security/seclvl.c

   1 /**
   2  * BSD Secure Levels LSM
   3  *
   4  * Maintainers:
   5  *      Michael A. Halcrow <mike@halcrow.us>
   6  *      Serge Hallyn <hallyn@cs.wm.edu>
   7  *
   8  * Copyright (c) 2001 WireX Communications, Inc <chris@wirex.com>
   9  * Copyright (c) 2001 Greg Kroah-Hartman <greg@kroah.com>
  10  * Copyright (c) 2002 International Business Machines <robb@austin.ibm.com>
  11  *
  12  *      This program is free software; you can redistribute it and/or modify
  13  *      it under the terms of the GNU General Public License as published by
  14  *      the Free Software Foundation; either version 2 of the License, or
  15  *      (at your option) any later version.
  16  */
  17
  18 #include <linux/config.h>
  19 #include <linux/module.h>
  20 #include <linux/moduleparam.h>
  21 #include <linux/kernel.h>
  22 #include <linux/init.h>
  23 #include <linux/security.h>
  24 #include <linux/netlink.h>
  25 #include <linux/fs.h>
  26 #include <linux/namei.h>
  27 #include <linux/mount.h>
  28 #include <linux/capability.h>
  29 #include <linux/time.h>
  30 #include <linux/proc_fs.h>
  31 #include <linux/kobject.h>
  32 #include <linux/crypto.h>
  33 #include <asm/scatterlist.h>
  34 #include <linux/gfp.h>
  35 #include <linux/sysfs.h>
  36
  37 #define SHA1_DIGEST_SIZE 20
  38
  39 /**
  40  * Module parameter that defines the initial secure level.
  41  *
  42  * When built as a module, it defaults to seclvl 1, which is the
  43  * behavior of BSD secure levels.  Note that this default behavior
  44  * wrecks havoc on a machine when the seclvl module is compiled into
  45  * the kernel.  In that case, we default to seclvl 0.
  46  */
  47 #ifdef CONFIG_SECURITY_SECLVL_MODULE
  48 static int initlvl = 1;
  49 #else
  50 static int initlvl;
  51 #endif
  52 module_param(initlvl, int, 0);
  53 MODULE_PARM_DESC(initlvl, "Initial secure level (defaults to 1)");
  54
  55 /* Module parameter that defines the verbosity level */
  56 static int verbosity;
  57 module_param(verbosity, int, 0);
  58 MODULE_PARM_DESC(verbosity, "Initial verbosity level (0 or 1; defaults to "
  59                  "0, which is Quiet)");
  60
  61 /**
  62  * Optional password which can be passed in to bring seclvl to 0
  63  * (i.e., for halt/reboot).  Defaults to NULL (the passwd attribute
  64  * file will not be registered in sysfs).
  65  *
  66  * This gets converted to its SHA1 hash when stored.  It's probably
  67  * not a good idea to use this parameter when loading seclvl from a
  68  * script; use sha1_passwd instead.
  69  */
  70
  71 #define MAX_PASSWD_SIZE 32
  72 static char passwd[MAX_PASSWD_SIZE];
  73 module_param_string(passwd, passwd, sizeof(passwd), 0);
  74 MODULE_PARM_DESC(passwd,
  75                  "Plaintext of password that sets seclvl=0 when written to "
  76                  "(sysfs mount point)/seclvl/passwd\n");
  77
  78 /**
  79  * SHA1 hashed version of the optional password which can be passed in
  80  * to bring seclvl to 0 (i.e., for halt/reboot).  Must be in
  81  * hexadecimal format (40 characters).  Defaults to NULL (the passwd
  82  * attribute file will not be registered in sysfs).
  83  *
  84  * Use the sha1sum utility to generate the SHA1 hash of a password:
  85  *
  86  * echo -n "secret" | sha1sum
  87  */
  88 #define MAX_SHA1_PASSWD 41
  89 static char sha1_passwd[MAX_SHA1_PASSWD];
  90 module_param_string(sha1_passwd, sha1_passwd, sizeof(sha1_passwd), 0);
  91 MODULE_PARM_DESC(sha1_passwd,
  92                  "SHA1 hash (40 hexadecimal characters) of password that "
  93                  "sets seclvl=0 when plaintext password is written to "
  94                  "(sysfs mount point)/seclvl/passwd\n");
  95
  96 static int hideHash = 1;
  97 module_param(hideHash, int, 0);
  98 MODULE_PARM_DESC(hideHash, "When set to 0, reading seclvl/passwd from sysfs "
  99                  "will return the SHA1-hashed value of the password that "
 100                  "lowers the secure level to 0.\n");
 101
 102 #define MY_NAME "seclvl"
 103
 104 /**
 105  * This time-limits log writes to one per second.
