linux/security/security.c
<<
on> " /spa3.4 " /form.4 " a on> " href="../linux+v3.7.6/security/security.c">on> " img src="../.static/gfx/right.png" alt=">>">on /spa3.4on spa3 class="lxr_search">on> on> " input typ13on> " input typ13on> " butt vtyp13Search " onclick="return ajax_prefs();">on> " Prefs4 " /a>on /spa3.4> " /div.4> " form ac="v3="ajax+*" method="post" onsubmit="return false;">on input typ13o> " /form.4o> " div class="headingbott m"> " " " div id3 " /div.4 div id34 div id3 1 /a> spa3 class="comment">/* /spa3.4 2 /a> spa3 class="comment"> * Security plug func="v3s /spa3.4 3 /a> spa3 class="comment"> * /spa3.4 4 /a> spa3 class="comment"> * Copyright (C) 2001 WireX Communica="v3s, Inc <chris@wirex.com> /spa3.4 5 /a> spa3 class="comment"> * Copyright (C) 2001-2002 Greg Kroah-Hartma3 <greg@kroah.com> /spa3.4 6 /a> spa3 class="comment"> * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> /spa3.4 7 /a> spa3 class="comment"> * /spa3.4 8 /a> spa3 class="comment"> * This program is free software; you ca3 redistribute it and/or modify /spa3.4 9 /a> spa3 class="comment"> * it under the terms of the GNU General Public License as published by /spa3.4 vala> spa3 class="comment"> * the Free Software Founda="v3; either vers v2 of the License, or /spa3.4 11 /a> spa3 class="comment"> * (at your ue="v3) any later vers . /spa3.4 12 /a> spa3 class="comment"> */ /spa3.4 13 /a>4 14 /a>#include <linux/capability.h /a>>4 15 /a>#include <linux/module.h /a>>4 16 /a>#include <linux/init.h /a>>4 17 /a>#include <linux/kernel.h /a>>4 18 /a>#include <linux/security.h /a>>4 19 /a>#include <linux/integrity.h /a>>4 20 /a>#include <linux/ima.h /a>>4 21 /a>#include <linux/evm.h /a>>4 22 /a>#include <linux/fsnotify.h /a>>4 23 /a>#include <linux/mma3.h /a>>4 24 /a>#include <linux/mount.h /a>>4 25 /a>#include <linux/personality.h /a>>4 26 /a>#include <linux/backing-dev.h /a>>4 27 /a>#include <net/flow.h /a>>4 28 /a>4 29 /a>#define a href="+code=MAX_LSM_EVM_XATTR" class="sref">MAX_LSM_EVM_XATTR /a> 24 30 /a>4 31 /a> spa3 class="comment">/* Boot-time LSM user choice */ /spa3.4 32 /a>static a href="+code=__initda=a" class="sref">__initda=a /a> char a href="+code=chosen_lsm" class="sref">chosen_lsm /a>[ a href="+code=SECURITY_NAME_MAX" class="sref">SECURITY_NAME_MAX /a> + 1] =4 33 /a> a href="+code=CONFIG_DEFAULT_SECURITY" class="sref">CONFIG_DEFAULT_SECURITY /a>;4 34 /a>4 35 /a>static struct a href="+code=security_opera="v3s" class="sref">security_opera="v3s /a> * a href="+code=security_ops" class="sref">security_ops /a>;4 36 /a>static struct a href="+code=security_opera="v3s" class="sref">security_opera="v3s /a> a href="+code=default_security_ops" class="sref">default_security_ops /a> = {4 37 /a> . a href="+code=nam1" class="sref">nam1 /a> = spa3 class="string">"default" /spa3.,4 38 /a>};4 39 /a>4 40 /a>static a href="+code=inline" class="sref">inline /a> int a href="+code=__init" class="sref">__init /a> a href="+code=verify" class="sref">verify /a>(struct a href="+code=security_opera="v3s" class="sref">security_opera="v3s /a> * a href="+code=ops" class="sref">ops /a>)4 41 /a>{4 42 /a> spa3 class="comment">/* verify the security_opera="v3s structure exists */ /spa3.4 43 /a> if (! a href="+code=ops" class="sref">ops /a>)4 44 /a> return - a