]>
Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * Linux Security plug | |
3 | * | |
4 | * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com> | |
5 | * Copyright (C) 2001 Greg Kroah-Hartman <greg@kroah.com> | |
6 | * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> | |
7 | * Copyright (C) 2001 James Morris <jmorris@intercode.com.au> | |
8 | * Copyright (C) 2001 Silicon Graphics, Inc. (Trust Technology Group) | |
9 | * | |
10 | * This program is free software; you can redistribute it and/or modify | |
11 | * it under the terms of the GNU General Public License as published by | |
12 | * the Free Software Foundation; either version 2 of the License, or | |
13 | * (at your option) any later version. | |
14 | * | |
15 | * Due to this file being licensed under the GPL there is controversy over | |
16 | * whether this permits you to write a module that #includes this file | |
17 | * without placing your module under the GPL. Please consult a lawyer for | |
18 | * advice before doing this. | |
19 | * | |
20 | */ | |
21 | ||
22 | #ifndef __LINUX_SECURITY_H | |
23 | #define __LINUX_SECURITY_H | |
24 | ||
29db9190 | 25 | #include <linux/key.h> |
40401530 | 26 | #include <linux/capability.h> |
5a0e3ad6 | 27 | #include <linux/slab.h> |
40401530 | 28 | #include <linux/err.h> |
d47be3df | 29 | #include <linux/string.h> |
b1d9e6b0 | 30 | #include <linux/mm.h> |
40401530 AV |
31 | |
32 | struct linux_binprm; | |
33 | struct cred; | |
34 | struct rlimit; | |
35 | struct siginfo; | |
36 | struct sem_array; | |
37 | struct sembuf; | |
38 | struct kern_ipc_perm; | |
39 | struct audit_context; | |
40 | struct super_block; | |
41 | struct inode; | |
42 | struct dentry; | |
43 | struct file; | |
44 | struct vfsmount; | |
45 | struct path; | |
46 | struct qstr; | |
47 | struct nameidata; | |
48 | struct iattr; | |
49 | struct fown_struct; | |
50 | struct file_operations; | |
51 | struct shmid_kernel; | |
52 | struct msg_msg; | |
53 | struct msg_queue; | |
54 | struct xattr; | |
55 | struct xfrm_sec_ctx; | |
56 | struct mm_struct; | |
1da177e4 | 57 | |
06112163 EP |
58 | /* If capable should audit the security request */ |
59 | #define SECURITY_CAP_NOAUDIT 0 | |
60 | #define SECURITY_CAP_AUDIT 1 | |
61 | ||
eb9ae686 DQ |
62 | /* LSM Agnostic defines for sb_set_mnt_opts */ |
63 | #define SECURITY_LSM_NATIVE_LABELS 1 | |
64 | ||
1da177e4 | 65 | struct ctl_table; |
03d37d25 | 66 | struct audit_krule; |
3486740a | 67 | struct user_namespace; |
40401530 | 68 | struct timezone; |
1da177e4 | 69 | |
b1d9e6b0 | 70 | /* These functions are in security/commoncap.c */ |
6a9de491 EP |
71 | extern int cap_capable(const struct cred *cred, struct user_namespace *ns, |
72 | int cap, int audit); | |
1e6d7679 | 73 | extern int cap_settime(const struct timespec *ts, const struct timezone *tz); |
9e48858f | 74 | extern int cap_ptrace_access_check(struct task_struct *child, unsigned int mode); |
5cd9c58f | 75 | extern int cap_ptrace_traceme(struct task_struct *parent); |
7b41b173 | 76 | extern int cap_capget(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted); |
d84f4f99 DH |
77 | extern int cap_capset(struct cred *new, const struct cred *old, |
78 | const kernel_cap_t *effective, | |
79 | const kernel_cap_t *inheritable, | |
80 | const kernel_cap_t *permitted); | |
a6f76f23 | 81 | extern int cap_bprm_set_creds(struct linux_binprm *bprm); |
1da177e4 | 82 | extern int cap_bprm_secureexec(struct linux_binprm *bprm); |
8f0cfa52 DH |
83 | extern int cap_inode_setxattr(struct dentry *dentry, const char *name, |
84 | const void *value, size_t size, int flags); | |
85 | extern int cap_inode_removexattr(struct dentry *dentry, const char *name); | |
b5376771 SH |
86 | extern int cap_inode_need_killpriv(struct dentry *dentry); |
87 | extern int cap_inode_killpriv(struct dentry *dentry); | |
d007794a | 88 | extern int cap_mmap_addr(unsigned long addr); |
e5467859 AV |
89 | extern int cap_mmap_file(struct file *file, unsigned long reqprot, |
90 | unsigned long prot, unsigned long flags); | |
d84f4f99 | 91 | extern int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags); |
3898b1b4 | 92 | extern int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3, |
d84f4f99 | 93 | unsigned long arg4, unsigned long arg5); |
b0ae1981 | 94 | extern int cap_task_setscheduler(struct task_struct *p); |
7b41b173 EP |
95 | extern int cap_task_setioprio(struct task_struct *p, int ioprio); |
96 | extern int cap_task_setnice(struct task_struct *p, int nice); | |
20510f2f | 97 | extern int cap_vm_enough_memory(struct mm_struct *mm, long pages); |
1da177e4 LT |
98 | |
99 | struct msghdr; | |
100 | struct sk_buff; | |
101 | struct sock; | |
102 | struct sockaddr; | |
103 | struct socket; | |
df71837d TJ |
104 | struct flowi; |
105 | struct dst_entry; | |
106 | struct xfrm_selector; | |
107 | struct xfrm_policy; | |
108 | struct xfrm_state; | |
109 | struct xfrm_user_sec_ctx; | |
2069f457 | 110 | struct seq_file; |
1da177e4 | 111 | |
6e141546 | 112 | #ifdef CONFIG_MMU |
ed032189 | 113 | extern unsigned long mmap_min_addr; |
a2551df7 | 114 | extern unsigned long dac_mmap_min_addr; |
6e141546 | 115 | #else |
be8cfc4a | 116 | #define mmap_min_addr 0UL |
6e141546 DH |
117 | #define dac_mmap_min_addr 0UL |
118 | #endif | |
119 | ||
1da177e4 LT |
120 | /* |
121 | * Values used in the task_security_ops calls | |
122 | */ | |
123 | /* setuid or setgid, id0 == uid or gid */ | |
124 | #define LSM_SETID_ID 1 | |
125 | ||
126 | /* setreuid or setregid, id0 == real, id1 == eff */ | |
127 | #define LSM_SETID_RE 2 | |
128 | ||
129 | /* setresuid or setresgid, id0 == real, id1 == eff, uid2 == saved */ | |
130 | #define LSM_SETID_RES 4 | |
131 | ||
132 | /* setfsuid or setfsgid, id0 == fsuid or fsgid */ | |
133 | #define LSM_SETID_FS 8 | |
134 | ||
135 | /* forward declares to avoid warnings */ | |
1da177e4 | 136 | struct sched_param; |
4237c75c | 137 | struct request_sock; |
1da177e4 | 138 | |
a6f76f23 | 139 | /* bprm->unsafe reasons */ |
1da177e4 LT |
140 | #define LSM_UNSAFE_SHARE 1 |
141 | #define LSM_UNSAFE_PTRACE 2 | |
142 | #define LSM_UNSAFE_PTRACE_CAP 4 | |
259e5e6c | 143 | #define LSM_UNSAFE_NO_NEW_PRIVS 8 |
1da177e4 | 144 | |
6e141546 | 145 | #ifdef CONFIG_MMU |
8d65af78 | 146 | extern int mmap_min_addr_handler(struct ctl_table *table, int write, |
47d439e9 | 147 | void __user *buffer, size_t *lenp, loff_t *ppos); |
6e141546 | 148 | #endif |
47d439e9 | 149 | |
9d8f13ba MZ |
150 | /* security_inode_init_security callback function to write xattrs */ |
151 | typedef int (*initxattrs) (struct inode *inode, | |
152 | const struct xattr *xattr_array, void *fs_data); | |
153 | ||
1da177e4 LT |
154 | #ifdef CONFIG_SECURITY |
155 | ||
e0007529 EP |
156 | struct security_mnt_opts { |
157 | char **mnt_opts; | |
158 | int *mnt_opts_flags; | |
159 | int num_mnt_opts; | |
160 | }; | |
161 | ||
162 | static inline void security_init_mnt_opts(struct security_mnt_opts *opts) | |
163 | { | |
164 | opts->mnt_opts = NULL; | |
165 | opts->mnt_opts_flags = NULL; | |
166 | opts->num_mnt_opts = 0; | |
167 | } | |
168 | ||
169 | static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |
170 | { | |
171 | int i; | |
172 | if (opts->mnt_opts) | |
7b41b173 | 173 | for (i = 0; i < opts->num_mnt_opts; i++) |
e0007529 EP |
174 | kfree(opts->mnt_opts[i]); |
175 | kfree(opts->mnt_opts); | |
176 | opts->mnt_opts = NULL; | |
177 | kfree(opts->mnt_opts_flags); | |
178 | opts->mnt_opts_flags = NULL; | |
179 | opts->num_mnt_opts = 0; | |
180 | } | |
181 | ||
1da177e4 | 182 | /* prototypes */ |
7b41b173 | 183 | extern int security_init(void); |
1da177e4 | 184 | |
20510f2f | 185 | /* Security operations */ |
79af7307 SS |
186 | int security_binder_set_context_mgr(struct task_struct *mgr); |
187 | int security_binder_transaction(struct task_struct *from, | |
188 | struct task_struct *to); | |
189 | int security_binder_transfer_binder(struct task_struct *from, | |
190 | struct task_struct *to); | |
191 | int security_binder_transfer_file(struct task_struct *from, | |
192 | struct task_struct *to, struct file *file); | |
