I've attached an updated patch (against the current WireX BitKeeper tree) based on the feedback so far. The patch still has the "guard" around the free_security calls for bprm_ops and sb_ops, although I'm certainly open to being convinced otherwise. But I think that it is reasonable for a module to expect that free_security will only be called after a successful alloc_security. This patch differs from the previous patch in the following ways: 1) The file_ops->truncate hook has been removed (redundant with setattr). 2) An additional call to the post_lookup hook has been added in fs/namei.c:lookup_hash. 3) The file_ops read, write, readv, and writev hooks have been removed (unused and covered by permission). 4) The task_ops->create hook has been placed, and the clone flags were added as a parameter, since the base kernel logic uses that information to make one of its access decisions (so it might be useful to a module as well). 5) The comment about user space pointers was amended. -- Stephen D. Smalley, NAI Labs ssmalleyat_private diff -X /home/sds/dontdiff -ur lsm-wirex/fs/exec.c lsm/fs/exec.c --- lsm-wirex/fs/exec.c Fri Aug 3 08:32:08 2001 +++ lsm/fs/exec.c Fri Aug 3 14:36:32 2001 @@ -604,6 +604,7 @@ { int mode; struct inode * inode = bprm->file->f_dentry->d_inode; + int retval; mode = inode->i_mode; /* Huh? We had already checked for MAY_EXEC, WTF do we check this? */ @@ -631,8 +632,9 @@ } /* fill in binprm security blob */ - if (security_ops->bprm_ops->alloc_security(bprm)) - return -EACCES; /* hmm, is EACCES really right? */ + retval = security_ops->bprm_ops->set_security(bprm); + if (retval) + return retval; memset(bprm->buf,0,BINPRM_BUF_SIZE); return kernel_read(bprm->file,0,bprm->buf,BINPRM_BUF_SIZE); @@ -835,6 +837,10 @@ return bprm.envc; } + retval = security_ops->bprm_ops->alloc_security(&bprm); + if (retval) + goto out; + retval = prepare_binprm(&bprm); if (retval < 0) goto out; @@ -871,7 +877,9 @@ __free_page(page); } - security_ops->bprm_ops->free_security(&bprm); + if (bprm.security) + security_ops->bprm_ops->free_security(&bprm); + return retval; } diff -X /home/sds/dontdiff -ur lsm-wirex/fs/fcntl.c lsm/fs/fcntl.c --- lsm-wirex/fs/fcntl.c Fri Jun 22 09:06:59 2001 +++ lsm/fs/fcntl.c Fri Aug 3 15:26:18 2001 @@ -352,7 +352,7 @@ if (!filp) goto out; - err = security_ops->file_ops->fcntl64(filp, cmd, arg); + err = security_ops->file_ops->fcntl(filp, cmd, arg); if (err) { fput(filp); return err; diff -X /home/sds/dontdiff -ur lsm-wirex/fs/inode.c lsm/fs/inode.c --- lsm-wirex/fs/inode.c Thu Aug 2 13:33:13 2001 +++ lsm/fs/inode.c Fri Aug 3 15:17:18 2001 @@ -74,12 +74,25 @@ static kmem_cache_t * inode_cachep; -#define alloc_inode() \ - ((struct inode *) kmem_cache_alloc(inode_cachep, SLAB_KERNEL)) +static inline struct inode *alloc_inode(void) +{ + struct inode *inode; + + inode = ((struct inode *) kmem_cache_alloc(inode_cachep, SLAB_KERNEL)); + if (!inode) + return NULL; + if (security_ops->inode_ops->alloc_security(inode)) { + kmem_cache_free(inode_cachep, (inode)); + return NULL; + } + return inode; +} + static void destroy_inode(struct inode *inode) { if (!list_empty(&inode->i_dirty_buffers)) BUG(); + security_ops->inode_ops->free_security(inode); kmem_cache_free(inode_cachep, (inode)); } @@ -502,7 +515,6 @@ cdput(inode->i_cdev); inode->i_cdev = NULL; } - security_ops->inode_ops->free_security(inode); inode->i_state = I_CLEAR; } @@ -761,7 +773,6 @@ inode->i_data.host = inode; inode->i_data.gfp_mask = GFP_HIGHUSER; inode->i_mapping = &inode->i_data; - security_ops->inode_ops->alloc_security(inode); /* hmm, no way to preserve error */ } /** @@ -1022,6 +1033,8 @@ if (inode->i_data.nrpages) truncate_inode_pages(&inode->i_data, 0); + + security_ops->inode_ops->delete(inode); if (op && op->delete_inode) { void (*delete)(struct inode *) = op->delete_inode; diff -X /home/sds/dontdiff -ur lsm-wirex/fs/locks.c lsm/fs/locks.c --- lsm-wirex/fs/locks.c Thu Aug 2 13:33:13 2001 +++ lsm/fs/locks.c Fri Aug 3 15:22:28 2001 @@ -1312,7 +1312,7 @@ if (!filp) goto out; - error = security_ops->file_ops->lock(filp); + error = security_ops->file_ops->lock(filp, cmd); if(error) goto out_putf; diff -X /home/sds/dontdiff -ur lsm-wirex/fs/namei.c lsm/fs/namei.c --- lsm-wirex/fs/namei.c Thu Aug 2 13:33:13 2001 +++ lsm/fs/namei.c Mon Aug 6 10:28:41 2001 @@ -178,21 +178,22 @@ int permission(struct inode * inode,int mask) { int retval; - - retval = security_ops->inode_ops->permission(inode, mask); - if (retval) - return retval; + int submask; /* Ordinary permission routines do not understand MAY_APPEND. */ - mask &= ~MAY_APPEND; + submask = mask & ~MAY_APPEND; if (inode->i_op && inode->i_op->permission) { lock_kernel(); - retval = inode->i_op->permission(inode, mask); + retval = inode->i_op->permission(inode, submask); unlock_kernel(); - return retval; + } else { + retval = vfs_permission(inode, submask); } - return vfs_permission(inode, mask); + if (retval) + return retval; + + return security_ops->inode_ops->permission(inode, mask); } /* @@ -742,9 +743,10 @@ lock_kernel(); dentry = inode->i_op->lookup(inode, new); unlock_kernel(); - if (!dentry) + if (!dentry) { dentry = new; - else + security_ops->inode_ops->post_lookup(inode, dentry); + } else dput(new); } out: diff -X /home/sds/dontdiff -ur lsm-wirex/fs/stat.c lsm/fs/stat.c --- lsm-wirex/fs/stat.c Fri Jun 22 09:06:59 2001 +++ lsm/fs/stat.c Fri Aug 3 14:58:50 2001 @@ -274,7 +274,7 @@ error = -EINVAL; if (inode->i_op && inode->i_op->readlink && !(error = do_revalidate(nd.dentry))) { - error = security_ops->inode_ops->readlink(nd.dentry, buf, bufsiz); + error = security_ops->inode_ops->readlink(nd.dentry); if (!error) { UPDATE_ATIME(inode); error = inode->i_op->readlink(nd.dentry, buf, bufsiz); diff -X /home/sds/dontdiff -ur lsm-wirex/fs/super.c lsm/fs/super.c --- lsm-wirex/fs/super.c Thu Aug 2 13:33:13 2001 +++ lsm/fs/super.c Fri Aug 3 15:32:40 2001 @@ -745,8 +745,6 @@ s = sb_entry(s->s_list.next)) { if (s->s_dev) continue; - if (security_ops->sb_ops->alloc_security(s)) - return NULL; return s; } /* Need a new one... */ @@ -756,10 +754,6 @@ if (s) { nr_super_blocks++; memset(s, 0, sizeof(struct super_block)); - if (security_ops->sb_ops->alloc_security(s)) { - kfree(s); - return NULL; - } INIT_LIST_HEAD(&s->s_dirty); INIT_LIST_HEAD(&s->s_locked_inodes); list_add (&s->s_list, super_blocks.prev); @@ -790,7 +784,10 @@ s->s_type = type; s->s_dquot.flags = 0; s->s_maxbytes = MAX_NON_LFS; + s->s_security = NULL; lock_super(s); + if (security_ops->sb_ops->alloc_security(s)) + goto out_fail; if (!type->read_super(s, data, silent)) goto out_fail; unlock_super(s); @@ -804,7 +801,8 @@ s->s_dev = 0; s->s_bdev = 0; s->s_type = NULL; - security_ops->sb_ops->free_security(s); + if (s->s_security) + security_ops->sb_ops->free_security(s); unlock_super(s); return NULL; } @@ -1285,10 +1283,6 @@ if (nd->dentry != nd->mnt->mnt_root) return -EINVAL; - - retval = security_ops->remount(nd->mnt, flags, data); - if (retval) - return retval; retval = do_remount_sb(nd->mnt->mnt_sb, flags, data); if (!retval) diff -X /home/sds/dontdiff -ur lsm-wirex/include/linux/security.h lsm/include/linux/security.h --- lsm-wirex/include/linux/security.h Mon Aug 6 08:24:53 2001 +++ lsm/include/linux/security.h Mon Aug 6 10:31:59 2001 @@ -43,13 +43,14 @@ #define SECURITY_INTERFACE_VERSION 0x00000101 /* change this every time the security_operations structure changes */ struct binprm_security_ops { - /* this alloc may be called multiple times in one code - * path. make sure you check if brpm is NULL or has - * already been allocated. -chris - */ int (* alloc_security) (struct linux_binprm *bprm); /* create per binprm security stuff */ void (* free_security) (struct linux_binprm *bprm); /* free it */ void (* compute_creds) (struct linux_binprm *bprm); /* transfer credentials to current during exec */ + /* set_security may be called multiple times on a single + execve, e.g. for interpreters. It can tell whether + it has already been called by checking to see if + bprm->security is non-NULL. */ + int (* set_security) (struct linux_binprm *bprm); /* set per binprm security stuff */ }; struct super_block_security_ops { @@ -78,14 +79,14 @@ struct inode *new_dir, struct dentry *new_dentry); void (* post_rename) (struct inode *old_dir, struct dentry *old_dentry, struct inode *new_dir, struct dentry *new_dentry); - int (* readlink) (struct dentry *dentry, char *buf, int bufsiz); + int (* readlink) (struct dentry *dentry); int (* follow_link) (struct dentry *dentry, struct nameidata *nd); - int (* truncate) (struct inode *inode); int (* permission) (struct inode *inode, int mask); int (* revalidate) (struct dentry *dentry); int (* setattr) (struct dentry *dentry, struct iattr *attr); int (* stat) (struct inode *inode); void (* post_lookup) (struct inode *ino, struct dentry *d); + void (* delete) (struct inode *ino); }; struct file_security_ops { @@ -93,16 +94,13 @@ int (* alloc_security) (struct file *file); void (* free_security) (struct file *file); int (* llseek) (struct file *file); - int (* read) (struct file *file); - int (* write) (struct file *file); + /* Warning! When the arg parameter represents a user space pointer, it should never be used by the module. */ int (* ioctl) (struct file *file, unsigned int cmd, unsigned long arg); int (* mmap) (struct file *file, unsigned long prot, unsigned long flags); int (* mprotect) (struct vm_area_struct *vma, unsigned long prot); - int (* lock) (struct file *file); - int (* readv) (struct file *file); - int (* writev) (struct file *file); + int (* lock) (struct file *file, unsigned int cmd); + /* Warning! When the arg parameter represents a user space pointer, it should never be used by the module. */ int (* fcntl) (struct file *file, unsigned int cmd, unsigned long arg); - int (* fcntl64) (struct file *file, unsigned int cmd, unsigned long arg); int (* set_fowner) (struct file *file); int (* send_sigiotask) (struct task_struct *tsk, struct fown_struct *fown, int fd, int reason); int (* receive) (struct file *file); @@ -110,7 +108,7 @@ struct sched_param; struct task_security_ops { - int (* create) (void); + int (* create) (unsigned long clone_flags); int (* alloc_security) (struct task_struct *p); /* create per process security stuff */ void (* free_security) (struct task_struct *p); /* free it */ #define LSM_SETID_ID 1 /* setuid or setgid, id0 == uid or gid */ @@ -185,9 +183,9 @@ }; struct module_security_ops { - int (* create_module) (const char *name_user, size_t size); - int (* init_module) (const char *name_user, struct module *mod_user); - int (* delete_module) (const char *name_user); + int (* create_module) (const char *name, size_t size); + int (* init_module) (const char *name, struct module *mod); + int (* delete_module) (const char *name); }; struct ipc_security_ops { @@ -232,14 +230,13 @@ /* syscalls that are checked for permissions */ int (* sethostname) (char *hostname); int (* setdomainname) (char *domainname); - int (* reboot) (unsigned int cmd, void *arg); + int (* reboot) (unsigned int cmd); int (* mount) (char * dev_name, struct nameidata *nd, char * type, unsigned long flags, void * data); int (* umount) (struct vfsmount *mnt, int flags); void (* umount_close) (struct vfsmount *mnt); void (* umount_busy) (struct vfsmount *mnt); - int (* remount) (struct vfsmount *mnt, unsigned long flags, void *data); void (* post_remount) (struct vfsmount *mnt, unsigned long flags, void *data); int (* ioperm) (unsigned long from, unsigned long num, int turn_on); int (* iopl) (unsigned int old, unsigned int level); diff -X /home/sds/dontdiff -ur lsm-wirex/kernel/capability_plug.c lsm/kernel/capability_plug.c --- lsm-wirex/kernel/capability_plug.c Thu Aug 2 13:33:10 2001 +++ lsm/kernel/capability_plug.c Mon Aug 6 10:32:27 2001 @@ -28,12 +28,11 @@ static int cap_sethostname (char *hostname) {return 0;} static int cap_setdomainname (char *domainname) {return 0;} -static int cap_reboot (unsigned int cmd, void *arg) {return 0;} +static int cap_reboot (unsigned int cmd) {return 0;} static int cap_mount (char * dev_name, struct nameidata *nd, char * type, unsigned long flags, void * data) {return 0;} static int cap_umount (struct vfsmount *mnt, int flags) {return 0;} static void cap_umount_close (struct vfsmount *mnt) {return;} static void cap_umount_busy (struct vfsmount *mnt) {return;} -static int cap_remount (struct vfsmount *mnt, unsigned long flags, void *data) {return 0;} static void cap_post_remount (struct vfsmount *mnt, unsigned long flags, void *data) {return;} static int cap_ioperm (unsigned long from, unsigned long num, int turn_on) {return 0;} static int cap_iopl (unsigned int old, unsigned int level) {return 0;} @@ -64,7 +63,9 @@ static int cap_acct (struct file *file) {return 0;} static int cap_sysctl (ctl_table * table, int op) {return 0;} -static int cap_binprm_alloc_security(struct linux_binprm *bprm) +static int cap_binprm_alloc_security (struct linux_binprm *bprm) {return 0;} + +static int cap_binprm_set_security(struct linux_binprm *bprm) { /* Copied from fs/exec.c:prepare_binprm. */ @@ -164,35 +165,30 @@ static void cap_inode_post_mknod (struct inode *inode, struct dentry *dentry, int major, dev_t minor) {return;} static int cap_inode_rename (struct inode *old_inode, struct dentry *old_dentry, struct inode *new_inode, struct dentry *new_dentry) {return 0;} static void cap_inode_post_rename (struct inode *old_inode, struct dentry *old_dentry, struct inode *new_inode, struct dentry *new_dentry) {return;} -static int cap_inode_readlink (struct dentry *dentry, char *name, int mask) {return 0;} +static int cap_inode_readlink (struct dentry *dentry) {return 0;} static int cap_inode_follow_link (struct dentry *dentry, struct nameidata *nameidata) {return 0;} -static int cap_inode_truncate (struct inode *inode) {return 0;} static int cap_inode_permission (struct inode *inode, int mask) {return 0;} static int cap_inode_revalidate (struct dentry *inode) {return 0;} static int cap_inode_setattr (struct dentry *dentry, struct iattr *iattr) {return 0;} static int cap_inode_stat (struct inode *inode) {return 0;} static