security.c - OpenGrok cross reference for /linux/security/security.c

Deleted Added

sdiffudifftextold (b7f8f259..)new (1aea7808..)

security.c (b7f8f259896f669f131713b0c74ba4d008daa71d)	security.c (1aea7808372eee4ad01f98e064c88c57f1e94855)
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * Security plug functions 4 * 5 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com> 6 * Copyright (C) 2001-2002 Greg Kroah-Hartman <greg@kroah.com> 7 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> 8 * Copyright (C) 2016 Mellanox Technologies --- 189 unchanged lines hidden (view full) --- 198 * The inode blob gets an rcu_head in addition to 199 * what the modules might need. 200 */ 201 if (needed->lbs_inode && blob_sizes.lbs_inode == 0) 202 blob_sizes.lbs_inode = sizeof(struct rcu_head); 203 lsm_set_blob_size(&needed->lbs_inode, &blob_sizes.lbs_inode); 204 lsm_set_blob_size(&needed->lbs_ipc, &blob_sizes.lbs_ipc); 205 lsm_set_blob_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg);	1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * Security plug functions 4 * 5 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com> 6 * Copyright (C) 2001-2002 Greg Kroah-Hartman <greg@kroah.com> 7 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> 8 * Copyright (C) 2016 Mellanox Technologies --- 189 unchanged lines hidden (view full) --- 198 * The inode blob gets an rcu_head in addition to 199 * what the modules might need. 200 */ 201 if (needed->lbs_inode && blob_sizes.lbs_inode == 0) 202 blob_sizes.lbs_inode = sizeof(struct rcu_head); 203 lsm_set_blob_size(&needed->lbs_inode, &blob_sizes.lbs_inode); 204 lsm_set_blob_size(&needed->lbs_ipc, &blob_sizes.lbs_ipc); 205 lsm_set_blob_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg);
	206 lsm_set_blob_size(&needed->lbs_superblock, &blob_sizes.lbs_superblock);
206 lsm_set_blob_size(&needed->lbs_task, &blob_sizes.lbs_task); 207} 208 209/* Prepare LSM for initialization. / 210static void __init prepare_lsm(struct lsm_info lsm) 211{ 212 int enabled = lsm_allowed(lsm); 213 --- 114 unchanged lines hidden (view full) --- 328 } 329 ordered_lsm_parse(chosen_lsm_order, "cmdline"); 330 } else 331 ordered_lsm_parse(builtin_lsm_order, "builtin"); 332 333 for (lsm = ordered_lsms; lsm; lsm++) 334 prepare_lsm(lsm); 335	207 lsm_set_blob_size(&needed->lbs_task, &blob_sizes.lbs_task); 208} 209 210/* Prepare LSM for initialization. / 211static void __init prepare_lsm(struct lsm_info lsm) 212{ 213 int enabled = lsm_allowed(lsm); 214 --- 114 unchanged lines hidden (view full) --- 329 } 330 ordered_lsm_parse(chosen_lsm_order, "cmdline"); 331 } else 332 ordered_lsm_parse(builtin_lsm_order, "builtin"); 333 334 for (lsm = ordered_lsms; lsm; lsm++) 335 prepare_lsm(lsm); 336
336 init_debug("cred blob size = %d\n", blob_sizes.lbs_cred); 337 init_debug("file blob size = %d\n", blob_sizes.lbs_file); 338 init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); 339 init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); 340 init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); 341 init_debug("task blob size = %d\n", blob_sizes.lbs_task);	337 init_debug("cred blob size = %d\n", blob_sizes.lbs_cred); 338 init_debug("file blob size = %d\n", blob_sizes.lbs_file); 339 init_debug("inode blob size = %d\n", blob_sizes.lbs_inode); 340 init_debug("ipc blob size = %d\n", blob_sizes.lbs_ipc); 341 init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg); 342 init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock); 343 init_debug("task blob size = %d\n", blob_sizes.lbs_task);