9e48858f | 193 | int security_ptrace_access_check(struct task_struct *child, unsigned int mode); |
5cd9c58f | 194 | int security_ptrace_traceme(struct task_struct *parent); |
20510f2f | 195 | int security_capget(struct task_struct *target, |
7b41b173 EP |
196 | kernel_cap_t *effective, |
197 | kernel_cap_t *inheritable, | |
198 | kernel_cap_t *permitted); | |
d84f4f99 DH |
199 | int security_capset(struct cred *new, const struct cred *old, |
200 | const kernel_cap_t *effective, | |
201 | const kernel_cap_t *inheritable, | |
202 | const kernel_cap_t *permitted); | |
b7e724d3 | 203 | int security_capable(const struct cred *cred, struct user_namespace *ns, |
3486740a | 204 | int cap); |
c7eba4a9 EP |
205 | int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns, |
206 | int cap); | |
20510f2f JM |
207 | int security_quotactl(int cmds, int type, int id, struct super_block *sb); |
208 | int security_quota_on(struct dentry *dentry); | |
12b3052c | 209 | int security_syslog(int type); |
1e6d7679 | 210 | int security_settime(const struct timespec *ts, const struct timezone *tz); |
20510f2f | 211 | int security_vm_enough_memory_mm(struct mm_struct *mm, long pages); |
a6f76f23 | 212 | int security_bprm_set_creds(struct linux_binprm *bprm); |
20510f2f | 213 | int security_bprm_check(struct linux_binprm *bprm); |
a6f76f23 DH |
214 | void security_bprm_committing_creds(struct linux_binprm *bprm); |
215 | void security_bprm_committed_creds(struct linux_binprm *bprm); | |
20510f2f JM |
216 | int security_bprm_secureexec(struct linux_binprm *bprm); |
217 | int security_sb_alloc(struct super_block *sb); | |
218 | void security_sb_free(struct super_block *sb); | |
e0007529 | 219 | int security_sb_copy_data(char *orig, char *copy); |
ff36fe2c | 220 | int security_sb_remount(struct super_block *sb, void *data); |
12204e24 | 221 | int security_sb_kern_mount(struct super_block *sb, int flags, void *data); |
2069f457 | 222 | int security_sb_show_options(struct seq_file *m, struct super_block *sb); |
20510f2f | 223 | int security_sb_statfs(struct dentry *dentry); |
808d4e3c AV |
224 | int security_sb_mount(const char *dev_name, struct path *path, |
225 | const char *type, unsigned long flags, void *data); | |
20510f2f | 226 | int security_sb_umount(struct vfsmount *mnt, int flags); |
b5266eb4 | 227 | int security_sb_pivotroot(struct path *old_path, struct path *new_path); |
649f6e77 DQ |
228 | int security_sb_set_mnt_opts(struct super_block *sb, |
229 | struct security_mnt_opts *opts, | |
230 | unsigned long kern_flags, | |
231 | unsigned long *set_kern_flags); | |
094f7b69 | 232 | int security_sb_clone_mnt_opts(const struct super_block *oldsb, |
c9180a57 | 233 | struct super_block *newsb); |
e0007529 | 234 | int security_sb_parse_opts_str(char *options, struct security_mnt_opts *opts); |
d47be3df DQ |
235 | int security_dentry_init_security(struct dentry *dentry, int mode, |
236 | struct qstr *name, void **ctx, | |
237 | u32 *ctxlen); | |
c9180a57 | 238 | |
20510f2f JM |
239 | int security_inode_alloc(struct inode *inode); |
240 | void security_inode_free(struct inode *inode); | |
241 | int security_inode_init_security(struct inode *inode, struct inode *dir, | |
9d8f13ba MZ |
242 | const struct qstr *qstr, |
243 | initxattrs initxattrs, void *fs_data); | |
244 | int security_old_inode_init_security(struct inode *inode, struct inode *dir, | |
9548906b | 245 | const struct qstr *qstr, const char **name, |
9d8f13ba | 246 | void **value, size_t *len); |
4acdaf27 | 247 | int security_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode); |
20510f2f JM |
248 | int security_inode_link(struct dentry *old_dentry, struct inode *dir, |
249 | struct dentry *new_dentry); | |
250 | int security_inode_unlink(struct inode *dir, struct dentry *dentry); | |
251 | int security_inode_symlink(struct inode *dir, struct dentry *dentry, | |
7b41b173 | 252 | const char *old_name); |
18bb1db3 | 253 | int security_inode_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode); |
20510f2f | 254 | int security_inode_rmdir(struct inode *dir, struct dentry *dentry); |
1a67aafb | 255 | int security_inode_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev); |
20510f2f | 256 | int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry, |
0b3974eb MS |
257 | struct inode *new_dir, struct dentry *new_dentry, |
258 | unsigned int flags); | |
20510f2f JM |
259 | int security_inode_readlink(struct dentry *dentry); |
260 | int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd); | |
b77b0646 | 261 | int security_inode_permission(struct inode *inode, int mask); |
20510f2f | 262 | int security_inode_setattr(struct dentry *dentry, struct iattr *attr); |
3f7036a0 | 263 | int security_inode_getattr(const struct path *path); |
8f0cfa52 DH |
264 | int security_inode_setxattr(struct dentry *dentry, const char *name, |
265 | const void *value, size_t size, int flags); | |
266 | void security_inode_post_setxattr(struct dentry *dentry, const char *name, | |
267 | const void *value, size_t size, int flags); | |
268 | int security_inode_getxattr(struct dentry *dentry, const char *name); | |
20510f2f | 269 | int security_inode_listxattr(struct dentry *dentry); |
8f0cfa52 | 270 | int security_inode_removexattr(struct dentry *dentry, const char *name); |
b5376771 SH |
271 | int security_inode_need_killpriv(struct dentry *dentry); |
272 | int security_inode_killpriv(struct dentry *dentry); | |
42492594 | 273 | int security_inode_getsecurity(const struct inode *inode, const char *name, void **buffer, bool alloc); |
20510f2f JM |
274 | int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags); |
275 | int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size); | |
8a076191 | 276 | void security_inode_getsecid(const struct inode *inode, u32 *secid); |
20510f2f JM |
277 | int security_file_permission(struct file *file, int mask); |
278 | int security_file_alloc(struct file *file); | |
279 | void security_file_free(struct file *file); | |
280 | int security_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg); | |
8b3ec681 AV |
281 | int security_mmap_file(struct file *file, unsigned long prot, |
282 | unsigned long flags); | |
e5467859 | 283 | int security_mmap_addr(unsigned long addr); |
20510f2f | 284 | int security_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot, |
7b41b173 | 285 | unsigned long prot); |
20510f2f JM |
286 | int security_file_lock(struct file *file, unsigned int cmd); |
287 | int security_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg); | |
e0b93edd | 288 | void security_file_set_fowner(struct file *file); |
20510f2f | 289 | int security_file_send_sigiotask(struct task_struct *tsk, |
7b41b173 | 290 | struct fown_struct *fown, int sig); |
20510f2f | 291 | int security_file_receive(struct file *file); |
83d49856 | 292 | int security_file_open(struct file *file, const struct cred *cred); |
20510f2f | 293 | int security_task_create(unsigned long clone_flags); |
1a2a4d06 | 294 | void security_task_free(struct task_struct *task); |
ee18d64c | 295 | int security_cred_alloc_blank(struct cred *cred, gfp_t gfp); |
f1752eec | 296 | void security_cred_free(struct cred *cred); |
d84f4f99 | 297 | int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp); |
ee18d64c | 298 | void security_transfer_creds(struct cred *new, const struct cred *old); |
3a3b7ce9 DH |
299 | int security_kernel_act_as(struct cred *new, u32 secid); |
300 | int security_kernel_create_files_as(struct cred *new, struct inode *inode); | |
13752fe2 | 301 | int security_kernel_fw_from_file(struct file *file, char *buf, size_t size); |
dd8dbf2e | 302 | int security_kernel_module_request(char *kmod_name); |
2e72d51b | 303 | int security_kernel_module_from_file(struct file *file); |
d84f4f99 DH |
304 | int security_task_fix_setuid(struct cred *new, const struct cred *old, |
305 | int flags); | |
20510f2f JM |
306 | int security_task_setpgid(struct task_struct *p, pid_t pgid); |
307 | int security_task_getpgid(struct task_struct *p); | |
308 | int security_task_getsid(struct task_struct *p); | |
