of the object being mounted. 254 * @dev_name contains the name for object being mounted. 255 * @path contains the path for mount point object. 256 * @type contains the filesystem type. 257 * @flags contains the mount flags. 258 * @data contains the filesystem-specific data. 259 * Return 0 if permission is granted. 260 * @sb_copy_data: 261 * Allow mount option data to be copied prior to parsing by the filesystem, 262 * so that the security module can extract security-specific mount 263 * options cleanly (a filesystem may modify the data e.g. with strsep()). 264 * This also allows the original mount data to be stripped of security- 265 * specific options to avoid having to make filesystems aware of them. 266 * @type the type of filesystem being mounted. 267 * @orig the original mount data copied from userspace. 268 * @copy copied data which will be passed to the security module. 269 * Returns 0 if the copy was successful. 270 * @sb_check_sb: 271 * Check permission before the device with superblock @mnt->sb is mounted 272 * on the mount point named by @nd. 273 * @mnt contains the vfsmount for device being mounted. 274 * @path contains the path for the mount point. 275 * Return 0 if permission is granted. 276 * @sb_umount: 277 * Check permission before the @mnt file system is unmounted. 278 * @mnt contains the mounted file system. 279 * @flags contains the unmount flags, e.g. MNT_FORCE. 280 * Return 0 if permission is granted. 281 * @sb_umount_close: 282 * Close any files in the @mnt mounted filesystem that are held open by 283 * the security module. This hook is called during an umount operation 284 * prior to checking whether the filesystem is still busy. 285 * @mnt contains the mounted filesystem. 286 * @sb_umount_busy: 287 * Handle a failed umount of the @mnt mounted filesystem, e.g. re-opening 288 * any files that were closed by umount_close. This hook is called during 289 * an umount operation if the umount fails after a call to the 290 * umount_close hook. 291 * @mnt contains the mounted filesystem. 292 * @sb_post_remount: 293 * Update the security module's state when a filesystem is remounted. 294 * This hook is only called if the remount was successful. 295 * @mnt contains the mounted file system. 296 * @flags contains the new filesystem flags. 297 * @data contains the filesystem-specific data. 298 * @sb_post_addmount: 299 * Update the security module's state when a filesystem is mounted. 300 * This hook is called any time a mount is successfully grafetd to 301 * the tree. 302 * @mnt contains the mounted filesystem. 303 * @mountpoint contains the path for the mount point. 304 * @sb_pivotroot: 305 * Check permission before pivoting the root filesystem. 306 * @old_path contains the path for the new location of the current root (put_old). 307 * @new_path contains the path for the new root (new_root). 308 * Return 0 if permission is granted. 309 * @sb_post_pivotroot: 310 * Update module state after a successful pivot. 311 * @old_path contains the path for the old root. 312 * @new_path contains the path for the new root. 313 * @sb_set_mnt_opts: 314 * Set the security relevant mount options used for a superblock 315 * @sb the superblock to set security mount options for 316 * @opts binary data structure containing all lsm mount data 317 * @sb_clone_mnt_opts: 318 * Copy all security options from a given superblock to another 319 * @oldsb old superblock which contain information to clone 320 * @newsb new superblock which needs filled in 321 * @sb_parse_opts_str: 322 * Parse a string of security data filling in the opts structure 323 * @options string containing all mount options known by the LSM 324 * @opts binary data structure usable by the LSM 325 * 326 * Security hooks for inode operations. 327 * 328 * @inode_alloc_security: 329 * Allocate and attach a security structure to @inode->i_security. The 330 * i_security field is initialized to NULL when the inode structure is 331 * allocated. 332 * @inode contains the inode structure. 333 * Return 0 if operation was successful. 334 * @inode_free_security: 335 * @inode contains the inode structure. 336 * Deallocate the inode security structure and set @inode->i_security to 337 * NULL. 338 * @inode_init_security: 339 * Obtain the security attribute name suffix and value to set on a newly 340 * created inode and set up the incore security field for the new inode. 341 * This hook is called by the fs code as part of the inode creation 342 * transaction and provides for atomic labeling of the inode, unlike 343 * the post_create/mkdir/... hooks called by the VFS. The hook function 344 * is expected to allocate the name and value via kmalloc, with the caller 345 * being responsible for calling kfree after using them. 346 * If the security module does not use security attributes or does 347 * not wish to put a security attribute on this particular inode, 348 * then it should return -EOPNOTSUPP to skip this processing. 349 * @inode contains the inode structure of the newly created inode. 350 * @dir contains the inode structure of the parent directory. 351 * @name will be set to the allocated name suffix (e.g. selinux). 352 * @value will be set to the allocated attribute value. 353 * @len will be set to the length of the value. 354 * Returns 0 if @name and @value have been successfully set, 355 * -EOPNOTSUPP if no security attribute is needed, or 356 * -ENOMEM on memory allocation failure. 357 * @inode_create: 358 * Check permission to create a regular file. 359 * @dir contains inode structure of the parent of the new file. 360 * @dentry contains the dentry structure for the file to be created. 361 * @mode contains the file mode of the file to be created. 362 * Return 0 if permission is granted. 363 * @inode_link: 364 * Check permission before creating a new hard link to a file. 365 * @old_dentry contains the dentry structure for an existing link to the file. 366 * @dir contains the inode structure of the parent directory of the new link. 367 * @new_dentry contains the dentry structure for the new link. 368 * Return 0 if permission is granted. 369 * @path_link: 370 * Check permission before creating a new hard link to a file. 371 * @old_dentry contains the dentry structure for an existing link 372 * to the file. 373 * @new_dir contains the path structure of the parent directory of 374 * the new link. 375 * @new_dentry contains the dentry structure for the new link. 376 * Return 0 if permission is granted. 377 * @inode_unlink: 378 * Check the permission to remove a hard link to a file. 379 * @dir contains the inode structure of parent directory of the file. 380 * @dentry contains the dentry structure for file to be unlinked. 381 * Return 0 if permission is granted. 382 * @path_unlink: 383 * Check the permission to remove a hard link to a file. 384 * @dir contains the path structure of parent directory of the file. 385 * @dentry contains the dentry structure for file to be unlinked. 386 * Return 0 if permission is granted. 387 * @inode_symlink: 388 * Check the permission to create a symbolic link to a file. 389 * @dir contains the inode structure of parent directory of the symbolic link. 390 * @dentry contains the dentry structure of the symbolic link. 391 * @old_name contains the pathname of file. 392 * Return 0 if permission is granted. 393 * @path_symlink: 394 * Check the permission to create a symbolic link to a file. 395 * @dir contains the path structure of parent directory of 396 * the symbolic link. 397 * @dentry contains the dentry structure of the symbolic link. 398 * @old_name contains the pathname of file. 399 * Return 0 if permission is granted. 400 * @inode_mkdir: 401 * Check permissions to create a new directory in the existing directory 402 * associated with inode strcture @dir. 403 * @dir containst the inode structure of parent of the directory to be created. 404 * @dentry contains the dentry structure of new directory. 405 * @mode contains the mode of new directory. 406 * Return 0 if permission is granted. 407 * @path_mkdir: 408 * Check permissions to create a new directory in the existing directory 409 * associated with path strcture @path. 410 * @dir containst the path structure of parent of the directory 411 * to be created. 412 * @dentry contains the dentry structure of new directory. 413 * @mode contains the mode of new directory. 414 * Return 0 if permission is granted. 415 * @inode_rmdir: 416 * Check the permission to remove a directory. 417 * @dir contains the inode structure of parent of the directory to be removed. 418 * @dentry contains the dentry structure of directory to be removed. 419 * Return 0 if permission is granted. 420 * @path_rmdir: 421 * Check the permission to remove a directory. 422 * @dir contains the path structure of parent of the directory to be 423 * removed. 424 * @dentry contains the dentry structure of directory to be removed. 425 * Return 0 if permission is granted. 426 * @inode_mknod: 427 * Check permissions when creating a special file (or a socket or a fifo 428 * file created via the mknod system call). Note that if mknod operation 429 * is being done for a regular file, then the create hook will be called 430 * and not this hook. 431 * @dir contains the inode structure of parent of the new file. 432 * @dentry contains the dentry structure of the new file. 433 * @mode contains the mode of the new file. 434 * @dev contains the device number. 435 * Return 0 if permission is granted. 436 * @path_mknod: 437 * Check permissions when creating a file. Note that this hook is called 438 * even if mknod operation is being done for a regular file. 439 * @dir contains the path structure of parent of the new file. 440 * @dentry contains the dentry structure of the new file. 441 * @mode contains the mode of the new file. 442 * @dev contains the undecoded device number. Use new_decode_dev() to get 443 * the decoded device number. 444 * Return 0 if permission is granted. 445 * @inode_rename: 446 * Check for permission to rename a file or directory. 447 * @old_dir contains the inode structure for parent of the old link. 448 * @old_dentry contains the dentry structure of the old link. 449 * @new_dir contains the inode structure for parent of the new link. 450 * @new_dentry contains the dentry structure of the new link. 451 * Return 0 if permission is granted. 452 * @path_rename: 453 * Check for permission to rename a file or directory. 454 * @old_dir contains the path structure for parent of the old link. 455 * @old_dentry contains the dentry structure of the old link. 456 * @new_dir contains the path structure for parent of the new link. 457 * @new_dentry contains the dentry structure of the new link. 458 * Return 0 if permission is granted. 459 * @path_chmod: 460 * Check for permission to change DAC's permission of a file or directory. 461 * @dentry contains the dentry structure. 462 * @mnt contains the vfsmnt structure. 463 * @mode contains DAC's mode. 464 * Return 0 if permission is granted. 465 * @path_chown: 466 * Check for permission to change owner/group of a file or directory. 467 * @path contains the path structure. 468 * @uid contains new owner's ID. 469 * @gid contains new group's ID. 470 * Return 0 if permission is granted. 471 * @path_chroot: 472 * Check for permission to change root directory. 473 * @path contains the path structure. 474 * Return 0 if permission is granted. 475 * @inode_readlink: 476 * Check the permission to read the symbolic link. 477 * @dentry contains the dentry structure for the file link. 478 * Return 0 if permission is granted. 479 * @inode_follow_link: 480 * Check permission to follow a symbolic link when looking up a pathname. 481 * @dentry contains the dentry structure for the link. 482 * @nd contains the nameidata structure for the parent directory. 483 * Return 0 if permission is granted. 484 * @inode_permission: 485 * Check permission before accessing an inode. This hook is called by the 486 * existing Linux permission function, so a security module can use it to 487 * provide additional checking for existing Linux permission checks. 488 * Notice that this hook is called when a file is opened (as well as many 489 * other operations), whereas the file_security_ops permission hook is 490 * called when the actual read/write operations are performed. 491 * @inode contains the inode structure to check. 492 * @mask contains the permission mask. 493 * @nd contains the nameidata (may be NULL). 494 * Return 0 if permission is granted. 495 * @inode_setattr: 496 * Check permission before setting file attributes. Note that the kernel 497 * call to notify_change is performed from several locations, whenever 498 * file attributes change (such as when a file is truncated, chown/chmod 499 * operations, transferring disk quotas, etc). 500 * @dentry contains the dentry structure for the file. 501 * @attr is the iattr structure containing the new file attributes. 502 * Return 0 if permission is granted. 503 * @path_truncate: 504 * Check permission before truncating a file. 505 * @path contains the path structure for the file. 506 * @length is the new length of the file. 507 * @time_attrs is the flags passed to do_truncate(). 508 * Return 0 if permission is granted. 509 * @inode_getattr: 510 * Check permission before obtaining file attributes. 511 * @mnt is the vfsmount where the dentry was looked up 512 * @dentry contains the dentry structure for the file. 513 * Return 0 if permission is granted. 514 * @inode_delete: 515 * @inode contains the inode structure for deleted inode. 516 * This hook is called when a deleted inode is released (i.e. an inode 517 * with no hard links has its use count drop to zero). A security module 518 * can use this hook to release any persistent label associated with the 519 * inode. 520 * @inode_setxattr: 521 * Check permission before setting the extended attributes 522 * @value identified by @name for @dentry. 523 * Return 0 if permission is granted. 524 * @inode_post_setxattr: 525 * Update inode security field after successful setxattr operation. 526 * @value identified by @name for @dentry. 527 * @inode_getxattr: 528 * Check permission before obtaining the extended attributes 529 * identified by @name for @dentry. 530 * Return 0 if permission is granted. 531 * @inode_listxattr: 532 * Check permission before obtaining the list of extended attribute 533 * names for @dentry. 534 * Return 0 if permission is granted. 535 * @inode_removexattr: 536 * Check permission before removing the extended attribute 537 * identified by @name for @dentry. 538 * Return 0 if permission is granted. 