diff options
| author | Greg Kroah-Hartman <greg@kroah.com> | 2002-11-23 23:31:02 -0800 |
|---|---|---|
| committer | Greg Kroah-Hartman <greg@kroah.com> | 2002-11-23 23:31:02 -0800 |
| commit | c0db5d6f9fc805f7d7e1d369b00eb130c1d2353e (patch) | |
| tree | 65af5286b794edb6d4802923dce312d0f8ce78fa /kernel | |
| parent | cebce9d8beb7493d5c82035db854a475f6a1ae66 (diff) | |
| parent | e175888f40d9b14b62ca6b5dab3573b364029ce0 (diff) | |
Merge
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/acct.c | 4 | ||||
| -rw-r--r-- | kernel/capability.c | 11 | ||||
| -rw-r--r-- | kernel/exit.c | 6 | ||||
| -rw-r--r-- | kernel/fork.c | 7 | ||||
| -rw-r--r-- | kernel/kmod.c | 3 | ||||
| -rw-r--r-- | kernel/ptrace.c | 4 | ||||
| -rw-r--r-- | kernel/sched.c | 15 | ||||
| -rw-r--r-- | kernel/signal.c | 4 | ||||
| -rw-r--r-- | kernel/sys.c | 48 | ||||
| -rw-r--r-- | kernel/uid16.c | 3 |
10 files changed, 43 insertions, 62 deletions
diff --git a/kernel/acct.c b/kernel/acct.c index 20973f3ed6e4..1a5a5a3532ab 100644 --- a/kernel/acct.c +++ b/kernel/acct.c @@ -49,6 +49,7 @@ #include <linux/acct.h> #include <linux/file.h> #include <linux/tty.h> +#include <linux/security.h> #include <asm/uaccess.h> /* @@ -222,8 +223,7 @@ asmlinkage long sys_acct(const char *name) } } - error = security_ops->acct(file); - if (error) + if ((error = security_acct(file))) return error; spin_lock(&acct_globals.lock); diff --git a/kernel/capability.c b/kernel/capability.c index 0ca6e1192e30..b4a8c99b99f4 100644 --- a/kernel/capability.c +++ b/kernel/capability.c @@ -8,6 +8,7 @@ */ #include <linux/mm.h> +#include <linux/security.h> #include <asm/uaccess.h> unsigned securebits = SECUREBITS_DEFAULT; /* systemwide security settings */ @@ -63,7 +64,7 @@ asmlinkage long sys_capget(cap_user_header_t header, cap_user_data_t dataptr) } else target = current; - ret = security_ops->capget(target, &data.effective, &data.inheritable, &data.permitted); + ret = security_capget(target, &data.effective, &data.inheritable, &data.permitted); out: read_unlock(&tasklist_lock); @@ -88,7 +89,7 @@ static inline void cap_set_pg(int pgrp, kernel_cap_t *effective, do_each_thread(g, target) { if (target->pgrp != pgrp) continue; - security_ops->capset_set(target, effective, inheritable, permitted); + security_capset_set(target, effective, inheritable, permitted); } while_each_thread(g, target); } @@ -105,7 +106,7 @@ static inline void cap_set_all(kernel_cap_t *effective, do_each_thread(g, target) { if (target == current || target->pid == 1) continue; - security_ops->capset_set(target, effective, inheritable, permitted); + security_capset_set(target, effective, inheritable, permitted); } while_each_thread(g, target); } @@ -163,7 +164,7 @@ asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data) ret = -EPERM; - if (security_ops->capset_check(target, &effective, &inheritable, &permitted)) + if (security_capset_check(target, &effective, &inheritable, &permitted)) goto out; if (!cap_issubset(inheritable, cap_combine(target->cap_inheritable, @@ -190,7 +191,7 @@ asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data) else /* all procs in process group */ cap_set_pg(-pid, &effective, &inheritable, &permitted); } else { - security_ops->capset_set(target, &effective, &inheritable, &permitted); + security_capset_set(target, &effective, &inheritable, &permitted); } out: diff --git a/kernel/exit.c b/kernel/exit.c index b923fd64591b..613c083300a2 100644 --- a/kernel/exit.c +++ b/kernel/exit.c @@ -68,7 +68,7 @@ void release_task(struct task_struct * p) wait_task_inactive(p); atomic_dec(&p->user->processes); - security_ops->task_free_security(p); + security_task_free(p); free_uid(p->user); write_lock_irq(&tasklist_lock); if (unlikely(p->ptrace)) @@ -249,7 +249,7 @@ void reparent_to_init(void) /* cpus_allowed? */ /* rt_priority? */ /* signals? */ - security_ops->task_reparent_to_init(current); + security_task_reparent_to_init(current); memcpy(current->rlim, init_task.rlim, sizeof(*(current->rlim))); current->user = INIT_USER; @@ -787,7 +787,7 @@ static int eligible_child(pid_t pid, int options, task_t *p) if (current->tgid != p->tgid && delay_group_leader(p)) return 2; - if (security_ops->task_wait(p)) + if (security_task_wait(p)) return 0; return 1; diff --git a/kernel/fork.c b/kernel/fork.c index 27cf572cedf8..cd15d6a82e8f 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -717,8 +717,7 @@ static struct task_struct *copy_process(unsigned long clone_flags, if ((clone_flags & CLONE_DETACHED) && !(clone_flags & CLONE_THREAD)) return ERR_PTR(-EINVAL); - retval = security_ops->task_create(clone_flags); - if (retval) + if ((retval = security_task_create(clone_flags))) goto fork_out; retval = -ENOMEM; @@ -811,7 +810,7 @@ static struct task_struct *copy_process(unsigned long clone_flags, p->core_waiter = 0; retval = -ENOMEM; - if (security_ops->task_alloc_security(p)) + if (security_task_alloc(p)) goto bad_fork_cleanup; /* copy all the process information */ if (copy_semundo(clone_flags, p)) @@ -964,7 +963,7 @@ bad_fork_cleanup_files: bad_fork_cleanup_semundo: exit_semundo(p); bad_fork_cleanup_security: - security_ops->task_free_security(p); + security_task_free(p); bad_fork_cleanup: if (p->pid > 0) free_pidmap(p->pid); diff --git a/kernel/kmod.c b/kernel/kmod.c index e930f6a33803..6a9a2c8f937c 100644 --- a/kernel/kmod.c +++ b/kernel/kmod.c @@ -29,6 +29,7 @@ #include <linux/completion.h> #include <linux/file.h> #include <linux/workqueue.h> +#include <linux/security.h> #include <linux/mount.h> #include <asm/uaccess.h> @@ -134,7 +135,7 @@ int exec_usermodehelper(char *program_path, char *argv[], char *envp[]) /* Give kmod all effective privileges.. */ curtask->euid = curtask->fsuid = 0; curtask->egid = curtask->fsgid = 0; - security_ops->task_kmod_set_label(); + security_task_kmod_set_label(); /* Allow execve args to be in kernel space. */ set_fs(KERNEL_DS); diff --git a/kernel/ptrace.c b/kernel/ptrace.c index a2611977e53b..3657ada2e235 100644 --- a/kernel/ptrace.c +++ b/kernel/ptrace.c @@ -14,6 +14,7 @@ #include <linux/pagemap.h> #include <linux/smp_lock.h> #include <linux/ptrace.h> +#include <linux/security.h> #include <asm/pgtable.h> #include <asm/uaccess.h> @@ -100,8 +101,7 @@ int ptrace_attach(struct task_struct *task) /* the same process cannot be attached many times */ if (task->ptrace & PT_PTRACED) goto bad; - retval = security_ops->ptrace(current, task); - if (retval) + if ((retval = security_ptrace(current, task))) goto bad; /* Go */ diff --git a/kernel/sched.c b/kernel/sched.c index 63efff4f8d68..b5445eede0b9 100644 --- a/kernel/sched.c +++ b/kernel/sched.c @@ -1348,8 +1348,7 @@ asmlinkage long sys_nice(int increment) if (nice > 19) nice = 19; - retval = security_ops->task_setnice(current, nice); - if (retval) + if ((retval = security_task_setnice(current, nice))) return retval; set_user_nice(current, nice); @@ -1470,8 +1469,7 @@ static int setscheduler(pid_t pid, int policy, struct sched_param *param) !capable(CAP_SYS_NICE)) goto out_unlock; - retval = security_ops->task_setscheduler(p, policy, &lp); - if (retval) + if ((retval = security_task_setscheduler(p, policy, &lp))) goto out_unlock; array = p->array; @@ -1534,8 +1532,7 @@ asmlinkage long sys_sched_getscheduler(pid_t pid) read_lock(&tasklist_lock); p = find_process_by_pid(pid); if (p) { - retval = security_ops->task_getscheduler(p); - if (!retval) + if (!