#include <linux/signal.h>
#include <linux/resource.h>
#include <linux/sem.h>
-#include <linux/sysctl.h>
#include <linux/shm.h>
#include <linux/msg.h>
#include <linux/sched.h>
-#include <linux/skbuff.h>
-#include <linux/netlink.h>
+
+struct ctl_table;
/*
* These functions are in security/capability.c and are used
* as the default capabilities functions
*/
extern int cap_capable (struct task_struct *tsk, int cap);
+extern int cap_settime (struct timespec *ts, struct timezone *tz);
extern int cap_ptrace (struct task_struct *parent, struct task_struct *child);
extern int cap_capget (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted);
extern int cap_capset_check (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted);
extern int cap_syslog (int type);
extern int cap_vm_enough_memory (long pages);
-static inline int cap_netlink_send (struct sock *sk, struct sk_buff *skb)
-{
- NETLINK_CB (skb).eff_cap = current->cap_effective;
- return 0;
-}
+struct msghdr;
+struct sk_buff;
+struct sock;
+struct sockaddr;
+struct socket;
-static inline int cap_netlink_recv (struct sk_buff *skb)
-{
- if (!cap_raised (NETLINK_CB (skb).eff_cap, CAP_NET_ADMIN))
- return -EPERM;
- return 0;
-}
+extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb);
+extern int cap_netlink_recv(struct sk_buff *skb);
/*
* Values used in the task_security_ops calls
* and the information saved in @bprm->security by the set_security hook.
* Since this hook function (and its caller) are void, this hook can not
* return an error. However, it can leave the security attributes of the
- * process unchanged if an access failure occurs at this point. It can
- * also perform other state changes on the process (e.g. closing open
- * file descriptors to which access is no longer granted if the attributes
- * were changed).
+ * process unchanged if an access failure occurs at this point.
* bprm_apply_creds is called under task_lock. @unsafe indicates various
* reasons why it may be unsafe to change security state.
* @bprm contains the linux_binprm structure.
+ * @bprm_post_apply_creds:
+ * Runs after bprm_apply_creds with the task_lock dropped, so that
+ * functions which cannot be called safely under the task_lock can
+ * be used. This hook is a good place to perform state changes on
+ * the process such as closing open file descriptors to which access
+ * is no longer granted if the attributes were changed.
+ * Note that a security module might need to save state between
+ * bprm_apply_creds and bprm_post_apply_creds to store the decision
+ * on whether the process may proceed.
+ * @bprm contains the linux_binprm structure.
* @bprm_set_security:
* Save security information in the bprm->security field, typically based
* on information about the bprm->file, for later use by the apply_creds
* Return 0 if permission is granted.
* @inode_getsecurity:
* Copy the extended attribute representation of the security label
- * associated with @name for @dentry into @buffer. @buffer may be
+ * associated with @name for @inode into @buffer. @buffer may be
* NULL to request the size of the buffer required. @size indicates
* the size of @buffer in bytes. Note that @name is the remainder
* of the attribute name after the security. prefix has been removed.
* Return number of bytes used/required on success.
* @inode_setsecurity:
- * Set the security label associated with @name for @dentry from the
+ * Set the security label associated with @name for @inode from the
* extended attribute value @value. @size indicates the size of the
* @value in bytes. @flags may be XATTR_CREATE, XATTR_REPLACE, or 0.
* Note that @name is the remainder of the attribute name after the
* Return 0 on success.
* @inode_listsecurity:
* Copy the extended attribute names for the security labels
- * associated with @dentry into @buffer. @buffer may be NULL to
- * request the size of the buffer required.
+ * associated with @inode into @buffer. The maximum size of @buffer
+ * is specified by @buffer_size. @buffer may be NULL to request
+ * the size of the buffer required.
* Returns number of bytes used/required on success.
*
* Security hooks for file operations
* @file contains the file structure to update.
* Return 0 on success.
* @file_send_sigiotask:
- * Check permission for the file owner @fown to send SIGIO to the process
- * @tsk. Note that this hook is always called from interrupt. Note that
- * the fown_struct, @fown, is never outside the context of a struct file,
- * so the file structure (and associated security information) can always
- * be obtained:
+ * Check permission for the file owner @fown to send SIGIO or SIGURG to the
+ * process @tsk. Note that this hook is sometimes called from interrupt.