void cap_post_lookup (struct inode *ino, struct dentry *d) {return;} +static void cap_delete (struct inode *ino) {return;} static int cap_file_permission (struct file *file, int mask) {return 0;} static int cap_file_alloc_security (struct file *file) {return 0;} static void cap_file_free_security (struct file *file) {return;} static int cap_file_llseek (struct file *file) {return 0;} -static int cap_file_read (struct file *file) {return 0;} -static int cap_file_write (struct file *file) {return 0;} static int cap_file_ioctl (struct file *file, unsigned int command , unsigned long arg) {return 0;} static int cap_file_mmap (struct file *file, unsigned long prot, unsigned long flags) {return 0;} static int cap_file_mprotect (struct vm_area_struct *vma, unsigned long prot) {return 0;} -static int cap_file_lock (struct file *file) {return 0;} -static int cap_file_readv (struct file *file) {return 0;} -static int cap_file_writev (struct file *file) {return 0;} +static int cap_file_lock (struct file *file, unsigned int cmd) {return 0;} static int cap_file_fcntl (struct file *file, unsigned int cmd, unsigned long arg) {return 0;} -static int cap_file_fcntl64 (struct file *file, unsigned int cmd, unsigned long arg) {return 0;} static int cap_file_set_fowner (struct file *file) {return 0;} static int cap_file_send_sigiotask (struct task_struct *tsk, struct fown_struct *fown, int fd, int reason) { return 0; } static int cap_file_receive (struct file *file) {return 0;} -static int cap_task_create (void) {return 0;} +static int cap_task_create (unsigned long clone_flags) {return 0;} static int cap_task_alloc_security (struct task_struct *p) {return 0;} static void cap_task_free_security (struct task_struct *p) {return;} static int cap_task_setuid (uid_t id0, uid_t id1, uid_t id2, int flags) { return 0; } @@ -397,6 +393,7 @@ alloc_security: cap_binprm_alloc_security, free_security: cap_binprm_free_security, compute_creds: cap_binprm_compute_creds, + set_security: cap_binprm_set_security, }; static struct super_block_security_ops cap_sb_ops = { @@ -424,12 +421,12 @@ post_rename: cap_inode_post_rename, readlink: cap_inode_readlink, follow_link: cap_inode_follow_link, - truncate: cap_inode_truncate, permission: cap_inode_permission, revalidate: cap_inode_revalidate, setattr: cap_inode_setattr, stat: cap_inode_stat, post_lookup: cap_post_lookup, + delete: cap_delete, }; static struct file_security_ops cap_file_ops = { @@ -437,16 +434,11 @@ alloc_security: cap_file_alloc_security, free_security: cap_file_free_security, llseek: cap_file_llseek, - read: cap_file_read, - write: cap_file_write, ioctl: cap_file_ioctl, mmap: cap_file_mmap, mprotect: cap_file_mprotect, lock: cap_file_lock, - readv: cap_file_readv, - writev: cap_file_writev, fcntl: cap_file_fcntl, - fcntl64: cap_file_fcntl64, set_fowner: cap_file_set_fowner, send_sigiotask: cap_file_send_sigiotask, receive: cap_file_receive, @@ -570,7 +562,6 @@ umount: cap_umount, umount_close: cap_umount_close, umount_busy: cap_umount_busy, - remount: cap_remount, post_remount: cap_post_remount, ioperm: cap_ioperm, iopl: cap_iopl, diff -X /home/sds/dontdiff -ur lsm-wirex/kernel/fork.c lsm/kernel/fork.c --- lsm-wirex/kernel/fork.c Thu Aug 2 13:33:10 2001 +++ lsm/kernel/fork.c Mon Aug 6 10:31:45 2001 @@ -573,6 +573,10 @@ goto fork_out; } + retval = security_ops->task_ops->create(clone_flags); + if (retval) + goto fork_out; + retval = -ENOMEM; p = alloc_task_struct(); if (!p) diff -X /home/sds/dontdiff -ur lsm-wirex/kernel/security.c