(retval = security_task_getscheduler(p))) retval = p->policy; } read_unlock(&tasklist_lock); @@ -1564,8 +1561,7 @@ asmlinkage long sys_sched_getparam(pid_t pid, struct sched_param *param) if (!p) goto out_unlock; - retval = security_ops->task_getscheduler(p); - if (retval) + if ((retval = security_task_getscheduler(p))) goto out_unlock; lp.sched_priority = p->rt_priority; @@ -1824,8 +1820,7 @@ asmlinkage long sys_sched_rr_get_interval(pid_t pid, struct timespec *interval) if (!p) goto out_unlock; - retval = security_ops->task_getscheduler(p); - if (retval) + if ((retval = security_task_getscheduler(p))) goto out_unlock; jiffies_to_timespec(p->policy & SCHED_FIFO ? diff --git a/kernel/signal.c b/kernel/signal.c index 1379e559bbf4..fd8e2124aed0 100644 --- a/kernel/signal.c +++ b/kernel/signal.c @@ -18,6 +18,7 @@ #include <linux/fs.h> #include <linux/tty.h> #include <linux/binfmts.h> +#include <linux/security.h> #include <asm/param.h> #include <asm/uaccess.h> #include <asm/siginfo.h> @@ -738,8 +739,7 @@ specific_send_sig_info(int sig, struct siginfo *info, struct task_struct *t, int ret = -EPERM; if (bad_signal(sig, info, t)) goto out; - ret = security_ops->task_kill(t, info, sig); - if (ret) + if ((ret = security_task_kill(t, info, sig))) goto out; /* The null signal is a permissions and process existence probe. diff --git a/kernel/sys.c b/kernel/sys.c index 5997c8b85e6e..38cadcf8f187 100644 --- a/kernel/sys.c +++ b/kernel/sys.c @@ -483,8 +483,7 @@ asmlinkage long sys_setregid(gid_t rgid, gid_t egid) int new_egid = old_egid; int retval; - retval = security_ops->task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE); - if (retval) + if ((retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE))) return retval; if (rgid != (gid_t) -1) { @@ -529,8 +528,7 @@ asmlinkage long sys_setgid(gid_t gid) int old_egid = current->egid; int retval; - retval = security_ops->task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID); - if (retval) + if ((retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID))) return retval; if (capable(CAP_SETGID)) @@ -603,8 +601,7 @@ asmlinkage long sys_setreuid(uid_t ruid, uid_t euid) int old_ruid, old_euid, old_suid, new_ruid, new_euid; int retval; - retval = security_ops->task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE); - if (retval) + if ((retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE))) return retval; new_ruid = old_ruid = current->uid; @@ -642,7 +639,7 @@ asmlinkage long sys_setreuid(uid_t ruid, uid_t euid) current->suid = current->euid; current->fsuid = current->euid; - return security_ops->task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE); + return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE); } @@ -664,8 +661,7 @@ asmlinkage long sys_setuid(uid_t uid) int old_ruid, old_suid, new_ruid, new_suid; int retval; - retval = security_ops->task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID); - if (retval) + if ((retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID))) return retval; old_ruid = new_ruid = current->uid; @@ -687,7 +683,7 @@ asmlinkage long sys_setuid(uid_t uid) current->fsuid = current->euid = uid; current->suid = new_suid; - return security_ops->task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID); + return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID); } @@ -702,8 +698,7 @@ asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid) int old_suid = current->suid; int retval; - retval = security_ops->task_setuid(ruid, euid, suid, LSM_SETID_RES); - if (retval) + if ((retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES))) return