| smack_lsm.c (b6dff3ec5e116e3af6f537d4caedcad6b9e5082a) | smack_lsm.c (f1752eec6145c97163dbce62d17cf5d928e28a27) |
|---|---|
| 1/* 2 * Simplified MAC Kernel (smack) security module 3 * 4 * This file contains the smack hook function implementations. 5 * 6 * Author: 7 * Casey Schaufler <casey@schaufler-ca.com> 8 * --- 961 unchanged lines hidden (view full) --- 970 return smk_curacc(file->f_security, may); 971} 972 973/* 974 * Task hooks 975 */ 976 977/** | 1/* 2 * Simplified MAC Kernel (smack) security module 3 * 4 * This file contains the smack hook function implementations. 5 * 6 * Author: 7 * Casey Schaufler <casey@schaufler-ca.com> 8 * --- 961 unchanged lines hidden (view full) --- 970 return smk_curacc(file->f_security, may); 971} 972 973/* 974 * Task hooks 975 */ 976 977/** |
| 978 * smack_task_alloc_security - "allocate" a task blob 979 * @tsk: the task in need of a blob | 978 * smack_cred_alloc_security - "allocate" a task cred blob 979 * @cred: the task creds in need of a blob |
| 980 * 981 * Smack isn't using copies of blobs. Everyone 982 * points to an immutable list. No alloc required. 983 * No data copy required. 984 * 985 * Always returns 0 986 */ | 980 * 981 * Smack isn't using copies of blobs. Everyone 982 * points to an immutable list. No alloc required. 983 * No data copy required. 984 * 985 * Always returns 0 986 */ |
| 987static int smack_task_alloc_security(struct task_struct *tsk) | 987static int smack_cred_alloc_security(struct cred *cred) |
| 988{ | 988{ |
| 989 tsk->cred->security = current->cred->security; | 989 cred->security = current->cred->security; |
| 990 991 return 0; 992} 993 994/** | 990 991 return 0; 992} 993 994/** |
| 995 * smack_task_free_security - "free" a task blob 996 * @task: the task with the blob | 995 * smack_cred_free - "free" task-level security credentials 996 * @cred: the credentials in question |
| 997 * 998 * Smack isn't using copies of blobs. Everyone 999 * points to an immutable list. The blobs never go away. 1000 * There is no leak here. 1001 */ | 997 * 998 * Smack isn't using copies of blobs. Everyone 999 * points to an immutable list. The blobs never go away. 1000 * There is no leak here. 1001 */ |
| 1002static void smack_task_free_security(struct task_struct *task) | 1002static void smack_cred_free(struct cred *cred) |
| 1003{ | 1003{ |
| 1004 task->cred->security = NULL; | 1004 cred->security = NULL; |
| 1005} 1006 1007/** 1008 * smack_task_setpgid - Smack check on setting pgid 1009 * @p: the task object 1010 * @pgid: unused 1011 * 1012 * Return 0 if write access is permitted --- 1612 unchanged lines hidden (view full) --- 2625 .file_free_security = smack_file_free_security, 2626 .file_ioctl = smack_file_ioctl, 2627 .file_lock = smack_file_lock, 2628 .file_fcntl = smack_file_fcntl, 2629 .file_set_fowner = smack_file_set_fowner, 2630 .file_send_sigiotask = smack_file_send_sigiotask, 2631 .file_receive = smack_file_receive, 2632 | 1005} 1006 1007/** 1008 * smack_task_setpgid - Smack check on setting pgid 1009 * @p: the task object 1010 * @pgid: unused 1011 * 1012 * Return 0 if write access is permitted --- 1612 unchanged lines hidden (view full) --- 2625 .file_free_security = smack_file_free_security, 2626 .file_ioctl = smack_file_ioctl, 2627 .file_lock = smack_file_lock, 2628 .file_fcntl = smack_file_fcntl, 2629 .file_set_fowner = smack_file_set_fowner, 2630 .file_send_sigiotask = smack_file_send_sigiotask, 2631 .file_receive = smack_file_receive, 2632 |
| 2633 .task_alloc_security = smack_task_alloc_security, 2634 .task_free_security = smack_task_free_security, | 2633 .cred_alloc_security = smack_cred_alloc_security, 2634 .cred_free = smack_cred_free, |
| 2635 .task_post_setuid = cap_task_post_setuid, 2636 .task_setpgid = smack_task_setpgid, 2637 .task_getpgid = smack_task_getpgid, 2638 .task_getsid = smack_task_getsid, 2639 .task_getsecid = smack_task_getsecid, 2640 .task_setnice = smack_task_setnice, 2641 .task_setioprio = smack_task_setioprio, 2642 .task_getioprio = smack_task_getioprio, --- 115 unchanged lines hidden --- | 2635 .task_post_setuid = cap_task_post_setuid, 2636 .task_setpgid = smack_task_setpgid, 2637 .task_getpgid = smack_task_getpgid, 2638 .task_getsid = smack_task_getsid, 2639 .task_getsecid = smack_task_getsecid, 2640 .task_setnice = smack_task_setnice, 2641 .task_setioprio = smack_task_setioprio, 2642 .task_getioprio = smack_task_getioprio, --- 115 unchanged lines hidden --- |