 106  */
 107 #define seclvl_printk(verb, type, fmt, arg...)                  \
 108         do {                                                    \
 109                 if (verbosity >= verb) {                        \
 110                         static unsigned long _prior;            \
 111                         unsigned long _now = jiffies;           \
 112                         if ((_now - _prior) > HZ) {             \
 113                                 printk(type "%s: %s: " fmt,     \
 114                                         MY_NAME, __FUNCTION__ , \
 115                                         ## arg);                \
 116                                 _prior = _now;                  \
 117                         }                                       \
 118                 }                                               \
 119         } while (0)
 120
 121 /**
 122  * The actual security level.  Ranges between -1 and 2 inclusive.
 123  */
 124 static int seclvl;
 125
 126 /**
 127  * flag to keep track of how we were registered
 128  */
 129 static int secondary;
 130
 131 /**
 132  * Verifies that the requested secure level is valid, given the current
 133  * secure level.
 134  */
 135 static int seclvl_sanity(int reqlvl)
 136 {
 137         if ((reqlvl < -1) || (reqlvl > 2)) {
 138                 seclvl_printk(1, KERN_WARNING, "Attempt to set seclvl out of "
 139                               "range: [%d]\n", reqlvl);
 140                 return -EINVAL;
 141         }
 142         if ((seclvl == 0) && (reqlvl == -1))
 143                 return 0;
 144         if (reqlvl < seclvl) {
 145                 seclvl_printk(1, KERN_WARNING, "Attempt to lower seclvl to "
 146                               "[%d]\n", reqlvl);
 147                 return -EPERM;
 148         }
 149         return 0;
 150 }
 151
 152 /**
 153  * security level advancement rules:
 154  *   Valid levels are -1 through 2, inclusive.
 155  *   From -1, stuck.  [ in case compiled into kernel ]
 156  *   From 0 or above, can only increment.
 157  */
 158 static void do_seclvl_advance(void *data, u64 val)
 159 {
 160         int ret;
 161         int newlvl = (int)val;
 162
 163         ret = seclvl_sanity(newlvl);
 164         if (ret)
 165                 return;
 166
 167         if (newlvl > 2) {
 168                 seclvl_printk(1, KERN_WARNING, "Cannot advance to seclvl "
 169                               "[%d]\n", newlvl);
 170                 return;
 171         }
 172         if (seclvl == -1) {
 173                 seclvl_printk(1, KERN_WARNING, "Not allowed to advance to "
 174                               "seclvl [%d]\n", seclvl);
 175                 return;
 176         }
 177         seclvl = newlvl;  /* would it be more "correct" to set *data? */
 178         return;
 179 }
 180
 181 static u64 seclvl_int_get(void *data)
 182 {
 183         return *(int *)data;
 184 }
 185
 186 DEFINE_SIMPLE_ATTRIBUTE(seclvl_file_ops, seclvl_int_get, do_seclvl_advance, "%lld\n");
 187
 188 static unsigned char hashedPassword[SHA1_DIGEST_SIZE];
 189
 190 /**
 191  * Converts a block of plaintext of into its SHA1 hashed value.
 192  *
 193  * It would be nice if crypto had a wrapper to do this for us linear
 194  * people...
 195  */
 196 static int
 197 plaintext_to_sha1(unsigned char *hash, const char *plaintext, int len)
 198 {
 199         char *pgVirtAddr;
 200         struct crypto_tfm *tfm;
 201         struct scatterlist sg[1];
 202         if (len > PAGE_SIZE) {
 203                 seclvl_printk(0, KERN_ERR, "Plaintext password too large (%d "
 204                               "characters).  Largest possible is %lu "
 205                               "bytes.\n", len, PAGE_SIZE);
 206                 return -ENOMEM;
 207         }
 208         tfm = crypto_alloc_tfm("sha1", CRYPTO_TFM_REQ_MAY_SLEEP);
 209         if (tfm == NULL) {
 210                 seclvl_printk(0, KERN_ERR,
 211                               "Failed to load transform for SHA1\n");
 212                 return -ENOSYS;
 213         }
 214         // Just get a new page; don't play around with page boundaries
 215         // and scatterlists.