lsm/kernel/security.c --- lsm-wirex/kernel/security.c Fri Aug 3 08:32:08 2001 +++ lsm/kernel/security.c Mon Aug 6 10:32:15 2001 @@ -41,12 +41,11 @@ /* Stub functions for the default security function pointers in case no security model is loaded */ static int dummy_sethostname (char *hostname) {return 0;} static int dummy_setdomainname (char *domainname) {return 0;} -static int dummy_reboot (unsigned int cmd, void *arg) {return 0;} +static int dummy_reboot (unsigned int cmd) {return 0;} static int dummy_mount (char * dev_name, struct nameidata *nd, char * type, unsigned long flags, void * data) {return 0;} static int dummy_umount (struct vfsmount *mnt, int flags) {return 0;} static void dummy_umount_close (struct vfsmount *mnt) {return;} static void dummy_umount_busy (struct vfsmount *mnt) {return;} -static int dummy_remount (struct vfsmount *mnt, unsigned long flags, void *data) {return 0;} static void dummy_post_remount (struct vfsmount *mnt, unsigned long flags, void *data) {return;} static int dummy_ioperm (unsigned long from, unsigned long num, int turn_on) {return 0;} static int dummy_iopl (unsigned int old, unsigned int level) {return 0;} @@ -70,6 +69,7 @@ static int dummy_binprm_alloc_security (struct linux_binprm *bprm) {return 0;} static void dummy_binprm_free_security (struct linux_binprm *bprm) {return;} static void dummy_binprm_compute_creds (struct linux_binprm *bprm) {return;} +static int dummy_binprm_set_security (struct linux_binprm *bprm) {return 0;} static int dummy_sb_alloc_security (struct super_block *sb) {return 0;} static void dummy_sb_free_security (struct super_block *sb) {return;} @@ -91,34 +91,29 @@ static void dummy_inode_post_mknod (struct inode *inode, struct dentry *dentry, int major, dev_t minor) {return;} static int dummy_inode_rename (struct inode *old_inode, struct dentry *old_dentry, struct inode *new_inode, struct dentry *new_dentry) {return 0;} static void dummy_inode_post_rename (struct inode *old_inode, struct dentry *old_dentry, struct inode *new_inode, struct dentry *new_dentry) {return;} -static int dummy_inode_readlink (struct dentry *dentry, char *name, int mask) {return 0;} +static int dummy_inode_readlink (struct dentry *dentry) {return 0;} static int dummy_inode_follow_link (struct dentry *dentry, struct nameidata *nameidata) {return 0;} -static int dummy_inode_truncate (struct inode *inode) {return 0;} static int dummy_inode_permission (struct inode *inode, int mask) { return 0; } static int dummy_inode_revalidate (struct dentry *inode) {return 0;} static int dummy_inode_setattr (struct dentry *dentry, struct iattr *iattr) {return 0;} static int dummy_inode_stat (struct inode *inode) {return 0;} -static void dummy_post_lookup (struct inode *ino, struct dentry *d) {return;}; +static void dummy_post_lookup (struct inode *ino, struct dentry *d) {return;} +static void dummy_delete (struct inode *ino) {return;} static int dummy_file_permission (struct file *file, int mask) {return 0;} static int dummy_file_alloc_security (struct file *file) {return 0;} static void dummy_file_free_security (struct file *file) {return;} static int dummy_file_llseek (struct file *file) {return 0;} -static int dummy_file_read (struct file *file) {return 0;} -static int dummy_file_write (struct file *file) {return 0;} static int dummy_file_ioctl (struct file *file, unsigned int command, unsigned long arg) {return 0;} static int dummy_file_mmap (struct file *file, unsigned long prot, unsigned long flags) {return 0;} static int dummy_file_mprotect (struct vm_area_struct *vma, unsigned long prot) {return 0;} -static int dummy_file_lock (struct file *file) {return 0;} -static int dummy_file_readv (struct file *file) {return 0;} -static int dummy_file_writev (struct file *file) {return 0;} +static int dummy_file_lock (struct file *file, unsigned int cmd) {return 0;} static int dummy_file_fcntl (struct file *file, unsigned int cmd, unsigned long arg) {return 0;} -static int dummy_file_fcntl64 (struct file *file, unsigned int cmd, unsigned long arg) {return 0;} static int dummy_file_set_fowner (struct file *file) {return 0;} static int dummy_file_send_sigiotask (struct task_struct *tsk, struct fown_struct *fown, int fd, int reason) {return 0;} static int dummy_file_receive (struct file *file) {return 0;} -static int dummy_task_create (void) {return 0;} +static int dummy_task_create (unsigned long clone_flags) {return 0;} static int dummy_task_alloc_security (struct task_struct *p) {return 0;} static void dummy_task_free_security (struct task_struct *p) {return;} static int dummy_task_setuid (uid_t id0, uid_t id1, uid_t id2, int flags) {return 0;} @@ -233,6 +228,7 @@ alloc_security: dummy_binprm_alloc_security, free_security: dummy_binprm_free_security, compute_creds: dummy_binprm_compute_creds, + set_security: dummy_binprm_set_security, }; static struct super_block_security_ops dummy_sb_ops = { alloc_security: dummy_sb_alloc_security, @@ -258,12 +254,12 @@ post_rename: dummy_inode_post_rename, readlink: dummy_inode_readlink, follow_link: dummy_inode_follow_link, - truncate: dummy_inode_truncate, permission: dummy_inode_permission, revalidate: dummy_inode_revalidate, setattr: dummy_inode_setattr, stat: dummy_inode_stat, post_lookup: dummy_post_lookup, + delete: dummy_delete, }; static struct file_security_ops dummy_file_ops = { @@ -271,16 +267,11 @@ alloc_security: dummy_file_alloc_security, free_security: dummy_file_free_security, llseek: dummy_file_llseek, - read: dummy_file_read, - write: dummy_file_write, ioctl: dummy_file_ioctl, mmap: dummy_file_mmap, mprotect: dummy_file_mprotect, lock: dummy_file_lock, - readv: dummy_file_readv, - writev: dummy_file_writev, fcntl: dummy_file_fcntl, - fcntl64: dummy_file_fcntl64, set_fowner: dummy_file_set_fowner, send_sigiotask: dummy_file_send_sigiotask, receive: dummy_file_receive, @@ -404,7 +395,6 @@ umount: dummy_umount, umount_close: dummy_umount_close, umount_busy: dummy_umount_busy, - remount: dummy_remount, post_remount: dummy_post_remount, ioperm: dummy_ioperm, iopl: dummy_iopl, @@ -478,7 +468,6 @@ !ops->umount || !ops->umount_close || !ops->umount_busy || - !ops->remount || !ops->post_remount || !ops->ioperm || !ops->iopl || diff -X /home/sds/dontdiff -ur lsm-wirex/kernel/sys.c lsm/kernel/sys.c --- lsm-wirex/kernel/sys.c Thu Aug 2 13:33:10 2001 +++ lsm/kernel/sys.c Fri Aug 3 15:30:04 2001 @@ -282,7 +282,7 @@ if (!capable(CAP_SYS_BOOT)) return -EPERM; - retval = security_ops->reboot(cmd, arg); + retval = security_ops->reboot(cmd); if (retval) { return retval; } diff -X /home/sds/dontdiff -ur lsm-wirex/mm/memory.c lsm/mm/memory.c --- lsm-wirex/mm/memory.c Thu Aug 2 13:33:18 2001 +++ lsm/mm/memory.c Mon Aug 6 10:16:52 2001 @@ -1043,11 +1043,9 @@ out_truncate: if (inode->i_op && inode->i_op->truncate) { - if (!security_ops->inode_ops->truncate(inode)) { - lock_kernel(); - inode->i_op->truncate(inode); - unlock_kernel(); - } + lock_kernel(); + inode->i_op->truncate(inode); + unlock_kernel(); } out: return; _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 08:43:18 PDT