diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2011-10-25 09:45:31 +0200 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-10-25 09:45:31 +0200 |
| commit | 36b8d186e6cc8e32cb5227f5645a58e1bc0af190 (patch) | |
| tree | 1000ad26e189e6ff2c53fb7eeff605f59c7ad94e /include/linux/security.h | |
| parent | cd85b557414fe4cd44ea6608825e96612a5fe2b2 (diff) | |
| parent | c45ed235abf1b0b6666417e3c394f18717976acd (diff) | |
| download | linux-36b8d186e6cc8e32cb5227f5645a58e1bc0af190.tar.gz linux-36b8d186e6cc8e32cb5227f5645a58e1bc0af190.tar.bz2 linux-36b8d186e6cc8e32cb5227f5645a58e1bc0af190.zip | |
Merge branch 'next' of git://selinuxproject.org/~jmorris/linux-security
* 'next' of git://selinuxproject.org/~jmorris/linux-security: (95 commits)
TOMOYO: Fix incomplete read after seek.
Smack: allow to access /smack/access as normal user
TOMOYO: Fix unused kernel config option.
Smack: fix: invalid length set for the result of /smack/access
Smack: compilation fix
Smack: fix for /smack/access output, use string instead of byte
Smack: domain transition protections (v3)
Smack: Provide information for UDS getsockopt(SO_PEERCRED)
Smack: Clean up comments
Smack: Repair processing of fcntl
Smack: Rule list lookup performance
Smack: check permissions from user space (v2)
TOMOYO: Fix quota and garbage collector.
TOMOYO: Remove redundant tasklist_lock.
TOMOYO: Fix domain transition failure warning.
TOMOYO: Remove tomoyo_policy_memory_lock spinlock.
TOMOYO: Simplify garbage collector.
TOMOYO: Fix make namespacecheck warnings.
target: check hex2bin result
encrypted-keys: check hex2bin result
...
Diffstat (limited to 'include/linux/security.h')
| -rw-r--r-- | include/linux/security.h | 32 |
1 files changed, 25 insertions, 7 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index ebd2a53a3d07..19d8e04e1688 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -36,6 +36,7 @@ #include <linux/key.h> #include <linux/xfrm.h> #include <linux/slab.h> +#include <linux/xattr.h> #include <net/flow.h> /* Maximum number of letters for an LSM name string */ @@ -147,6 +148,10 @@ extern int mmap_min_addr_handler(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); #endif +/* security_inode_init_security callback function to write xattrs */ +typedef int (*initxattrs) (struct inode *inode, + const struct xattr *xattr_array, void *fs_data); + #ifdef CONFIG_SECURITY struct security_mnt_opts { @@ -1367,7 +1372,7 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts) * @inode_getsecctx: * Returns a string containing all relavent security context information * - * @inode we wish to set the security context of. + * @inode we wish to get the security context of. * @ctx is a pointer in which to place the allocated security context. * @ctxlen points to the place to put the length of @ctx. * This is the main security structure. @@ -1655,6 +1660,8 @@ struct security_operations { extern int security_init(void); extern int security_module_enable(struct security_operations *ops); extern int register_security(struct security_operations *ops); +extern void __init security_fixup_ops(struct security_operations *ops); + /* Security operations */ int security_ptrace_access_check(struct task_struct *child, unsigned int mode); @@ -1704,8 +1711,11 @@ int security_sb_parse_opts_str(char *options, struct security_mnt_opts *opts); int security_inode_alloc(struct inode *inode); void security_inode_free(struct inode *inode); int security_inode_init_security(struct inode *inode, struct inode *dir, - const struct qstr *qstr, char **name, - void **value, size_t *len); + const struct qstr *qstr, + initxattrs initxattrs, void *fs_data); +int security_old_inode_init_security(struct inode *inode, struct inode *dir, + const struct qstr *qstr, char **name, + void **value, size_t *len); int security_inode_create(struct inode *dir, struct dentry *dentry, int mode); int security_inode_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry); @@ -2034,11 +2044,19 @@ static inline void security_inode_free(struct inode *inode) static inline int security_inode_init_security(struct inode *inode, struct inode *dir, const struct qstr *qstr, - char **name, - void **value, - size_t *len) + initxattrs initxattrs, + void *fs_data) { - return -EOPNOTSUPP; + return 0; +} + +static inline int security_old_inode_init_security(struct inode *inode, + struct inode *dir, + const struct qstr *qstr, + char **name, void **value, + size_t *len) +{ + return 0; } static inline int security_inode_create(struct inode *dir, |