diff options
| author |   Linus Torvalds <torvalds@linux-foundation.org> | 2025-05-28 08:17:19 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2025-05-28 08:17:19 -0700 |
| commit | 1bc8c83af962a7f0e52c1ee254acbcb1d9204a5e (patch) | |
| tree | d083bf0b3f6600c6b18e9bf2f08c3d5d59b6855e /security | |
| parent | Merge tag 'integrity-v6.16' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity (diff) | |
| parent | lsm: Move security_netlink_send to under CONFIG_SECURITY_NETWORK (diff) | |
| download | linux-rng-1bc8c83af962a7f0e52c1ee254acbcb1d9204a5e.tar.xz linux-rng-1bc8c83af962a7f0e52c1ee254acbcb1d9204a5e.zip | |
Merge tag 'lsm-pr-20250527' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm
Pull lsm update from Paul Moore:
"One minor LSM framework patch to move the selinux_netlink_send() hook
under the CONFIG_SECURITY_NETWORK Kconfig knob"
* tag 'lsm-pr-20250527' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm:
lsm: Move security_netlink_send to under CONFIG_SECURITY_NETWORK
Diffstat (limited to 'security')
| -rw-r--r-- | security/security.c | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/security/security.c b/security/security.c index fb57e8fddd91..596d41818577 100644 --- a/security/security.c +++ b/security/security.c @@ -4277,24 +4277,6 @@ int security_setprocattr(int lsmid, const char *name, void *value, size_t size) } /** - * security_netlink_send() - Save info and check if netlink sending is allowed - * @sk: sending socket - * @skb: netlink message - * - * Save security information for a netlink message so that permission checking - * can be performed when the message is processed. The security information - * can be saved using the eff_cap field of the netlink_skb_parms structure. - * Also may be used to provide fine grained control over message transmission. - * - * Return: Returns 0 if the information was successfully saved and message is - * allowed to be transmitted. - */ -int security_netlink_send(struct sock *sk, struct sk_buff *skb) -{ - return call_int_hook(netlink_send, sk, skb); -} - -/** * security_ismaclabel() - Check if the named attribute is a MAC label * @name: full extended attribute name * @@ -4484,6 +4466,24 @@ int security_watch_key(struct key *key) #ifdef CONFIG_SECURITY_NETWORK /** + * security_netlink_send() - Save info and check if netlink sending is allowed + * @sk: sending socket + * @skb: netlink message + * + * Save security information for a netlink message so that permission checking + * can be performed when the message is processed. The security information + * can be saved using the eff_cap field of the netlink_skb_parms structure. + * Also may be used to provide fine grained control over message transmission. + * + * Return: Returns 0 if the information was successfully saved and message is + * allowed to be transmitted. + */ +int security_netlink_send(struct sock *sk, struct sk_buff *skb) +{ + return call_int_hook(netlink_send, sk, skb); +} + +/** * security_unix_stream_connect() - Check if a AF_UNIX stream is allowed * @sock: originating sock * @other: peer sock |