539 * @inode_getsecurity: 540 * Retrieve a copy of the extended attribute representation of the 541 * security label associated with @name for @inode via @buffer. Note that 542 * @name is the remainder of the attribute name after the security prefix 543 * has been removed. @alloc is used to specify of the call should return a 544 * value via the buffer or just the value length Return size of buffer on 545 * success. 546 * @inode_setsecurity: 547 * Set the security label associated with @name for @inode from the 548 * extended attribute value @value. @size indicates the size of the 549 * @value in bytes. @flags may be XATTR_CREATE, XATTR_REPLACE, or 0. 550 * Note that @name is the remainder of the attribute name after the 551 * security. prefix has been removed. 552 * Return 0 on success. 553 * @inode_listsecurity: 554 * Copy the extended attribute names for the security labels 555 * associated with @inode into @buffer. The maximum size of @buffer 556 * is specified by @buffer_size. @buffer may be NULL to request 557 * the size of the buffer required. 558 * Returns number of bytes used/required on success. 559 * @inode_need_killpriv: 560 * Called when an inode has been changed. 561 * @dentry is the dentry being changed. 562 * Return <0 on error to abort the inode change operation. 563 * Return 0 if inode_killpriv does not need to be called. 564 * Return >0 if inode_killpriv does need to be called. 565 * @inode_killpriv: 566 * The setuid bit is being removed. Remove similar security labels. 567 * Called with the dentry->d_inode->i_mutex held. 568 * @dentry is the dentry being changed. 569 * Return 0 on success. If error is returned, then the operation 570 * causing setuid bit removal is failed. 571 * @inode_getsecid: 572 * Get the secid associated with the node. 573 * @inode contains a pointer to the inode. 574 * @secid contains a pointer to the location where result will be saved. 575 * In case of failure, @secid will be set to zero. 576 * 577 * Security hooks for file operations 578 * 579 * @file_permission: 580 * Check file permissions before accessing an open file. This hook is 581 * called by various operations that read or write files. A security 582 * module can use this hook to perform additional checking on these 583 * operations, e.g. to revalidate permissions on use to support privilege 584 * bracketing or policy changes. Notice that this hook is used when the 585 * actual read/write operations are performed, whereas the 586 * inode_security_ops hook is called when a file is opened (as well as 587 * many other operations). 588 * Caveat: Although this hook can be used to revalidate permissions for 589 * various system call operations that read or write files, it does not 590 * address the revalidation of permissions for memory-mapped files. 591 * Security modules must handle this separately if they need such 592 * revalidation. 593 * @file contains the file structure being accessed. 594 * @mask contains the requested permissions. 595 * Return 0 if permission is granted. 596 * @file_alloc_security: 597 * Allocate and attach a security structure to the file->f_security field. 598 * The security field is initialized to NULL when the structure is first 599 * created. 600 * @file contains the file structure to secure. 601 * Return 0 if the hook is successful and permission is granted. 602 * @file_free_security: 603 * Deallocate and free any security structures stored in file->f_security. 604 * @file contains the file structure being modified. 605 * @file_ioctl: 606 * @file contains the file structure. 607 * @cmd contains the operation to perform. 608 * @arg contains the operational arguments. 609 * Check permission for an ioctl operation on @file. Note that @arg can 610 * sometimes represents a user space pointer; in other cases, it may be a 611 * simple integer value. When @arg represents a user space pointer, it 612 * should never be used by the security module. 613 * Return 0 if permission is granted. 614 * @file_mmap : 615 * Check permissions for a mmap operation. The @file may be NULL, e.g. 616 * if mapping anonymous memory. 617 * @file contains the file structure for file to map (may be NULL). 618 * @reqprot contains the protection requested by the application. 619 * @prot contains the protection that will be applied by the kernel. 620 * @flags contains the operational flags. 621 * Return 0 if permission is granted. 622 * @file_mprotect: 623 * Check permissions before changing memory access permissions. 624 * @vma contains the memory region to modify. 625 * @reqprot contains the protection requested by the application. 626 * @prot contains the protection that will be applied by the kernel. 627 * Return 0 if permission is granted. 628 * @file_lock: 629 * Check permission before performing file locking operations. 630 * Note: this hook mediates both flock and fcntl style locks. 631 * @file contains the file structure. 632 * @cmd contains the posix-translated lock operation to perform 633 * (e.g. F_RDLCK, F_WRLCK). 634 * Return 0 if permission is granted. 635 * @file_fcntl: 636 * Check permission before allowing the file operation specified by @cmd 637 * from being performed on the file @file. Note that @arg can sometimes 638 * represents a user space pointer; in other cases, it may be a simple 639 * integer value. When @arg represents a user space pointer, it should 640 * never be used by the security module. 641 * @file contains the file structure. 642 * @cmd contains the operation to be performed. 643 * @arg contains the operational arguments. 644 * Return 0 if permission is granted. 645 * @file_set_fowner: 646 * Save owner security information (typically from current->security) in 647 * file->f_security for later use by the send_sigiotask hook. 648 * @file contains the file structure to update. 649 * Return 0 on success. 650 * @file_send_sigiotask: 651 * Check permission for the file owner @fown to send SIGIO or SIGURG to the 652 * process @tsk. Note that this hook is sometimes called from interrupt. 653 * Note that the fown_struct, @fown, is never outside the context of a 654 * struct file, so the file structure (and associated security information) 655 * can always be obtained: 656 * container_of(fown, struct file, f_owner) 657 * @tsk contains the structure of task receiving signal. 658 * @fown contains the file owner information. 659 * @sig is the signal that will be sent. When 0, kernel sends SIGIO. 660 * Return 0 if permission is granted. 661 * @file_receive: 662 * This hook allows security modules to control the ability of a process 663 * to receive an open file descriptor via socket IPC. 664 * @file contains the file structure being received. 665 * Return 0 if permission is granted. 666 * 667 * Security hook for dentry 668 * 669 * @dentry_open 670 * Save open-time permission checking state for later use upon 671 * file_permission, and recheck access if anything has changed 672 * since inode_permission. 673 * 674 * Security hooks for task operations. 675 * 676 * @task_create: 677 * Check permission before creating a child process. See the clone(2) 678 * manual page for definitions of the @clone_flags. 679 * @clone_flags contains the flags indicating what should be shared. 680 * Return 0 if permission is granted. 681 * @cred_alloc_blank: 682 * @cred points to the credentials. 683 * @gfp indicates the atomicity of any memory allocations. 684 * Only allocate sufficient memory and attach to @cred such that 685 * cred_transfer() will not get ENOMEM. 686 * @cred_free: 687 * @cred points to the credentials. 688 * Deallocate and clear the cred->security field in a set of credentials. 689 * @cred_prepare: 690 * @new points to the new credentials. 691 * @old points to the original credentials. 692 * @gfp indicates the atomicity of any memory allocations. 693 * Prepare a new set of credentials by copying the data from the old set. 694 * @cred_commit: 695 * @new points to the new credentials. 696 * @old points to the original credentials. 697 * Install a new set of credentials. 698 * @cred_transfer: 699 * @new points to the new credentials. 700 * @old points to the original credentials. 701 * Transfer data from original creds to new creds 702 * @kernel_act_as: 703 * Set the credentials for a kernel service to act as (subjective context). 704 * @new points to the credentials to be modified. 705 * @secid specifies the security ID to be set 706 * The current task must be the one that nominated @secid. 707 * Return 0 if successful. 708 * @kernel_create_files_as: 709 * Set the file creation context in a set of credentials to be the same as 710 * the objective context of the specified inode. 711 * @new points to the credentials to be modified. 712 * @inode points to the inode to use as a reference. 713 * The current task must be the one that nominated @inode. 714 * Return 0 if successful. 715 * @kernel_module_request: 716 * Ability to trigger the kernel to automatically upcall to userspace for 717 * userspace to load a kernel module with the given name. 718 * @kmod_name name of the module requested by the kernel 719 * Return 0 if successful. 720 * @task_setuid: 721 * Check permission before setting one or more of the user identity 722 * attributes of the current process. The @flags parameter indicates 723 * which of the set*uid system calls invoked this hook and how to 724 * interpret the @id0, @id1, and @id2 parameters. See the LSM_SETID 725 * definitions at the beginning of this file for the @flags values and 726 * their meanings. 727 * @id0 contains a uid. 728 * @id1 contains a uid. 729 * @id2 contains a uid. 730 * @flags contains one of the LSM_SETID_* values. 731 * Return 0 if permission is granted. 732 * @task_fix_setuid: 733 * Update the module's state after setting one or more of the user 734 * identity attributes of the current process. The @flags parameter 735 * indicates which of the set*uid system calls invoked this hook. If 736 * @new is the set of credentials that will be installed. Modifications 737 * should be made to this rather than to @current->cred. 738 * @old is the set of credentials that are being replaces 739 * @flags contains one of the LSM_SETID_* values. 740 * Return 0 on success. 741 * @task_setgid: 742 * Check permission before setting one or more of the group identity 743 * attributes of the current process. The @flags parameter indicates 744 * which of the set*gid system calls invoked this hook and how to 745 * interpret the @id0, @id1, and @id2 parameters. See the LSM_SETID 746 * definitions at the beginning of this file for the @flags values and 747 * their meanings. 748 * @id0 contains a gid. 749 * @id1 contains a gid. 750 * @id2 contains a gid. 751 * @flags contains one of the LSM_SETID_* values. 752 * Return 0 if permission is granted. 753 * @task_setpgid: 754 * Check permission before setting the process group identifier of the 755 * process @p to @pgid. 756 * @p contains the task_struct for process being modified. 757 * @pgid contains the new pgid. 758 * Return 0 if permission is granted. 759 * @task_getpgid: 760 * Check permission before getting the process group identifier of the 761 * process @p. 762 * @p contains the task_struct for the process. 763 * Return 0 if permission is granted. 764 * @task_getsid: 765 * Check permission before getting the session identifier of the process 766 * @p. 767 * @p contains the task_struct for the process. 768 * Return 0 if permission is granted. 769 * @task_getsecid: 770 * Retrieve the security identifier of the process @p. 771 * @p contains the task_struct for the process and place is into @secid. 772 * In case of failure, @secid will be set to zero. 773 * 774 * @task_setgroups: 775 * Check permission before setting the supplementary group set of the 776 * current process. 777 * @group_info contains the new group information. 778 * Return 0 if permission is granted. 779 * @task_setnice: 780 * Check permission before setting the nice value of @p to @nice. 781 * @p contains the task_struct of process. 782 * @nice contains the new nice value. 783 * Return 0 if permission is granted. 784 * @task_setioprio 785 * Check permission before setting the ioprio value of @p to @ioprio. 786 * @p contains the task_struct of process. 787 * @ioprio contains the new ioprio value 788 * Return 0 if permission is granted. 789 * @task_getioprio 790 * Check permission before getting the ioprio value of @p. 791 * @p contains the task_struct of process. 792 * Return 0 if permission is granted. 793 * @task_setrlimit: 794 * Check permission before setting the resource limits of the current 795 * process for @resource to @new_rlim. The old resource limit values can 796 * be examined by dereferencing (current->signal->rlim + resource). 797 * @resource contains the resource whose limit is being set. 798 * @new_rlim contains the new limits for @resource. 799 * Return 0 if permission is granted. 800 * @task_setscheduler: 801 * Check permission before setting scheduling policy and/or parameters of 802 * process @p based on @policy and @lp. 803 * @p contains the task_struct for process. 804 * @policy contains the scheduling policy. 805 * @lp contains the scheduling parameters. 806 * Return 0 if permission is granted. 807 * @task_getscheduler: 808 * Check permission before obtaining scheduling information for process 809 * @p. 810 * @p contains the task_struct for process. 811 * Return 0 if permission is granted. 812 * @task_movememory 813 * Check permission before moving memory owned by process @p. 814 * @p contains the task_struct for process. 815 * Return 0 if permission is granted. 816 * @task_kill: 817 * Check permission before sending signal @sig to @p. @info can be NULL, 818 * the constant 1, or a pointer to a siginfo structure. If @info is 1 or 819 * SI_FROMKERNEL(info) is true, then the signal should be viewed as coming 820 * from the kernel and should typically be permitted. 821 * SIGIO signals are handled separately by the send_sigiotask hook in 822 * file_security_ops. 823 * @p contains the task_struct for process. 824 * @info contains the signal information. 825 * @sig contains the signal value. 826 * @secid contains the sid of the process where the signal originated 827 * Return 0 if permission is granted. 828 * @task_wait: 829 * Check permission before allowing a process to reap a child process @p 830 * and collect its status information. 831 * @p contains the task_struct for process. 832 * Return 0 if permission is granted. 833 * @task_prctl: 834 * Check permission before performing a process control operation on the 835 * current process. 836 * @option contains the operation. 837 * @arg2 contains a argument. 838 * @arg3 contains a argument. 839 * @arg4 contains a argument. 840 * @arg5 contains a argument. 