 216         pgVirtAddr = (char *)__get_free_page(GFP_KERNEL);
 217         sg[0].page = virt_to_page(pgVirtAddr);
 218         sg[0].offset = 0;
 219         sg[0].length = len;
 220         strncpy(pgVirtAddr, plaintext, len);
 221         crypto_digest_init(tfm);
 222         crypto_digest_update(tfm, sg, 1);
 223         crypto_digest_final(tfm, hash);
 224         crypto_free_tfm(tfm);
 225         free_page((unsigned long)pgVirtAddr);
 226         return 0;
 227 }
 228
 229 /**
 230  * Called whenever the user writes to the sysfs passwd handle to this kernel
 231  * object.  It hashes the password and compares the hashed results.
 232  */
 233 static ssize_t
 234 passwd_write_file(struct file * file, const char __user * buf,
 235                                 size_t count, loff_t *ppos)
 236 {
 237         int i;
 238         unsigned char tmp[SHA1_DIGEST_SIZE];
 239         char *page;
 240         int rc;
 241         int len;
 242
 243         if (!*passwd && !*sha1_passwd) {
 244                 seclvl_printk(0, KERN_ERR, "Attempt to password-unlock the "
 245                               "seclvl module, but neither a plain text "
 246                               "password nor a SHA1 hashed password was "
 247                               "passed in as a module parameter!  This is a "
 248                               "bug, since it should not be possible to be in "
 249                               "this part of the module; please tell a "
 250                               "maintainer about this event.\n");
 251                 return -EINVAL;
 252         }
 253
 254         if (count < 0 || count >= PAGE_SIZE)
 255                 return -EINVAL;
 256         if (*ppos != 0)
 257                 return -EINVAL;
 258         page = (char *)get_zeroed_page(GFP_KERNEL);
 259         if (!page)
 260                 return -ENOMEM;
 261         len = -EFAULT;
 262         if (copy_from_user(page, buf, count))
 263                 goto out;
 264
 265         len = strlen(page);
 266         /* ``echo "secret" > seclvl/passwd'' includes a newline */
 267         if (page[len - 1] == '\n')
 268                 len--;
 269         /* Hash the password, then compare the hashed values */
 270         if ((rc = plaintext_to_sha1(tmp, page, len))) {
 271                 seclvl_printk(0, KERN_ERR, "Error hashing password: rc = "
 272                               "[%d]\n", rc);
 273                 return rc;
 274         }
 275         for (i = 0; i < SHA1_DIGEST_SIZE; i++) {
 276                 if (hashedPassword[i] != tmp[i])
 277                         return -EPERM;
 278         }
 279         seclvl_printk(0, KERN_INFO,
 280                       "Password accepted; seclvl reduced to 0.\n");
 281         seclvl = 0;
 282         len = count;
 283
 284 out:
 285         free_page((unsigned long)page);
 286         return len;
 287 }
 288
 289 static struct file_operations passwd_file_ops = {
 290         .write = passwd_write_file,
 291 };
 292
 293 /**
 294  * Explicitely disallow ptrace'ing the init process.
 295  */
 296 static int seclvl_ptrace(struct task_struct *parent, struct task_struct *child)
 297 {
 298         if (seclvl >= 0) {
 299                 if (child->pid == 1) {
 300                         seclvl_printk(1, KERN_WARNING, "Attempt to ptrace "
 301                                       "the init process dissallowed in "
 302                                       "secure level %d\n", seclvl);
 303                         return -EPERM;
 304                 }
 305         }
 306         return 0;
 307 }
 308
 309 /**
 310  * Capability checks for seclvl.  The majority of the policy
 311  * enforcement for seclvl takes place here.
 312  */
 313 static int seclvl_capable(struct task_struct *tsk, int cap)
 314 {
 315         /* init can do anything it wants */
 316         if (tsk->pid == 1)
 317                 return 0;
 318
 319         switch (seclvl) {
 320         case 2:
 321                 /* fall through */
 322         case 1:
 323                 if (cap == CAP_LINUX_IMMUTABLE) {
 324                         seclvl_printk(1, KERN_WARNING, "Attempt to modify "
 325                                       "the IMMUTABLE and/or APPEND extended "
 326                                       "attribute on a file with the IMMUTABLE "
 327                                       "and/or APPEND extended attribute set "
 328                                       "denied in seclvl [%d]\n", seclvl);
 329                         return -EPERM;
 330                 } else if (cap == CAP_SYS_RAWIO) {      // Somewhat broad...
