Quoting Greg KH (greg@private):
> No, why not just do like all other subsystems, put the struct module *
> in the struct security_operations itself?
Oh... I see, thanks.
Would the following be acceptable?
I'm only proposing this as another part of the stacker patchset -
obviously if stacker doesn't go up, this patch wouldn't be needed.
thanks,
-serge
Signed-off-by: Serge Hallyn <serue@private>
--
include/linux/security.h | 7 +++++++
security/capability.c | 1 +
security/root_plug.c | 2 ++
security/seclvl.c | 1 +
security/selinux/hooks.c | 2 ++
5 files changed, 13 insertions(+)
Index: linux-2.6.13-rc3/include/linux/security.h
===================================================================
--- linux-2.6.13-rc3.orig/include/linux/security.h 2005-07-17 17:57:54.000000000 -0500
+++ linux-2.6.13-rc3/include/linux/security.h 2005-07-17 17:57:55.000000000 -0500
@@ -32,6 +32,7 @@
#include <linux/sched.h>
struct ctl_table;
+struct module;
/*
* These functions are in security/capability.c and are used
@@ -94,6 +95,10 @@ struct swap_info_struct;
*
* Security hooks for program execution operations.
*
+ *
+ * @owner:
+ * Module owning this security_operations. NULL if not a module.
+ *
* @bprm_alloc_security:
* Allocate and attach a security structure to the @bprm->security field.
* The security field is initialized to NULL when the bprm structure is
@@ -1027,6 +1032,8 @@ struct swap_info_struct;
* This is the main security structure.
*/
struct security_operations {
+ struct module *owner;
+
int (*ptrace) (struct task_struct * parent, struct task_struct * child);
int (*capget) (struct task_struct * target,
kernel_cap_t * effective,
Index: linux-2.6.13-rc3/security/capability.c
===================================================================
--- linux-2.6.13-rc3.orig/security/capability.c 2005-07-17 17:57:54.000000000 -0500
+++ linux-2.6.13-rc3/security/capability.c 2005-07-17 17:57:55.000000000 -0500
@@ -25,6 +25,7 @@
#include <linux/moduleparam.h>
static struct security_operations capability_ops = {
+ .owner = THIS_MODULE,
.ptrace = cap_ptrace,
.capget = cap_capget,
.capset_check = cap_capset_check,
Index: linux-2.6.13-rc3/security/root_plug.c
===================================================================
--- linux-2.6.13-rc3.orig/security/root_plug.c 2005-07-17 17:57:54.000000000 -0500
+++ linux-2.6.13-rc3/security/root_plug.c 2005-07-17 17:57:55.000000000 -0500
@@ -83,6 +83,8 @@ static int rootplug_bprm_check_security
}
static struct security_operations rootplug_security_ops = {
+ .owner = THIS_MODULE,
+
/* Use the capability functions for some of the hooks */
.ptrace = cap_ptrace,
.capget = cap_capget,
Index: linux-2.6.13-rc3/security/seclvl.c
===================================================================
--- linux-2.6.13-rc3.orig/security/seclvl.c 2005-07-17 17:57:54.000000000 -0500
+++ linux-2.6.13-rc3/security/seclvl.c 2005-07-17 17:57:55.000000000 -0500
@@ -591,6 +591,7 @@ static int seclvl_umount(struct vfsmount
}
static struct security_operations seclvl_ops = {
+ .owner = THIS_MODULE,
.ptrace = seclvl_ptrace,
.capable = seclvl_capable,
.inode_permission = seclvl_inode_permission,
Index: linux-2.6.13-rc3/security/selinux/hooks.c
===================================================================
--- linux-2.6.13-rc3.orig/security/selinux/hooks.c 2005-07-17 18:04:02.000000000 -0500
+++ linux-2.6.13-rc3/security/selinux/hooks.c 2005-07-17 18:04:20.000000000 -0500
@@ -4265,6 +4265,8 @@ static int selinux_setprocattr(struct ta
}
static struct security_operations selinux_ops = {
+ .owner = THIS_MODULE,
+
.ptrace = selinux_ptrace,
.capget = selinux_capget,
.capset_check = selinux_capset_check,
This archive was generated by hypermail 2.1.3 : Sun Jul 17 2005 - 11:07:21 PDT