Loading security/smack/smack_lsm.c +14 −32 Original line number Diff line number Diff line Loading @@ -1442,9 +1442,13 @@ static int smack_inode_removexattr(struct dentry *dentry, const char *name) * Don't do anything special for these. * XATTR_NAME_SMACKIPIN * XATTR_NAME_SMACKIPOUT * XATTR_NAME_SMACKEXEC */ if (strcmp(name, XATTR_NAME_SMACK) == 0) if (strcmp(name, XATTR_NAME_SMACK) == 0) { struct super_block *sbp = d_backing_inode(dentry)->i_sb; struct superblock_smack *sbsp = sbp->s_security; isp->smk_inode = sbsp->smk_default; } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0) isp->smk_task = NULL; else if (strcmp(name, XATTR_NAME_SMACKMMAP) == 0) isp->smk_mmap = NULL; Loading Loading @@ -1545,12 +1549,8 @@ static void smack_inode_getsecid(struct inode *inode, u32 *secid) * File Hooks */ /** * smack_file_permission - Smack check on file operations * @file: unused * @mask: unused * * Returns 0 /* * There is no smack_file_permission hook * * Should access checks be done on each read or write? * UNICOS and SELinux say yes. Loading @@ -1559,10 +1559,6 @@ static void smack_inode_getsecid(struct inode *inode, u32 *secid) * I'll say no for now. Smack does not do the frequent * label changing that SELinux does. */ static int smack_file_permission(struct file *file, int mask) { return 0; } /** * smack_file_alloc_security - assign a file security blob Loading Loading @@ -4503,16 +4499,10 @@ static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule, return 0; } /** * smack_audit_rule_free - free smack rule representation * @vrule: rule to be freed. * /* * There is no need for a smack_audit_rule_free hook. * No memory was allocated. */ static void smack_audit_rule_free(void *vrule) { /* No-op */ } #endif /* CONFIG_AUDIT */ Loading Loading @@ -4563,16 +4553,11 @@ static int smack_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) return 0; } /** * smack_release_secctx - don't do anything. * @secdata: unused * @seclen: unused * * Exists to make sure nothing gets done, and properly /* * There used to be a smack_release_secctx hook * that did nothing back when hooks were in a vector. * Now that there's a list such a hook adds cost. */ static void smack_release_secctx(char *secdata, u32 seclen) { } static int smack_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) { Loading Loading @@ -4631,7 +4616,6 @@ static struct security_hook_list smack_hooks[] = { LSM_HOOK_INIT(inode_listsecurity, smack_inode_listsecurity), LSM_HOOK_INIT(inode_getsecid, smack_inode_getsecid), LSM_HOOK_INIT(file_permission, smack_file_permission), LSM_HOOK_INIT(file_alloc_security, smack_file_alloc_security), LSM_HOOK_INIT(file_free_security, smack_file_free_security), LSM_HOOK_INIT(file_ioctl, smack_file_ioctl), Loading Loading @@ -4726,13 +4710,11 @@ static struct security_hook_list smack_hooks[] = { LSM_HOOK_INIT(audit_rule_init, smack_audit_rule_init), LSM_HOOK_INIT(audit_rule_known, smack_audit_rule_known), LSM_HOOK_INIT(audit_rule_match, smack_audit_rule_match), LSM_HOOK_INIT(audit_rule_free, smack_audit_rule_free), #endif /* CONFIG_AUDIT */ LSM_HOOK_INIT(ismaclabel, smack_ismaclabel), LSM_HOOK_INIT(secid_to_secctx, smack_secid_to_secctx), LSM_HOOK_INIT(secctx_to_secid, smack_secctx_to_secid), LSM_HOOK_INIT(release_secctx, smack_release_secctx), LSM_HOOK_INIT(inode_notifysecctx, smack_inode_notifysecctx), LSM_HOOK_INIT(inode_setsecctx, smack_inode_setsecctx), LSM_HOOK_INIT(inode_getsecctx, smack_inode_getsecctx), Loading Loading