 331                         seclvl_printk(1, KERN_WARNING, "Attempt to perform "
 332                                       "raw I/O while in secure level [%d] "
 333                                       "denied\n", seclvl);
 334                         return -EPERM;
 335                 } else if (cap == CAP_NET_ADMIN) {
 336                         seclvl_printk(1, KERN_WARNING, "Attempt to perform "
 337                                       "network administrative task while "
 338                                       "in secure level [%d] denied\n", seclvl);
 339                         return -EPERM;
 340                 } else if (cap == CAP_SETUID) {
 341                         seclvl_printk(1, KERN_WARNING, "Attempt to setuid "
 342                                       "while in secure level [%d] denied\n",
 343                                       seclvl);
 344                         return -EPERM;
 345                 } else if (cap == CAP_SETGID) {
 346                         seclvl_printk(1, KERN_WARNING, "Attempt to setgid "
 347                                       "while in secure level [%d] denied\n",
 348                                       seclvl);
 349                 } else if (cap == CAP_SYS_MODULE) {
 350                         seclvl_printk(1, KERN_WARNING, "Attempt to perform "
 351                                       "a module operation while in secure "
 352                                       "level [%d] denied\n", seclvl);
 353                         return -EPERM;
 354                 }
 355                 break;
 356         default:
 357                 break;
 358         }
 359         /* from dummy.c */
 360         if (cap_is_fs_cap(cap) ? tsk->fsuid == 0 : tsk->euid == 0)
 361                 return 0;       /* capability granted */
 362         seclvl_printk(1, KERN_WARNING, "Capability denied\n");
 363         return -EPERM;          /* capability denied */
 364 }
 365
 366 /**
 367  * Disallow reversing the clock in seclvl > 1
 368  */
 369 static int seclvl_settime(struct timespec *tv, struct timezone *tz)
 370 {
 371         if (tv && seclvl > 1) {
 372                 struct timespec now;
 373                 now = current_kernel_time();
 374                 if (tv->tv_sec < now.tv_sec ||
 375                     (tv->tv_sec == now.tv_sec && tv->tv_nsec < now.tv_nsec)) {
 376                         seclvl_printk(1, KERN_WARNING, "Attempt to decrement "
 377                                       "time in secure level %d denied: "
 378                                       "current->pid = [%d], "
 379                                       "current->group_leader->pid = [%d]\n",
 380                                       seclvl, current->pid,
 381                                       current->group_leader->pid);
 382                         return -EPERM;
 383                 }               /* if attempt to decrement time */
 384                 if (tv->tv_sec > 1924988400)    /* disallow dates after 2030) */
 385                         return -EPERM;          /* CVE-2005-4352 */
 386         }                       /* if seclvl > 1 */
 387         return 0;
 388 }
 389
 390 /* claim the blockdev to exclude mounters, release on file close */
 391 static int seclvl_bd_claim(struct inode *inode)
 392 {
 393         int holder;
 394         struct block_device *bdev = NULL;
 395         dev_t dev = inode->i_rdev;
 396         bdev = open_by_devnum(dev, FMODE_WRITE);
 397         if (bdev) {
 398                 if (bd_claim(bdev, &holder)) {
 399                         blkdev_put(bdev);
 400                         return -EPERM;
 401                 }
 402                 /* claimed, mark it to release on close */
 403                 inode->i_security = current;
 404         }
 405         return 0;
 406 }
 407
 408 /* release the blockdev if you claimed it */
 409 static void seclvl_bd_release(struct inode *inode)
 410 {
 411         if (inode && S_ISBLK(inode->i_mode) && inode->i_security == current) {
 412                 struct block_device *bdev = inode->i_bdev;
 413                 if (bdev) {
 414                         bd_release(bdev);
 415                         blkdev_put(bdev);
 416                         inode->i_security = NULL;
 417                 }
 418         }
 419 }
 420
 421 /**
 422  * Security for writes to block devices is regulated by this seclvl
 423  * function.  Deny all writes to block devices in seclvl 2.  In
 424  * seclvl 1, we only deny writes to *mounted* block devices.