309 | void security_task_getsecid(struct task_struct *p, u32 *secid); | |
20510f2f JM |
310 | int security_task_setnice(struct task_struct *p, int nice); |
311 | int security_task_setioprio(struct task_struct *p, int ioprio); | |
312 | int security_task_getioprio(struct task_struct *p); | |
8fd00b4d JS |
313 | int security_task_setrlimit(struct task_struct *p, unsigned int resource, |
314 | struct rlimit *new_rlim); | |
b0ae1981 | 315 | int security_task_setscheduler(struct task_struct *p); |
20510f2f JM |
316 | int security_task_getscheduler(struct task_struct *p); |
317 | int security_task_movememory(struct task_struct *p); | |
318 | int security_task_kill(struct task_struct *p, struct siginfo *info, | |
319 | int sig, u32 secid); | |
320 | int security_task_wait(struct task_struct *p); | |
321 | int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, | |
d84f4f99 | 322 | unsigned long arg4, unsigned long arg5); |
20510f2f JM |
323 | void security_task_to_inode(struct task_struct *p, struct inode *inode); |
324 | int security_ipc_permission(struct kern_ipc_perm *ipcp, short flag); | |
8a076191 | 325 | void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid); |
20510f2f JM |
326 | int security_msg_msg_alloc(struct msg_msg *msg); |
327 | void security_msg_msg_free(struct msg_msg *msg); | |
328 | int security_msg_queue_alloc(struct msg_queue *msq); | |
329 | void security_msg_queue_free(struct msg_queue *msq); | |
330 | int security_msg_queue_associate(struct msg_queue *msq, int msqflg); | |
331 | int security_msg_queue_msgctl(struct msg_queue *msq, int cmd); | |
332 | int security_msg_queue_msgsnd(struct msg_queue *msq, | |
7b41b173 | 333 | struct msg_msg *msg, int msqflg); |
20510f2f | 334 | int security_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, |
7b41b173 | 335 | struct task_struct *target, long type, int mode); |
20510f2f JM |
336 | int security_shm_alloc(struct shmid_kernel *shp); |
337 | void security_shm_free(struct shmid_kernel *shp); | |
338 | int security_shm_associate(struct shmid_kernel *shp, int shmflg); | |
339 | int security_shm_shmctl(struct shmid_kernel *shp, int cmd); | |
340 | int security_shm_shmat(struct shmid_kernel *shp, char __user *shmaddr, int shmflg); | |
341 | int security_sem_alloc(struct sem_array *sma); | |
342 | void security_sem_free(struct sem_array *sma); | |
343 | int security_sem_associate(struct sem_array *sma, int semflg); | |
344 | int security_sem_semctl(struct sem_array *sma, int cmd); | |
345 | int security_sem_semop(struct sem_array *sma, struct sembuf *sops, | |
346 | unsigned nsops, int alter); | |
7b41b173 | 347 | void security_d_instantiate(struct dentry *dentry, struct inode *inode); |
20510f2f JM |
348 | int security_getprocattr(struct task_struct *p, char *name, char **value); |
349 | int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size); | |
350 | int security_netlink_send(struct sock *sk, struct sk_buff *skb); | |
746df9b5 | 351 | int security_ismaclabel(const char *name); |
20510f2f | 352 | int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); |
7bf570dc | 353 | int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); |
20510f2f JM |
354 | void security_release_secctx(char *secdata, u32 seclen); |
355 | ||
1ee65e37 DQ |
356 | int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); |
357 | int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); | |
358 | int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); | |
1da177e4 | 359 | #else /* CONFIG_SECURITY */ |
e0007529 EP |
360 | struct security_mnt_opts { |
361 | }; | |
362 | ||
363 | static inline void security_init_mnt_opts(struct security_mnt_opts *opts) | |
364 | { | |
365 | } | |
366 | ||
367 | static inline void security_free_mnt_opts(struct security_mnt_opts *opts) | |
368 | { | |
369 | } | |
1da177e4 LT |
370 | |
371 | /* | |
372 | * This is the default capabilities functionality. Most of these functions | |
373 | * are just stubbed out, but a few must call the proper capable code. | |
374 | */ | |
375 | ||
376 | static inline int security_init(void) | |
377 | { | |
378 | return 0; | |
379 | } | |
380 | ||
79af7307 SS |
381 | static inline int security_binder_set_context_mgr(struct task_struct *mgr) |
382 | { | |
383 | return 0; | |
384 | } | |
385 | ||
386 | static inline int security_binder_transaction(struct task_struct *from, | |
387 | struct task_struct *to) | |
388 | { | |
389 | return 0; | |
390 | } | |
391 | ||
392 | static inline int security_binder_transfer_binder(struct task_struct *from, | |
393 | struct task_struct *to) | |
394 | { | |
395 | return 0; | |
396 | } | |
397 | ||
398 | static inline int security_binder_transfer_file(struct task_struct *from, | |
399 | struct task_struct *to, | |
400 | struct file *file) | |
401 | { | |
402 | return 0; | |
403 | } | |
404 | ||
9e48858f | 405 | static inline int security_ptrace_access_check(struct task_struct *child, |
5cd9c58f DH |
406 | unsigned int mode) |
407 | { | |
9e48858f | 408 | return cap_ptrace_access_check(child, mode); |
5cd9c58f DH |
409 | } |
410 | ||
5e186b57 | 411 | static inline int security_ptrace_traceme(struct task_struct *parent) |
1da177e4 | 412 | { |
5cd9c58f | 413 | return cap_ptrace_traceme(parent); |
1da177e4 LT |
414 | } |
415 | ||
7b41b173 | 416 | static inline int security_capget(struct task_struct *target, |
1da177e4 LT |
417 | kernel_cap_t *effective, |
418 | kernel_cap_t *inheritable, | |
419 | kernel_cap_t *permitted) | |
420 | { | |
7b41b173 | 421 | return cap_capget(target, effective, inheritable, permitted); |
1da177e4 LT |
422 | } |
423 | ||
d84f4f99 DH |
424 | static inline int security_capset(struct cred *new, |
425 | const struct cred *old, | |
426 | const kernel_cap_t *effective, | |
427 | const kernel_cap_t *inheritable, | |
428 | const kernel_cap_t *permitted) | |
1da177e4 | 429 | { |
d84f4f99 | 430 | return cap_capset(new, old, effective, inheritable, permitted); |
1da177e4 LT |
431 | } |
432 | ||
b7e724d3 EP |
433 | static inline int security_capable(const struct cred *cred, |
434 | struct user_namespace *ns, int cap) | |
06112163 | 435 | { |
6a9de491 | 436 | return cap_capable(cred, ns, cap, SECURITY_CAP_AUDIT); |
3699c53c DH |
437 | } |
438 | ||
c7eba4a9 EP |
439 | static inline int security_capable_noaudit(const struct cred *cred, |
440 | struct user_namespace *ns, int cap) { | |
441 | return cap_capable(cred, ns, cap, SECURITY_CAP_NOAUDIT); | |
12b5989b CW |
442 | } |
443 | ||
7b41b173 EP |
444 | static inline int security_quotactl(int cmds, int type, int id, |
445 | struct super_block *sb) | |
1da177e4 LT |
446 | { |
447 | return 0; | |
448 | } | |
449 | ||
7b41b173 | 450 | static inline int security_quota_on(struct dentry *dentry) |
1da177e4 LT |
451 | { |
452 | return 0; | |
453 | } | |
454 | ||
12b3052c | 455 | static inline int security_syslog(int type) |
1da177e4 | 456 | { |
12b3052c | 457 | return 0; |
1da177e4 LT |
458 | } |
459 | ||
1e6d7679 RC |
460 | static inline int security_settime(const struct timespec *ts, |
461 | const struct timezone *tz) | |
1da177e4 LT |
462 | { |
463 | return cap_settime(ts, tz); | |
464 | } | |
465 | ||
1b79cd04 | 466 | static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) |
731572d3 | 467 | { |
b1d9e6b0 | 468 | return __vm_enough_memory(mm, pages, cap_vm_enough_memory(mm, pages)); |
731572d3 AC |
469 | } |
470 | ||
a6f76f23 | 471 | static inline int security_bprm_set_creds(struct linux_binprm *bprm) |
7b41b173 | 472 | { |
a6f76f23 | 473 | return cap_bprm_set_creds(bprm); |
1da177e4 LT |
474 | } |
475 | ||
a6f76f23 | 476 | static inline int security_bprm_check(struct linux_binprm *bprm) |
1da177e4 | 477 | { |
a6f76f23 | 478 | return 0; |
1da177e4 LT |
479 | } |
480 | ||
a6f76f23 | 481 | static inline void security_bprm_committing_creds(struct linux_binprm *bprm) |
1da177e4 | 482 | { |
1da177e4 LT |
483 | } |
484 | ||
a6f76f23 | 485 | static inline void security_bprm_committed_creds(struct linux_binprm *bprm) |
1da177e4 | 486 | { |
1da177e4 LT |
487 | } |
488 | ||