href="+code=EINVAL" class="sref">EINVAL /a>;4 45 /a> a href="+code=security_fixup_ops" class="sref">security_fixup_ops /a>( a href="+code=ops" class="sref">ops /a>);4 46 /a> return 0;4 47 /a>}4 48 /a>4 49 /a>static void a href="+code=__init" class="sref">__init /a> a href="+code=do_security_initcalls" class="sref">do_security_initcalls /a>(void)4 50 /a>{4 51 /a> a href="+code=initcall_t" class="sref">initcall_t /a> * a href="+code=call" class="sref">call /a>;4 52 /a> a href="+code=call" class="sref">call /a> = a href="+code=__security_initcall_start" class="sref">__security_initcall_start /a>;4 53 /a> while ( a href="+code=call" class="sref">call /a> < a href="+code=__security_initcall_end" class="sref">__security_initcall_end /a>) {4 54 /a> (* a href="+code=call" class="sref">call /a>) ();4 55 /a> a href="+code=call" class="sref">call /a>++;4 56 /a> }4 57 /a>}4 58 /a>4 59 /a> spa3 class="comment">/** /spa3.4 6vala> spa3 class="comment"> * security_init - initializes the security fram1work /spa3.4 61 /a> spa3 class="comment"> * /spa3.4 62 /a> spa3 class="comment"> * This should be called early in the kernel initializa="v3 sequence. /spa3.4 63 /a> spa3 class="comment"> */ /spa3.4 64 /a>int a href="+code=__init" class="sref">__init /a> a href="+code=security_init" class="sref">security_init /a>(void)4 65 /a>{4 66 /a> a href="+code=printk" class="sref">printk /a>( a href="+code=KERN_INFO" class="sref">KERN_INFO /a> spa3 class="string">"Security Fram1work initialized\n" /spa3.);4 67 /a>4 68 /a> a href="+code=security_fixup_ops" class="sref">security_fixup_ops /a>(& a href="+code=default_security_ops" class="sref">default_security_ops /a>);4 69 /a> a href="+code=security_ops" class="sref">security_ops /a> = & a href="+code=default_security_ops" class="sref">default_security_ops /a>;4 70 /a> a href="+code=do_security_initcalls" class="sref">do_security_initcalls /a>();4 71 /a>4 72 /a> return 0;4 73 /a>}4 74 /a>4 75 /a>void a href="+code=reset_security_ops" class="sref">reset_security_ops /a>(void)4 76 /a>{4 77 /a> a href="+code=security_ops" class="sref">security_ops /a> = & a href="+code=default_security_ops" class="sref">default_security_ops /a>;4 78 /a>}4 79 /a>4 8vala> spa3 class="comment">/* Save user chosen LSM */ /spa3.4 81 /a>static int a href="+code=__init" class="sref">__init /a> a href="+code=choose_lsm" class="sref">choose_lsm /a>(char * a href="+code=str" class="sref">str /a>)4 82 /a>{4 83 /a> a href="+code=strncpy" class="sref">strncpy /a>( a href="+code=chosen_lsm" class="sref">chosen_lsm /a>, a href="+code=str" class="sref">str /a>, a href="+code=SECURITY_NAME_MAX" class="sref">SECURITY_NAME_MAX /a>);4 84 /a> return 1;4 85 /a>}4 86 /a> a href="+code=__setup" class="sref">__setup /a>( spa3 class="string">"security=" /spa3., a href="+code=choose_lsm" class="sref">choose_lsm /a>);4 87 /a>4 88 /a> spa3 class="comment">/** /spa3.4 89 /a> spa3 class="comment"> * security_module_enable - Load given security module v3 boot ? /spa3.4 9vala> spa3 class="comment"> * @ops: a pointer to the struct security_opera="v3s that is to be checked. /spa3.4 91 /a> spa3 class="comment"> * /spa3.4 92 /a> spa3 class="comment"> * Each LSM must pass this method before registering its own opera="v3s /spa3.4 93 /a> spa3 class="comment"> * to