 425  */
 426 static int
 427 seclvl_inode_permission(struct inode *inode, int mask, struct nameidata *nd)
 428 {
 429         if (current->pid != 1 && S_ISBLK(inode->i_mode) && (mask & MAY_WRITE)) {
 430                 switch (seclvl) {
 431                 case 2:
 432                         seclvl_printk(1, KERN_WARNING, "Write to block device "
 433                                       "denied in secure level [%d]\n", seclvl);
 434                         return -EPERM;
 435                 case 1:
 436                         if (seclvl_bd_claim(inode)) {
 437                                 seclvl_printk(1, KERN_WARNING,
 438                                               "Write to mounted block device "
 439                                               "denied in secure level [%d]\n",
 440                                               seclvl);
 441                                 return -EPERM;
 442                         }
 443                 }
 444         }
 445         return 0;
 446 }
 447
 448 /**
 449  * The SUID and SGID bits cannot be set in seclvl >= 1
 450  */
 451 static int seclvl_inode_setattr(struct dentry *dentry, struct iattr *iattr)
 452 {
 453         if (seclvl > 0) {
 454                 if (iattr->ia_valid & ATTR_MODE)
 455                         if (iattr->ia_mode & S_ISUID ||
 456                             iattr->ia_mode & S_ISGID) {
 457                                 seclvl_printk(1, KERN_WARNING, "Attempt to "
 458                                               "modify SUID or SGID bit "
 459                                               "denied in seclvl [%d]\n",
 460                                               seclvl);
 461                                 return -EPERM;
 462                         }
 463         }
 464         return 0;
 465 }
 466
 467 /* release busied block devices */
 468 static void seclvl_file_free_security(struct file *filp)
 469 {
 470         struct dentry *dentry = filp->f_dentry;
 471         struct inode *inode = NULL;
 472
 473         if (dentry) {
 474                 inode = dentry->d_inode;
 475                 seclvl_bd_release(inode);
 476         }
 477 }
 478
 479 /**
 480  * Cannot unmount in secure level 2
 481  */
 482 static int seclvl_umount(struct vfsmount *mnt, int flags)
 483 {
 484         if (current->pid == 1)
 485                 return 0;
 486         if (seclvl == 2) {
 487                 seclvl_printk(1, KERN_WARNING, "Attempt to unmount in secure "
 488                               "level %d\n", seclvl);
 489                 return -EPERM;
 490         }
 491         return 0;
 492 }
 493
 494 static struct security_operations seclvl_ops = {
 495         .ptrace = seclvl_ptrace,
 496         .capable = seclvl_capable,
 497         .inode_permission = seclvl_inode_permission,
 498         .inode_setattr = seclvl_inode_setattr,
 499         .file_free_security = seclvl_file_free_security,
 500         .settime = seclvl_settime,
 501         .sb_umount = seclvl_umount,
 502 };
 503
 504 /**
 505  * Process the password-related module parameters
 506  */
 507 static int processPassword(void)
 508 {
 509         int rc = 0;
 510         hashedPassword[0] = '\0';
 511         if (*passwd) {
 512                 if (*sha1_passwd) {
 513                         seclvl_printk(0, KERN_ERR, "Error: Both "
 514                                       "passwd and sha1_passwd "
 515                                       "were set, but they are mutually "
 516                                       "exclusive.\n");
 517                         return -EINVAL;
 518                 }
 519                 if ((rc = plaintext_to_sha1(hashedPassword, passwd,
 520                                             strlen(passwd)))) {
 521                         seclvl_printk(0, KERN_ERR, "Error: SHA1 support not "
 522                                       "in kernel\n");
 523                         return rc;
 524                 }
 525                 /* All static data goes to the BSS, which zero's the
 526                  * plaintext password out for us. */
 527         } else if (*sha1_passwd) {      // Base 16
 528                 int i;
 529                 i = strlen(sha1_passwd);
 530                 if (i != (SHA1_DIGEST_SIZE * 2)) {
 531                         seclvl_printk(0, KERN_ERR, "Received [%d] bytes; "
 532                                       "expected [%d] for the hexadecimal "
 533                                       "representation of the SHA1 hash of "
 534                                       "the password.\n",
 535                                       i, (SHA1_DIGEST_SIZE * 2));
 536                         return -EINVAL;