7b41b173 | 489 | static inline int security_bprm_secureexec(struct linux_binprm *bprm) |
1da177e4 LT |
490 | { |
491 | return cap_bprm_secureexec(bprm); | |
492 | } | |
493 | ||
7b41b173 | 494 | static inline int security_sb_alloc(struct super_block *sb) |
1da177e4 LT |
495 | { |
496 | return 0; | |
497 | } | |
498 | ||
7b41b173 | 499 | static inline void security_sb_free(struct super_block *sb) |
1da177e4 LT |
500 | { } |
501 | ||
7b41b173 | 502 | static inline int security_sb_copy_data(char *orig, char *copy) |
1da177e4 LT |
503 | { |
504 | return 0; | |
505 | } | |
506 | ||
ff36fe2c EP |
507 | static inline int security_sb_remount(struct super_block *sb, void *data) |
508 | { | |
509 | return 0; | |
510 | } | |
511 | ||
12204e24 | 512 | static inline int security_sb_kern_mount(struct super_block *sb, int flags, void *data) |
1da177e4 LT |
513 | { |
514 | return 0; | |
515 | } | |
516 | ||
2069f457 EP |
517 | static inline int security_sb_show_options(struct seq_file *m, |
518 | struct super_block *sb) | |
519 | { | |
520 | return 0; | |
521 | } | |
522 | ||
7b41b173 | 523 | static inline int security_sb_statfs(struct dentry *dentry) |
1da177e4 LT |
524 | { |
525 | return 0; | |
526 | } | |
527 | ||
808d4e3c AV |
528 | static inline int security_sb_mount(const char *dev_name, struct path *path, |
529 | const char *type, unsigned long flags, | |
1da177e4 LT |
530 | void *data) |
531 | { | |
532 | return 0; | |
533 | } | |
534 | ||
7b41b173 | 535 | static inline int security_sb_umount(struct vfsmount *mnt, int flags) |
1da177e4 LT |
536 | { |
537 | return 0; | |
538 | } | |
539 | ||
7b41b173 EP |
540 | static inline int security_sb_pivotroot(struct path *old_path, |
541 | struct path *new_path) | |
1da177e4 LT |
542 | { |
543 | return 0; | |
544 | } | |
545 | ||
e0007529 | 546 | static inline int security_sb_set_mnt_opts(struct super_block *sb, |
649f6e77 DQ |
547 | struct security_mnt_opts *opts, |
548 | unsigned long kern_flags, | |
549 | unsigned long *set_kern_flags) | |
e0007529 EP |
550 | { |
551 | return 0; | |
552 | } | |
553 | ||
094f7b69 | 554 | static inline int security_sb_clone_mnt_opts(const struct super_block *oldsb, |
e0007529 | 555 | struct super_block *newsb) |
094f7b69 JL |
556 | { |
557 | return 0; | |
558 | } | |
e0007529 EP |
559 | |
560 | static inline int security_sb_parse_opts_str(char *options, struct security_mnt_opts *opts) | |
561 | { | |
562 | return 0; | |
563 | } | |
1da177e4 | 564 | |
7b41b173 | 565 | static inline int security_inode_alloc(struct inode *inode) |
1da177e4 LT |
566 | { |
567 | return 0; | |
568 | } | |
569 | ||
7b41b173 | 570 | static inline void security_inode_free(struct inode *inode) |
1da177e4 | 571 | { } |
5e41ff9e | 572 | |
d47be3df DQ |
573 | static inline int security_dentry_init_security(struct dentry *dentry, |
574 | int mode, | |
575 | struct qstr *name, | |
576 | void **ctx, | |
577 | u32 *ctxlen) | |
578 | { | |
579 | return -EOPNOTSUPP; | |
580 | } | |
581 | ||
582 | ||
7b41b173 | 583 | static inline int security_inode_init_security(struct inode *inode, |
5e41ff9e | 584 | struct inode *dir, |
2a7dba39 | 585 | const struct qstr *qstr, |
fbff6610 | 586 | const initxattrs xattrs, |
9d8f13ba | 587 | void *fs_data) |
5e41ff9e | 588 | { |
1e39f384 | 589 | return 0; |
5e41ff9e | 590 | } |
7b41b173 | 591 | |
1e39f384 MZ |
592 | static inline int security_old_inode_init_security(struct inode *inode, |
593 | struct inode *dir, | |
594 | const struct qstr *qstr, | |
9548906b TH |
595 | const char **name, |
596 | void **value, size_t *len) | |
e1c9b23a | 597 | { |
30e05324 | 598 | return -EOPNOTSUPP; |
e1c9b23a MZ |
599 | } |
600 | ||
7b41b173 | 601 | static inline int security_inode_create(struct inode *dir, |
1da177e4 | 602 | struct dentry *dentry, |
4acdaf27 | 603 | umode_t mode) |
1da177e4 LT |
604 | { |
605 | return 0; | |
606 | } | |
607 | ||
7b41b173 | 608 | static inline int security_inode_link(struct dentry *old_dentry, |
1da177e4 LT |
609 | struct inode *dir, |
610 | struct dentry *new_dentry) | |
611 | { | |
612 | return 0; | |
613 | } | |
614 | ||
7b41b173 | 615 | static inline int security_inode_unlink(struct inode *dir, |
1da177e4 LT |
616 | struct dentry *dentry) |
617 | { | |
618 | return 0; | |
619 | } | |
620 | ||
7b41b173 | 621 | static inline int security_inode_symlink(struct inode *dir, |
1da177e4 LT |
622 | struct dentry *dentry, |
623 | const char *old_name) | |
624 | { | |
625 | return 0; | |
626 | } | |
627 | ||
7b41b173 | 628 | static inline int security_inode_mkdir(struct inode *dir, |
1da177e4 LT |
629 | struct dentry *dentry, |
630 | int mode) | |
631 | { | |
632 | return 0; | |
633 | } | |
634 | ||
7b41b173 | 635 | static inline int security_inode_rmdir(struct inode *dir, |
1da177e4 LT |
636 | struct dentry *dentry) |
637 | { | |
638 | return 0; | |
639 | } | |
640 | ||
7b41b173 | 641 | static inline int security_inode_mknod(struct inode *dir, |
1da177e4 LT |
642 | struct dentry *dentry, |
643 | int mode, dev_t dev) | |
644 | { | |
645 | return 0; | |
646 | } | |
647 | ||
7b41b173 | 648 | static inline int security_inode_rename(struct inode *old_dir, |
1da177e4 LT |
649 | struct dentry *old_dentry, |
650 | struct inode *new_dir, | |
0b3974eb MS |
651 | struct dentry *new_dentry, |
652 | unsigned int flags) | |
1da177e4 LT |
653 | { |
654 | return 0; | |
655 | } | |
656 | ||
7b41b173 | 657 | static inline int security_inode_readlink(struct dentry *dentry) |
1da177e4 LT |
658 | { |
659 | return 0; | |
660 | } | |
661 | ||
7b41b173 | 662 | static inline int security_inode_follow_link(struct dentry *dentry, |
1da177e4 LT |
663 | struct nameidata *nd) |
664 | { | |
665 | return 0; | |
666 | } | |
667 | ||
b77b0646 | 668 | static inline int security_inode_permission(struct inode *inode, int mask) |
1da177e4 LT |
669 | { |
670 | return 0; | |
671 | } | |
672 | ||
7b41b173 | 673 | static inline int security_inode_setattr(struct dentry *dentry, |
1da177e4 LT |
674 | struct iattr *attr) |
675 | { | |
676 | return 0; | |
677 | } | |
678 | ||
3f7036a0 | 679 | static inline int security_inode_getattr(const struct path *path) |
1da177e4 LT |
680 | { |
681 | return 0; | |
682 | } | |
683 | ||
8f0cfa52 DH |
684 | static inline int security_inode_setxattr(struct dentry *dentry, |
685 | const char *name, const void *value, size_t size, int flags) | |
1da177e4 LT |
686 | { |
687 | return cap_inode_setxattr(dentry, name, value, size, flags); | |
688 | } | |
689 | ||
8f0cfa52 DH |
690 | static inline void security_inode_post_setxattr(struct dentry *dentry, |
691 | const char *name, const void *value, size_t size, int flags) | |
1da177e4 LT |
692 | { } |
693 | ||
8f0cfa52 DH |
694 | static inline int security_inode_getxattr(struct dentry *dentry, |
695 | const char *name) | |
1da177e4 LT |
696 | { |
697 | return 0; | |
698 | } | |
699 | ||
7b41b173 | 700 | static inline int security_inode_listxattr(struct dentry *dentry) |
1da177e4 LT |
701 | { |
702 | return 0; | |
703 | } | |
704 | ||
8f0cfa52 DH |
705 | static inline int security_inode_removexattr(struct dentry *dentry, |
706 | const char *name) | |
1da177e4 LT |
707 | { |
708 | return cap_inode_removexattr(dentry, name); | |
709 | } | |
710 | ||
b5376771 SH |
711 | static inline int security_inode_need_killpriv(struct dentry *dentry) |
712 | { | |
713 | return cap_inode_need_killpriv(dentry); | |
714 | } | |
715 | ||
716 | static inline int security_inode_killpriv(struct dentry *dentry) | |
717 | { | |
718 | return cap_inode_killpriv(dentry); | |
719 | } | |
720 | ||
42492594 | 721 | static inline int security_inode_getsecurity(const struct inode *inode, const char *name, void **buffer, bool alloc) |
1da177e4 LT |
722 | { |
723 | return -EOPNOTSUPP; | |
724 | } | |
725 | ||
726 | static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags) | |
727 | { | |
728 | return -EOPNOTSUPP; | |
729 | } | |
730 | ||
731 | static inline int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size) | |
732 | { | |
733 | return 0; | |
734 | } | |
735 | ||
8a076191 AD |
736 | static inline void security_inode_getsecid(const struct inode *inode, u32 *secid) |