+ * Note that the fown_struct, @fown, is never outside the context of a
+ * struct file, so the file structure (and associated security information)
+ * can always be obtained:
* (struct file *)((long)fown - offsetof(struct file,f_owner));
* @tsk contains the structure of task receiving signal.
* @fown contains the file owner information.
- * @fd contains the file descriptor.
- * @reason contains the operational flags.
+ * @sig is the signal that will be sent. When 0, kernel sends SIGIO.
* Return 0 if permission is granted.
* @file_receive:
* This hook allows security modules to control the ability of a process
* @task_setrlimit:
* Check permission before setting the resource limits of the current
* process for @resource to @new_rlim. The old resource limit values can
- * be examined by dereferencing (current->rlim + resource).
+ * be examined by dereferencing (current->signal->rlim + resource).
* @resource contains the resource whose limit is being set.
* @new_rlim contains the new limits for @resource.
* Return 0 if permission is granted.
* See the syslog(2) manual page for an explanation of the @type values.
* @type contains the type of action.
* Return 0 if permission is granted.
+ * @settime:
+ * Check permission to change the system time.
+ * struct timespec and timezone are defined in include/linux/time.h
+ * @ts contains new time
+ * @tz contains new timezone
+ * Return 0 if permission is granted.
* @vm_enough_memory:
* Check permissions for allocating a new virtual mapping.
* @pages contains the number of pages.
kernel_cap_t * inheritable,
kernel_cap_t * permitted);
int (*acct) (struct file * file);
- int (*sysctl) (ctl_table * table, int op);
+ int (*sysctl) (struct ctl_table * table, int op);
int (*capable) (struct task_struct * tsk, int cap);
int (*quotactl) (int cmds, int type, int id, struct super_block * sb);
- int (*quota_on) (struct file * f);
+ int (*quota_on) (struct dentry * dentry);
int (*syslog) (int type);
+ int (*settime) (struct timespec *ts, struct timezone *tz);
int (*vm_enough_memory) (long pages);
int (*bprm_alloc_security) (struct linux_binprm * bprm);
void (*bprm_free_security) (struct linux_binprm * bprm);
void (*bprm_apply_creds) (struct linux_binprm * bprm, int unsafe);
+ void (*bprm_post_apply_creds) (struct linux_binprm * bprm);
int (*bprm_set_security) (struct linux_binprm * bprm);
int (*bprm_check_security) (struct linux_binprm * bprm);
int (*bprm_secureexec) (struct linux_binprm * bprm);
int (*inode_getxattr) (struct dentry *dentry, char *name);
int (*inode_listxattr) (struct dentry *dentry);
int (*inode_removexattr) (struct dentry *dentry, char *name);
- int (*inode_getsecurity)(struct dentry *dentry, const char *name, void *buffer, size_t size);
- int (*inode_setsecurity)(struct dentry *dentry, const char *name, const void *value, size_t size, int flags);
- int (*inode_listsecurity)(struct dentry *dentry, char *buffer);
+ int (*inode_getsecurity)(struct inode *inode, const char *name, void *buffer, size_t size);
+ int (*inode_setsecurity)(struct inode *inode, const char *name, const void *value, size_t size, int flags);
+ int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t buffer_size);
int (*file_permission) (struct file * file, int mask);
int (*file_alloc_security) (struct file * file);
unsigned long arg);
int (*file_set_fowner) (struct file * file);
int (*file_send_sigiotask) (struct task_struct * tsk,
- struct fown_struct * fown,
- int fd, int reason);
+ struct fown_struct * fown, int sig);
int (*file_receive) (struct file * file);
int (*task_create) (unsigned long clone_flags);
return security_ops->acct (file);
}
-static inline int security_sysctl(ctl_table * table, int op)
+static inline int security_sysctl(struct ctl_table *table, int op)
{
return security_ops->sysctl(table, op);
}
return security_ops->quotactl (cmds, type, id, sb);
}
-static inline int security_quota_on (struct file * file)
+static inline int security_quota_on (struct dentry * dentry)
{
- return security_ops->quota_on (file);
+ return security_ops->quota_on (dentry);
}
static inline int security_syslog(int type)
return security_ops->syslog(type);
}
+static inline int security_settime(struct timespec *ts, struct timezone *tz)
+{