retval; if (!capable(CAP_SETUID)) { @@ -733,7 +728,7 @@ asmlinkage long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid) if (suid != (uid_t) -1) current->suid = suid; - return security_ops->task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES); + return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES); } asmlinkage long sys_getresuid(uid_t *ruid, uid_t *euid, uid_t *suid) @@ -754,8 +749,7 @@ asmlinkage long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid) { int retval; - retval = security_ops->task_setgid(rgid, egid, sgid, LSM_SETID_RES); - if (retval) + if ((retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES))) return retval; if (!capable(CAP_SETGID)) { @@ -808,8 +802,7 @@ asmlinkage long sys_setfsuid(uid_t uid) int old_fsuid; int retval; - retval = security_ops->task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS); - if (retval) + if ((retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))) return retval; old_fsuid = current->fsuid; @@ -825,8 +818,7 @@ asmlinkage long sys_setfsuid(uid_t uid) current->fsuid = uid; } - retval = security_ops->task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS); - if (retval) + if ((retval = security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))) return retval; return old_fsuid; @@ -840,8 +832,7 @@ asmlinkage long sys_setfsgid(gid_t gid) int old_fsgid; int retval; - retval = security_ops->task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_FS); - if (retval) + if ((retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_FS))) return retval; old_fsgid = current->fsgid; @@ -966,8 +957,7 @@ asmlinkage long sys_getpgid(pid_t pid) retval = -ESRCH; if (p) { - retval = security_ops->task_getpgid(p); - if (!retval) + if (!(retval = security_task_getpgid(p))) retval = p->pgrp; } read_unlock(&tasklist_lock); @@ -994,8 +984,7 @@ asmlinkage long sys_getsid(pid_t pid) retval = -ESRCH; if(p) { - retval = security_ops->task_getsid(p); - if (!retval) + if (!(retval = security_task_getsid(p))) retval = p->session; } read_unlock(&tasklist_lock); @@ -1076,8 +1065,7 @@ asmlinkage long sys_setgroups(int gidsetsize, gid_t *grouplist) return -EINVAL; if(copy_from_user(groups, grouplist, gidsetsize * sizeof(gid_t))) return -EFAULT; - retval = security_ops->task_setgroups(gidsetsize, groups); - if (retval) + if ((retval = security_task_setgroups(gidsetsize, groups))) return retval; memcpy(current->groups, groups, gidsetsize * sizeof(gid_t)); current->ngroups = gidsetsize; @@ -1240,8 +1228,7 @@ asmlinkage long sys_setrlimit(unsigned int resource, struct rlimit *rlim) return -EPERM; } - retval = security_ops->task_setrlimit(resource, &new_rlim); - if (retval) + if ((retval = security_task_setrlimit(resource, &new_rlim))) return retval; *old_rlim = new_rlim; @@ -1315,8 +1302,7 @@ asmlinkage long sys_prctl(int option, unsigned long arg2, unsigned long arg3, int error = 0; int sig; - error = security_ops->task_prctl(option, arg2, arg3, arg4, arg5); - if (error) + if ((error = security_task_prctl(option, arg2, arg3, arg4, arg5))) return error; switch (option) { diff --git a/kernel/uid16.c b/kernel/uid16.c index 63b24096f8c3..53d054061dad 100644 --- a/kernel/uid16.c +++ b/kernel/uid16.c @@ -140,8 +140,7 @@ asmlinkage long sys_setgroups16(int gidsetsize, old_gid_t *grouplist) return -EFAULT; for (i = 0 ; i < gidsetsize ; i++) new_groups[i] = (gid_t)groups[i]; - i = security_ops->task_setgroups(gidsetsize, new_groups); - if (i) + if ((i = security_task_setgroups(gidsetsize, new_groups))) return i; memcpy(current->groups, new_groups, gidsetsize * sizeof(gid_t)); current->ngroups = gidsetsize; |