737 | { | |
738 | *secid = 0; | |
739 | } | |
740 | ||
7b41b173 | 741 | static inline int security_file_permission(struct file *file, int mask) |
1da177e4 LT |
742 | { |
743 | return 0; | |
744 | } | |
745 | ||
7b41b173 | 746 | static inline int security_file_alloc(struct file *file) |
1da177e4 LT |
747 | { |
748 | return 0; | |
749 | } | |
750 | ||
7b41b173 | 751 | static inline void security_file_free(struct file *file) |
1da177e4 LT |
752 | { } |
753 | ||
7b41b173 EP |
754 | static inline int security_file_ioctl(struct file *file, unsigned int cmd, |
755 | unsigned long arg) | |
1da177e4 LT |
756 | { |
757 | return 0; | |
758 | } | |
759 | ||
8b3ec681 | 760 | static inline int security_mmap_file(struct file *file, unsigned long prot, |
e5467859 AV |
761 | unsigned long flags) |
762 | { | |
763 | return 0; | |
764 | } | |
765 | ||
766 | static inline int security_mmap_addr(unsigned long addr) | |
1da177e4 | 767 | { |
d007794a | 768 | return cap_mmap_addr(addr); |
1da177e4 LT |
769 | } |
770 | ||
7b41b173 EP |
771 | static inline int security_file_mprotect(struct vm_area_struct *vma, |
772 | unsigned long reqprot, | |
773 | unsigned long prot) | |
1da177e4 LT |
774 | { |
775 | return 0; | |
776 | } | |
777 | ||
7b41b173 | 778 | static inline int security_file_lock(struct file *file, unsigned int cmd) |
1da177e4 LT |
779 | { |
780 | return 0; | |
781 | } | |
782 | ||
7b41b173 EP |
783 | static inline int security_file_fcntl(struct file *file, unsigned int cmd, |
784 | unsigned long arg) | |
1da177e4 LT |
785 | { |
786 | return 0; | |
787 | } | |
788 | ||
e0b93edd | 789 | static inline void security_file_set_fowner(struct file *file) |
1da177e4 | 790 | { |
e0b93edd | 791 | return; |
1da177e4 LT |
792 | } |
793 | ||
7b41b173 EP |
794 | static inline int security_file_send_sigiotask(struct task_struct *tsk, |
795 | struct fown_struct *fown, | |
796 | int sig) | |
1da177e4 LT |
797 | { |
798 | return 0; | |
799 | } | |
800 | ||
7b41b173 | 801 | static inline int security_file_receive(struct file *file) |
1da177e4 LT |
802 | { |
803 | return 0; | |
804 | } | |
805 | ||
83d49856 EP |
806 | static inline int security_file_open(struct file *file, |
807 | const struct cred *cred) | |
788e7dd4 YN |
808 | { |
809 | return 0; | |
810 | } | |
811 | ||
7b41b173 | 812 | static inline int security_task_create(unsigned long clone_flags) |
1da177e4 LT |
813 | { |
814 | return 0; | |
815 | } | |
816 | ||
1a2a4d06 KC |
817 | static inline void security_task_free(struct task_struct *task) |
818 | { } | |
819 | ||
945af7c3 DH |
820 | static inline int security_cred_alloc_blank(struct cred *cred, gfp_t gfp) |
821 | { | |
822 | return 0; | |
823 | } | |
ee18d64c | 824 | |
d84f4f99 DH |
825 | static inline void security_cred_free(struct cred *cred) |
826 | { } | |
827 | ||
828 | static inline int security_prepare_creds(struct cred *new, | |
829 | const struct cred *old, | |
830 | gfp_t gfp) | |
1da177e4 LT |
831 | { |
832 | return 0; | |
833 | } | |
834 | ||
ee18d64c DH |
835 | static inline void security_transfer_creds(struct cred *new, |
836 | const struct cred *old) | |
837 | { | |
838 | } | |
839 | ||
3a3b7ce9 DH |
840 | static inline int security_kernel_act_as(struct cred *cred, u32 secid) |
841 | { | |
842 | return 0; | |
843 | } | |
844 | ||
845 | static inline int security_kernel_create_files_as(struct cred *cred, | |
846 | struct inode *inode) | |
847 | { | |
848 | return 0; | |
849 | } | |
850 | ||
13752fe2 KC |
851 | static inline int security_kernel_fw_from_file(struct file *file, |
852 | char *buf, size_t size) | |
853 | { | |
854 | return 0; | |
855 | } | |
856 | ||
dd8dbf2e | 857 | static inline int security_kernel_module_request(char *kmod_name) |
9188499c EP |
858 | { |
859 | return 0; | |
1da177e4 LT |
860 | } |
861 | ||
2e72d51b KC |
862 | static inline int security_kernel_module_from_file(struct file *file) |
863 | { | |
864 | return 0; | |
865 | } | |
866 | ||
d84f4f99 DH |
867 | static inline int security_task_fix_setuid(struct cred *new, |
868 | const struct cred *old, | |
869 | int flags) | |
1da177e4 | 870 | { |
d84f4f99 | 871 | return cap_task_fix_setuid(new, old, flags); |
1da177e4 LT |
872 | } |
873 | ||
7b41b173 | 874 | static inline int security_task_setpgid(struct task_struct *p, pid_t pgid) |
1da177e4 LT |
875 | { |
876 | return 0; | |
877 | } | |
878 | ||
7b41b173 | 879 | static inline int security_task_getpgid(struct task_struct *p) |
1da177e4 LT |
880 | { |
881 | return 0; | |
882 | } | |
883 | ||
7b41b173 | 884 | static inline int security_task_getsid(struct task_struct *p) |
1da177e4 LT |
885 | { |
886 | return 0; | |
887 | } | |
888 | ||
7b41b173 | 889 | static inline void security_task_getsecid(struct task_struct *p, u32 *secid) |
8a076191 AD |
890 | { |
891 | *secid = 0; | |
892 | } | |
f9008e4c | 893 | |
7b41b173 | 894 | static inline int security_task_setnice(struct task_struct *p, int nice) |
1da177e4 | 895 | { |
b5376771 | 896 | return cap_task_setnice(p, nice); |
1da177e4 LT |
897 | } |
898 | ||
7b41b173 | 899 | static inline int security_task_setioprio(struct task_struct *p, int ioprio) |
03e68060 | 900 | { |
b5376771 | 901 | return cap_task_setioprio(p, ioprio); |
03e68060 JM |
902 | } |
903 | ||
7b41b173 | 904 | static inline int security_task_getioprio(struct task_struct *p) |
a1836a42 DQ |
905 | { |
906 | return 0; | |
907 | } | |
908 | ||
8fd00b4d JS |
909 | static inline int security_task_setrlimit(struct task_struct *p, |
910 | unsigned int resource, | |
7b41b173 | 911 | struct rlimit *new_rlim) |
1da177e4 LT |
912 | { |
913 | return 0; | |
914 | } | |
915 | ||
b0ae1981 | 916 | static inline int security_task_setscheduler(struct task_struct *p) |
1da177e4 | 917 | { |
b0ae1981 | 918 | return cap_task_setscheduler(p); |
1da177e4 LT |
919 | } |
920 | ||
7b41b173 | 921 | static inline int security_task_getscheduler(struct task_struct *p) |
1da177e4 LT |
922 | { |
923 | return 0; | |
924 | } | |
925 | ||
7b41b173 | 926 | static inline int security_task_movememory(struct task_struct *p) |
35601547 DQ |
927 | { |
928 | return 0; | |
929 | } | |
930 | ||
7b41b173 EP |
931 | static inline int security_task_kill(struct task_struct *p, |
932 | struct siginfo *info, int sig, | |
933 | u32 secid) | |
1da177e4 | 934 | { |
aedb60a6 | 935 | return 0; |
1da177e4 LT |
936 | } |
937 | ||
7b41b173 | 938 | static inline int security_task_wait(struct task_struct *p) |
1da177e4 LT |
939 | { |
940 | return 0; | |
941 | } | |
942 | ||
7b41b173 EP |
943 | static inline int security_task_prctl(int option, unsigned long arg2, |
944 | unsigned long arg3, | |
945 | unsigned long arg4, | |
d84f4f99 | 946 | unsigned long arg5) |
1da177e4 | 947 | { |
d84f4f99 | 948 | return cap_task_prctl(option, arg2, arg3, arg3, arg5); |
1da177e4 LT |
949 | } |
950 | ||
951 | static inline void security_task_to_inode(struct task_struct *p, struct inode *inode) | |
952 | { } | |
953 | ||
7b41b173 EP |
954 | static inline int security_ipc_permission(struct kern_ipc_perm *ipcp, |
955 | short flag) | |
1da177e4 LT |
956 | { |
957 | return 0; | |
958 | } | |
959 | ||
8a076191 AD |
960 | static inline void security_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid) |
961 | { | |
962 | *secid = 0; | |
963 | } | |
964 | ||
7b41b173 | 965 | static inline int security_msg_msg_alloc(struct msg_msg *msg) |
1da177e4 LT |
966 | { |
967 | return 0; | |
968 | } | |
969 | ||
7b41b173 | 970 | static inline void security_msg_msg_free(struct msg_msg *msg) |
1da177e4 LT |
971 | { } |
972 | ||
7b41b173 | 973 | static inline int security_msg_queue_alloc(struct msg_queue *msq) |
1da177e4 LT |
974 | { |
975 | return 0; | |
976 | } | |
977 | ||
7b41b173 | 978 | static inline void security_msg_queue_free(struct msg_queue *msq) |
1da177e4 LT |
979 | { } |
980 | ||
7b41b173 EP |
981 | static inline int security_msg_queue_associate(struct msg_queue *msq, |
982 | int msqflg) | |
1da177e4 LT |
983 | { |
984 | return 0; | |
985 | } | |
986 | ||
7b41b173 | 987 | static inline int security_msg_queue_msgctl(struct msg_queue *msq, int cmd) |
