| lsm_hooks.h (d8c6e8543294428426578d74dc7aaf121e762d58) | lsm_hooks.h (3ec30113264a7bcd389f51d1738e42da0f41bb5a) |
|---|---|
| 1/* 2 * Linux Security Module interfaces 3 * 4 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com> 5 * Copyright (C) 2001 Greg Kroah-Hartman <greg@kroah.com> 6 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> 7 * Copyright (C) 2001 James Morris <jmorris@intercode.com.au> 8 * Copyright (C) 2001 Silicon Graphics, Inc. (Trust Technology Group) --- 540 unchanged lines hidden (view full) --- 549 * @new points to the new credentials. 550 * @old points to the original credentials. 551 * @gfp indicates the atomicity of any memory allocations. 552 * Prepare a new set of credentials by copying the data from the old set. 553 * @cred_transfer: 554 * @new points to the new credentials. 555 * @old points to the original credentials. 556 * Transfer data from original creds to new creds | 1/* 2 * Linux Security Module interfaces 3 * 4 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com> 5 * Copyright (C) 2001 Greg Kroah-Hartman <greg@kroah.com> 6 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> 7 * Copyright (C) 2001 James Morris <jmorris@intercode.com.au> 8 * Copyright (C) 2001 Silicon Graphics, Inc. (Trust Technology Group) --- 540 unchanged lines hidden (view full) --- 549 * @new points to the new credentials. 550 * @old points to the original credentials. 551 * @gfp indicates the atomicity of any memory allocations. 552 * Prepare a new set of credentials by copying the data from the old set. 553 * @cred_transfer: 554 * @new points to the new credentials. 555 * @old points to the original credentials. 556 * Transfer data from original creds to new creds |
| 557 * @cred_getsecid: 558 * Retrieve the security identifier of the cred structure @c 559 * @c contains the credentials, secid will be placed into @secid. 560 * In case of failure, @secid will be set to zero. |
|
| 557 * @kernel_act_as: 558 * Set the credentials for a kernel service to act as (subjective context). 559 * @new points to the credentials to be modified. 560 * @secid specifies the security ID to be set 561 * The current task must be the one that nominated @secid. 562 * Return 0 if successful. 563 * @kernel_create_files_as: 564 * Set the file creation context in a set of credentials to be the same as --- 102 unchanged lines hidden (view full) --- 667 * the constant 1, or a pointer to a siginfo structure. If @info is 1 or 668 * SI_FROMKERNEL(info) is true, then the signal should be viewed as coming 669 * from the kernel and should typically be permitted. 670 * SIGIO signals are handled separately by the send_sigiotask hook in 671 * file_security_ops. 672 * @p contains the task_struct for process. 673 * @info contains the signal information. 674 * @sig contains the signal value. | 561 * @kernel_act_as: 562 * Set the credentials for a kernel service to act as (subjective context). 563 * @new points to the credentials to be modified. 564 * @secid specifies the security ID to be set 565 * The current task must be the one that nominated @secid. 566 * Return 0 if successful. 567 * @kernel_create_files_as: 568 * Set the file creation context in a set of credentials to be the same as --- 102 unchanged lines hidden (view full) --- 671 * the constant 1, or a pointer to a siginfo structure. If @info is 1 or 672 * SI_FROMKERNEL(info) is true, then the signal should be viewed as coming 673 * from the kernel and should typically be permitted. 674 * SIGIO signals are handled separately by the send_sigiotask hook in 675 * file_security_ops. 676 * @p contains the task_struct for process. 677 * @info contains the signal information. 678 * @sig contains the signal value. |
| 675 * @secid contains the sid of the process where the signal originated | 679 * @cred contains the cred of the process where the signal originated, or 680 * NULL if the current task is the originator. |
