extern int cap_inode_removexattr(struct dentry *dentry, char *name);
extern int cap_inode_need_killpriv(struct dentry *dentry);
extern int cap_inode_killpriv(struct dentry *dentry);
- extern int cap_task_post_setuid (uid_t old_ruid, uid_t old_euid, uid_t old_suid, int flags);
- extern void cap_task_reparent_to_init (struct task_struct *p);
+ extern int cap_task_post_setuid(uid_t old_ruid, uid_t old_euid, uid_t old_suid, int flags);
+ extern void cap_task_reparent_to_init(struct task_struct *p);
+extern int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3,
+ unsigned long arg4, unsigned long arg5, long *rc_p);
- extern int cap_task_setscheduler (struct task_struct *p, int policy, struct sched_param *lp);
- extern int cap_task_setioprio (struct task_struct *p, int ioprio);
- extern int cap_task_setnice (struct task_struct *p, int nice);
- extern int cap_syslog (int type);
+ extern int cap_task_setscheduler(struct task_struct *p, int policy, struct sched_param *lp);
+ extern int cap_task_setioprio(struct task_struct *p, int ioprio);
+ extern int cap_task_setnice(struct task_struct *p, int nice);
+ extern int cap_syslog(int type);
extern int cap_vm_enough_memory(struct mm_struct *mm, long pages);
struct msghdr;
* @arg3 contains a argument.
* @arg4 contains a argument.
* @arg5 contains a argument.
- * Return 0 if permission is granted.
+ * @rc_p contains a pointer to communicate back the forced return code
+ * Return 0 if permission is granted, and non-zero if the security module
+ * has taken responsibility (setting *rc_p) for the prctl call.
* @task_reparent_to_init:
- * Set the security attributes in @p->security for a kernel thread that
- * is being reparented to the init task.
+ * Set the security attributes in @p->security for a kernel thread that
+ * is being reparented to the init task.
* @p contains the task_struct for the kernel thread.
* @task_to_inode:
- * Set the security attributes for an inode based on an associated task's
- * security attributes, e.g. for /proc/pid inodes.
+ * Set the security attributes for an inode based on an associated task's
+ * security attributes, e.g. for /proc/pid inodes.
* @p contains the task_struct for the task.
* @inode contains the inode structure for the inode.
*
int (*task_post_setuid) (uid_t old_ruid /* or fsuid */ ,
uid_t old_euid, uid_t old_suid, int flags);
int (*task_setgid) (gid_t id0, gid_t id1, gid_t id2, int flags);
- int (*task_setpgid) (struct task_struct * p, pid_t pgid);
- int (*task_getpgid) (struct task_struct * p);
- int (*task_getsid) (struct task_struct * p);
- void (*task_getsecid) (struct task_struct * p, u32 * secid);
+ int (*task_setpgid) (struct task_struct *p, pid_t pgid);
+ int (*task_getpgid) (struct task_struct *p);
+ int (*task_getsid) (struct task_struct *p);
+ void (*task_getsecid) (struct task_struct *p, u32 *secid);
int (*task_setgroups) (struct group_info *group_info);
- int (*task_setnice) (struct task_struct * p, int nice);
- int (*task_setioprio) (struct task_struct * p, int ioprio);
- int (*task_getioprio) (struct task_struct * p);
- int (*task_setrlimit) (unsigned int resource, struct rlimit * new_rlim);
- int (*task_setscheduler) (struct task_struct * p, int policy,
- struct sched_param * lp);
- int (*task_getscheduler) (struct task_struct * p);
- int (*task_movememory) (struct task_struct * p);
- int (*task_kill) (struct task_struct * p,
- struct siginfo * info, int sig, u32 secid);
- int (*task_wait) (struct task_struct * p);
+ int (*task_setnice) (struct task_struct *p, int nice);
+ int (*task_setioprio) (struct task_struct *p, int ioprio);
+ int (*task_getioprio) (struct task_struct *p);
+ int (*task_setrlimit) (unsigned int resource, struct rlimit *new_rlim);
+ int (*task_setscheduler) (struct task_struct *p, int policy,
+ struct sched_param *lp);
+ int (*task_getscheduler) (struct task_struct *p);
+ int (*task_movememory) (struct task_struct *p);
+ int (*task_kill) (struct task_struct *p,
+ struct siginfo *info, int sig, u32 secid);
+ int (*task_wait) (struct task_struct *p);