1da177e4 LT |
988 | { |
989 | return 0; | |
990 | } | |
991 | ||
7b41b173 EP |
992 | static inline int security_msg_queue_msgsnd(struct msg_queue *msq, |
993 | struct msg_msg *msg, int msqflg) | |
1da177e4 LT |
994 | { |
995 | return 0; | |
996 | } | |
997 | ||
7b41b173 EP |
998 | static inline int security_msg_queue_msgrcv(struct msg_queue *msq, |
999 | struct msg_msg *msg, | |
1000 | struct task_struct *target, | |
1001 | long type, int mode) | |
1da177e4 LT |
1002 | { |
1003 | return 0; | |
1004 | } | |
1005 | ||
7b41b173 | 1006 | static inline int security_shm_alloc(struct shmid_kernel *shp) |
1da177e4 LT |
1007 | { |
1008 | return 0; | |
1009 | } | |
1010 | ||
7b41b173 | 1011 | static inline void security_shm_free(struct shmid_kernel *shp) |
1da177e4 LT |
1012 | { } |
1013 | ||
7b41b173 EP |
1014 | static inline int security_shm_associate(struct shmid_kernel *shp, |
1015 | int shmflg) | |
1da177e4 LT |
1016 | { |
1017 | return 0; | |
1018 | } | |
1019 | ||
7b41b173 | 1020 | static inline int security_shm_shmctl(struct shmid_kernel *shp, int cmd) |
1da177e4 LT |
1021 | { |
1022 | return 0; | |
1023 | } | |
1024 | ||
7b41b173 EP |
1025 | static inline int security_shm_shmat(struct shmid_kernel *shp, |
1026 | char __user *shmaddr, int shmflg) | |
1da177e4 LT |
1027 | { |
1028 | return 0; | |
1029 | } | |
1030 | ||
7b41b173 | 1031 | static inline int security_sem_alloc(struct sem_array *sma) |
1da177e4 LT |
1032 | { |
1033 | return 0; | |
1034 | } | |
1035 | ||
7b41b173 | 1036 | static inline void security_sem_free(struct sem_array *sma) |
1da177e4 LT |
1037 | { } |
1038 | ||
7b41b173 | 1039 | static inline int security_sem_associate(struct sem_array *sma, int semflg) |
1da177e4 LT |
1040 | { |
1041 | return 0; | |
1042 | } | |
1043 | ||
7b41b173 | 1044 | static inline int security_sem_semctl(struct sem_array *sma, int cmd) |
1da177e4 LT |
1045 | { |
1046 | return 0; | |
1047 | } | |
1048 | ||
7b41b173 EP |
1049 | static inline int security_sem_semop(struct sem_array *sma, |
1050 | struct sembuf *sops, unsigned nsops, | |
1051 | int alter) | |
1da177e4 LT |
1052 | { |
1053 | return 0; | |
1054 | } | |
1055 | ||
7b41b173 | 1056 | static inline void security_d_instantiate(struct dentry *dentry, struct inode *inode) |
1da177e4 LT |
1057 | { } |
1058 | ||
04ff9708 | 1059 | static inline int security_getprocattr(struct task_struct *p, char *name, char **value) |
1da177e4 LT |
1060 | { |
1061 | return -EINVAL; | |
1062 | } | |
1063 | ||
1064 | static inline int security_setprocattr(struct task_struct *p, char *name, void *value, size_t size) | |
1065 | { | |
1066 | return -EINVAL; | |
1067 | } | |
1068 | ||
7b41b173 | 1069 | static inline int security_netlink_send(struct sock *sk, struct sk_buff *skb) |
1da177e4 | 1070 | { |
b1d9e6b0 | 1071 | return 0; |
1da177e4 LT |
1072 | } |
1073 | ||
746df9b5 DQ |
1074 | static inline int security_ismaclabel(const char *name) |
1075 | { | |
1076 | return 0; | |
1077 | } | |
1078 | ||
dc49c1f9 CZ |
1079 | static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) |
1080 | { | |
1081 | return -EOPNOTSUPP; | |
1082 | } | |
1083 | ||
7bf570dc | 1084 | static inline int security_secctx_to_secid(const char *secdata, |
63cb3449 DH |
1085 | u32 seclen, |
1086 | u32 *secid) | |
1087 | { | |
1088 | return -EOPNOTSUPP; | |
1089 | } | |
1090 | ||
dc49c1f9 CZ |
1091 | static inline void security_release_secctx(char *secdata, u32 seclen) |
1092 | { | |
dc49c1f9 | 1093 | } |
1ee65e37 DQ |
1094 | |
1095 | static inline int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) | |
1096 | { | |
1097 | return -EOPNOTSUPP; | |
1098 | } | |
1099 | static inline int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) | |
1100 | { | |
1101 | return -EOPNOTSUPP; | |
1102 | } | |
1103 | static inline int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) | |
1104 | { | |
1105 | return -EOPNOTSUPP; | |
1106 | } | |
1da177e4 LT |
1107 | #endif /* CONFIG_SECURITY */ |
1108 | ||
1109 | #ifdef CONFIG_SECURITY_NETWORK | |
4237c75c | 1110 | |
3610cda5 | 1111 | int security_unix_stream_connect(struct sock *sock, struct sock *other, struct sock *newsk); |
20510f2f JM |
1112 | int security_unix_may_send(struct socket *sock, struct socket *other); |
1113 | int security_socket_create(int family, int type, int protocol, int kern); | |
1114 | int security_socket_post_create(struct socket *sock, int family, | |
1115 | int type, int protocol, int kern); | |
1116 | int security_socket_bind(struct socket *sock, struct sockaddr *address, int addrlen); | |
1117 | int security_socket_connect(struct socket *sock, struct sockaddr *address, int addrlen); | |
1118 | int security_socket_listen(struct socket *sock, int backlog); | |
1119 | int security_socket_accept(struct socket *sock, struct socket *newsock); | |
20510f2f JM |
1120 | int security_socket_sendmsg(struct socket *sock, struct msghdr *msg, int size); |
1121 | int security_socket_recvmsg(struct socket *sock, struct msghdr *msg, | |
1122 | int size, int flags); | |
1123 | int security_socket_getsockname(struct socket *sock); | |
1124 | int security_socket_getpeername(struct socket *sock); | |
1125 | int security_socket_getsockopt(struct socket *sock, int level, int optname); | |
1126 | int security_socket_setsockopt(struct socket *sock, int level, int optname); | |
1127 | int security_socket_shutdown(struct socket *sock, int how); | |
1128 | int security_sock_rcv_skb(struct sock *sk, struct sk_buff *skb); | |
1129 | int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, | |
1130 | int __user *optlen, unsigned len); | |
1131 | int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid); | |
1132 | int security_sk_alloc(struct sock *sk, int family, gfp_t priority); | |
1133 | void security_sk_free(struct sock *sk); | |
1134 | void security_sk_clone(const struct sock *sk, struct sock *newsk); | |
1135 | void security_sk_classify_flow(struct sock *sk, struct flowi *fl); | |
1136 | void security_req_classify_flow(const struct request_sock *req, struct flowi *fl); | |
1137 | void security_sock_graft(struct sock*sk, struct socket *parent); | |
1138 | int security_inet_conn_request(struct sock *sk, | |
1139 | struct sk_buff *skb, struct request_sock *req); | |
1140 | void security_inet_csk_clone(struct sock *newsk, | |
1141 | const struct request_sock *req); | |
1142 | void security_inet_conn_established(struct sock *sk, | |
1143 | struct sk_buff *skb); | |
2606fd1f EP |
1144 | int security_secmark_relabel_packet(u32 secid); |
1145 | void security_secmark_refcount_inc(void); | |
1146 | void security_secmark_refcount_dec(void); | |
5dbbaf2d PM |
1147 | int security_tun_dev_alloc_security(void **security); |
1148 | void security_tun_dev_free_security(void *security); | |
2b980dbd | 1149 | int security_tun_dev_create(void); |
5dbbaf2d PM |
1150 | int security_tun_dev_attach_queue(void *security); |
1151 | int security_tun_dev_attach(struct sock *sk, void *security); | |
1152 | int security_tun_dev_open(void *security); | |
6b877699 | 1153 | |
1da177e4 | 1154 | #else /* CONFIG_SECURITY_NETWORK */ |
3610cda5 DM |
1155 | static inline int security_unix_stream_connect(struct sock *sock, |
1156 | struct sock *other, | |
7b41b173 | 1157 | struct sock *newsk) |
1da177e4 LT |
1158 | { |
1159 | return 0; | |
1160 | } | |
1161 | ||
7b41b173 EP |
1162 | static inline int security_unix_may_send(struct socket *sock, |
1163 | struct socket *other) | |
1da177e4 LT |
1164 | { |
1165 | return 0; | |
1166 | } | |
1167 | ||
7b41b173 EP |
1168 | static inline int security_socket_create(int family, int type, |
1169 | int protocol, int kern) | |
1da177e4 LT |
1170 | { |
1171 | return 0; | |
1172 | } | |
1173 | ||
7b41b173 | 1174 | static inline int security_socket_post_create(struct socket *sock, |
7420ed23 VY |
1175 | int family, |
1176 | int type, | |
1177 | int protocol, int kern) | |
1da177e4 | 1178 | { |
7420ed23 | 1179 | return 0; |
1da177e4 LT |
1180 | } |
1181 | ||
7b41b173 EP |
1182 | static inline int security_socket_bind(struct socket *sock, |
1183 | struct sockaddr *address, | |