841 * Return -ENOSYS if no-one wanted to handle this op, any other value to 842 * cause prctl() to return immediately with that value. 843 * @task_to_inode: 844 * Set the security attributes for an inode based on an associated task's 845 * security attributes, e.g. for /proc/pid inodes. 846 * @p contains the task_struct for the task. 847 * @inode contains the inode structure for the inode. 848 * 849 * Security hooks for Netlink messaging. 850 * 851 * @netlink_send: 852 * Save security information for a netlink message so that permission 853 * checking can be performed when the message is processed. The security 854 * information can be saved using the eff_cap field of the 855 * netlink_skb_parms structure. Also may be used to provide fine 856 * grained control over message transmission. 857 * @sk associated sock of task sending the message., 858 * @skb contains the sk_buff structure for the netlink message. 859 * Return 0 if the information was successfully saved and message 860 * is allowed to be transmitted. 861 * @netlink_recv: 862 * Check permission before processing the received netlink message in 863 * @skb. 864 * @skb contains the sk_buff structure for the netlink message. 865 * @cap indicates the capability required 866 * Return 0 if permission is granted. 867 * 868 * Security hooks for Unix domain networking. 869 * 870 * @unix_stream_connect: 871 * Check permissions before establishing a Unix domain stream connection 872 * between @sock and @other. 873 * @sock contains the socket structure. 874 * @other contains the peer socket structure. 875 * Return 0 if permission is granted. 876 * @unix_may_send: 877 * Check permissions before connecting or sending datagrams from @sock to 878 * @other. 879 * @sock contains the socket structure. 880 * @sock contains the peer socket structure. 881 * Return 0 if permission is granted. 882 * 883 * The @unix_stream_connect and @unix_may_send hooks were necessary because 884 * Linux provides an alternative to the conventional file name space for Unix 885 * domain sockets. Whereas binding and connecting to sockets in the file name 886 * space is mediated by the typical file permissions (and caught by the mknod 887 * and permission hooks in inode_security_ops), binding and connecting to 888 * sockets in the abstract name space is completely unmediated. Sufficient 889 * control of Unix domain sockets in the abstract name space isn't possible 890 * using only the socket layer hooks, since we need to know the actual target 891 * socket, which is not looked up until we are inside the af_unix code. 892 * 893 * Security hooks for socket operations. 894 * 895 * @socket_create: 896 * Check permissions prior to creating a new socket. 897 * @family contains the requested protocol family. 898 * @type contains the requested communications type. 899 * @protocol contains the requested protocol. 900 * @kern set to 1 if a kernel socket. 901 * Return 0 if permission is granted. 902 * @socket_post_create: 903 * This hook allows a module to update or allocate a per-socket security 904 * structure. Note that the security field was not added directly to the 905 * socket structure, but rather, the socket security information is stored 906 * in the associated inode. Typically, the inode alloc_security hook will 907 * allocate and and attach security information to 908 * sock->inode->i_security. This hook may be used to update the 909 * sock->inode->i_security field with additional information that wasn't 910 * available when the inode was allocated. 911 * @sock contains the newly created socket structure. 912 * @family contains the requested protocol family. 913 * @type contains the requested communications type. 914 * @protocol contains the requested protocol. 915 * @kern set to 1 if a kernel socket. 916 * @socket_bind: 917 * Check permission before socket protocol layer bind operation is 918 * performed and the socket @sock is bound to the address specified in the 919 * @address parameter. 920 * @sock contains the socket structure. 921 * @address contains the address to bind to. 922 * @addrlen contains the length of address. 923 * Return 0 if permission is granted. 924 * @socket_connect: 925 * Check permission before socket protocol layer connect operation 926 * attempts to connect socket @sock to a remote address, @address. 927 * @sock contains the socket structure. 928 * @address contains the address of remote endpoint. 929 * @addrlen contains the length of address. 930 * Return 0 if permission is granted. 931 * @socket_listen: 932 * Check permission before socket protocol layer listen operation. 933 * @sock contains the socket structure. 934 * @backlog contains the maximum length for the pending connection queue. 935 * Return 0 if permission is granted. 936 * @socket_accept: 937 * Check permission before accepting a new connection. Note that the new 938 * socket, @newsock, has been created and some information copied to it, 939 * but the accept operation has not actually been performed. 940 * @sock contains the listening socket structure. 941 * @newsock contains the newly created server socket for connection. 942 * Return 0 if permission is granted. 943 * @socket_sendmsg: 944 * Check permission before transmitting a message to another socket. 945 * @sock contains the socket structure. 946 * @msg contains the message to be transmitted. 947 * @size contains the size of message. 948 * Return 0 if permission is granted. 949 * @socket_recvmsg: 950 * Check permission before receiving a message from a socket. 951 * @sock contains the socket structure. 952 * @msg contains the message structure. 953 * @size contains the size of message structure. 954 * @flags contains the operational flags. 955 * Return 0 if permission is granted. 956 * @socket_getsockname: 957 * Check permission before the local address (name) of the socket object 958 * @sock is retrieved. 959 * @sock contains the socket structure. 960 * Return 0 if permission is granted. 961 * @socket_getpeername: 962 * Check permission before the remote address (name) of a socket object 963 * @sock is retrieved. 964 * @sock contains the socket structure. 965 * Return 0 if permission is granted. 966 * @socket_getsockopt: 967 * Check permissions before retrieving the options associated with socket 968 * @sock. 969 * @sock contains the socket structure. 970 * @level contains the protocol level to retrieve option from. 971 * @optname contains the name of option to retrieve. 972 * Return 0 if permission is granted. 973 * @socket_setsockopt: 974 * Check permissions before setting the options associated with socket 975 * @sock. 976 * @sock contains the socket structure. 977 * @level contains the protocol level to set options for. 978 * @optname contains the name of the option to set. 979 * Return 0 if permission is granted. 980 * @socket_shutdown: 981 * Checks permission before all or part of a connection on the socket 982 * @sock is shut down. 983 * @sock contains the socket structure. 984 * @how contains the flag indicating how future sends and receives are handled. 985 * Return 0 if permission is granted. 986 * @socket_sock_rcv_skb: 987 * Check permissions on incoming network packets. This hook is distinct 988 * from Netfilter's IP input hooks since it is the first time that the 989 * incoming sk_buff @skb has been associated with a particular socket, @sk. 990 * Must not sleep inside this hook because some callers hold spinlocks. 991 * @sk contains the sock (not socket) associated with the incoming sk_buff. 992 * @skb contains the incoming network data. 993 * @socket_getpeersec_stream: 994 * This hook allows the security module to provide peer socket security 995 * state for unix or connected tcp sockets to userspace via getsockopt 996 * SO_GETPEERSEC. For tcp sockets this can be meaningful if the 997 * socket is associated with an ipsec SA. 998 * @sock is the local socket. 999 * @optval userspace memory where the security state is to be copied. 1000 * @optlen userspace int where the module should copy the actual length 1001 * of the security state. 1002 * @len as input is the maximum length to copy to userspace provided 1003 * by the caller. 1004 * Return 0 if all is well, otherwise, typical getsockopt return 1005 * values. 1006 * @socket_getpeersec_dgram: 1007 * This hook allows the security module to provide peer socket security 1008 * state for udp sockets on a per-packet basis to userspace via 1009 * getsockopt SO_GETPEERSEC. The application must first have indicated 1010 * the IP_PASSSEC option via getsockopt. It can then retrieve the 1011 * security state returned by this hook for a packet via the SCM_SECURITY 1012 * ancillary message type. 1013 * @skb is the skbuff for the packet being queried 1014 * @secdata is a pointer to a buffer in which to copy the security data 1015 * @seclen is the maximum length for @secdata 1016 * Return 0 on success, error on failure. 1017 * @sk_alloc_security: 1018 * Allocate and attach a security structure to the sk->sk_security field, 1019 * which is used to copy security attributes between local stream sockets. 1020 * @sk_free_security: 1021 * Deallocate security structure. 1022 * @sk_clone_security: 1023 * Clone/copy security structure. 1024 * @sk_getsecid: 1025 * Retrieve the LSM-specific secid for the sock to enable caching of network 1026 * authorizations. 1027 * @sock_graft: 1028 * Sets the socket's isec sid to the sock's sid. 1029 * @inet_conn_request: 1030 * Sets the openreq's sid to socket's sid with MLS portion taken from peer sid. 1031 * @inet_csk_clone: 1032 * Sets the new child socket's sid to the openreq sid. 1033 * @inet_conn_established: 1034 * Sets the connection's peersid to the secmark on skb. 1035 * @req_classify_flow: 1036 * Sets the flow's sid to the openreq sid. 1037 * @tun_dev_create: 1038 * Check permissions prior to creating a new TUN device. 1039 * @tun_dev_post_create: 1040 * This hook allows a module to update or allocate a per-socket security 1041 * structure. 1042 * @sk contains the newly created sock structure. 1043 * @tun_dev_attach: 1044 * Check permissions prior to attaching to a persistent TUN device. This 1045 * hook can also be used by the module to update any security state 1046 * associated with the TUN device's sock structure. 1047 * @sk contains the existing sock structure. 1048 * 1049 * Security hooks for XFRM operations. 1050 * 1051 * @xfrm_policy_alloc_security: 1052 * @ctxp is a pointer to the xfrm_sec_ctx being added to Security Policy 1053 * Database used by the XFRM system. 1054 * @sec_ctx contains the security context information being provided by 1055 * the user-level policy update program (e.g., setkey). 1056 * Allocate a security structure to the xp->security field; the security 1057 * field is initialized to NULL when the xfrm_policy is allocated. 1058 * Return 0 if operation was successful (memory to allocate, legal context) 1059 * @xfrm_policy_clone_security: 1060 * @old_ctx contains an existing xfrm_sec_ctx. 1061 * @new_ctxp contains a new xfrm_sec_ctx being cloned from old. 1062 * Allocate a security structure in new_ctxp that contains the 1063 * information from the old_ctx structure. 1064 * Return 0 if operation was successful (memory to allocate). 1065 * @xfrm_policy_free_security: 1066 * @ctx contains the xfrm_sec_ctx 1067 * Deallocate xp->security. 1068 * @xfrm_policy_delete_security: 1069 * @ctx contains the xfrm_sec_ctx. 1070 * Authorize deletion of xp->security. 1071 * @xfrm_state_alloc_security: 1072 * @x contains the xfrm_state being added to the Security Association 1073 * Database by the XFRM system. 1074 * @sec_ctx contains the security context information being provided by 1075 * the user-level SA generation program (e.g., setkey or racoon). 1076 * @secid contains the secid from which to take the mls portion of the context. 1077 * Allocate a security structure to the x->security field; the security 1078 * field is initialized to NULL when the xfrm_state is allocated. Set the 1079 * context to correspond to either sec_ctx or polsec, with the mls portion 1080 * taken from secid in the latter case. 1081 * Return 0 if operation was successful (memory to allocate, legal context). 1082 * @xfrm_state_free_security: 1083 * @x contains the xfrm_state. 1084 * Deallocate x->security. 1085 * @xfrm_state_delete_security: 1086 * @x contains the xfrm_state. 1087 * Authorize deletion of x->security. 1088 * @xfrm_policy_lookup: 1089 * @ctx contains the xfrm_sec_ctx for which the access control is being 1090 * checked. 1091 * @fl_secid contains the flow security label that is used to authorize 1092 * access to the policy xp. 1093 * @dir contains the direction of the flow (input or output). 1094 * Check permission when a flow selects a xfrm_policy for processing 1095 * XFRMs on a packet. The hook is called when selecting either a 1096 * per-socket policy or a generic xfrm policy. 1097 * Return 0 if permission is granted, -ESRCH otherwise, or -errno 1098 * on other errors. 1099 * @xfrm_state_pol_flow_match: 1100 * @x contains the state to match. 1101 * @xp contains the policy to check for a match. 1102 * @fl contains the flow to check for a match. 1103 * Return 1 if there is a match. 1104 * @xfrm_decode_session: 1105 * @skb points to skb to decode. 1106 * @secid points to the flow key secid to set. 1107 * @ckall says if all xfrms used should be checked for same secid. 1108 * Return 0 if ckall is zero or all xfrms used have the same secid. 1109 * 1110 * Security hooks affecting all Key Management operations 1111 * 1112 * @key_alloc: 1113 * Permit allocation of a key and assign security data. Note that key does 1114 * not have a serial number assigned at this point. 1115 * @key points to the key. 1116 * @flags is the allocation flags 1117 * Return 0 if permission is granted, -ve error otherwise. 1118 * @key_free: 1119 * Notification of destruction; free security data. 1120 * @key points to the key. 1121 * No return value. 1122 * @key_permission: 1123 * See whether a specific operational right is granted to a process on a 1124 * key. 1125 * @key_ref refers to the key (key pointer + possession attribute bit). 1126 * @cred points to the credentials to provide the context against which to 1127 * evaluate the security data on the key. 1128 * @perm describes the combination of permissions required of this key. 1129 * Return 1 if permission granted, 0 if permission denied and -ve it the 1130 * normal permissions model should be effected. 1131 * @key_getsecurity: 1132 * Get a textual representation of the security context attached to a key 1133 * for the purposes of honouring KEYCTL_GETSECURITY. This function 1134 * allocates the storage for the NUL-terminated string and the caller 1135 * should free it. 1136 * @key points to the key to be queried. 