diff options
Diffstat (limited to 'include/linux/security.h')
| -rw-r--r-- | include/linux/security.h | 42 |
1 files changed, 22 insertions, 20 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index a1dee9a60587..ab0941c9fca7 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -27,13 +27,14 @@ #include <linux/signal.h> #include <linux/resource.h> #include <linux/sem.h> -#include <linux/sysctl.h> #include <linux/shm.h> #include <linux/msg.h> #include <linux/sched.h> #include <linux/skbuff.h> #include <linux/netlink.h> +struct ctl_table; + /* * These functions are in security/capability.c and are used * as the default capabilities functions @@ -395,13 +396,13 @@ struct swap_info_struct; * Return 0 if permission is granted. * @inode_getsecurity: * Copy the extended attribute representation of the security label - * associated with @name for @dentry into @buffer. @buffer may be + * associated with @name for @inode into @buffer. @buffer may be * NULL to request the size of the buffer required. @size indicates * the size of @buffer in bytes. Note that @name is the remainder * of the attribute name after the security. prefix has been removed. * Return number of bytes used/required on success. * @inode_setsecurity: - * Set the security label associated with @name for @dentry from the + * Set the security label associated with @name for @inode from the * extended attribute value @value. @size indicates the size of the * @value in bytes. @flags may be XATTR_CREATE, XATTR_REPLACE, or 0. * Note that @name is the remainder of the attribute name after the @@ -409,8 +410,9 @@ struct swap_info_struct; * Return 0 on success. * @inode_listsecurity: * Copy the extended attribute names for the security labels - * associated with @dentry into @buffer. @buffer may be NULL to - * request the size of the buffer required. + * associated with @inode into @buffer. The maximum size of @buffer + * is specified by @buffer_size. @buffer may be NULL to request + * the size of the buffer required. * Returns number of bytes used/required on success. * * Security hooks for file operations @@ -1029,7 +1031,7 @@ struct security_operations { kernel_cap_t * inheritable, kernel_cap_t * permitted); int (*acct) (struct file * file); - int (*sysctl) (ctl_table * table, int op); + int (*sysctl) (struct ctl_table * table, int op); int (*capable) (struct task_struct * tsk, int cap); int (*quotactl) (int cmds, int type, int id, struct super_block * sb); int (*quota_on) (struct file * f); @@ -1108,9 +1110,9 @@ struct security_operations { int (*inode_getxattr) (struct dentry *dentry, char *name); int (*inode_listxattr) (struct dentry *dentry); int (*inode_removexattr) (struct dentry *dentry, char *name); - int (*inode_getsecurity)(struct dentry *dentry, const char *name, void *buffer, size_t size); - int (*inode_setsecurity)(struct dentry *dentry, const char *name, const void *value, size_t size, int flags); - int (*inode_listsecurity)(struct dentry *dentry, char *buffer); + int (*inode_getsecurity)(struct inode *inode, const char *name, void *buffer, size_t size); + int (*inode_setsecurity)(struct inode *inode, const char *name, const void *value, size_t size, int flags); + int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t buffer_size); int (*file_permission) (struct file * file, int mask); int (*file_alloc_security) (struct file * file); @@ -1268,7 +1270,7 @@ static inline int security_acct (struct file *file) return security_ops->acct (file); } -static inline int security_sysctl(ctl_table * table, int op) +static inline int security_sysctl(struct ctl_table *table, int op) { return security_ops->sysctl(table, op); } @@ -1575,19 +1577,19 @@ static inline int security_inode_removexattr (struct dentry *dentry, char *name) return security_ops->inode_removexattr (dentry, name); } -static inline int security_inode_getsecurity(struct dentry *dentry, const char *name, void *buffer, size_t size) +static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size) { - return security_ops->inode_getsecurity(dentry, name, buffer, size); + return security_ops->inode_getsecurity(inode, name, buffer, size); } -static inline int security_inode_setsecurity(struct dentry *dentry, const char *name, const void *value, size_t size, int flags) +static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags) { - return security_ops->inode_setsecurity(dentry, name, value, size, flags); + return security_ops->inode_setsecurity(inode, name, value, size, flags); } -static inline int security_inode_listsecurity(struct dentry *dentry, char *buffer) +static inline int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size) { - return security_ops->inode_listsecurity(dentry, buffer); + return security_ops->inode_listsecurity(inode, buffer, buffer_size); } static inline int security_file_permission (struct file *file, int mask) @@ -1940,7 +1942,7 @@ static inline int security_acct (struct file *file) return 0; } -static inline int security_sysctl(ctl_table * table, int op) +static inline int security_sysctl(struct ctl_table *table, int op) { return 0; } @@ -2214,17 +2216,17 @@ static inline int security_inode_removexattr (struct dentry *dentry, char *name) return cap_inode_removexattr(dentry, name); } -static inline int security_inode_getsecurity(struct dentry *dentry, const char *name, void *buffer, size_t size) +static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size) { return -EOPNOTSUPP; } -static inline int security_inode_setsecurity(struct dentry *dentry, const char *name, const void *value, size_t size, int flags) +static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags) { return -EOPNOTSUPP; } -static inline int security_inode_listsecurity(struct dentry *dentry, char *buffer) +static inline int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size) { return 0; } |