1da177e4 LT |
1184 | int addrlen) |
1185 | { | |
1186 | return 0; | |
1187 | } | |
1188 | ||
7b41b173 EP |
1189 | static inline int security_socket_connect(struct socket *sock, |
1190 | struct sockaddr *address, | |
1da177e4 LT |
1191 | int addrlen) |
1192 | { | |
1193 | return 0; | |
1194 | } | |
1195 | ||
7b41b173 | 1196 | static inline int security_socket_listen(struct socket *sock, int backlog) |
1da177e4 LT |
1197 | { |
1198 | return 0; | |
1199 | } | |
1200 | ||
7b41b173 EP |
1201 | static inline int security_socket_accept(struct socket *sock, |
1202 | struct socket *newsock) | |
1da177e4 LT |
1203 | { |
1204 | return 0; | |
1205 | } | |
1206 | ||
7b41b173 EP |
1207 | static inline int security_socket_sendmsg(struct socket *sock, |
1208 | struct msghdr *msg, int size) | |
1da177e4 LT |
1209 | { |
1210 | return 0; | |
1211 | } | |
1212 | ||
7b41b173 EP |
1213 | static inline int security_socket_recvmsg(struct socket *sock, |
1214 | struct msghdr *msg, int size, | |
1da177e4 LT |
1215 | int flags) |
1216 | { | |
1217 | return 0; | |
1218 | } | |
1219 | ||
7b41b173 | 1220 | static inline int security_socket_getsockname(struct socket *sock) |
1da177e4 LT |
1221 | { |
1222 | return 0; | |
1223 | } | |
1224 | ||
7b41b173 | 1225 | static inline int security_socket_getpeername(struct socket *sock) |
1da177e4 LT |
1226 | { |
1227 | return 0; | |
1228 | } | |
1229 | ||
7b41b173 | 1230 | static inline int security_socket_getsockopt(struct socket *sock, |
1da177e4 LT |
1231 | int level, int optname) |
1232 | { | |
1233 | return 0; | |
1234 | } | |
1235 | ||
7b41b173 | 1236 | static inline int security_socket_setsockopt(struct socket *sock, |
1da177e4 LT |
1237 | int level, int optname) |
1238 | { | |
1239 | return 0; | |
1240 | } | |
1241 | ||
7b41b173 | 1242 | static inline int security_socket_shutdown(struct socket *sock, int how) |
1da177e4 LT |
1243 | { |
1244 | return 0; | |
1245 | } | |
7b41b173 EP |
1246 | static inline int security_sock_rcv_skb(struct sock *sk, |
1247 | struct sk_buff *skb) | |
1da177e4 LT |
1248 | { |
1249 | return 0; | |
1250 | } | |
1251 | ||
2c7946a7 CZ |
1252 | static inline int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, |
1253 | int __user *optlen, unsigned len) | |
1254 | { | |
1255 | return -ENOPROTOOPT; | |
1256 | } | |
1257 | ||
dc49c1f9 | 1258 | static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) |
1da177e4 LT |
1259 | { |
1260 | return -ENOPROTOOPT; | |
1261 | } | |
1262 | ||
dd0fc66f | 1263 | static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority) |
1da177e4 LT |
1264 | { |
1265 | return 0; | |
1266 | } | |
1267 | ||
1268 | static inline void security_sk_free(struct sock *sk) | |
892c141e VY |
1269 | { |
1270 | } | |
1271 | ||
1272 | static inline void security_sk_clone(const struct sock *sk, struct sock *newsk) | |
1da177e4 LT |
1273 | { |
1274 | } | |
df71837d | 1275 | |
beb8d13b | 1276 | static inline void security_sk_classify_flow(struct sock *sk, struct flowi *fl) |
df71837d | 1277 | { |
df71837d | 1278 | } |
4237c75c VY |
1279 | |
1280 | static inline void security_req_classify_flow(const struct request_sock *req, struct flowi *fl) | |
1281 | { | |
1282 | } | |
1283 | ||
7b41b173 | 1284 | static inline void security_sock_graft(struct sock *sk, struct socket *parent) |
4237c75c VY |
1285 | { |
1286 | } | |
1287 | ||
1288 | static inline int security_inet_conn_request(struct sock *sk, | |
1289 | struct sk_buff *skb, struct request_sock *req) | |
1290 | { | |
1291 | return 0; | |
1292 | } | |
1293 | ||
1294 | static inline void security_inet_csk_clone(struct sock *newsk, | |
1295 | const struct request_sock *req) | |
1296 | { | |
1297 | } | |
6b877699 VY |
1298 | |
1299 | static inline void security_inet_conn_established(struct sock *sk, | |
1300 | struct sk_buff *skb) | |
1301 | { | |
1302 | } | |
2b980dbd | 1303 | |
2606fd1f EP |
1304 | static inline int security_secmark_relabel_packet(u32 secid) |
1305 | { | |
1306 | return 0; | |
1307 | } | |
1308 | ||
1309 | static inline void security_secmark_refcount_inc(void) | |
1310 | { | |
1311 | } | |
1312 | ||
1313 | static inline void security_secmark_refcount_dec(void) | |
1314 | { | |
1315 | } | |
1316 | ||
5dbbaf2d PM |
1317 | static inline int security_tun_dev_alloc_security(void **security) |
1318 | { | |
1319 | return 0; | |
1320 | } | |
1321 | ||
1322 | static inline void security_tun_dev_free_security(void *security) | |
1323 | { | |
1324 | } | |
1325 | ||
2b980dbd PM |
1326 | static inline int security_tun_dev_create(void) |
1327 | { | |
1328 | return 0; | |
1329 | } | |
1330 | ||
5dbbaf2d PM |
1331 | static inline int security_tun_dev_attach_queue(void *security) |
1332 | { | |
1333 | return 0; | |
1334 | } | |
1335 | ||
1336 | static inline int security_tun_dev_attach(struct sock *sk, void *security) | |
2b980dbd | 1337 | { |
5dbbaf2d | 1338 | return 0; |
2b980dbd PM |
1339 | } |
1340 | ||
5dbbaf2d | 1341 | static inline int security_tun_dev_open(void *security) |
2b980dbd PM |
1342 | { |
1343 | return 0; | |
1344 | } | |
1da177e4 LT |
1345 | #endif /* CONFIG_SECURITY_NETWORK */ |
1346 | ||
df71837d | 1347 | #ifdef CONFIG_SECURITY_NETWORK_XFRM |
beb8d13b | 1348 | |
52a4c640 NA |
1349 | int security_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp, |
1350 | struct xfrm_user_sec_ctx *sec_ctx, gfp_t gfp); | |
03e1ad7b PM |
1351 | int security_xfrm_policy_clone(struct xfrm_sec_ctx *old_ctx, struct xfrm_sec_ctx **new_ctxp); |
1352 | void security_xfrm_policy_free(struct xfrm_sec_ctx *ctx); | |
1353 | int security_xfrm_policy_delete(struct xfrm_sec_ctx *ctx); | |
20510f2f JM |
1354 | int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx); |
1355 | int security_xfrm_state_alloc_acquire(struct xfrm_state *x, | |
1356 | struct xfrm_sec_ctx *polsec, u32 secid); | |
1357 | int security_xfrm_state_delete(struct xfrm_state *x); | |
1358 | void security_xfrm_state_free(struct xfrm_state *x); | |
03e1ad7b | 1359 | int security_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir); |
20510f2f | 1360 | int security_xfrm_state_pol_flow_match(struct xfrm_state *x, |
e33f7704 DM |
1361 | struct xfrm_policy *xp, |
1362 | const struct flowi *fl); | |
20510f2f JM |
1363 | int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid); |
1364 | void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl); | |
beb8d13b | 1365 | |
df71837d | 1366 | #else /* CONFIG_SECURITY_NETWORK_XFRM */ |
20510f2f | 1367 | |
52a4c640 NA |
1368 | static inline int security_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp, |
1369 | struct xfrm_user_sec_ctx *sec_ctx, | |
1370 | gfp_t gfp) | |
df71837d TJ |
1371 | { |
1372 | return 0; | |
1373 | } | |
1374 | ||
03e1ad7b | 1375 | static inline int security_xfrm_policy_clone(struct xfrm_sec_ctx *old, struct xfrm_sec_ctx **new_ctxp) |
df71837d TJ |
1376 | { |
1377 | return 0; | |
1378 | } | |
1379 | ||
03e1ad7b | 1380 | static inline void security_xfrm_policy_free(struct xfrm_sec_ctx *ctx) |
df71837d TJ |
1381 | { |
1382 | } | |
1383 | ||
03e1ad7b | 1384 | static inline int security_xfrm_policy_delete(struct xfrm_sec_ctx *ctx) |
c8c05a8e CZ |
1385 | { |
1386 | return 0; | |
1387 | } | |
1388 | ||
e0d1caa7 VY |
1389 | static inline int security_xfrm_state_alloc(struct xfrm_state *x, |
1390 | struct xfrm_user_sec_ctx *sec_ctx) | |
1391 | { | |
1392 | return 0; | |
1393 | } | |
1394 | ||
1395 | static inline int security_xfrm_state_alloc_acquire(struct xfrm_state *x, | |
1396 | struct xfrm_sec_ctx *polsec, u32 secid) | |
df71837d TJ |
1397 | { |
1398 | return 0; | |
1399 | } | |
1400 | ||
1401 | static inline void security_xfrm_state_free(struct xfrm_state *x) | |
1402 | { | |
1403 | } | |
1404 | ||
6f68dc37 | 1405 | static inline int security_xfrm_state_delete(struct xfrm_state *x) |
c8c05a8e CZ |
1406 | { |
1407 | return 0; | |
1408 | } | |
1409 | ||
03e1ad7b | 1410 | static inline int security_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir) |
df71837d TJ |
1411 | { |
1412 | return 0; | |
1413 | } | |
e0d1caa7 VY |
1414 | |