1137 * @_buffer points to a pointer that should be set to point to the 1138 * resulting string (if no label or an error occurs). 1139 * Return the length of the string (including terminating NUL) or -ve if 1140 * an error. 1141 * May also return 0 (and a NULL buffer pointer) if there is no label. 1142 * @key_session_to_parent: 1143 * Forcibly assign the session keyring from a process to its parent 1144 * process. 1145 * @cred: Pointer to process's credentials 1146 * @parent_cred: Pointer to parent process's credentials 1147 * @keyring: Proposed new session keyring 1148 * Return 0 if permission is granted, -ve error otherwise. 1149 * 1150 * Security hooks affecting all System V IPC operations. 1151 * 1152 * @ipc_permission: 1153 * Check permissions for access to IPC 1154 * @ipcp contains the kernel IPC permission structure 1155 * @flag contains the desired (requested) permission set 1156 * Return 0 if permission is granted. 1157 * @ipc_getsecid: 1158 * Get the secid associated with the ipc object. 1159 * @ipcp contains the kernel IPC permission structure. 1160 * @secid contains a pointer to the location where result will be saved. 1161 * In case of failure, @secid will be set to zero. 1162 * 1163 * Security hooks for individual messages held in System V IPC message queues 1164 * @msg_msg_alloc_security: 1165 * Allocate and attach a security structure to the msg->security field. 1166 * The security field is initialized to NULL when the structure is first 1167 * created. 1168 * @msg contains the message structure to be modified. 1169 * Return 0 if operation was successful and permission is granted. 1170 * @msg_msg_free_security: 1171 * Deallocate the security structure for this message. 1172 * @msg contains the message structure to be modified. 1173 * 1174 * Security hooks for System V IPC Message Queues 1175 * 1176 * @msg_queue_alloc_security: 1177 * Allocate and attach a security structure to the 1178 * msq->q_perm.security field. The security field is initialized to 1179 * NULL when the structure is first created. 1180 * @msq contains the message queue structure to be modified. 1181 * Return 0 if operation was successful and permission is granted. 1182 * @msg_queue_free_security: 1183 * Deallocate security structure for this message queue. 1184 * @msq contains the message queue structure to be modified. 1185 * @msg_queue_associate: 1186 * Check permission when a message queue is requested through the 1187 * msgget system call. This hook is only called when returning the 1188 * message queue identifier for an existing message queue, not when a 1189 * new message queue is created. 1190 * @msq contains the message queue to act upon. 1191 * @msqflg contains the operation control flags. 1192 * Return 0 if permission is granted. 1193 * @msg_queue_msgctl: 1194 * Check permission when a message control operation specified by @cmd 1195 * is to be performed on the message queue @msq. 1196 * The @msq may be NULL, e.g. for IPC_INFO or MSG_INFO. 1197 * @msq contains the message queue to act upon. May be NULL. 1198 * @cmd contains the operation to be performed. 1199 * Return 0 if permission is granted. 1200 * @msg_queue_msgsnd: 1201 * Check permission before a message, @msg, is enqueued on the message 1202 * queue, @msq. 1203 * @msq contains the message queue to send message to. 1204 * @msg contains the message to be enqueued. 1205 * @msqflg contains operational flags. 1206 * Return 0 if permission is granted. 1207 * @msg_queue_msgrcv: 1208 * Check permission before a message, @msg, is removed from the message 1209 * queue, @msq. The @target task structure contains a pointer to the 1210 * process that will be receiving the message (not equal to the current 1211 * process when inline receives are being performed). 1212 * @msq contains the message queue to retrieve message from. 1213 * @msg contains the message destination. 1214 * @target contains the task structure for recipient process. 1215 * @type contains the type of message requested. 1216 * @mode contains the operational flags. 1217 * Return 0 if permission is granted. 1218 * 1219 * Security hooks for System V Shared Memory Segments 1220 * 1221 * @shm_alloc_security: 1222 * Allocate and attach a security structure to the shp->shm_perm.security 1223 * field. The security field is initialized to NULL when the structure is 1224 * first created. 1225 * @shp contains the shared memory structure to be modified. 1226 * Return 0 if operation was successful and permission is granted. 1227 * @shm_free_security: 1228 * Deallocate the security struct for this memory segment. 1229 * @shp contains the shared memory structure to be modified. 1230 * @shm_associate: 1231 * Check permission when a shared memory region is requested through the 1232 * shmget system call. This hook is only called when returning the shared 1233 * memory region identifier for an existing region, not when a new shared 1234 * memory region is created. 1235 * @shp contains the shared memory structure to be modified. 1236 * @shmflg contains the operation control flags. 1237 * Return 0 if permission is granted. 1238 * @shm_shmctl: 1239 * Check permission when a shared memory control operation specified by 1240 * @cmd is to be performed on the shared memory region @shp. 1241 * The @shp may be NULL, e.g. for IPC_INFO or SHM_INFO. 1242 * @shp contains shared memory structure to be modified. 1243 * @cmd contains the operation to be performed. 1244 * Return 0 if permission is granted. 1245 * @shm_shmat: 1246 * Check permissions prior to allowing the shmat system call to attach the 1247 * shared memory segment @shp to the data segment of the calling process. 1248 * The attaching address is specified by @shmaddr. 1249 * @shp contains the shared memory structure to be modified. 1250 * @shmaddr contains the address to attach memory region to. 1251 * @shmflg contains the operational flags. 1252 * Return 0 if permission is granted. 1253 * 1254 * Security hooks for System V Semaphores 1255 * 1256 * @sem_alloc_security: 1257 * Allocate and attach a security structure to the sma->sem_perm.security 1258 * field. The security field is initialized to NULL when the structure is 1259 * first created. 1260 * @sma contains the semaphore structure 1261 * Return 0 if operation was successful and permission is granted. 1262 * @sem_free_security: 1263 * deallocate security struct for this semaphore 1264 * @sma contains the semaphore structure. 1265 * @sem_associate: 1266 * Check permission when a semaphore is requested through the semget 1267 * system call. This hook is only called when returning the semaphore 1268 * identifier for an existing semaphore, not when a new one must be 1269 * created. 1270 * @sma contains the semaphore structure. 1271 * @semflg contains the operation control flags. 1272 * Return 0 if permission is granted. 1273 * @sem_semctl: 1274 * Check permission when a semaphore operation specified by @cmd is to be 1275 * performed on the semaphore @sma. The @sma may be NULL, e.g. for 1276 * IPC_INFO or SEM_INFO. 1277 * @sma contains the semaphore structure. May be NULL. 1278 * @cmd contains the operation to be performed. 1279 * Return 0 if permission is granted. 1280 * @sem_semop 1281 * Check permissions before performing operations on members of the 1282 * semaphore set @sma. If the @alter flag is nonzero, the semaphore set 1283 * may be modified. 1284 * @sma contains the semaphore structure. 1285 * @sops contains the operations to perform. 1286 * @nsops contains the number of operations to perform. 1287 * @alter contains the flag indicating whether changes are to be made. 1288 * Return 0 if permission is granted. 1289 * 1290 * @ptrace_access_check: 1291 * Check permission before allowing the current process to trace the 1292 * @child process. 1293 * Security modules may also want to perform a process tracing check 1294 * during an execve in the set_security or apply_creds hooks of 1295 * tracing check during an execve in the bprm_set_creds hook of 1296 * binprm_security_ops if the process is being traced and its security 1297 * attributes would be changed by the execve. 1298 * @child contains the task_struct structure for the target process. 1299 * @mode contains the PTRACE_MODE flags indicating the form of access. 1300 * Return 0 if permission is granted. 1301 * @ptrace_traceme: 1302 * Check that the @parent process has sufficient permission to trace the 1303 * current process before allowing the current process to present itself 1304 * to the @parent process for tracing. 1305 * The parent process will still have to undergo the ptrace_access_check 1306 * checks before it is allowed to trace this one. 1307 * @parent contains the task_struct structure for debugger process. 1308 * Return 0 if permission is granted. 1309 * @capget: 1310 * Get the @effective, @inheritable, and @permitted capability sets for 1311 * the @target process. The hook may also perform permission checking to 1312 * determine if the current process is allowed to see the capability sets 1313 * of the @target process. 1314 * @target contains the task_struct structure for target process. 1315 * @effective contains the effective capability set. 1316 * @inheritable contains the inheritable capability set. 1317 * @permitted contains the permitted capability set. 1318 * Return 0 if the capability sets were successfully obtained. 1319 * @capset: 1320 * Set the @effective, @inheritable, and @permitted capability sets for 1321 * the current process. 1322 * @new contains the new credentials structure for target process. 1323 * @old contains the current credentials structure for target process. 1324 * @effective contains the effective capability set. 1325 * @inheritable contains the inheritable capability set. 1326 * @permitted contains the permitted capability set. 1327 * Return 0 and update @new if permission is granted. 1328 * @capable: 1329 * Check whether the @tsk process has the @cap capability in the indicated 1330 * credentials. 1331 * @tsk contains the task_struct for the process. 1332 * @cred contains the credentials to use. 1333 * @cap contains the capability <include/linux/capability.h>. 1334 * @audit: Whether to write an audit message or not 1335 * Return 0 if the capability is granted for @tsk. 1336 * @acct: 1337 * Check permission before enabling or disabling process accounting. If 1338 * accounting is being enabled, then @file refers to the open file used to 1339 * store accounting records. If accounting is being disabled, then @file 1340 * is NULL. 1341 * @file contains the file structure for the accounting file (may be NULL). 1342 * Return 0 if permission is granted. 1343 * @sysctl: 1344 * Check permission before accessing the @table sysctl variable in the 1345 * manner specified by @op. 1346 * @table contains the ctl_table structure for the sysctl variable. 1347 * @op contains the operation (001 = search, 002 = write, 004 = read). 1348 * Return 0 if permission is granted. 1349 * @syslog: 1350 * Check permission before accessing the kernel message ring or changing 1351 * logging to the console. 1352 * See the syslog(2) manual page for an explanation of the @type values. 1353 * @type contains the type of action. 1354 * @from_file indicates the context of action (if it came from /proc). 1355 * Return 0 if permission is granted. 1356 * @settime: 1357 * Check permission to change the system time. 1358 * struct timespec and timezone are defined in include/linux/time.h 1359 * @ts contains new time 1360 * @tz contains new timezone 1361 * Return 0 if permission is granted. 1362 * @vm_enough_memory: 1363 * Check permissions for allocating a new virtual mapping. 1364 * @mm contains the mm struct it is being added to. 1365 * @pages contains the number of pages. 1366 * Return 0 if permission is granted. 1367 * 1368 * @secid_to_secctx: 1369 * Convert secid to security context. 1370 * @secid contains the security ID. 1371 * @secdata contains the pointer that stores the converted security context. 1372 * @secctx_to_secid: 1373 * Convert security context to secid. 1374 * @secid contains the pointer to the generated security ID. 1375 * @secdata contains the security context. 1376 * 1377 * @release_secctx: 1378 * Release the security context. 1379 * @secdata contains the security context. 1380 * @seclen contains the length of the security context. 1381 * 1382 * Security hooks for Audit 1383 * 1384 * @audit_rule_init: 1385 * Allocate and initialize an LSM audit rule structure. 1386 * @field contains the required Audit action. Fields flags are defined in include/linux/audit.h 1387 * @op contains the operator the rule uses. 1388 * @rulestr contains the context where the rule will be applied to. 1389 * @lsmrule contains a pointer to receive the result. 1390 * Return 0 if @lsmrule has been successfully set, 1391 * -EINVAL in case of an invalid rule. 1392 * 1393 * @audit_rule_known: 1394 * Specifies whether given @rule contains any fields related to current LSM. 1395 * @rule contains the audit rule of interest. 1396 * Return 1 in case of relation found, 0 otherwise. 1397 * 1398 * @audit_rule_match: 1399 * Determine if given @secid matches a rule previously approved 1400 * by @audit_rule_known. 1401 * @secid contains the security id in question. 1402 * @field contains the field which relates to current LSM. 1403 * @op contains the operator that will be used for matching. 1404 * @rule points to the audit rule that will be checked against. 1405 * @actx points to the audit context associated with the check. 1406 * Return 1 if secid matches the rule, 0 if it does not, -ERRNO on failure. 1407 * 1408 * @audit_rule_free: 1409 * Deallocate the LSM audit rule structure previously allocated by 1410 * audit_rule_init. 1411 * @rule contains the allocated rule 1412 * 1413 * @inode_notifysecctx: 1414 * Notify the security module of what the security context of an inode 1415 * should be. Initializes the incore security context managed by the 1416 * security module for this inode. Example usage: NFS client invokes 1417 * this hook to initialize the security context in its incore inode to the 1418 * value provided by the server for the file when the server returned the 1419 * file's attributes to the client. 1420 * 1421 * Must be called with inode->i_mutex locked. 1422 * 1423 * @inode we wish to set the security context of. 1424 * @ctx contains the string which we wish to set in the inode. 1425 * @ctxlen contains the length of @ctx. 1426 * 1427 * @inode_setsecctx: 1428 * Change the security context of an inode. Updates the 1429 * incore security context managed by the security module and invokes the 1430 * fs code as needed (via __vfs_setxattr_noperm) to update any backing 1431 * xattrs that represent the context. Example usage: NFS server invokes 1432 * this hook to change the security context in its incore inode and on the 1433 * backing filesystem to a value provided by the client on a SETATTR 1434 * operation. 