| security.c (03e1ad7b5d871d4189b1da3125c2f12d1b5f7d0b) | security.c (dd6f953adb5c4deb9cd7b6a5054e7d5eafe4ed71) |
|---|---|
| 1/* 2 * Security plug functions 3 * 4 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com> 5 * Copyright (C) 2001-2002 Greg Kroah-Hartman <greg@kroah.com> 6 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> 7 * 8 * This program is free software; you can redistribute it and/or modify --- 43 unchanged lines hidden (view full) --- 52 * This should be called early in the kernel initialization sequence. 53 */ 54int __init security_init(void) 55{ 56 printk(KERN_INFO "Security Framework initialized\n"); 57 58 if (verify(&dummy_security_ops)) { 59 printk(KERN_ERR "%s could not verify " | 1/* 2 * Security plug functions 3 * 4 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com> 5 * Copyright (C) 2001-2002 Greg Kroah-Hartman <greg@kroah.com> 6 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> 7 * 8 * This program is free software; you can redistribute it and/or modify --- 43 unchanged lines hidden (view full) --- 52 * This should be called early in the kernel initialization sequence. 53 */ 54int __init security_init(void) 55{ 56 printk(KERN_INFO "Security Framework initialized\n"); 57 58 if (verify(&dummy_security_ops)) { 59 printk(KERN_ERR "%s could not verify " |
| 60 "dummy_security_ops structure.\n", __FUNCTION__); | 60 "dummy_security_ops structure.\n", __func__); |
| 61 return -EIO; 62 } 63 64 security_ops = &dummy_security_ops; 65 do_security_initcalls(); 66 67 return 0; 68} --- 8 unchanged lines hidden (view full) --- 77 * 78 * If there is already a security module registered with the kernel, 79 * an error will be returned. Otherwise 0 is returned on success. 80 */ 81int register_security(struct security_operations *ops) 82{ 83 if (verify(ops)) { 84 printk(KERN_DEBUG "%s could not verify " | 61 return -EIO; 62 } 63 64 security_ops = &dummy_security_ops; 65 do_security_initcalls(); 66 67 return 0; 68} --- 8 unchanged lines hidden (view full) --- 77 * 78 * If there is already a security module registered with the kernel, 79 * an error will be returned. Otherwise 0 is returned on success. 80 */ 81int register_security(struct security_operations *ops) 82{ 83 if (verify(ops)) { 84 printk(KERN_DEBUG "%s could not verify " |
| 85 "security_operations structure.\n", __FUNCTION__); | 85 "security_operations structure.\n", __func__); |
| 86 return -EINVAL; 87 } 88 89 if (security_ops != &dummy_security_ops) 90 return -EAGAIN; 91 92 security_ops = ops; 93 --- 11 unchanged lines hidden (view full) --- 105 * 106 * The return value depends on the currently loaded security module, with 0 as 107 * success. 108 */ 109int mod_reg_security(const char *name, struct security_operations *ops) 110{ 111 if (verify(ops)) { 112 printk(KERN_INFO "%s could not verify " | 86 return -EINVAL; 87 } 88 89 if (security_ops != &dummy_security_ops) 90 return -EAGAIN; 91 92 security_ops = ops; 93 --- 11 unchanged lines hidden (view full) --- 105 * 106 * The return value depends on the currently loaded security module, with 0 as 107 * success. 108 */ 109int mod_reg_security(const char *name, struct security_operations *ops) 110{ 111 if (verify(ops)) { 112 printk(KERN_INFO "%s could not verify " |
| 113 "security operations.\n", __FUNCTION__); | 113 "security operations.\n", __func__); |
| 114 return -EINVAL; 115 } 116 117 if (ops == security_ops) { 118 printk(KERN_INFO "%s security operations " | 114 return -EINVAL; 115 } 116 117 if (ops == security_ops) { 118 printk(KERN_INFO "%s security operations " |
| 119 "already registered.\n", __FUNCTION__); | 119 "already registered.\n", __func__); |