int (*task_prctl) (int option, unsigned long arg2,
unsigned long arg3, unsigned long arg4,
- unsigned long arg5);
+ unsigned long arg5, long *rc_p);
- void (*task_reparent_to_init) (struct task_struct * p);
- void (*task_to_inode)(struct task_struct *p, struct inode *inode);
+ void (*task_reparent_to_init) (struct task_struct *p);
+ void (*task_to_inode) (struct task_struct *p, struct inode *inode);
- int (*ipc_permission) (struct kern_ipc_perm * ipcp, short flag);
+ int (*ipc_permission) (struct kern_ipc_perm *ipcp, short flag);
void (*ipc_getsecid) (struct kern_ipc_perm *ipcp, u32 *secid);
- int (*msg_msg_alloc_security) (struct msg_msg * msg);
- void (*msg_msg_free_security) (struct msg_msg * msg);
-
- int (*msg_queue_alloc_security) (struct msg_queue * msq);
- void (*msg_queue_free_security) (struct msg_queue * msq);
- int (*msg_queue_associate) (struct msg_queue * msq, int msqflg);
- int (*msg_queue_msgctl) (struct msg_queue * msq, int cmd);
- int (*msg_queue_msgsnd) (struct msg_queue * msq,
- struct msg_msg * msg, int msqflg);
- int (*msg_queue_msgrcv) (struct msg_queue * msq,
- struct msg_msg * msg,
- struct task_struct * target,
+ int (*msg_msg_alloc_security) (struct msg_msg *msg);
+ void (*msg_msg_free_security) (struct msg_msg *msg);
+
+ int (*msg_queue_alloc_security) (struct msg_queue *msq);
+ void (*msg_queue_free_security) (struct msg_queue *msq);
+ int (*msg_queue_associate) (struct msg_queue *msq, int msqflg);
+ int (*msg_queue_msgctl) (struct msg_queue *msq, int cmd);
+ int (*msg_queue_msgsnd) (struct msg_queue *msq,
+ struct msg_msg *msg, int msqflg);
+ int (*msg_queue_msgrcv) (struct msg_queue *msq,
+ struct msg_msg *msg,
+ struct task_struct *target,
long type, int mode);
- int (*shm_alloc_security) (struct shmid_kernel * shp);
- void (*shm_free_security) (struct shmid_kernel * shp);
- int (*shm_associate) (struct shmid_kernel * shp, int shmflg);
- int (*shm_shmctl) (struct shmid_kernel * shp, int cmd);
- int (*shm_shmat) (struct shmid_kernel * shp,
+ int (*shm_alloc_security) (struct shmid_kernel *shp);
+ void (*shm_free_security) (struct shmid_kernel *shp);
+ int (*shm_associate) (struct shmid_kernel *shp, int shmflg);
+ int (*shm_shmctl) (struct shmid_kernel *shp, int cmd);
+ int (*shm_shmat) (struct shmid_kernel *shp,
char __user *shmaddr, int shmflg);
- int (*sem_alloc_security) (struct sem_array * sma);
- void (*sem_free_security) (struct sem_array * sma);
- int (*sem_associate) (struct sem_array * sma, int semflg);
- int (*sem_semctl) (struct sem_array * sma, int cmd);
- int (*sem_semop) (struct sem_array * sma,
- struct sembuf * sops, unsigned nsops, int alter);
+ int (*sem_alloc_security) (struct sem_array *sma);
+ void (*sem_free_security) (struct sem_array *sma);
+ int (*sem_associate) (struct sem_array *sma, int semflg);
+ int (*sem_semctl) (struct sem_array *sma, int cmd);
+ int (*sem_semop) (struct sem_array *sma,
+ struct sembuf *sops, unsigned nsops, int alter);
- int (*netlink_send) (struct sock * sk, struct sk_buff * skb);
- int (*netlink_recv) (struct sk_buff * skb, int cap);
+ int (*netlink_send) (struct sock *sk, struct sk_buff *skb);
+ int (*netlink_recv) (struct sk_buff *skb, int cap);
/* allow module stacking */
int (*register_security) (const char *name,
return 0;
}
- static inline int security_task_prctl (int option, unsigned long arg2,
- unsigned long arg3,
- unsigned long arg4,
- unsigned long arg5, long *rc_p)
+ static inline int security_task_prctl(int option, unsigned long arg2,
+ unsigned long arg3,
+ unsigned long arg4,
- unsigned long arg5)
++ unsigned long arg5, long *rc_p)
{
- return 0;
+ return cap_task_prctl(option, arg2, arg3, arg3, arg5, rc_p);
}
- static inline void security_task_reparent_to_init (struct task_struct *p)
+ static inline void security_task_reparent_to_init(struct task_struct *p)
{
- cap_task_reparent_to_init (p);
+ cap_task_reparent_to_init(p);
}
static inline void security_task_to_inode(struct task_struct *p, struct inode *inode)
projects / openwrt / staging / blogic.git / commitdiff