1435 * 1436 * Must be called with inode->i_mutex locked. 1437 * 1438 * @dentry contains the inode we wish to set the security context of. 1439 * @ctx contains the string which we wish to set in the inode. 1440 * @ctxlen contains the length of @ctx. 1441 * 1442 * @inode_getsecctx: 1443 * Returns a string containing all relavent security context information 1444 * 1445 * @inode we wish to set the security context of. 1446 * @ctx is a pointer in which to place the allocated security context. 1447 * @ctxlen points to the place to put the length of @ctx. 1448 * This is the main security structure. 1449 */ 1450struct security_operations { 1451 char name[SECURITY_NAME_MAX + 1]; 1452 1453 int (*ptrace_access_check) (struct task_struct *child, unsigned int mode); 1454 int (*ptrace_traceme) (struct task_struct *parent); 1455 int (*capget) (struct task_struct *target, 1456 kernel_cap_t *effective, 1457 kernel_cap_t *inheritable, kernel_cap_t *permitted); 1458 int (*capset) (struct cred *new, 1459 const struct cred *old, 1460 const kernel_cap_t *effective, 1461 const kernel_cap_t *inheritable, 1462 const kernel_cap_t *permitted); 1463 int (*capable) (struct task_struct *tsk, const struct cred *cred, 1464 int cap, int audit); 1465 int (*acct) (struct file *file); 1466 int (*sysctl) (struct ctl_table *table, int op); 1467 int (*quotactl) (int cmds, int type, int id, struct super_block *sb); 1468 int (*quota_on) (struct dentry *dentry); 1469 int (*syslog) (int type, bool from_file); 1470 int (*settime) (struct timespec *ts, struct timezone *tz); 1471 int (*vm_enough_memory) (struct mm_struct *mm, long pages); 1472 1473 int (*bprm_set_creds) (struct linux_binprm *bprm); 1474 int (*bprm_check_security) (struct linux_binprm *bprm); 1475 int (*bprm_secureexec) (struct linux_binprm *bprm); 1476 void (*bprm_committing_creds) (struct linux_binprm *bprm); 1477 void (*bprm_committed_creds) (struct linux_binprm *bprm); 1478 1479 int (*sb_alloc_security) (struct super_block *sb); 1480 void (*sb_free_security) (struct super_block *sb); 1481 int (*sb_copy_data) (char *orig, char *copy); 1482 int (*sb_kern_mount) (struct super_block *sb, int flags, void *data); 1483 int (*sb_show_options) (struct seq_file *m, struct super_block *sb); 1484 int (*sb_statfs) (struct dentry *dentry); 1485 int (*sb_mount) (char *dev_name, struct path *path, 1486 char *type, unsigned long flags, void *data); 1487 int (*sb_check_sb) (struct vfsmount *mnt, struct path *path); 1488 int (*sb_umount) (struct vfsmount *mnt, int flags); 1489 void (*sb_umount_close) (struct vfsmount *mnt); 1490 void (*sb_umount_busy) (struct vfsmount *mnt); 1491 void (*sb_post_remount) (struct vfsmount *mnt, 1492 unsigned long flags, void *data); 1493 void (*sb_post_addmount) (struct vfsmount *mnt, 1494 struct path *mountpoint); 1495 int (*sb_pivotroot) (struct path *old_path, 1496 struct path *new_path); 1497 void (*sb_post_pivotroot) (struct path *old_path, 1498 struct path *new_path); 1499 int (*sb_set_mnt_opts) (struct super_block *sb, 1500 struct security_mnt_opts *opts); 1501 void (*sb_clone_mnt_opts) (const struct super_block *oldsb, 1502 struct super_block *newsb); 1503 int (*sb_parse_opts_str) (char *options, struct security_mnt_opts *opts); 1504 1505#ifdef CONFIG_SECURITY_PATH 1506 int (*path_unlink) (struct path *dir, struct dentry *dentry); 1507 int (*path_mkdir) (struct path *dir, struct dentry *dentry, int mode); 1508 int (*path_rmdir) (struct path *dir, struct dentry *dentry); 1509 int (*path_mknod) (struct path *dir, struct dentry *dentry, int mode, 1510 unsigned int dev); 1511 int (*path_truncate) (struct path *path, loff_t length, 1512 unsigned int time_attrs); 1513 int (*path_symlink) (struct path *dir, struct dentry *dentry, 1514 const char *old_name); 1515 int (*path_link) (struct dentry *old_dentry, struct path *new_dir, 1516 struct dentry *new_dentry); 1517 int (*path_rename) (struct path *old_dir, struct dentry *old_dentry, 1518 struct path *new_dir, struct dentry *new_dentry); 1519 int (*path_chmod) (struct dentry *dentry, struct vfsmount *mnt, 1520 mode_t mode); 1521 int (*path_chown) (struct path *path, uid_t uid, gid_t gid); 1522 int (*path_chroot) (struct path *path); 1523#endif 1524 1525 int (*inode_alloc_security) (struct inode *inode); 1526 void (*inode_free_security) (struct inode *inode); 1527 int (*inode_init_security) (struct inode *inode, struct inode *dir, 1528 char **name, void **value, size_t *len); 1529 int (*inode_create) (struct inode *dir, 1530 struct dentry *dentry, int mode); 1531 int (*inode_link) (struct dentry *old_dentry, 1532 struct inode *dir, struct dentry *new_dentry); 1533 int (*inode_unlink) (struct inode *dir, struct dentry *dentry); 1534 int (*inode_symlink) (struct inode *dir, 1535 struct dentry *dentry, const char *old_name); 1536 int (*inode_mkdir) (struct inode *dir, struct dentry *dentry, int mode); 1537 int (*inode_rmdir) (struct inode *dir, struct dentry *dentry); 1538 int (*inode_mknod) (struct inode *dir, struct dentry *dentry, 1539 int mode, dev_t dev); 1540 int (*inode_rename) (struct inode *old_dir, struct dentry *old_dentry, 1541 struct inode *new_dir, struct dentry *new_dentry); 1542 int (*inode_readlink) (struct dentry *dentry); 1543 int (*inode_follow_link) (struct dentry *dentry, struct nameidata *nd); 1544 int (*inode_permission) (struct inode *inode, int mask); 1545 int (*inode_setattr) (struct dentry *dentry, struct iattr *attr); 1546 int (*inode_getattr) (struct vfsmount *mnt, struct dentry *dentry); 1547 void (*inode_delete) (struct inode *inode); 1548 int (*inode_setxattr) (struct dentry *dentry, const char *name, 1549 const void *value, size_t size, int flags); 1550 void (*inode_post_setxattr) (struct dentry *dentry, const char *name, 1551 const void *value, size_t size, int flags); 1552 int (*inode_getxattr) (struct dentry *dentry, const char *name); 1553 int (*inode_listxattr) (struct dentry *dentry); 1554 int (*inode_removexattr) (struct dentry *dentry, const char *name); 1555 int (*inode_need_killpriv) (struct dentry *dentry); 1556 int (*inode_killpriv) (struct dentry *dentry); 1557 int (*inode_getsecurity) (const struct inode *inode, const char *name, void **buffer, bool alloc); 1558 int (*inode_setsecurity) (struct inode *inode, const char *name, const void *value, size_t size, int flags); 1559 int (*inode_listsecurity) (struct inode *inode, char *buffer, size_t buffer_size); 1560 void (*inode_getsecid) (const struct inode *inode, u32 *secid); 1561 1562 int (*file_permission) (struct file *file, int mask); 1563 int (*file_alloc_security) (struct file *file); 1564 void (*file_free_security) (struct file *file); 1565 int (*file_ioctl) (struct file *file, unsigned int cmd, 1566 unsigned long arg); 1567 int (*file_mmap) (struct file *file, 1568 unsigned long reqprot, unsigned long prot, 1569 unsigned long flags, unsigned long addr, 1570 unsigned long addr_only); 1571 int (*file_mprotect) (struct vm_area_struct *vma, 1572 unsigned long reqprot, 1573 unsigned long prot); 1574 int (*file_lock) (struct file *file, unsigned int cmd); 1575 int (*file_fcntl) (struct file *file, unsigned int cmd, 1576 unsigned long arg); 1577 int (*file_set_fowner) (struct file *file); 1578 int (*file_send_sigiotask) (struct task_struct *tsk, 1579 struct fown_struct *fown, int sig); 1580 int (*file_receive) (struct file *file); 1581 int (*dentry_open) (struct file *file, const struct cred *cred); 1582 1583 int (*task_create) (unsigned long clone_flags); 1584 int (*cred_alloc_blank) (struct cred *cred, gfp_t gfp); 1585 void (*cred_free) (struct cred *cred); 1586 int (*cred_prepare)(struct cred *new, const struct cred *old, 1587 gfp_t gfp); 1588 void (*cred_commit)(struct cred *new, const struct cred *old); 1589 void (*cred_transfer)(struct cred *new, const struct cred *old); 1590 int (*kernel_act_as)(struct cred *new, u32 secid); 1591 int (*kernel_create_files_as)(struct cred *new, struct inode *inode); 1592 int (*kernel_module_request)(char *kmod_name); 1593 int (*task_setuid) (uid_t id0, uid_t id1, uid_t id2, int flags); 1594 int (*task_fix_setuid) (struct cred *new, const struct cred *old, 1595 int flags); 1596 int (*task_setgid) (gid_t id0, gid_t id1, gid_t id2, int flags); 1597 int (*task_setpgid) (struct task_struct *p, pid_t pgid); 1598 int (*task_getpgid) (struct task_struct *p); 1599 int (*task_getsid) (struct task_struct *p); 1600 void (*task_getsecid) (struct task_struct *p, u32 *secid); 1601 int (*task_setgroups) (struct group_info *group_info); 1602 int (*task_setnice) (struct task_struct *p, int nice); 1603 int (*task_setioprio) (struct task_struct *p, int ioprio); 1604 int (*task_getioprio) (struct task_struct *p); 1605 int (*task_setrlimit) (unsigned int resource, struct rlimit *new_rlim); 1606 int (*task_setscheduler) (struct task_struct *p, int policy, 1607 struct sched_param *lp); 1608 int (*task_getscheduler) (struct task_struct *p); 1609 int (*task_movememory) (struct task_struct *p); 1610 int (*task_kill) (struct task_struct *p, 1611 struct siginfo *info, int sig, u32 secid); 1612 int (*task_wait) (struct task_struct *p); 1613 int (*task_prctl) (int option, unsigned long arg2, 1614 unsigned long arg3, unsigned long arg4, 1615 unsigned long arg5); 1616 void (*task_to_inode) (struct task_struct *p, struct inode *inode); 1617 1618 int (*ipc_permission) (struct kern_ipc_perm *ipcp, short flag); 1619 void (*ipc_getsecid) (struct kern_ipc_perm *ipcp, u32 *secid); 1620 1621 int (*msg_msg_alloc_security) (struct msg_msg *msg); 1622 void (*msg_msg_free_security) (struct msg_msg *msg); 1623 1624 int (*msg_queue_alloc_security) (struct msg_queue *msq); 1625 void (*msg_queue_free_security) (struct msg_queue *msq); 1626 int (*msg_queue_associate) (struct msg_queue *msq, int msqflg); 1627 int (*msg_queue_msgctl) (struct msg_queue *msq, int cmd); 1628 int (*msg_queue_msgsnd) (struct msg_queue *msq, 1629 struct msg_msg *msg, int msqflg); 1630 int (*msg_queue_msgrcv) (struct msg_queue *msq, 1631 struct msg_msg *msg, 1632 struct task_struct *target, 1633 long type, int mode); 1634 1635 int (*shm_alloc_security) (struct shmid_kernel *shp); 1636 void (*shm_free_security) (struct shmid_kernel *shp); 1637 int (*shm_associate) (struct shmid_kernel *shp, int shmflg); 1638 int (*shm_shmctl) (struct shmid_kernel *shp, int cmd); 1639 int (*shm_shmat) (struct shmid_kernel *shp, 1640 char __user *shmaddr, int shmflg); 1641 1642 int (*sem_alloc_security) (struct sem_array *sma); 1643 void (*sem_free_security) (struct sem_array *sma); 1644 int (*sem_associate) (struct sem_array *sma, int semflg); 1645 int (*sem_semctl) (struct sem_array *sma, int cmd); 1646 int (*sem_semop) (struct sem_array *sma, 1647 struct sembuf *sops, unsigned nsops, int alter); 1648 1649 int (*netlink_send) (struct sock *sk, struct sk_buff *skb); 1650 int (*netlink_recv) (struct sk_buff *skb, int cap); 1651 1652 void (*d_instantiate) (struct dentry *dentry, struct inode *inode); 1653 1654 int (*getprocattr) (struct task_struct *p, char *name, char **value); 1655 int (*setprocattr) (struct task_struct *p, char *name, void *value, size_t size); 1656 int (*secid_to_secctx) (u32 secid, char **secdata, u32 *seclen); 1657 int (*secctx_to_secid) (const char *secdata, u32 seclen, u32 *secid); 1658 void (*release_secctx) (char *secdata, u32 seclen); 1659 1660 int (*inode_notifysecctx)(struct inode *inode, void *ctx, u32 ctxlen); 1661 int (*inode_setsecctx)(struct dentry *dentry, void *ctx, u32 ctxlen); 1662 int (*inode_getsecctx)(struct inode *inode, void **ctx, u32 *ctxlen); 1663 1664#ifdef CONFIG_SECURITY_NETWORK 1665 int (*unix_stream_connect) (struct socket *sock, 1666 struct socket *other, struct sock *newsk); 1667 int (*unix_may_send) (struct socket *sock, struct socket *other); 1668 1669 int (*socket_create) (int family, int type, int protocol, int kern); 1670 int (*socket_post_create) (struct socket *sock, int family, 1671 int type, int protocol, int kern); 1672 int (*socket_bind) (struct socket *sock, 1673 struct sockaddr *address, int addrlen); 1674 int (*socket_connect) (struct socket *sock, 1675 struct sockaddr *address, int addrlen); 1676 int (*socket_listen) (struct socket *sock, int backlog); 1677 int (*socket_accept) (struct socket *sock, struct socket *newsock); 1678 int (*socket_sendmsg) (struct socket *sock, 1679 struct msghdr *msg, int size); 1680 int (*socket_recvmsg) (struct socket *sock, 1681 struct msghdr *msg, int size, int flags); 1682 int (*socket_getsockname) (struct socket *sock); 1683 int (*socket_getpeername) (struct socket *sock); 1684 int (*socket_getsockopt) (struct socket *sock, int level, int optname); 1685 int (*socket_setsockopt) (struct socket *sock, int level, int optname); 1686 int (*socket_shutdown) (struct socket *sock, int how); 1687 int (*socket_sock_rcv_skb) (struct sock *sk, struct sk_buff *skb); 1688 int (*socket_getpeersec_stream) (struct socket *sock, char __user *optval, int __user *optlen, unsigned len); 1689 int (*socket_getpeersec_dgram) (struct socket *sock, struct sk_buff *skb, u32 *secid); 1690 int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority); 1691 void (*sk_free_security) (struct sock *sk); 1692 void (*sk_clone_security) (const struct sock *sk, struct sock *newsk); 1693 void (*sk_getsecid) (struct sock *sk, u32 *secid); 1694 void (*sock_graft) (struct sock *sk, struct socket *parent); 1695 int (*inet_conn_request) (struct sock *sk, struct sk_buff *skb, 1696 struct request_sock *req); 1697 void (*inet_csk_clone) (struct sock *newsk, const struct request_sock *req); 1698 void (*inet_conn_established) (struct sock *sk, struct sk_buff *skb); 1699 void (*req_classify_flow) (const struct request_sock *req, struct flowi *fl); 1700 int (*tun_dev_create)(void); 1701 void (*tun_dev_post_create)(struct sock *sk); 1702 int (*tun_dev_attach)(struct sock *sk); 1703#endif /* CONFIG_SECURITY_NETWORK */ 1704 1705#ifdef CONFIG_SECURITY_NETWORK_XFRM 1706 int (*xfrm_policy_alloc_security) (struct xfrm_sec_ctx **ctxp, 1707 struct xfrm_user_sec_ctx *sec_ctx); 1708 int (*xfrm_policy_clone_security) (struct xfrm_sec_ctx *old_ctx, struct xfrm_sec_ctx **new_ctx); 1709 void (*xfrm_policy_free_security) (struct xfrm_sec_ctx *ctx); 1710 int (*xfrm_policy_delete_security) (struct xfrm_sec_ctx *ctx); 1711 int (*xfrm_state_alloc_security) (struct xfrm_state *x, 1712 struct xfrm_user_sec_ctx *sec_ctx, 1713 u32 secid); 1714 void (*xfrm_state_free_security) (struct xfrm_state *x); 1715 int (*xfrm_state_delete_security) (struct xfrm_state *x); 1716 int (*xfrm_policy_lookup) (struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir); 1717 int (*xfrm_state_pol_flow_match) (struct xfrm_state *x, 1718 struct xfrm_policy *xp, 1719 struct flowi *fl); 1720 int (*xfrm_decode_session) (struct sk_buff *skb, u32 *secid, int ckall); 1721#endif /* CONFIG_SECURITY_NETWORK_XFRM */ 1722 1723 /* key management security hooks */ 1724#ifdef CONFIG_KEYS 1725 int (*key_alloc) (struct key *key, const struct cred *cred, unsigned long flags); 1726 void (*key_free) (struct key *key); 1727 int (*key_permission) (key_ref_t key_ref, 1728 const struct cred *cred, 1729 key_perm_t perm); 1730 int (*key_getsecurity)(struct key *key, char **_buffer); 1731 int (*key_session_to_parent)(const struct cred *cred, 1732 const struct cred *parent_cred, 1733 struct key *key); 1734#endif /* CONFIG_KEYS */ 1735 1736#ifdef CONFIG_AUDIT 1737 int (*audit_rule_init) (u32 field, u32 op, char *rulestr, void **lsmrule); 1738 int (*audit_rule_known) (struct audit_krule *krule); 1739 int (*audit_rule_match) (u32 secid, u32 field, u32 op, void *lsmrule, 1740 struct audit_context *actx); 1741 void (*audit_rule_free) (void *lsmrule); 1742#endif /* CONFIG_AUDIT */ 1743}; 1744 1745/* prototypes */ 1746extern int security_init(void); 1747extern int security_module_enable(struct security_operations *ops); 1748extern int register_security(struct security_operations *ops); 1749 1750/* Security operations */ 1751int security_ptrace_access_check(struct task_struct *child, unsigned int mode); 1752int security_ptrace_traceme(struct task_struct *parent); 1753int security_capget(struct task_struct *target, 1754 kernel_cap_t *effective, 1755 kernel_cap_t *inheritable, 1756 kernel_cap_t *permitted); 1757int security_capset(struct cred *new, const struct cred *old, 1758 const kernel_cap_t *effective, 1759 const kernel_cap_t *inheritable, 1760 const kernel_cap_t *permitted); 1761int security_capable(int cap); 1762int security_real_capable(struct task_struct *tsk, int cap); 1763int security_real_capable_noaudit(struct task_struct *tsk, int cap); 1764int security_acct(struct file *file); 1765int security_sysctl(struct ctl_table *table, int op); 1766int security_quotactl(int cmds, int type, int id, struct super_block *sb); 1767int security_quota_on(struct dentry *dentry); 1768int security_syslog(int type, bool from_file); 1769int security_settime(struct timespec *ts, struct timezone *tz); 1770int security_vm_enough_memory(long pages); 1771int security_vm_enough_memory_mm(struct mm_struct *mm, long pages); 1772int security_vm_enough_memory_kern(long pages); 1773int security_bprm_set_creds(struct linux_binprm *bprm); 1774int security_bprm_check(struct linux_binprm *bprm); 1775void security_bprm_committing_creds(struct linux_binprm *bprm); 1776void security_bprm_committed_creds(struct linux_binprm *bprm); 1777int security_bprm_secureexec(struct linux_binprm *bprm); 1778int security_sb_alloc(struct super_block *sb); 1779void security_sb_free(struct super_block *sb); 1780int security_sb_copy_data(char *orig, char *copy); 1781int security_sb_kern_mount(struct super_block *sb, int flags, void *data); 1782int security_sb_show_options(struct seq_file *m, struct super_block *sb); 1783int security_sb_statfs(struct dentry *dentry); 1784int security_sb_mount(char *dev_name, struct path *path, 1785 char *type, unsigned long flags, void *data); 1786int security_sb_check_sb(struct vfsmount *mnt, struct path *path); 1787int security_sb_umount(struct vfsmount *mnt, int flags); 1788void security_sb_umount_close(struct vfsmount *mnt); 1789void security_sb_umount_busy(struct vfsmount *mnt); 1790void security_sb_post_remount(struct vfsmount *mnt, unsigned long flags, void *data); 1791void security_sb_post_addmount(struct vfsmount *mnt, struct path *mountpoint); 1792int security_sb_pivotroot(struct path *old_path, struct path *new_path); 1793void security_sb_post_pivotroot(struct path *old_path, struct path *new_path); 1794int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts); 1795void security_sb_clone_mnt_opts(const struct super_block *oldsb, 1796 struct super_block *newsb); 1797int security_sb_parse_opts_str(char *options, struct security_mnt_opts *opts); 1798 1799int security_inode_alloc(struct inode *inode); 1800void security_inode_free(struct inode *inode); 1801int security_inode_init_security(struct inode *inode, struct inode *dir, 1802 char **name, void **value, size_t *len); 1803int security_inode_create(struct inode *dir, struct dentry *dentry, int mode); 1804int security_inode_link(struct dentry *old_dentry, struct inode *dir, 1805 struct dentry *new_dentry); 1806int security_inode_unlink(struct inode *dir, struct dentry *dentry); 1807int security_inode_symlink(struct inode *dir, struct dentry *dentry, 1808 const char *old_name); 1809int security_inode_mkdir(struct inode *dir, struct dentry *dentry, int mode); 1810int security_inode_rmdir(struct inode *dir, struct dentry *dentry); 1811int security_inode_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev); 1812int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry, 1813 struct inode *new_dir, struct dentry *new_dentry); 1814int security_inode_readlink(struct dentry *dentry); 1815int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd); 1816int security_inode_permission(struct inode *inode, int mask); 1817int security_inode_setattr(struct dentry *dentry, struct iattr *attr); 1818int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry); 1819void security_inode_delete(struct inode *inode); 1820int security_inode_setxattr(struct dentry *dentry, const char *name, 1821 const void *value, size_t size, int flags); 1822void security_inode_post_setxattr(struct dentry *dentry, const char *name, 1823 const void *value, size_t size, int flags); 1824int security_inode_getxattr(struct dentry *dentry, const char *name); 1825int security_inode_listxattr(struct dentry *dentry); 1826int security_inode_removexattr(struct dentry *dentry, const char *name); 1827int security_inode_need_killpriv(struct dentry *dentry); 1828int security_inode_killpriv(struct dentry *dentry); 1829int security_inode_getsecurity(const struct inode *inode, const char *name, void **buffer, bool alloc); 1830int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags); 1831int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size); 1832void security_inode_getsecid(const struct inode *inode, u32 *secid); 1833int security_file_permission(struct file *file, int mask); 1834int security_file_alloc(struct file *file); 1835void security_file_free(struct file *file); 1836int security_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg); 1837int security_file_mmap(struct file *file, unsigned long reqprot, 1838 unsigned long prot, unsigned long flags, 1839 unsigned long addr, unsigned long addr_only); 1840int security_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot, 1841 unsigned long prot); 1842int security_file_lock(struct file *file, unsigned int cmd); 1843int security_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg); 1844int security_file_set_fowner(struct file *file); 1845int security_file_send_sigiotask(struct task_struct *tsk, 1846 struct fown_struct *fown, int sig); 1847int security_file_receive(struct file *file); 1848int security_dentry_open(struct file *file, const struct cred *cred); 1849int security_task_create(unsigned long clone_flags); 1850int security_cred_alloc_blank(struct cred *cred, gfp_t gfp); 1851void security_cred_free(struct cred *cred); 1852int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp); 1853void security_commit_creds(struct cred *new, const struct cred *old); 1854void security_transfer_creds(struct cred *new, const struct cred *old); 1855int security_kernel_act_as(struct cred *new, u32 secid); 1856int security_kernel_create_files_as(struct cred *new, struct inode *inode); 1857int security_kernel_module_request(char *kmod_name); 1858int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags); 1859int security_task_fix_setuid(struct cred *new, const struct cred *old, 1860 int flags); 1861int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags); 1862int security_task_setpgid(struct task_struct *p, pid_t pgid); 1863int security_task_getpgid(struct task_struct *p); 1864int security_task_getsid(struct task_struct *p); 1865void security_task_getsecid(struct task_struct *p, u32 *secid); 1866int security_task_setgroups(struct group_info *group_info); 1867int security_task_setnice(struct task_struct *p, int nice); 1868int security_task_setioprio(struct task_struct *p, int ioprio); 1869int security_task_getioprio(struct task_struct *p); 1870int security_task_setrlimit(unsigned int resource, struct rlimit *new_rlim); 1871int security_task_setscheduler(struct task_struct *p, 1872 int policy, struct sched_param *lp); 1873int security_task_getscheduler(struct task_struct *p); 1874int security_task_movememory(struct task_struct *p); 1875int security_task_kill(struct task_struct *p, struct siginfo *info, 1876 int sig, u32 secid); 1877int security_task_wait(struct task_struct *p); 1878int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, 1879 unsigned long arg4, unsigned long arg5); 1880void security_task_to_inode(struct task_struct *p, struct inode *inode); 1881int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag); 1882void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid); 1883int security_msg_msg_alloc(struct msg_msg *msg); 1884void security_msg_msg_free(struct msg_msg *msg); 1885int security_msg_queue_alloc(struct msg_queue *msq); 1886void security_msg_queue_free(struct msg_queue *msq); 1887int security_msg_queue_associate(struct msg_queue *msq, int msqflg); 1888int security_msg_queue_msgctl(struct msg_queue *msq, int cmd); 1889int security_msg_queue_msgsnd(struct msg_queue *msq, 1890 struct msg_msg *msg, int msqflg); 1891int security_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, 1892 struct task_struct *target, long type, int mode); 1893int security_shm_alloc(struct shmid_kernel *shp); 1894void security_shm_free(struct shmid_kernel *shp); 1895int security_shm_associate(struct shmid_kernel *shp, int shmflg); 1896int security_shm_shmctl(struct shmid_kernel *shp, int cmd); 1897int security_shm_shmat(struct shmid_kernel *shp, char __user *shmaddr, int shmflg); 1898int security_sem_alloc(struct sem_array *sma); 1899void security_sem_free(struct sem_array *sma); 1900int security_sem_associate(struct sem_array *sma, int semflg); 1901int security_sem_semctl(struct sem_array *sma, int cmd); 1902int security_sem_semop(struct sem_array *sma, struct sembuf *sops, 1903 unsigned nsops, int alter); 1904void security_d_instantiate(struct dentry *dentry, struct inode *inode); 1905int security_getprocattr(struct task_struct *p, char *name, char **value); 1906int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size); 1907int security_netlink_send(struct sock *sk, struct sk_buff *skb); 1908int security_netlink_recv(struct sk_buff *skb, int cap); 1909int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); 1910int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); 1911void security_release_secctx(char *secdata, u32 seclen); 1912 1913int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); 1914int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); 1915int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); 1916#else /* CONFIG_SECURITY */ 1917struct security_mnt_opts { 1918}; 1919 1920static inline void security_init_mnt_opts(struct security_mnt_opts *opts) 1921{ 1922} 1923 1924static inline void security_free_mnt_opts(struct security_mnt_opts *opts) 1925{ 1926} 1927 1928/* 1929 * This is the default capabilities functionality. Most of these functions 1930 * are just stubbed out, but a few must call the proper capable code. 1931 */ 1932 1933static inline int security_init(void) 1934{ 1935 return 0; 1936} 1937 1938static inline int security_ptrace_access_check(struct task_struct *child, 1939 unsigned int mode) 1940{ 1941 return cap_ptrace_access_check(child, mode); 1942} 1943 1944static inline int security_ptrace_traceme(struct task_struct *parent) 1945{ 1946 return cap_ptrace_traceme(parent); 1947} 1948 1949static inline int security_capget(struct task_struct *target, 1950 kernel_cap_t *effective, 1951 kernel_cap_t *inheritable, 1952 kernel_cap_t *permitted) 1953{ 1954 return cap_capget(target, effective, inheritable, permitted); 1955} 1956 1957static inline int security_capset(struct cred *new, 1958 const struct cred *old, 1959 const kernel_cap_t *effective, 1960 const kernel_cap_t *inheritable, 1961 const kernel_cap_t *permitted) 1962{ 1963 return cap_capset(new, old, effective, inheritable, permitted); 1964} 1965 1966static inline int security_capable(int cap) 1967{ 1968 return cap_capable(current, current_cred(), cap, SECURITY_CAP_AUDIT); 1969} 1970 1971static inline int security_real_capable(struct task_struct *tsk, int cap) 1972{ 1973 int ret; 1974 1975 rcu_read_lock(); 1976 ret = cap_capable(tsk, __task_cred(tsk), cap, SECURITY_CAP_AUDIT); 1977 rcu_read_unlock(); 1978 return ret; 1979} 1980 1981static inline 1982int security_real_capable_noaudit(struct task_struct *tsk, int cap) 1983{ 1984 int ret; 1985 1986 rcu_read_lock(); 1987 ret = cap_capable(tsk, __task_cred(tsk), cap, 1988 SECURITY_CAP_NOAUDIT); 1989 rcu_read_unlock(); 1990 return ret; 1991} 1992 1993static inline int security_acct(struct file *file) 1994{ 1995 return 0; 1996} 1997 1998static inline int security_sysctl(struct ctl_table *table, int op) 1999{ 2000 return 0; 2001} 2002 2003static inline int security_quotactl(int cmds, int type, int id, 2004 struct super_block *sb) 2005{ 2006 return 0; 2007} 2008 2009static inline int security_quota_on(struct dentry *dentry) 2010{ 2011 return 0; 2012} 2013 2014static inline int security_syslog(int type, bool from_file) 2015{ 2016 return cap_syslog(type, from_file); 2017} 2018 2019static inline int security_settime(struct timespec *ts, struct timezone *tz) 2020{ 2021 return cap_settime(ts, tz); 2022} 2023 2024static inline int security_vm_enough_memory(long pages) 2025{ 2026 WARN_ON(current->mm == NULL); 2027 return cap_vm_enough_memory(current->mm, pages); 2028} 2029 2030static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) 2031{ 2032 WARN_ON(mm == NULL); 2033 return cap_vm_enough_memory(mm, pages); 2034} 2035 2036static inline int security_vm_enough_memory_kern(long pages) 2037{ 2038 /* If current->mm is a kernel thread then we will pass NULL, 2039 for this specific case that is fine */ 2040 return cap_vm_enough_memory(current->mm, pages); 2041} 2042 2043static inline int security_bprm_set_creds(struct