+ return security_ops->settime(ts, tz);
+}
+
+
static inline int security_vm_enough_memory(long pages)
{
return security_ops->vm_enough_memory(pages);
{
security_ops->bprm_apply_creds (bprm, unsafe);
}
+static inline void security_bprm_post_apply_creds (struct linux_binprm *bprm)
+{
+ security_ops->bprm_post_apply_creds (bprm);
+}
static inline int security_bprm_set (struct linux_binprm *bprm)
{
return security_ops->bprm_set_security (bprm);
return security_ops->inode_removexattr (dentry, name);
}
-static inline int security_inode_getsecurity(struct dentry *dentry, const char *name, void *buffer, size_t size)
+static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size)
{
- return security_ops->inode_getsecurity(dentry, name, buffer, size);
+ return security_ops->inode_getsecurity(inode, name, buffer, size);
}
-static inline int security_inode_setsecurity(struct dentry *dentry, const char *name, const void *value, size_t size, int flags)
+static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
{
- return security_ops->inode_setsecurity(dentry, name, value, size, flags);
+ return security_ops->inode_setsecurity(inode, name, value, size, flags);
}
-static inline int security_inode_listsecurity(struct dentry *dentry, char *buffer)
+static inline int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)
{
- return security_ops->inode_listsecurity(dentry, buffer);
+ return security_ops->inode_listsecurity(inode, buffer, buffer_size);
}
static inline int security_file_permission (struct file *file, int mask)
static inline int security_file_send_sigiotask (struct task_struct *tsk,
struct fown_struct *fown,
- int fd, int reason)
+ int sig)
{
- return security_ops->file_send_sigiotask (tsk, fown, fd, reason);
+ return security_ops->file_send_sigiotask (tsk, fown, sig);
}
static inline int security_file_receive (struct file *file)
}
/* prototypes */
-extern int security_scaffolding_startup (void);
+extern int security_init (void);
extern int register_security (struct security_operations *ops);
extern int unregister_security (struct security_operations *ops);
extern int mod_reg_security (const char *name, struct security_operations *ops);
* are just stubbed out, but a few must call the proper capable code.
*/
-static inline int security_scaffolding_startup (void)
+static inline int security_init(void)
{
return 0;
}
return 0;
}
-static inline int security_sysctl(ctl_table * table, int op)
+static inline int security_sysctl(struct ctl_table *table, int op)
{
return 0;
}
return 0;
}
-static inline int security_quota_on (struct file * file)
+static inline int security_quota_on (struct dentry * dentry)
{
return 0;
}
return cap_syslog(type);
}
+static inline int security_settime(struct timespec *ts, struct timezone *tz)
+{
+ return cap_settime(ts, tz);
+}
+
static inline int security_vm_enough_memory(long pages)
{
return cap_vm_enough_memory(pages);
cap_bprm_apply_creds (bprm, unsafe);
}
+static inline void security_bprm_post_apply_creds (struct linux_binprm *bprm)
+{
+ return;
+}
+
static inline int security_bprm_set (struct linux_binprm *bprm)
{
return cap_bprm_set_security (bprm);
return cap_inode_removexattr(dentry, name);
}
-static inline int security_inode_getsecurity(struct dentry *dentry, const char *name, void *buffer, size_t size)
+static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size)
{
return -EOPNOTSUPP;
}
-static inline int security_inode_setsecurity(struct dentry *dentry, const char *name, const void *value, size_t size, int flags)
+static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
{
return -EOPNOTSUPP;
}
-static inline int security_inode_listsecurity(struct dentry *dentry, char *buffer)
+static inline int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)
{
return 0;
}
static inline int security_file_send_sigiotask (struct task_struct *tsk,
struct fown_struct *fown,
- int fd, int reason)
+ int sig)
{
return 0;
}
return -EINVAL;
}
-/*
- * The netlink capability defaults need to be used inline by default
- * (rather than hooking into the capability module) to reduce overhead
- * in the networking code.
- */
static inline int security_netlink_send (struct sock *sk, struct sk_buff *skb)
{
return cap_netlink_send (sk, skb);