aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux/security.h
diff options
context:
space:
mode:
authorKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>2012-10-19 15:19:19 -0400
committerKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>2012-10-19 15:19:19 -0400
commite05dacd71db0a5da7c1a44bcaab2a8a240b9c233 (patch)
tree31382cf1c7d62c03126448affb2fc86e8c4aaa8b /include/linux/security.h
parentxen: arm: comment on why 64-bit xen_pfn_t is safe even on 32 bit (diff)
parentLinux 3.7-rc1 (diff)
downloadlinux-dev-e05dacd71db0a5da7c1a44bcaab2a8a240b9c233.tar.xz
linux-dev-e05dacd71db0a5da7c1a44bcaab2a8a240b9c233.zip
Merge commit 'v3.7-rc1' into stable/for-linus-3.7
* commit 'v3.7-rc1': (10892 commits) Linux 3.7-rc1 x86, boot: Explicitly include autoconf.h for hostprogs perf: Fix UAPI fallout ARM: config: make sure that platforms are ordered by option string ARM: config: sort select statements alphanumerically UAPI: (Scripted) Disintegrate include/linux/byteorder UAPI: (Scripted) Disintegrate include/linux UAPI: Unexport linux/blk_types.h UAPI: Unexport part of linux/ppp-comp.h perf: Handle new rbtree implementation procfs: don't need a PATH_MAX allocation to hold a string representation of an int vfs: embed struct filename inside of names_cache allocation if possible audit: make audit_inode take struct filename vfs: make path_openat take a struct filename pointer vfs: turn do_path_lookup into wrapper around struct filename variant audit: allow audit code to satisfy getname requests from its names_list vfs: define struct filename and have getname() return it btrfs: Fix compilation with user namespace support enabled userns: Fix posix_acl_file_xattr_userns gid conversion userns: Properly print bluetooth socket uids ...
Diffstat (limited to 'include/linux/security.h')
-rw-r--r--include/linux/security.h50
1 files changed, 41 insertions, 9 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index 3dea6a9d568f..05e88bdcf7d9 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -118,6 +118,7 @@ void reset_security_ops(void);
extern unsigned long mmap_min_addr;
extern unsigned long dac_mmap_min_addr;
#else
+#define mmap_min_addr 0UL
#define dac_mmap_min_addr 0UL
#endif
@@ -1410,8 +1411,8 @@ struct security_operations {
int (*sb_kern_mount) (struct super_block *sb, int flags, void *data);
int (*sb_show_options) (struct seq_file *m, struct super_block *sb);
int (*sb_statfs) (struct dentry *dentry);
- int (*sb_mount) (char *dev_name, struct path *path,
- char *type, unsigned long flags, void *data);
+ int (*sb_mount) (const char *dev_name, struct path *path,
+ const char *type, unsigned long flags, void *data);
int (*sb_umount) (struct vfsmount *mnt, int flags);
int (*sb_pivotroot) (struct path *old_path,
struct path *new_path);
@@ -1435,7 +1436,7 @@ struct security_operations {
int (*path_rename) (struct path *old_dir, struct dentry *old_dentry,
struct path *new_dir, struct dentry *new_dentry);
int (*path_chmod) (struct path *path, umode_t mode);
- int (*path_chown) (struct path *path, uid_t uid, gid_t gid);
+ int (*path_chown) (struct path *path, kuid_t uid, kgid_t gid);
int (*path_chroot) (struct path *path);
#endif
@@ -1693,8 +1694,8 @@ int security_sb_remount(struct super_block *sb, void *data);
int security_sb_kern_mount(struct super_block *sb, int flags, void *data);
int security_sb_show_options(struct seq_file *m, struct super_block *sb);
int security_sb_statfs(struct dentry *dentry);
-int security_sb_mount(char *dev_name, struct path *path,
- char *type, unsigned long flags, void *data);
+int security_sb_mount(const char *dev_name, struct path *path,
+ const char *type, unsigned long flags, void *data);
int security_sb_umount(struct vfsmount *mnt, int flags);
int security_sb_pivotroot(struct path *old_path, struct path *new_path);
int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts);
@@ -1963,8 +1964,8 @@ static inline int security_sb_statfs(struct dentry *dentry)
return 0;
}
-static inline int security_sb_mount(char *dev_name, struct path *path,
- char *type, unsigned long flags,
+static inline int security_sb_mount(const char *dev_name, struct path *path,
+ const char *type, unsigned long flags,
void *data)
{
return 0;
@@ -2830,7 +2831,7 @@ int security_path_link(struct dentry *old_dentry, struct path *new_dir,
int security_path_rename(struct path *old_dir, struct dentry *old_dentry,
struct path *new_dir, struct dentry *new_dentry);
int security_path_chmod(struct path *path, umode_t mode);
-int security_path_chown(struct path *path, uid_t uid, gid_t gid);
+int security_path_chown(struct path *path, kuid_t uid, kgid_t gid);
int security_path_chroot(struct path *path);
#else /* CONFIG_SECURITY_PATH */
static inline int security_path_unlink(struct path *dir, struct dentry *dentry)
@@ -2886,7 +2887,7 @@ static inline int security_path_chmod(struct path *path, umode_t mode)
return 0;
}
-static inline int security_path_chown(struct path *path, uid_t uid, gid_t gid)
+static inline int security_path_chown(struct path *path, kuid_t uid, kgid_t gid)
{
return 0;
}
@@ -3021,5 +3022,36 @@ static inline void free_secdata(void *secdata)
{ }
#endif /* CONFIG_SECURITY */
+#ifdef CONFIG_SECURITY_YAMA
+extern int yama_ptrace_access_check(struct task_struct *child,
+ unsigned int mode);
+extern int yama_ptrace_traceme(struct task_struct *parent);
+extern void yama_task_free(struct task_struct *task);
+extern int yama_task_prctl(int option, unsigned long arg2, unsigned long arg3,
+ unsigned long arg4, unsigned long arg5);
+#else
+static inline int yama_ptrace_access_check(struct task_struct *child,
+ unsigned int mode)
+{
+ return 0;
+}
+
+static inline int yama_ptrace_traceme(struct task_struct *parent)
+{
+ return 0;
+}
+
+static inline void yama_task_free(struct task_struct *task)
+{
+}
+
+static inline int yama_task_prctl(int option, unsigned long arg2,
+ unsigned long arg3, unsigned long arg4,
+ unsigned long arg5)
+{
+ return -ENOSYS;
+}
+#endif /* CONFIG_SECURITY_YAMA */
+
#endif /* ! __LINUX_SECURITY_H */
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.