linux_binprm *bprm) 2044{ 2045 return cap_bprm_set_creds(bprm); 2046} 2047 2048static inline int security_bprm_check(struct linux_binprm *bprm) 2049{ 2050 return 0; 2051} 2052 2053static inline void security_bprm_committing_creds(struct linux_binprm *bprm) 2054{ 2055} 2056 2057static inline void security_bprm_committed_creds(struct linux_binprm *bprm) 2058{ 2059} 2060 2061static inline int security_bprm_secureexec(struct linux_binprm *bprm) 2062{ 2063 return cap_bprm_secureexec(bprm); 2064} 2065 2066static inline int security_sb_alloc(struct super_block *sb) 2067{ 2068 return 0; 2069} 2070 2071static inline void security_sb_free(struct super_block *sb) 2072{ } 2073 2074static inline int security_sb_copy_data(char *orig, char *copy) 2075{ 2076 return 0; 2077} 2078 2079static inline int security_sb_kern_mount(struct super_block *sb, int flags, void *data) 2080{ 2081 return 0; 2082} 2083 2084static inline int security_sb_show_options(struct seq_file *m, 2085 struct super_block *sb) 2086{ 2087 return 0; 2088} 2089 2090static inline int security_sb_statfs(struct dentry *dentry) 2091{ 2092 return 0; 2093} 2094 2095static inline int security_sb_mount(char *dev_name, struct path *path, 2096 char *type, unsigned long flags, 2097 void *data) 2098{ 2099 return 0; 2100} 2101 2102static inline int security_sb_check_sb(struct vfsmount *mnt, 2103 struct path *path) 2104{ 2105 return 0; 2106} 2107 2108static inline int security_sb_umount(struct vfsmount *mnt, int flags) 2109{ 2110 return 0; 2111} 2112 2113static inline void security_sb_umount_close(struct vfsmount *mnt) 2114{ } 2115 2116static inline void security_sb_umount_busy(struct vfsmount *mnt) 2117{ } 2118 2119static inline void security_sb_post_remount(struct vfsmount *mnt, 2120 unsigned long flags, void *data) 2121{ } 2122 2123static inline void security_sb_post_addmount(struct vfsmount *mnt, 2124 struct path *mountpoint) 2125{ } 2126 2127static inline int security_sb_pivotroot(struct path *old_path, 2128 struct path *new_path) 2129{ 2130 return 0; 2131} 2132 2133static inline void security_sb_post_pivotroot(struct path *old_path, 2134 struct path *new_path) 2135{ } 2136 2137static inline int security_sb_set_mnt_opts(struct super_block *sb, 2138 struct security_mnt_opts *opts) 2139{ 2140 return 0; 2141} 2142 2143static inline void security_sb_clone_mnt_opts(const struct super_block *oldsb, 2144 struct super_block *newsb) 2145{ } 2146 2147static inline int security_sb_parse_opts_str(char *options, struct security_mnt_opts *opts) 2148{ 2149 return 0; 2150} 2151 2152static inline int security_inode_alloc(struct inode *inode) 2153{ 2154 return 0; 2155} 2156 2157static inline void security_inode_free(struct inode *inode) 2158{ } 2159 2160static inline int security_inode_init_security(struct inode *inode, 2161 struct inode *dir, 2162 char **name, 2163 void **value, 2164 size_t *len) 2165{ 2166 return -EOPNOTSUPP; 2167} 2168 2169static inline int security_inode_create(struct inode *dir, 2170 struct dentry *dentry, 2171 int mode) 2172{ 2173 return 0; 2174} 2175 2176static inline int security_inode_link(struct dentry *old_dentry, 2177 struct inode *dir, 2178 struct dentry *new_dentry) 2179{ 2180 return 0; 2181} 2182 2183static inline int security_inode_unlink(struct inode *dir, 2184 struct dentry *dentry) 2185{ 2186 return 0; 2187} 2188 2189static inline int security_inode_symlink(struct inode *dir, 2190 struct dentry *dentry, 2191 const char *old_name) 2192{ 2193 return 0; 2194} 2195 2196static inline int security_inode_mkdir(struct inode *dir, 2197 struct dentry *dentry, 2198 int mode) 2199{ 2200 return 0; 2201} 2202 2203static inline int security_inode_rmdir(struct inode *dir, 2204 struct dentry *dentry) 2205{ 2206 return 0; 2207} 2208 2209static inline int security_inode_mknod(struct inode *dir, 2210 struct dentry *dentry, 2211 int mode, dev_t dev) 2212{ 2213 return 0; 2214} 2215 2216static inline int security_inode_rename(struct inode *old_dir, 2217 struct dentry *old_dentry, 2218 struct inode *new_dir, 2219 struct dentry *new_dentry) 2220{ 2221 return 0; 2222} 2223 2224static inline int security_inode_readlink(struct dentry *dentry) 2225{ 2226 return 0; 2227} 2228 2229static inline int security_inode_follow_link(struct dentry *dentry, 2230 struct nameidata *nd) 2231{ 2232 return 0; 2233} 2234 2235static inline int security_inode_permission(struct inode *inode, int mask) 2236{ 2237 return 0; 2238} 2239 2240static inline int security_inode_setattr(struct dentry *dentry, 2241 struct iattr *attr) 2242{ 2243 return 0; 2244} 2245 2246static inline int security_inode_getattr(struct vfsmount *mnt, 2247 struct dentry *dentry) 2248{ 2249 return 0; 2250} 2251 2252static inline void security_inode_delete(struct inode *inode) 2253{ } 2254 2255static inline int security_inode_setxattr(struct dentry *dentry, 2256 const char *name, const void *value, size_t size, int flags) 2257{ 2258 return cap_inode_setxattr(dentry, name, value, size, flags); 2259} 2260 2261static inline void security_inode_post_setxattr(struct dentry *dentry, 2262 const char *name, const void *value, size_t size, int flags) 2263{ } 2264 2265static inline int security_inode_getxattr(struct dentry *dentry, 2266 const char *name) 2267{ 2268 return 0; 2269} 2270 2271static inline int security_inode_listxattr(struct dentry *dentry) 2272{ 2273 return 0; 2274} 2275 2276static inline int security_inode_removexattr(struct dentry *dentry, 2277 const char *name) 2278{ 2279 return cap_inode_removexattr(dentry, name); 2280} 2281 2282static inline int security_inode_need_killpriv(struct dentry *dentry) 2283{ 2284 return cap_inode_need_killpriv(dentry); 2285} 2286 2287static inline int security_inode_killpriv(struct dentry *dentry) 2288{ 2289 return cap_inode_killpriv(dentry); 2290} 2291 2292static inline int security_inode_getsecurity(const struct inode *inode, const char *name, void **buffer, bool alloc) 2293{ 2294 return -EOPNOTSUPP; 2295} 2296 2297static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags) 2298{ 2299 return -EOPNOTSUPP; 2300} 2301 2302static inline int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size) 2303{ 2304 return 0; 2305} 2306 2307static inline void security_inode_getsecid(const struct inode *inode, u32 *secid) 2308{ 2309 *secid = 0; 2310} 2311 2312static inline int security_file_permission(struct file *file, int mask) 2313{ 2314 return 0; 2315} 2316 2317static inline int security_file_alloc(struct file *file) 2318{ 2319 return 0; 2320} 2321 2322static inline void security_file_free(struct file *file) 2323{ } 2324 2325static inline int security_file_ioctl(struct file *file, unsigned int cmd, 2326 unsigned long arg) 2327{ 2328 return 0; 2329} 2330 2331static inline int security_file_mmap(struct file *file, unsigned long reqprot, 2332 unsigned long prot, 2333 unsigned long flags, 2334 unsigned long addr, 2335 unsigned long addr_only) 2336{ 2337 return cap_file_mmap(file, reqprot, prot, flags, addr, addr_only); 2338} 2339 2340static inline int security_file_mprotect(struct vm_area_struct *vma, 2341 unsigned long reqprot, 2342 unsigned long prot) 2343{ 2344 return 0; 2345} 2346 2347static inline int security_file_lock(struct file *file, unsigned int cmd) 2348{ 2349 return 0; 2350} 2351 2352static inline int security_file_fcntl(struct file *file, unsigned int cmd, 2353 unsigned long arg) 2354{ 2355 return 0; 2356} 2357 2358static inline int security_file_set_fowner(struct file *file) 2359{ 2360 return 0; 2361} 2362 2363static inline int security_file_send_sigiotask(struct task_struct *tsk, 2364 struct fown_struct *fown, 2365 int sig) 2366{ 2367 return 0; 2368} 2369 2370static inline int security_file_receive(struct file *file) 2371{ 2372 return 0; 2373} 2374 2375static inline int security_dentry_open(struct file *file, 2376 const struct cred *cred) 2377{ 2378 return 0; 2379} 2380 2381static inline int security_task_create(unsigned long clone_flags) 2382{ 2383 return 0; 2384} 2385 2386static inline int security_cred_alloc_blank(struct cred *cred, gfp_t gfp) 2387{ 2388 return 0; 2389} 2390 2391static inline void security_cred_free(struct cred *cred) 2392{ } 2393 2394static inline int security_prepare_creds(struct cred *new, 2395 const struct cred *old, 2396 gfp_t gfp) 2397{ 2398 return 0; 2399} 2400 2401static inline void security_commit_creds(struct cred *new, 2402 const struct cred *old) 2403{ 2404} 2405 2406static inline void security_transfer_creds(struct cred *new, 2407 const struct cred *old) 2408{ 2409} 2410 2411static inline int security_kernel_act_as(struct cred *cred, u32 secid) 2412{ 2413 return 0; 2414} 2415 2416static inline int security_kernel_create_files_as(struct cred *cred, 2417 struct inode *inode) 2418{ 2419 return 0; 2420} 2421 2422static inline int security_kernel_module_request(char *kmod_name) 2423{ 2424 return 0; 2425} 2426 2427static inline int security_task_setuid(uid_t id0, uid_t id1, uid_t id2, 2428 int flags) 2429{ 2430 return 0; 2431} 2432 2433static inline int security_task_fix_setuid(struct cred *new, 2434 const struct cred *old, 2435 int flags) 2436{ 2437 return cap_task_fix_setuid(new, old, flags); 2438} 2439 2440static inline int security_task_setgid(gid_t id0, gid_t id1, gid_t id2, 2441 int flags) 2442{ 2443 return 0; 2444} 2445 2446static inline int security_task_setpgid(struct task_struct *p, pid_t pgid) 2447{ 2448 return 0; 2449} 2450 2451static inline int security_task_getpgid(struct task_struct *p) 2452{ 2453 return 0; 2454} 2455 2456static inline int security_task_getsid(struct task_struct *p) 2457{ 2458 return 0; 2459} 2460 2461static inline void security_task_getsecid(struct task_struct *p, u32 *secid) 2462{ 2463 *secid = 0; 2464} 2465 2466static inline int security_task_setgroups(struct group_info *group_info) 2467{ 2468 return 0; 2469} 2470 2471static inline int security_task_setnice(struct task_struct *p, int nice) 2472{ 2473 return cap_task_setnice(p, nice); 2474} 2475 2476static inline int security_task_setioprio(struct task_struct *p, int ioprio) 2477{ 2478 return cap_task_setioprio(p, ioprio); 2479} 2480 2481static inline int security_task_getioprio(struct task_struct *p) 2482{ 2483 return 0; 2484} 2485 2486static inline int security_task_setrlimit(unsigned int resource, 2487 struct rlimit *new_rlim) 2488{ 2489 return 0; 2490} 2491 2492static inline int security_task_setscheduler(struct task_struct *p, 2493 int policy, 2494 struct sched_param *lp) 2495{ 2496 return cap_task_setscheduler(p, policy, lp); 2497} 2498 2499static inline int security_task_getscheduler(struct task_struct *p) 2500{ 2501 return 0; 2502} 2503 2504static inline int security_task_movememory(struct task_struct *p) 2505{ 2506 return 0; 2507} 2508 2509static inline int security_task_kill(struct task_struct *p, 2510 struct siginfo *info, int sig, 2511 u32 secid) 2512{ 2513 return 0; 2514} 2515 2516static inline int security_task_wait(struct task_struct *p) 2517{ 2518 return 0; 2519} 2520 2521static inline int security_task_prctl(int option, unsigned long arg2, 2522 unsigned long arg3, 2523 unsigned long arg4, 2524 unsigned long arg5) 2525{ 2526 return cap_task_prctl(option, arg2, arg3, arg3, arg5); 2527} 2528 2529static inline void security_task_to_inode(struct task_struct *p, struct inode *inode) 2530{ } 2531 2532static inline int security_ipc_permission(struct kern_ipc_perm *ipcp, 2533 short flag) 2534{ 2535 return 0; 2536} 2537 2538static inline void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) 2539{ 2540 *secid = 0; 2541} 2542 2543static inline int security_msg_msg_alloc(struct msg_msg *msg) 2544{ 2545 return 0; 2546} 2547 2548static inline void security_msg_msg_free(struct msg_msg *msg) 2549{ } 2550 2551static inline int security_msg_queue_alloc(struct msg_queue *msq) 2552{ 2553 return 0; 2554} 2555 2556static inline void security_msg_queue_free(struct msg_queue *msq) 2557{ } 2558 2559static inline int security_msg_queue_associate(struct msg_queue *msq, 2560 int msqflg) 2561{ 2562 return 0; 2563} 2564 2565static inline int security_msg_queue_msgctl(struct msg_queue *msq, int cmd) 2566{ 2567 return 0; 2568} 2569 2570static inline int security_msg_queue_msgsnd(struct msg_queue *msq, 2571 struct msg_msg *msg, int msqflg) 2572{ 2573 return 0; 2574} 2575 2576static inline int security_msg_queue_msgrcv(struct msg_queue *msq, 2577 struct msg_msg *msg, 2578 struct task_struct *target, 2579 long type, int mode) 2580{ 2581 return 0; 2582} 2583 2584static inline int security_shm_alloc(struct shmid_kernel *shp) 2585{ 2586 return 0; 2587} 2588 2589static inline void security_shm_free(struct shmid_kernel *shp) 2590{ } 2591 2592static inline int security_shm_associate(struct shmid_kernel *shp, 2593 int shmflg) 2594{ 2595 return 0; 2596} 2597 2598static inline int security_shm_shmctl(struct shmid_kernel *shp, int cmd) 2599{ 2600 return 0; 2601} 2602 2603static inline int security_shm_shmat(struct shmid_kernel *shp, 2604 char __user *shmaddr, int shmflg) 2605{ 2606 return 0; 2607} 2608 2609static inline int security_sem_alloc(struct sem_array *sma) 2610{ 2611 return 0; 2612} 2613 2614static inline void security_sem_free(struct sem_array *sma) 2615{ } 2616 2617static inline int security_sem_associate(struct sem_array *sma, int semflg) 2618{ 2619 return 0; 2620} 2621 2622static inline int security_sem_semctl(struct sem_array *sma, int cmd) 2623{ 2624 return 0; 2625} 2626 2627static inline int security_sem_semop(struct sem_array *sma, 2628 struct sembuf *sops, unsigned nsops, 2629 int alter) 2630{ 2631 return 0; 2632} 2633 2634static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) 2635{ } 2636 2637static inline int security_getprocattr(struct task_struct *p, char *name, char **value) 2638{ 2639 return -EINVAL; 2640} 2641 2642static inline int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size) 2643{ 2644 return -EINVAL; 2645} 2646 2647static inline int security_netlink_send(struct sock *sk, struct sk_buff *skb) 2648{ 2649 return cap_netlink_send(sk, skb); 2650} 2651 2652static inline int security_netlink_recv(struct sk_buff *skb, int cap) 2653{ 2654 return cap_netlink_recv(skb, cap); 2655} 2656 2657static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) 2658{ 2659 return -EOPNOTSUPP; 2660} 2661 2662static inline int security_secctx_to_secid(const char *secdata, 2663 u32 seclen, 2664 u32 *secid) 2665{ 2666 return -EOPNOTSUPP; 2667} 2668 2669static inline void security_release_secctx(char *secdata, u32 seclen) 2670{ 2671} 2672 2673static inline int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) 2674{ 2675 return -EOPNOTSUPP; 2676} 2677static inline int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) 2678{ 2679 return -EOPNOTSUPP; 2680} 2681static inline