342 343 /* 344 * Create any kmem_caches needed for blobs 345 / 346 if (blob_sizes.lbs_file) 347 lsm_file_cache = kmem_cache_create("lsm_file_cache", 348 blob_sizes.lbs_file, 0, 349 SLAB_PANIC, NULL); --- 315 unchanged lines hidden* (view full) --- 665static void __init lsm_early_task(struct task_struct *task) 666{ 667 int rc = lsm_task_alloc(task); 668 669 if (rc) 670 panic("%s: Early task alloc failed.\n", __func__); 671} 672	344 345 /* 346 * Create any kmem_caches needed for blobs 347 / 348 if (blob_sizes.lbs_file) 349 lsm_file_cache = kmem_cache_create("lsm_file_cache", 350 blob_sizes.lbs_file, 0, 351 SLAB_PANIC, NULL); --- 315 unchanged lines hidden* (view full) --- 667static void __init lsm_early_task(struct task_struct *task) 668{ 669 int rc = lsm_task_alloc(task); 670 671 if (rc) 672 panic("%s: Early task alloc failed.\n", __func__); 673} 674
	675/** 676 * lsm_superblock_alloc - allocate a composite superblock blob 677 * @sb: the superblock that needs a blob 678 * 679 * Allocate the superblock blob for all the modules 680 * 681 * Returns 0, or -ENOMEM if memory can't be allocated. 682 / 683static int lsm_superblock_alloc(struct super_block sb) 684{ 685 if (blob_sizes.lbs_superblock == 0) { 686 sb->s_security = NULL; 687 return 0; 688 } 689 690 sb->s_security = kzalloc(blob_sizes.lbs_superblock, GFP_KERNEL); 691 if (sb->s_security == NULL) 692 return -ENOMEM; 693 return 0; 694} 695
673/* 674 * The default value of the LSM hook is defined in linux/lsm_hook_defs.h and 675 * can be accessed with: 676 * 677 * LSM_RET_DEFAULT(<hook_name>) 678 * 679 * The macros below define static constants for the default value of each 680 * LSM hook. --- 181 unchanged lines hidden (view full) --- 862 863int security_fs_context_parse_param(struct fs_context fc, struct fs_parameter param) 864{ 865 return call_int_hook(fs_context_parse_param, -ENOPARAM, fc, param); 866} 867 868int security_sb_alloc(struct super_block *sb) 869{	696/* 697 * The default value of the LSM hook is defined in linux/lsm_hook_defs.h and 698 * can be accessed with: 699 * 700 * LSM_RET_DEFAULT(<hook_name>) 701 * 702 * The macros below define static constants for the default value of each 703 * LSM hook. --- 181 unchanged lines hidden (view full) --- 885 886int security_fs_context_parse_param(struct fs_context fc, struct fs_parameter param) 887{ 888 return call_int_hook(fs_context_parse_param, -ENOPARAM, fc, param); 889} 890 891int security_sb_alloc(struct super_block *sb) 892{
870 return call_int_hook(sb_alloc_security, 0, sb);	893 int rc = lsm_superblock_alloc(sb); 894 895 if (unlikely(rc)) 896 return rc; 897 rc = call_int_hook(sb_alloc_security, 0, sb); 898 if (unlikely(rc)) 899 security_sb_free(sb); 900 return rc;
871} 872 873void security_sb_free(struct super_block *sb) 874{ 875 call_void_hook(sb_free_security, sb);	901} 902 903void security_sb_free(struct super_block *sb) 904{ 905 call_void_hook(sb_free_security, sb);
	906 kfree(sb->s_security); 907 sb->s_security = NULL;
876} 877 878void security_free_mnt_opts(void *mnt_opts) 879{ 880 if (!mnt_opts) 881 return; 882 call_void_hook(sb_free_mnt_opts, mnt_opts); 883 mnt_opts = NULL; --- 1692 unchanged lines hidden ---	908} 909 910void security_free_mnt_opts(void *mnt_opts) 911{ 912 if (!mnt_opts) 913 return; 914 call_void_hook(sb_free_mnt_opts, mnt_opts); 915 mnt_opts = NULL; --- 1692 unchanged lines hidden ---