| 676 * Return 0 if permission is granted. 677 * @task_prctl: 678 * Check permission before performing a process control operation on the 679 * current process. 680 * @option contains the operation. 681 * @arg2 contains a argument. 682 * @arg3 contains a argument. 683 * @arg4 contains a argument. --- 852 unchanged lines hidden (view full) --- 1536 1537 int (*task_alloc)(struct task_struct *task, unsigned long clone_flags); 1538 void (*task_free)(struct task_struct *task); 1539 int (*cred_alloc_blank)(struct cred *cred, gfp_t gfp); 1540 void (*cred_free)(struct cred *cred); 1541 int (*cred_prepare)(struct cred *new, const struct cred *old, 1542 gfp_t gfp); 1543 void (*cred_transfer)(struct cred *new, const struct cred *old); | 681 * Return 0 if permission is granted. 682 * @task_prctl: 683 * Check permission before performing a process control operation on the 684 * current process. 685 * @option contains the operation. 686 * @arg2 contains a argument. 687 * @arg3 contains a argument. 688 * @arg4 contains a argument. --- 852 unchanged lines hidden (view full) --- 1541 1542 int (*task_alloc)(struct task_struct *task, unsigned long clone_flags); 1543 void (*task_free)(struct task_struct *task); 1544 int (*cred_alloc_blank)(struct cred *cred, gfp_t gfp); 1545 void (*cred_free)(struct cred *cred); 1546 int (*cred_prepare)(struct cred *new, const struct cred *old, 1547 gfp_t gfp); 1548 void (*cred_transfer)(struct cred *new, const struct cred *old); |
| 1549 void (*cred_getsecid)(const struct cred *c, u32 *secid); |
|
| 1544 int (*kernel_act_as)(struct cred *new, u32 secid); 1545 int (*kernel_create_files_as)(struct cred *new, struct inode *inode); 1546 int (*kernel_module_request)(char *kmod_name); 1547 int (*kernel_read_file)(struct file *file, enum kernel_read_file_id id); 1548 int (*kernel_post_read_file)(struct file *file, char *buf, loff_t size, 1549 enum kernel_read_file_id id); 1550 int (*task_fix_setuid)(struct cred *new, const struct cred *old, 1551 int flags); --- 7 unchanged lines hidden (view full) --- 1559 int (*task_prlimit)(const struct cred *cred, const struct cred *tcred, 1560 unsigned int flags); 1561 int (*task_setrlimit)(struct task_struct *p, unsigned int resource, 1562 struct rlimit *new_rlim); 1563 int (*task_setscheduler)(struct task_struct *p); 1564 int (*task_getscheduler)(struct task_struct *p); 1565 int (*task_movememory)(struct task_struct *p); 1566 int (*task_kill)(struct task_struct *p, struct siginfo *info, | 1550 int (*kernel_act_as)(struct cred *new, u32 secid); 1551 int (*kernel_create_files_as)(struct cred *new, struct inode *inode); 1552 int (*kernel_module_request)(char *kmod_name); 1553 int (*kernel_read_file)(struct file *file, enum kernel_read_file_id id); 1554 int (*kernel_post_read_file)(struct file *file, char *buf, loff_t size, 1555 enum kernel_read_file_id id); 1556 int (*task_fix_setuid)(struct cred *new, const struct cred *old, 1557 int flags); --- 7 unchanged lines hidden (view full) --- 1565 int (*task_prlimit)(const struct cred *cred, const struct cred *tcred, 1566 unsigned int flags); 1567 int (*task_setrlimit)(struct task_struct *p, unsigned int resource, 1568 struct rlimit *new_rlim); 1569 int (*task_setscheduler)(struct task_struct *p); 1570 int (*task_getscheduler)(struct task_struct *p); 1571 int (*task_movememory)(struct task_struct *p); 1572 int (*task_kill)(struct task_struct *p, struct siginfo *info, |
| 1567 int sig, u32 secid); | 1573 int sig, const struct cred *cred); |
| 1568 int (*task_prctl)(int option, unsigned long arg2, unsigned long arg3, 1569 unsigned long arg4, unsigned long arg5); 1570 void (*task_to_inode)(struct task_struct *p, struct inode *inode); 1571 1572 int (*ipc_permission)(struct kern_ipc_perm *ipcp, short flag); 1573 void (*ipc_getsecid)(struct kern_ipc_perm *ipcp, u32 *secid); 1574 1575 int (*msg_msg_alloc_security)(struct msg_msg *msg); 1576 void (*msg_msg_free_security)(struct msg_msg *msg); 1577 | 1574 int (*task_prctl)(int option, unsigned long arg2, unsigned long arg3, 1575 unsigned long arg4, unsigned long arg5); 1576 void (*task_to_inode)(struct task_struct *p, struct inode *inode); 1577 1578 int (*ipc_permission)(struct kern_ipc_perm *ipcp, short flag); 1579 void (*ipc_getsecid)(struct kern_ipc_perm *ipcp, u32 *secid); 1580 1581 int (*msg_msg_alloc_security)(struct msg_msg *msg); 1582 void (*msg_msg_free_security)(struct msg_msg *msg); 1583 |