int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) 2682{ 2683 return -EOPNOTSUPP; 2684} 2685#endif /* CONFIG_SECURITY */ 2686 2687#ifdef CONFIG_SECURITY_NETWORK 2688 2689int security_unix_stream_connect(struct socket *sock, struct socket *other, 2690 struct sock *newsk); 2691int security_unix_may_send(struct socket *sock, struct socket *other); 2692int security_socket_create(int family, int type, int protocol, int kern); 2693int security_socket_post_create(struct socket *sock, int family, 2694 int type, int protocol, int kern); 2695int security_socket_bind(struct socket *sock, struct sockaddr *address, int addrlen); 2696int security_socket_connect(struct socket *sock, struct sockaddr *address, int addrlen); 2697int security_socket_listen(struct socket *sock, int backlog); 2698int security_socket_accept(struct socket *sock, struct socket *newsock); 2699int security_socket_sendmsg(struct socket *sock, struct msghdr *msg, int size); 2700int security_socket_recvmsg(struct socket *sock, struct msghdr *msg, 2701 int size, int flags); 2702int security_socket_getsockname(struct socket *sock); 2703int security_socket_getpeername(struct socket *sock); 2704int security_socket_getsockopt(struct socket *sock, int level, int optname); 2705int security_socket_setsockopt(struct socket *sock, int level, int optname); 2706int security_socket_shutdown(struct socket *sock, int how); 2707int security_sock_rcv_skb(struct sock *sk, struct sk_buff *skb); 2708int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, 2709 int __user *optlen, unsigned len); 2710int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid); 2711int security_sk_alloc(struct sock *sk, int family, gfp_t priority); 2712void security_sk_free(struct sock *sk); 2713void security_sk_clone(const struct sock *sk, struct sock *newsk); 2714void security_sk_classify_flow(struct sock *sk, struct flowi *fl); 2715void security_req_classify_flow(const struct request_sock *req, struct flowi *fl); 2716void security_sock_graft(struct sock*sk, struct socket *parent); 2717int security_inet_conn_request(struct sock *sk, 2718 struct sk_buff *skb, struct request_sock *req); 2719void security_inet_csk_clone(struct sock *newsk, 2720 const struct request_sock *req); 2721void security_inet_conn_established(struct sock *sk, 2722 struct sk_buff *skb); 2723int security_tun_dev_create(void); 2724void security_tun_dev_post_create(struct sock *sk); 2725int security_tun_dev_attach(struct sock *sk); 2726 2727#else /* CONFIG_SECURITY_NETWORK */ 2728static inline int security_unix_stream_connect(struct socket *sock, 2729 struct socket *other, 2730 struct sock *newsk) 2731{ 2732 return 0; 2733} 2734 2735static inline int security_unix_may_send(struct socket *sock, 2736 struct socket *other) 2737{ 2738 return 0; 2739} 2740 2741static inline int security_socket_create(int family, int type, 2742 int protocol, int kern) 2743{ 2744 return 0; 2745} 2746 2747static inline int security_socket_post_create(struct socket *sock, 2748 int family, 2749 int type, 2750 int protocol, int kern) 2751{ 2752 return 0; 2753} 2754 2755static inline int security_socket_bind(struct socket *sock, 2756 struct sockaddr *address, 2757 int addrlen) 2758{ 2759 return 0; 2760} 2761 2762static inline int security_socket_connect(struct socket *sock, 2763 struct sockaddr *address, 2764 int addrlen) 2765{ 2766 return 0; 2767} 2768 2769static inline int security_socket_listen(struct socket *sock, int backlog) 2770{ 2771 return 0; 2772} 2773 2774static inline int security_socket_accept(struct socket *sock, 2775 struct socket *newsock) 2776{ 2777 return 0; 2778} 2779 2780static inline int security_socket_sendmsg(struct socket *sock, 2781 struct msghdr *msg, int size) 2782{ 2783 return 0; 2784} 2785 2786static inline int security_socket_recvmsg(struct socket *sock, 2787 struct msghdr *msg, int size, 2788 int flags) 2789{ 2790 return 0; 2791} 2792 2793static inline int security_socket_getsockname(struct socket *sock) 2794{ 2795 return 0; 2796} 2797 2798static inline int security_socket_getpeername(struct socket *sock) 2799{ 2800 return 0; 2801} 2802 2803static inline int security_socket_getsockopt(struct socket *sock, 2804 int level, int optname) 2805{ 2806 return 0; 2807} 2808 2809static inline int security_socket_setsockopt(struct socket *sock, 2810 int level, int optname) 2811{ 2812 return 0; 2813} 2814 2815static inline int security_socket_shutdown(struct socket *sock, int how) 2816{ 2817 return 0; 2818} 2819static inline int security_sock_rcv_skb(struct sock *sk, 2820 struct sk_buff *skb) 2821{ 2822 return 0; 2823} 2824 2825static inline int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, 2826 int __user *optlen, unsigned len) 2827{ 2828 return -ENOPROTOOPT; 2829} 2830 2831static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) 2832{ 2833 return -ENOPROTOOPT; 2834} 2835 2836static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority) 2837{ 2838 return 0; 2839} 2840 2841static inline void security_sk_free(struct sock *sk) 2842{ 2843} 2844 2845static inline void security_sk_clone(const struct sock *sk, struct sock *newsk) 2846{ 2847} 2848 2849static inline void security_sk_classify_flow(struct sock *sk, struct flowi *fl) 2850{ 2851} 2852 2853static inline void security_req_classify_flow(const struct request_sock *req, struct flowi *fl) 2854{ 2855} 2856 2857static inline void security_sock_graft(struct sock *sk, struct socket *parent) 2858{ 2859} 2860 2861static inline int security_inet_conn_request(struct sock *sk, 2862 struct sk_buff *skb, struct request_sock *req) 2863{ 2864 return 0; 2865} 2866 2867static inline void security_inet_csk_clone(struct sock *newsk, 2868 const struct request_sock *req) 2869{ 2870} 2871 2872static inline void security_inet_conn_established(struct sock *sk, 2873 struct sk_buff *skb) 2874{ 2875} 2876 2877static inline int security_tun_dev_create(void) 2878{ 2879 return 0; 2880} 2881 2882static inline void security_tun_dev_post_create(struct sock *sk) 2883{ 2884} 2885 2886static inline int security_tun_dev_attach(struct sock *sk) 2887{ 2888 return 0; 2889} 2890#endif /* CONFIG_SECURITY_NETWORK */ 2891 2892#ifdef CONFIG_SECURITY_NETWORK_XFRM 2893 2894int security_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp, struct xfrm_user_sec_ctx *sec_ctx); 2895int security_xfrm_policy_clone(struct xfrm_sec_ctx *old_ctx, struct xfrm_sec_ctx **new_ctxp); 2896void security_xfrm_policy_free(struct xfrm_sec_ctx *ctx); 2897int security_xfrm_policy_delete(struct xfrm_sec_ctx *ctx); 2898int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx); 2899int security_xfrm_state_alloc_acquire(struct xfrm_state *x, 2900 struct xfrm_sec_ctx *polsec, u32 secid); 2901int security_xfrm_state_delete(struct xfrm_state *x); 2902void security_xfrm_state_free(struct xfrm_state *x); 2903int security_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir); 2904int security_xfrm_state_pol_flow_match(struct xfrm_state *x, 2905 struct xfrm_policy *xp, struct flowi *fl); 2906int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid); 2907void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl); 2908 2909#else /* CONFIG_SECURITY_NETWORK_XFRM */ 2910 2911static inline int security_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp, struct xfrm_user_sec_ctx *sec_ctx) 2912{ 2913 return 0; 2914} 2915 2916static inline int security_xfrm_policy_clone(struct xfrm_sec_ctx *old, struct xfrm_sec_ctx **new_ctxp) 2917{ 2918 return 0; 2919} 2920 2921static inline void security_xfrm_policy_free(struct xfrm_sec_ctx *ctx) 2922{ 2923} 2924 2925static inline int security_xfrm_policy_delete(struct xfrm_sec_ctx *ctx) 2926{ 2927 return 0; 2928} 2929 2930static inline int security_xfrm_state_alloc(struct xfrm_state *x, 2931 struct xfrm_user_sec_ctx *sec_ctx) 2932{ 2933 return 0; 2934} 2935 2936static inline int security_xfrm_state_alloc_acquire(struct xfrm_state *x, 2937 struct xfrm_sec_ctx *polsec, u32 secid) 2938{ 2939 return 0; 2940} 2941 2942static inline void security_xfrm_state_free(struct xfrm_state *x) 2943{ 2944} 2945 2946static inline int security_xfrm_state_delete(struct xfrm_state *x) 2947{ 2948 return 0; 2949} 2950 2951static inline int security_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir) 2952{ 2953 return 0; 2954} 2955 2956static inline int security_xfrm_state_pol_flow_match(struct xfrm_state *x, 2957 struct xfrm_policy *xp, struct flowi *fl) 2958{ 2959 return 1; 2960} 2961 2962static inline int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid) 2963{ 2964 return 0; 2965} 2966 2967static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl) 2968{ 2969} 2970 2971#endif /* CONFIG_SECURITY_NETWORK_XFRM */ 2972 2973#ifdef CONFIG_SECURITY_PATH 2974int security_path_unlink(struct path *dir, struct dentry *dentry); 2975int security_path_mkdir(struct path *dir, struct dentry *dentry, int mode); 2976int security_path_rmdir(struct path *dir, struct dentry *dentry); 2977int security_path_mknod(struct path *dir, struct dentry *dentry, int mode, 2978 unsigned int dev); 2979int security_path_truncate(struct path *path, loff_t length, 2980 unsigned int time_attrs); 2981int security_path_symlink(struct path *dir, struct dentry *dentry, 2982 const char *old_name); 2983int security_path_link(struct dentry *old_dentry, struct path *new_dir, 2984 struct dentry *new_dentry); 2985int security_path_rename(struct path *old_dir, struct dentry *old_dentry, 2986 struct path *new_dir, struct dentry *new_dentry); 2987int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt, 2988 mode_t mode); 2989int security_path_chown(struct path *path, uid_t uid, gid_t gid); 2990int security_path_chroot(struct path *path); 2991#else /* CONFIG_SECURITY_PATH */ 2992static inline int security_path_unlink(struct path *dir, struct dentry *dentry) 2993{ 2994 return 0; 2995} 2996 2997static inline int security_path_mkdir(struct path *dir, struct dentry *dentry, 2998 int mode) 2999{ 3000 return 0; 3001} 3002 3003static inline int security_path_rmdir(struct path *dir, struct dentry *dentry) 3004{ 3005 return 0; 3006} 3007 3008static inline int security_path_mknod(struct path *dir, struct dentry *dentry, 3009 int mode, unsigned int dev) 3010{ 3011 return 0; 3012} 3013 3014static inline int security_path_truncate(struct path *path, loff_t length, 3015 unsigned int time_attrs) 3016{ 3017 return 0; 3018} 3019 3020static inline int security_path_symlink(struct path *dir, struct dentry *dentry, 3021 const char *old_name) 3022{ 3023 return 0; 3024} 3025 3026static inline int security_path_link(struct dentry *old_dentry, 3027 struct path *new_dir, 3028 struct dentry *new_dentry) 3029{ 3030 return 0; 3031} 3032 3033static inline int security_path_rename(struct path *old_dir, 3034 struct dentry *old_dentry, 3035 struct path *new_dir, 3036 struct dentry *new_dentry) 3037{ 3038 return 0; 3039} 3040 3041static inline int security_path_chmod(struct dentry *dentry, 3042 struct vfsmount *mnt, 3043 mode_t mode) 3044{ 3045 return 0; 3046} 3047 3048static inline int security_path_chown(struct path *path, uid_t uid, gid_t gid) 3049{ 3050 return 0; 3051} 3052 3053static inline int security_path_chroot(struct path *path) 3054{ 3055 return 0; 3056} 3057#endif /* CONFIG_SECURITY_PATH */ 3058 3059#ifdef CONFIG_KEYS 3060#ifdef CONFIG_SECURITY 3061 3062int security_key_alloc(struct key *key, const struct cred *cred, unsigned long flags); 3063void security_key_free(struct key *key); 3064int security_key_permission(key_ref_t key_ref, 3065 const struct cred *cred, key_perm_t perm); 3066int security_key_getsecurity(struct key *key, char **_buffer); 3067int security_key_session_to_parent(const struct cred *cred, 3068 const struct cred *parent_cred, 3069 struct key *key); 3070 3071#else 3072 3073static inline int security_key_alloc(struct key *key, 3074 const struct cred *cred, 3075 unsigned long flags) 3076{ 3077 return 0; 3078} 3079 3080static inline void security_key_free(struct key *key) 3081{ 3082} 3083 3084static inline int security_key_permission(key_ref_t key_ref, 3085 const struct cred *cred, 3086 key_perm_t perm) 3087{ 3088 return 0; 3089} 3090 3091static inline int security_key_getsecurity(struct key *key, char **_buffer) 3092{ 3093 *_buffer = NULL; 3094 return 0; 3095} 3096 3097static inline int security_key_session_to_parent(const struct cred *cred, 3098 const struct cred *parent_cred, 3099 struct key *key) 3100{ 3101 return 0; 3102} 3103 3104#endif 3105#endif /* CONFIG_KEYS */ 3106 3107#ifdef CONFIG_AUDIT 3108#ifdef CONFIG_SECURITY 3109int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule); 3110int security_audit_rule_known(struct audit_krule *krule); 3111int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule, 3112 struct audit_context *actx); 3113void security_audit_rule_free(void *lsmrule); 3114 3115#else 3116 3117static inline int security_audit_rule_init(u32 field, u32 op, char *rulestr, 3118 void **lsmrule) 3119{ 3120 return 0; 3121} 3122 3123static inline int security_audit_rule_known(struct audit_krule *krule) 3124{ 3125 return 0; 3126} 3127 3128static inline int security_audit_rule_match(u32 secid, u32 field, u32 op, 3129 void *lsmrule, struct audit_context *actx) 3130{ 3131 return 0; 3132} 3133 3134static inline void security_audit_rule_free(void *lsmrule) 3135{ } 3136 3137#endif /* CONFIG_SECURITY */ 3138#endif /* CONFIG_AUDIT */ 3139 3140#ifdef CONFIG_SECURITYFS 3141 3142extern struct dentry *securityfs_create_file(const char *name, mode_t mode, 3143 struct dentry *parent, void *data, 3144 const struct file_operations *fops); 3145extern struct dentry *securityfs_create_dir(const char *name, struct dentry *parent); 3146extern void securityfs_remove(struct dentry *dentry); 3147 3148#else /* CONFIG_SECURITYFS */ 3149 3150static inline struct dentry *securityfs_create_dir(const char *name, 3151 struct dentry *parent) 3152{ 3153 return ERR_PTR(-ENODEV); 3154} 3155 3156static inline struct dentry *securityfs_create_file(const char *name, 3157 mode_t mode, 3158 struct dentry *parent, 3159 void *data, 3160 const struct file_operations *fops) 3161{ 3162 return ERR_PTR(-ENODEV); 3163} 3164 3165static inline void securityfs_remove(struct dentry *dentry) 3166{} 3167 3168#endif 3169 3170#ifdef CONFIG_SECURITY 3171 3172static inline char *alloc_secdata(void) 3173{ 3174 return (char *)get_zeroed_page(GFP_KERNEL); 3175} 3176 3177static inline void free_secdata(void *secdata) 3178{ 3179 free_page((unsigned long)secdata); 3180} 3181 3182#else 3183 3184static inline char *alloc_secdata(void) 3185{ 3186 return (char *)1; 3187} 3188 3189static inline void free_secdata(void *secdata) 3190{ } 3191#endif /* CONFIG_SECURITY */ 3192 3193#endif /* ! __LINUX_SECURITY_H */ 3194