diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/security.h | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index 5c041e89a505..c1d1480d2f49 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -376,6 +376,25 @@ struct swap_info_struct; * Check permission before removing the extended attribute * identified by @name for @dentry. * Return 0 if permission is granted. + * @inode_getsecurity: + * Copy the extended attribute representation of the security label + * associated with @name for @dentry into @buffer. @buffer may be + * NULL to request the size of the buffer required. @size indicates + * the size of @buffer in bytes. Note that @name is the remainder + * of the attribute name after the security. prefix has been removed. + * Return number of bytes used/required on success. + * @inode_setsecurity: + * Set the security label associated with @name for @dentry from the + * extended attribute value @value. @size indicates the size of the + * @value in bytes. @flags may be XATTR_CREATE, XATTR_REPLACE, or 0. + * Note that @name is the remainder of the attribute name after the + * security. prefix has been removed. + * Return 0 on success. + * @inode_listsecurity: + * Copy the extended attribute names for the security labels + * associated with @dentry into @buffer. @buffer may be NULL to + * request the size of the buffer required. + * Returns number of bytes used/required on success. * * Security hooks for file operations * @@ -1049,6 +1068,9 @@ struct security_operations { int (*inode_getxattr) (struct dentry *dentry, char *name); int (*inode_listxattr) (struct dentry *dentry); int (*inode_removexattr) (struct dentry *dentry, char *name); + int (*inode_getsecurity)(struct dentry *dentry, const char *name, void *buffer, size_t size); + int (*inode_setsecurity)(struct dentry *dentry, const char *name, const void *value, size_t size, int flags); + int (*inode_listsecurity)(struct dentry *dentry, char *buffer); int (*file_permission) (struct file * file, int mask); int (*file_alloc_security) (struct file * file); @@ -1499,6 +1521,21 @@ static inline int security_inode_removexattr (struct dentry *dentry, char *name) return security_ops->inode_removexattr (dentry, name); } +static inline int security_inode_getsecurity(struct dentry *dentry, const char *name, void *buffer, size_t size) +{ + return security_ops->inode_getsecurity(dentry, name, buffer, size); +} + +static inline int security_inode_setsecurity(struct dentry *dentry, const char *name, const void *value, size_t size, int flags) +{ + return security_ops->inode_setsecurity(dentry, name, value, size, flags); +} + +static inline int security_inode_listsecurity(struct dentry *dentry, char *buffer) +{ + return security_ops->inode_listsecurity(dentry, buffer); +} + static inline int security_file_permission (struct file *file, int mask) { return security_ops->file_permission (file, mask); @@ -2117,6 +2154,21 @@ static inline int security_inode_removexattr (struct dentry *dentry, char *name) return 0; } +static inline int security_inode_getsecurity(struct dentry *dentry, const char *name, void *buffer, size_t size) +{ + return -EOPNOTSUPP; +} + +static inline int security_inode_setsecurity(struct dentry *dentry, const char *name, const void *value, size_t size, int flags) +{ + return -EOPNOTSUPP; +} + +static inline int security_inode_listsecurity(struct dentry *dentry, char *buffer) +{ + return 0; +} + static inline int security_file_permission (struct file *file, int mask) { return 0; |