 537                 }
 538                 while ((i -= 2) + 2) {
 539                         unsigned char tmp;
 540                         tmp = sha1_passwd[i + 2];
 541                         sha1_passwd[i + 2] = '\0';
 542                         hashedPassword[i / 2] = (unsigned char)
 543                             simple_strtol(&sha1_passwd[i], NULL, 16);
 544                         sha1_passwd[i + 2] = tmp;
 545                 }
 546         }
 547         return 0;
 548 }
 549
 550 /**
 551  * securityfs registrations
 552  */
 553 struct dentry *dir_ino, *seclvl_ino, *passwd_ino;
 554
 555 static int seclvlfs_register(void)
 556 {
 557         dir_ino = securityfs_create_dir("seclvl", NULL);
 558         if (!dir_ino)
 559                 return -EFAULT;
 560
 561         seclvl_ino = securityfs_create_file("seclvl", S_IRUGO | S_IWUSR,
 562                                 dir_ino, &seclvl, &seclvl_file_ops);
 563         if (!seclvl_ino)
 564                 goto out_deldir;
 565         if (*passwd || *sha1_passwd) {
 566                 passwd_ino = securityfs_create_file("passwd", S_IRUGO | S_IWUSR,
 567                                 dir_ino, NULL, &passwd_file_ops);
 568                 if (!passwd_ino)
 569                         goto out_delf;
 570         }
 571         return 0;
 572
 573 out_deldir:
 574         securityfs_remove(dir_ino);
 575 out_delf:
 576         securityfs_remove(seclvl_ino);
 577
 578         return -EFAULT;
 579 }
 580
 581 /**
 582  * Initialize the seclvl module.
 583  */
 584 static int __init seclvl_init(void)
 585 {
 586         int rc = 0;
 587         if (verbosity < 0 || verbosity > 1) {
 588                 printk(KERN_ERR "Error: bad verbosity [%d]; only 0 or 1 "
 589                        "are valid values\n", verbosity);
 590                 rc = -EINVAL;
 591                 goto exit;
 592         }
 593         if (initlvl < -1 || initlvl > 2) {
 594                 seclvl_printk(0, KERN_ERR, "Error: bad initial securelevel "
 595                               "[%d].\n", initlvl);
 596                 rc = -EINVAL;
 597                 goto exit;
 598         }
 599         seclvl = initlvl;
 600         if ((rc = processPassword())) {
 601                 seclvl_printk(0, KERN_ERR, "Error processing the password "
 602                               "module parameter(s): rc = [%d]\n", rc);
 603                 goto exit;
 604         }
 605         /* register ourselves with the security framework */
 606         if (register_security(&seclvl_ops)) {
 607                 seclvl_printk(0, KERN_ERR,
 608                               "seclvl: Failure registering with the "
 609                               "kernel.\n");
 610                 /* try registering with primary module */
 611                 rc = mod_reg_security(MY_NAME, &seclvl_ops);
 612                 if (rc) {
 613                         seclvl_printk(0, KERN_ERR, "seclvl: Failure "
 614                                       "registering with primary security "
 615                                       "module.\n");
 616                         goto exit;
 617                 }               /* if primary module registered */
 618                 secondary = 1;
 619         }                       /* if we registered ourselves with the security framework */
 620         if ((rc = seclvlfs_register())) {
 621                 seclvl_printk(0, KERN_ERR, "Error registering with sysfs\n");
 622                 goto exit;
 623         }
 624         seclvl_printk(0, KERN_INFO, "seclvl: Successfully initialized.\n");
 625  exit:
 626         if (rc) {
 627                 printk(KERN_ERR "seclvl: Error during initialization: rc = "
 628                        "[%d]\n", rc);
 629         }
 630         return rc;
 631 }
 632
 633 /**
 634  * Remove the seclvl module.
 635  */
 636 static void __exit seclvl_exit(void)
 637 {
 638         securityfs_remove(seclvl_ino);
 639         if (*passwd || *sha1_passwd)
 640                 securityfs_remove(passwd_ino);
 641         securityfs_remove(dir_ino);
 642         if (secondary == 1) {
 643                 mod_unreg_security(MY_NAME, &seclvl_ops);
 644         } else if (unregister_security(&seclvl_ops)) {
 645                 seclvl_printk(0, KERN_INFO,
 646                               "seclvl: Failure unregistering with the "
 647                               "kernel\n");
 648         }
 649 }
 650
 651 module_init(seclvl_init);
 652 module_exit(seclvl_exit);
 653
 654 MODULE_AUTHOR("Michael A. Halcrow <mike@halcrow.us>");
 655 MODULE_DESCRIPTION("LSM implementation of the BSD Secure Levels");
 656 MODULE_LICENSE("GPL");