security/smack/smack_lsm.c +14 −32 Original line number Diff line number Diff line Loading @@ -1442,9 +1442,13 @@ static int smack_inode_removexattr(struct dentry *dentry, const char *name) * Don't do anything special for these. * XATTR_NAME_SMACKIPIN * XATTR_NAME_SMACKIPOUT * XATTR_NAME_SMACKEXEC */ if (strcmp(name, XATTR_NAME_SMACK) == 0) if (strcmp(name, XATTR_NAME_SMACK) == 0) { struct super_block *sbp = d_backing_inode(dentry)->i_sb; struct superblock_smack *sbsp = sbp->s_security; isp->smk_inode = sbsp->smk_default; } else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0) isp->smk_task = NULL; else if (strcmp(name, XATTR_NAME_SMACKMMAP) == 0) isp->smk_mmap = NULL; Loading Loading @@ -1545,12 +1549,8 @@ static void smack_inode_getsecid(struct inode *inode, u32 *secid) * File Hooks */ /** * smack_file_permission - Smack check on file operations * @file: unused * @mask: unused * * Returns 0 /* * There is no smack_file_permission hook * * Should access checks be done on each read or write? * UNICOS and SELinux say yes. Loading @@ -1559,10 +1559,6 @@ static void smack_inode_getsecid(struct inode *inode, u32 *secid) * I'll say no for now. Smack does not do the frequent * label changing that SELinux does. */ static int smack_file_permission(struct file *file, int mask) { return 0; } /** * smack_file_alloc_security - assign a file security blob Loading Loading @@ -4503,16 +4499,10 @@ static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule, return 0; } /** * smack_audit_rule_free - free smack rule representation * @vrule: rule to be freed. * /* * There is no need for a smack_audit_rule_free hook. * No memory was allocated. */ static void smack_audit_rule_free(void *vrule) { /* No-op */ } #endif /* CONFIG_AUDIT */ Loading Loading @@ -4563,16 +4553,11 @@ static int smack_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) return 0; } /** * smack_release_secctx - don't do anything. * @secdata: unused * @seclen: unused * * Exists to make sure nothing gets done, and properly /* * There used to be a smack_release_secctx hook * that did nothing back when hooks were in a vector. * Now that there's a list such a hook adds cost. */ static void smack_release_secctx(char *secdata, u32 seclen) { } static int smack_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) { Loading Loading @@ -4631,7 +4616,6 @@ static struct security_hook_list smack_hooks[] = { LSM_HOOK_INIT(inode_listsecurity, smack_inode_listsecurity), LSM_HOOK_INIT(inode_getsecid, smack_inode_getsecid), LSM_HOOK_INIT(file_permission, smack_file_permission), LSM_HOOK_INIT(file_alloc_security, smack_file_alloc_security), LSM_HOOK_INIT(file_free_security, smack_file_free_security), LSM_HOOK_INIT(file_ioctl, smack_file_ioctl), Loading Loading @@ -4726,13 +4710,11 @@ static struct security_hook_list smack_hooks[] = { LSM_HOOK_INIT(audit_rule_init, smack_audit_rule_init), LSM_HOOK_INIT(audit_rule_known, smack_audit_rule_known), LSM_HOOK_INIT(audit_rule_match, smack_audit_rule_match), LSM_HOOK_INIT(audit_rule_free, smack_audit_rule_free), #endif /* CONFIG_AUDIT */ LSM_HOOK_INIT(ismaclabel, smack_ismaclabel), LSM_HOOK_INIT(secid_to_secctx, smack_secid_to_secctx), LSM_HOOK_INIT(secctx_to_secid, smack_secctx_to_secid), LSM_HOOK_INIT(release_secctx, smack_release_secctx), LSM_HOOK_INIT(inode_notifysecctx, smack_inode_notifysecctx), LSM_HOOK_INIT(inode_setsecctx, smack_inode_setsecctx), LSM_HOOK_INIT(inode_getsecctx, smack_inode_getsecctx), Loading