1415 | static inline int security_xfrm_state_pol_flow_match(struct xfrm_state *x, | |
e33f7704 | 1416 | struct xfrm_policy *xp, const struct flowi *fl) |
e0d1caa7 VY |
1417 | { |
1418 | return 1; | |
1419 | } | |
1420 | ||
beb8d13b | 1421 | static inline int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid) |
e0d1caa7 VY |
1422 | { |
1423 | return 0; | |
1424 | } | |
1425 | ||
beb8d13b VY |
1426 | static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl) |
1427 | { | |
1428 | } | |
1429 | ||
df71837d TJ |
1430 | #endif /* CONFIG_SECURITY_NETWORK_XFRM */ |
1431 | ||
be6d3e56 KT |
1432 | #ifdef CONFIG_SECURITY_PATH |
1433 | int security_path_unlink(struct path *dir, struct dentry *dentry); | |
4572befe | 1434 | int security_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode); |
be6d3e56 | 1435 | int security_path_rmdir(struct path *dir, struct dentry *dentry); |
04fc66e7 | 1436 | int security_path_mknod(struct path *dir, struct dentry *dentry, umode_t mode, |
be6d3e56 | 1437 | unsigned int dev); |
ea0d3ab2 | 1438 | int security_path_truncate(struct path *path); |
be6d3e56 KT |
1439 | int security_path_symlink(struct path *dir, struct dentry *dentry, |
1440 | const char *old_name); | |
1441 | int security_path_link(struct dentry *old_dentry, struct path *new_dir, | |
1442 | struct dentry *new_dentry); | |
1443 | int security_path_rename(struct path *old_dir, struct dentry *old_dentry, | |
0b3974eb MS |
1444 | struct path *new_dir, struct dentry *new_dentry, |
1445 | unsigned int flags); | |
cdcf116d | 1446 | int security_path_chmod(struct path *path, umode_t mode); |
d2b31ca6 | 1447 | int security_path_chown(struct path *path, kuid_t uid, kgid_t gid); |
8b8efb44 | 1448 | int security_path_chroot(struct path *path); |
be6d3e56 KT |
1449 | #else /* CONFIG_SECURITY_PATH */ |
1450 | static inline int security_path_unlink(struct path *dir, struct dentry *dentry) | |
1451 | { | |
1452 | return 0; | |
1453 | } | |
1454 | ||
1455 | static inline int security_path_mkdir(struct path *dir, struct dentry *dentry, | |
4572befe | 1456 | umode_t mode) |
be6d3e56 KT |
1457 | { |
1458 | return 0; | |
1459 | } | |
1460 | ||
1461 | static inline int security_path_rmdir(struct path *dir, struct dentry *dentry) | |
1462 | { | |
1463 | return 0; | |
1464 | } | |
1465 | ||
1466 | static inline int security_path_mknod(struct path *dir, struct dentry *dentry, | |
04fc66e7 | 1467 | umode_t mode, unsigned int dev) |
be6d3e56 KT |
1468 | { |
1469 | return 0; | |
1470 | } | |
1471 | ||
ea0d3ab2 | 1472 | static inline int security_path_truncate(struct path *path) |
be6d3e56 KT |
1473 | { |
1474 | return 0; | |
1475 | } | |
1476 | ||
1477 | static inline int security_path_symlink(struct path *dir, struct dentry *dentry, | |
1478 | const char *old_name) | |
1479 | { | |
1480 | return 0; | |
1481 | } | |
1482 | ||
1483 | static inline int security_path_link(struct dentry *old_dentry, | |
1484 | struct path *new_dir, | |
1485 | struct dentry *new_dentry) | |
1486 | { | |
1487 | return 0; | |
1488 | } | |
1489 | ||
1490 | static inline int security_path_rename(struct path *old_dir, | |
1491 | struct dentry *old_dentry, | |
1492 | struct path *new_dir, | |
0b3974eb MS |
1493 | struct dentry *new_dentry, |
1494 | unsigned int flags) | |
be6d3e56 KT |
1495 | { |
1496 | return 0; | |
1497 | } | |
89eda068 | 1498 | |
cdcf116d | 1499 | static inline int security_path_chmod(struct path *path, umode_t mode) |
89eda068 TH |
1500 | { |
1501 | return 0; | |
1502 | } | |
1503 | ||
d2b31ca6 | 1504 | static inline int security_path_chown(struct path *path, kuid_t uid, kgid_t gid) |
89eda068 TH |
1505 | { |
1506 | return 0; | |
1507 | } | |
8b8efb44 TH |
1508 | |
1509 | static inline int security_path_chroot(struct path *path) | |
1510 | { | |
1511 | return 0; | |
1512 | } | |
be6d3e56 KT |
1513 | #endif /* CONFIG_SECURITY_PATH */ |
1514 | ||
29db9190 DH |
1515 | #ifdef CONFIG_KEYS |
1516 | #ifdef CONFIG_SECURITY | |
29db9190 | 1517 | |
d84f4f99 | 1518 | int security_key_alloc(struct key *key, const struct cred *cred, unsigned long flags); |
20510f2f JM |
1519 | void security_key_free(struct key *key); |
1520 | int security_key_permission(key_ref_t key_ref, | |
f5895943 | 1521 | const struct cred *cred, unsigned perm); |
70a5bb72 | 1522 | int security_key_getsecurity(struct key *key, char **_buffer); |
29db9190 DH |
1523 | |
1524 | #else | |
1525 | ||
d720024e | 1526 | static inline int security_key_alloc(struct key *key, |
d84f4f99 | 1527 | const struct cred *cred, |
7e047ef5 | 1528 | unsigned long flags) |
29db9190 DH |
1529 | { |
1530 | return 0; | |
1531 | } | |
1532 | ||
1533 | static inline void security_key_free(struct key *key) | |
1534 | { | |
1535 | } | |
1536 | ||
1537 | static inline int security_key_permission(key_ref_t key_ref, | |
d84f4f99 | 1538 | const struct cred *cred, |
f5895943 | 1539 | unsigned perm) |
29db9190 DH |
1540 | { |
1541 | return 0; | |
1542 | } | |
1543 | ||
70a5bb72 DH |
1544 | static inline int security_key_getsecurity(struct key *key, char **_buffer) |
1545 | { | |
1546 | *_buffer = NULL; | |
1547 | return 0; | |
be1d6a5f | 1548 | } |
ee18d64c | 1549 | |
29db9190 DH |
1550 | #endif |
1551 | #endif /* CONFIG_KEYS */ | |
1552 | ||
03d37d25 AD |
1553 | #ifdef CONFIG_AUDIT |
1554 | #ifdef CONFIG_SECURITY | |
1555 | int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule); | |
1556 | int security_audit_rule_known(struct audit_krule *krule); | |
1557 | int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule, | |
1558 | struct audit_context *actx); | |
1559 | void security_audit_rule_free(void *lsmrule); | |
1560 | ||
1561 | #else | |
1562 | ||
1563 | static inline int security_audit_rule_init(u32 field, u32 op, char *rulestr, | |
1564 | void **lsmrule) | |
1565 | { | |
1566 | return 0; | |
1567 | } | |
1568 | ||
1569 | static inline int security_audit_rule_known(struct audit_krule *krule) | |
1570 | { | |
1571 | return 0; | |
1572 | } | |
1573 | ||
1574 | static inline int security_audit_rule_match(u32 secid, u32 field, u32 op, | |
1575 | void *lsmrule, struct audit_context *actx) | |
1576 | { | |
1577 | return 0; | |
1578 | } | |
1579 | ||
1580 | static inline void security_audit_rule_free(void *lsmrule) | |
1581 | { } | |
1582 | ||
1583 | #endif /* CONFIG_SECURITY */ | |
1584 | #endif /* CONFIG_AUDIT */ | |
1585 | ||
da31894e EP |
1586 | #ifdef CONFIG_SECURITYFS |
1587 | ||
52ef0c04 | 1588 | extern struct dentry *securityfs_create_file(const char *name, umode_t mode, |
da31894e EP |
1589 | struct dentry *parent, void *data, |
1590 | const struct file_operations *fops); | |
1591 | extern struct dentry *securityfs_create_dir(const char *name, struct dentry *parent); | |
1592 | extern void securityfs_remove(struct dentry *dentry); | |
1593 | ||
1594 | #else /* CONFIG_SECURITYFS */ | |
1595 | ||
1596 | static inline struct dentry *securityfs_create_dir(const char *name, | |
1597 | struct dentry *parent) | |
1598 | { | |
1599 | return ERR_PTR(-ENODEV); | |
1600 | } | |
1601 | ||
1602 | static inline struct dentry *securityfs_create_file(const char *name, | |
52ef0c04 | 1603 | umode_t mode, |
da31894e EP |
1604 | struct dentry *parent, |
1605 | void *data, | |
1606 | const struct file_operations *fops) | |
1607 | { | |
1608 | return ERR_PTR(-ENODEV); | |
1609 | } | |
1610 | ||
1611 | static inline void securityfs_remove(struct dentry *dentry) | |
1612 | {} | |
1613 | ||
1614 | #endif | |
1615 | ||
3d544f41 PE |
1616 | #ifdef CONFIG_SECURITY |
1617 | ||
1618 | static inline char *alloc_secdata(void) | |
1619 | { | |
1620 | return (char *)get_zeroed_page(GFP_KERNEL); | |
1621 | } | |
1622 | ||
1623 | static inline void free_secdata(void *secdata) | |
1624 | { | |
1625 | free_page((unsigned long)secdata); | |
1626 | } | |
1627 | ||
1628 | #else | |
1629 | ||
1630 | static inline char *alloc_secdata(void) | |
1631 | { | |
1632 | return (char *)1; | |
1633 | } | |
1634 | ||
1635 | static inline void free_secdata(void *secdata) | |
1636 | { } | |
1637 | #endif /* CONFIG_SECURITY */ | |
1638 | ||
1da177e4 LT |
1639 | #endif /* ! __LINUX_SECURITY_H */ |
1640 |