| 120 return -EINVAL; 121 } 122 123 return security_ops->register_security(name, ops); 124} 125 126/* Security operations */ 127 --- 881 unchanged lines hidden (view full) --- 1009{ 1010 security_ops->inet_conn_established(sk, skb); 1011} 1012 1013#endif /* CONFIG_SECURITY_NETWORK */ 1014 1015#ifdef CONFIG_SECURITY_NETWORK_XFRM 1016 | 120 return -EINVAL; 121 } 122 123 return security_ops->register_security(name, ops); 124} 125 126/* Security operations */ 127 --- 881 unchanged lines hidden (view full) --- 1009{ 1010 security_ops->inet_conn_established(sk, skb); 1011} 1012 1013#endif /* CONFIG_SECURITY_NETWORK */ 1014 1015#ifdef CONFIG_SECURITY_NETWORK_XFRM 1016 |
| 1017int security_xfrm_policy_alloc(struct xfrm_sec_ctx **ctxp, struct xfrm_user_sec_ctx *sec_ctx) | 1017int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx) |
| 1018{ | 1018{ |
| 1019 return security_ops->xfrm_policy_alloc_security(ctxp, sec_ctx); | 1019 return security_ops->xfrm_policy_alloc_security(xp, sec_ctx); |
| 1020} 1021EXPORT_SYMBOL(security_xfrm_policy_alloc); 1022 | 1020} 1021EXPORT_SYMBOL(security_xfrm_policy_alloc); 1022 |
| 1023int security_xfrm_policy_clone(struct xfrm_sec_ctx *old_ctx, 1024 struct xfrm_sec_ctx **new_ctxp) | 1023int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new) |
| 1025{ | 1024{ |
| 1026 return security_ops->xfrm_policy_clone_security(old_ctx, new_ctxp); | 1025 return security_ops->xfrm_policy_clone_security(old, new); |
| 1027} 1028 | 1026} 1027 |
| 1029void security_xfrm_policy_free(struct xfrm_sec_ctx *ctx) | 1028void security_xfrm_policy_free(struct xfrm_policy *xp) |
| 1030{ | 1029{ |
| 1031 security_ops->xfrm_policy_free_security(ctx); | 1030 security_ops->xfrm_policy_free_security(xp); |
| 1032} 1033EXPORT_SYMBOL(security_xfrm_policy_free); 1034 | 1031} 1032EXPORT_SYMBOL(security_xfrm_policy_free); 1033 |
| 1035int security_xfrm_policy_delete(struct xfrm_sec_ctx *ctx) | 1034int security_xfrm_policy_delete(struct xfrm_policy *xp) |
| 1036{ | 1035{ |
| 1037 return security_ops->xfrm_policy_delete_security(ctx); | 1036 return security_ops->xfrm_policy_delete_security(xp); |
| 1038} 1039 1040int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx) 1041{ 1042 return security_ops->xfrm_state_alloc_security(x, sec_ctx, 0); 1043} 1044EXPORT_SYMBOL(security_xfrm_state_alloc); 1045 --- 15 unchanged lines hidden (view full) --- 1061} 1062EXPORT_SYMBOL(security_xfrm_state_delete); 1063 1064void security_xfrm_state_free(struct xfrm_state *x) 1065{ 1066 security_ops->xfrm_state_free_security(x); 1067} 1068 | 1037} 1038 1039int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx) 1040{ 1041 return security_ops->xfrm_state_alloc_security(x, sec_ctx, 0); 1042} 1043EXPORT_SYMBOL(security_xfrm_state_alloc); 1044 --- 15 unchanged lines hidden (view full) --- 1060} 1061EXPORT_SYMBOL(security_xfrm_state_delete); 1062 1063void security_xfrm_state_free(struct xfrm_state *x) 1064{ 1065 security_ops->xfrm_state_free_security(x); 1066} 1067 |
| 1069int security_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir) | 1068int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 fl_secid, u8 dir) |
| 1070{ | 1069{ |
| 1071 return security_ops->xfrm_policy_lookup(ctx, fl_secid, dir); | 1070 return security_ops->xfrm_policy_lookup(xp, fl_secid, dir); |
| 1072} 1073 1074int security_xfrm_state_pol_flow_match(struct xfrm_state *x, 1075 struct xfrm_policy *xp, struct flowi *fl) 1076{ 1077 return security_ops->xfrm_state_pol_flow_match(x, xp, fl); 1078} 1079 --- 34 unchanged lines hidden --- | 1071} 1072 1073int security_xfrm_state_pol_flow_match(struct xfrm_state *x, 1074 struct xfrm_policy *xp, struct flowi *fl) 1075{ 1076 return security_ops->xfrm_state_pol_flow_match(x, xp, fl); 1077} 1078 --- 34 unchanged lines hidden --- |