| 1578 int (*msg_queue_alloc_security)(struct kern_ipc_perm *msq); 1579 void (*msg_queue_free_security)(struct kern_ipc_perm *msq); 1580 int (*msg_queue_associate)(struct kern_ipc_perm *msq, int msqflg); 1581 int (*msg_queue_msgctl)(struct kern_ipc_perm *msq, int cmd); 1582 int (*msg_queue_msgsnd)(struct kern_ipc_perm *msq, struct msg_msg *msg, | 1584 int (*msg_queue_alloc_security)(struct msg_queue *msq); 1585 void (*msg_queue_free_security)(struct msg_queue *msq); 1586 int (*msg_queue_associate)(struct msg_queue *msq, int msqflg); 1587 int (*msg_queue_msgctl)(struct msg_queue *msq, int cmd); 1588 int (*msg_queue_msgsnd)(struct msg_queue *msq, struct msg_msg *msg, |
| 1583 int msqflg); | 1589 int msqflg); |
| 1584 int (*msg_queue_msgrcv)(struct kern_ipc_perm *msq, struct msg_msg *msg, | 1590 int (*msg_queue_msgrcv)(struct msg_queue *msq, struct msg_msg *msg, |
| 1585 struct task_struct *target, long type, 1586 int mode); 1587 | 1591 struct task_struct *target, long type, 1592 int mode); 1593 |
| 1588 int (*shm_alloc_security)(struct kern_ipc_perm *shp); 1589 void (*shm_free_security)(struct kern_ipc_perm *shp); 1590 int (*shm_associate)(struct kern_ipc_perm *shp, int shmflg); 1591 int (*shm_shmctl)(struct kern_ipc_perm *shp, int cmd); 1592 int (*shm_shmat)(struct kern_ipc_perm *shp, char __user *shmaddr, | 1594 int (*shm_alloc_security)(struct shmid_kernel *shp); 1595 void (*shm_free_security)(struct shmid_kernel *shp); 1596 int (*shm_associate)(struct shmid_kernel *shp, int shmflg); 1597 int (*shm_shmctl)(struct shmid_kernel *shp, int cmd); 1598 int (*shm_shmat)(struct shmid_kernel *shp, char __user *shmaddr, |
| 1593 int shmflg); 1594 | 1599 int shmflg); 1600 |
| 1595 int (*sem_alloc_security)(struct kern_ipc_perm *sma); 1596 void (*sem_free_security)(struct kern_ipc_perm *sma); 1597 int (*sem_associate)(struct kern_ipc_perm *sma, int semflg); 1598 int (*sem_semctl)(struct kern_ipc_perm *sma, int cmd); 1599 int (*sem_semop)(struct kern_ipc_perm *sma, struct sembuf *sops, | 1601 int (*sem_alloc_security)(struct sem_array *sma); 1602 void (*sem_free_security)(struct sem_array *sma); 1603 int (*sem_associate)(struct sem_array *sma, int semflg); 1604 int (*sem_semctl)(struct sem_array *sma, int cmd); 1605 int (*sem_semop)(struct sem_array *sma, struct sembuf *sops, |
| 1600 unsigned nsops, int alter); 1601 1602 int (*netlink_send)(struct sock *sk, struct sk_buff *skb); 1603 1604 void (*d_instantiate)(struct dentry *dentry, struct inode *inode); 1605 1606 int (*getprocattr)(struct task_struct *p, char *name, char **value); 1607 int (*setprocattr)(const char *name, void *value, size_t size); --- 211 unchanged lines hidden (view full) --- 1819 struct list_head file_receive; 1820 struct list_head file_open; 1821 struct list_head task_alloc; 1822 struct list_head task_free; 1823 struct list_head cred_alloc_blank; 1824 struct list_head cred_free; 1825 struct list_head cred_prepare; 1826 struct list_head cred_transfer; | 1606 unsigned nsops, int alter); 1607 1608 int (*netlink_send)(struct sock *sk, struct sk_buff *skb); 1609 1610 void (*d_instantiate)(struct dentry *dentry, struct inode *inode); 1611 1612 int (*getprocattr)(struct task_struct *p, char *name, char **value); 1613 int (*setprocattr)(const char *name, void *value, size_t size); --- 211 unchanged lines hidden (view full) --- 1825 struct list_head file_receive; 1826 struct list_head file_open; 1827 struct list_head task_alloc; 1828 struct list_head task_free; 1829 struct list_head cred_alloc_blank; 1830 struct list_head cred_free; 1831 struct list_head cred_prepare; 1832 struct list_head cred_transfer; |
| 1833 struct list_head cred_getsecid; |
|
| 1827 struct list_head kernel_act_as; 1828 struct list_head kernel_create_files_as; 1829 struct list_head kernel_read_file; 1830 struct list_head kernel_post_read_file; 1831 struct list_head kernel_module_request; 1832 struct list_head task_fix_setuid; 1833 struct list_head task_setpgid; 1834 struct list_head task_getpgid; --- 195 unchanged lines hidden --- | 1834 struct list_head kernel_act_as; 1835 struct list_head kernel_create_files_as; 1836 struct list_head kernel_read_file; 1837 struct list_head kernel_post_read_file; 1838 struct list_head kernel_module_request; 1839 struct list_head task_fix_setuid; 1840 struct list_head task_setpgid; 1841 struct list_head task_getpgid; --- 195 unchanged lines hidden --- |