avoid security registra="v3 races. This method may also be used /spa3.4 94 /a> spa3 class="comment"> * to check if your LSM is currently loaded during kernel initializa="v3. /spa3.4 95 /a> spa3 class="comment"> * /spa3.4 96 /a> spa3 class="comment"> * Return true if: /spa3.4 97 /a> spa3 class="comment"> * -The passed LSM is the one chosen by user at boot time, /spa3.4 98 /a> spa3 class="comment"> * -or the passed LSM is configured as the default and the user did not /spa3.4 99 /a> spa3 class="comment"> * choose an alternate LSM at boot time. /spa3.4 100 /a> spa3 class="comment"> * Otherwise, return false. /spa3.4 101 /a> spa3 class="comment"> */ /spa3.4 102 /a>int a href="+code=__init" class="sref">__init /a> a href="+code=security_module_enable" class="sref">security_module_enable /a>(struct a href="+code=security_opera="v3s" class="sref">security_opera="v3s /a> * a href="+code=ops" class="sref">ops /a>)4 103 /a>{4 104 /a> return ! a href="+code=strcmp" class="sref">strcmp /a>( a href="+code=ops" class="sref">ops /a>-> a href="+code=nam1" class="sref">nam1 /a>, a href="+code=chosen_lsm" class="sref">chosen_lsm /a>);4 105 /a>}4 106 /a>4 107 /a> spa3 class="comment">/** /spa3.4 108 /a> spa3 class="comment"> * register_security - registers a security fram1work with the kernel /spa3.4 109 /a> spa3 class="comment"> * @ops: a pointer to the struct security_op="v3s that is to be registered /spa3.4 1 vala> spa3 class="comment"> * /spa3.4 111 /a> spa3 class="comment"> * This func="v3 allows a security module to register itself with the /spa3.4 112 /a> spa3 class="comment"> * kernel security subsystem. Some rudimentary checking is done v3 the @ops /spa3.4 113 /a> spa3 class="comment"> * 3.4.1 passed to this func="v3. You'll need to check first if your LSM /spa3.4 114 /a> spa3 class="comment"> * is allowed to register its @ops by calling security_module_enable(@ops). /spa3.4 115 /a> spa3 class="comment"> * /spa3.4 116 /a> spa3 class="comment"> * If there is already a security module registered with the kernel, /spa3.4 117 /a> spa3 class="comment"> * a3 error will be returned. Otherwise %0 is returned v3 success. /spa3.4 118 /a> spa3 class="comment"> */ /spa3.4 119 /a>int a href="+code=__init" class="sref">__init /a> a href="+code=register_security" class="sref">register_security /a>(struct a href="+code=security_opera="v3s" class="sref">security_opera="v3s /a> * a href="+code=ops" class="sref">ops /a>)4 120 /a>{4 121 /a> if ( a href="+code=verify" class="sref">verify /a>( a href="+code=ops" class="sref">ops /a>)) {4 122 /a> a href="+code=printk" class="sref">printk /a>( a href="+code=KERN_DEBUG" class="sref">KERN_DEBUG /a> spa3 class="string">"%s could not verify " /spa3.4 123 /a> spa3 class="string">"security_opera="v3s structure.\n" /spa3., a href="+code=__func__" class="sref">__func__ /a>);4 124 /a> return - a href="+code=EINVAL" class="sref">EINVAL /a>;4 125 /a> }4 126 /a>4 127 /a> if ( a href="+code=security_ops" class="sref">security_ops /a> != & a href="+code=default_security_ops" class="sref">default_security_ops /a>)4 128 /a> return - a href="+code=EAGAIN" class="sref">EAGAIN /a>;4 129 /a>4 130 /a> a href="+code=security_ops" class="sref">security_ops /a> = a href="+code=ops" class="sref">ops /a>;4 131 /a>4 132 /a> return 0;4 133 /a>}4 134 /a>4 135 /a> spa3 class="comment">/* Security opera="v3s */ /spa3.4 136 /a>4 137 /a>int a href="+code=security_ptrace_access_check" class="sref">security_ptrace_access_check /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=child" class="sref">child /a>, unsigned int a href="+code=mod1" class="sref">mod1 /a>)4 138 /a>{4 139 /a>#ifdef a href="+code=CONFIG_SECURITY_YAMA_STACKED" class="sref">CONFIG_SECURITY_YAMA_STACKED /a>4 140 /a> int a href="+code=rc" class="sref">rc /a>;4 141 /a> a href="+code=rc" class="sref">rc /a> = a href="+code=yama_ptrace_access_check" class="sref">yama_ptrace_access_check /a>( a href="+code=child" class="sref">child /a>, a href="+code=mod1" class="sref">mod1 /a>);4 142 /a> if ( a href="+code=rc" class="sref">rc /a>)4 143 /a> return a href="+code=rc" class="sref">rc /a>;4 144 /a>#endif4 145 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=ptrace_access_check" class="sref">ptrace_access_check /a>( a href="+code=child" class="sref">child /a>, a href="+code=mod1" class="sref">mod1 /a>);4 146 /a>}4 147 /a>4 148 /a>int a href="+code=security_ptrace_tracem1" class="sref">security_ptrace_tracem1 /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=parent" class="sref">parent /a>)4 149 /a>{4 150 /a>#ifdef a href="+code=CONFIG_SECURITY_YAMA_STACKED" class="sref">CONFIG_SECURITY_YAMA_STACKED /a>4 151 /a> int a href="+code=rc" class="sref">rc /a>;4 152 /a> a href="+code=rc" class="sref">rc /a> = a href="+code=yama_ptrace_tracem1" class="sref">yama_ptrace_tracem1 /a>( a href="+code=parent" class="sref">parent /a>);4 153 /a> if ( a href="+code=rc" class="sref">rc /a>)4 154 /a> return a href="+code=rc" class="sref">rc /a>;4 155 /a>#endif4 156 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=ptrace_tracem1" class="sref">ptrace_tracem1 /a>( a href="+code=parent" class="sref">parent /a>);4 157 /a>}4 158 /a>4 159 /a>int a href="+code=security_capget" class="sref">security_capget /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=target" class="sref">target /a>,4 160 /a> a href="+code=kernel_cap_t" class="sref">kernel_cap_t /a> * a href="+code=effectiv1" class="sref">effectiv1 /a>,4 161 /a> a href="+code=kernel_cap_t" class="sref">kernel_cap_t /a> * a href="+code=inheritable" class="sref">inheritable /a>,4 162 /a> a href="+code=kernel_cap_t" class="sref">kernel_cap_t /a> * a href="+code=permitted" class="sref">permitted /a>)4 163 /a>{4 164 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=capget" class="sref">capget /a>( a href="+code=target" class="sref">target /a>, a href="+code=effectiv1" class="sref">effectiv1 /a>, a href="+code=inheritable" class="sref">inheritable /a>, a href="+code=permitted" class="sref">permitted /a>);4 165 /a>}4 166 /a>4 167 /a>int a href="+code=security_capset" class="sref">security_capset /a>(struct a href="+code=cred" class="sref">cred /a> * a href="+code=new" class="sref">new /a>, const struct a href="+code=cred" class="sref">cred /a> * a href="+code=old" class="sref">old /a>,4 168 /a> const a href="+code=kernel_cap_t" class="sref">kernel_cap_t /a> * a href="+code=effectiv1" class="sref">effectiv1 /a>,4 169 /a> const a href="+code=kernel_cap_t" class="sref">kernel_cap_t /a> * a href="+code=inheritable" class="sref">inheritable /a>,4 170 /a> const a href="+code=kernel_cap_t" class="sref">kernel_cap_t /a> * a href="+code=permitted" class="sref">permitted /a>)4 171 /a>{4 172 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=capset" class="sref">capset /a>( a href="+code=new" class="sref">new /a>, a href="+code=old" class="sref">old /a>,4 173 /a> a href="+code=effectiv1" class="sref">effectiv1 /a>, a href="+code=inheritable" class="sref">inheritable /a>, a href="+code=permitted" class="sref">permitted /a>);4 174 /a>}4 175 /a>4 176 /a>int a href="+code=security_capable" class="sref">security_capable /a>(const struct a href="+code=cred" class="sref">cred /a> * a href="+code=cred" class="sref">cred /a>, struct a href="+code=user_nam1space" class="sref">user_nam1space /a> * a href="+code=ns" class="sref">3s /a>,4 177 /a> int a href="+code=cap" class="sref">cap /a>)4 178 /a>{4 179 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=capable" class="sref">capable /a>( a href="+code=cred" class="sref">cred /a>, a href="+code=ns" class="sref">3s /a>, a href="+code=cap" class="sref">cap /a>, a href="+code=SECURITY_CAP_AUDIT" class="sref">SECURITY_CAP_AUDIT /a>);4 18vala>}4 181 /a>4 182 /a>int a href="+code=security_capable_noaudit" class="sref">security_capable_noaudit /a>(const struct a href="+code=cred" class="sref">cred /a> * a href="+code=cred" class="sref">cred /a>, struct a href="+code=user_nam1space" class="sref">user_nam1space /a> * a href="+code=ns" class="sref">3s /a>,4 183 /a> int a href="+code=cap" class="sref">cap /a>)4 184 /a>{4 185 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=capable" class="sref">capable /a>( a href="+code=cred" class="sref">cred /a>, a href="+code=ns" class="sref">3s /a>, a href="+code=cap" class="sref">cap /a>, a href="+code=SECURITY_CAP_NOAUDIT" class="sref">SECURITY_CAP_NOAUDIT /a>);4 186 /a>}4 187 /a>4 188 /a>int a href="+code=security_quotactl" class="sref">security_quotactl /a>(int a href="+code=cmds" class="sref">cmds /a>, int a href="+code=typ1" class="sref">typ1 /a>, int a href="+code=id" class="sref">id /a>, struct a href="+code=super_block" class="sref">super_block /a> * a href="+code=sb" class="sref">sb /a>)4 189 /a>{4 190 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=quotactl" class="sref">quotactl /a>( a href="+code=cmds" class="sref">cmds /a>, a href="+code=typ1" class="sref">typ1 /a>, a href="+code=id" class="sref">id /a>, a href="+code=sb" class="sref">sb /a>);4 191 /a>}4 192 /a>4 193 /a>int a href="+code=security_quota_on" class="sref">security_quota_on /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>)4 194 /a>{4 195 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=quota_on" class="sref">quota_on /a>( a href="+code=dentry" class="sref">dentry /a>);4 196 /a>}4 197 /a>4 198 /a>int a href="+code=security_syslog" class="sref">security_syslog /a>(int a href="+code=typ1" class="sref">typ1 /a>)4 199 /a>{4 200 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=syslog" class="sref">syslog /a>( a href="+code=typ1" class="sref">typ1 /a>);4 201 /a>}4 202 /a>4 203 /a>int a href="+code=security_settime" class="sref">security_settime /a>(const struct a href="+code=timespec" class="sref">timespec /a> * a href="+code=ts" class="sref">ts /a>, const struct a href="+code=timezone" class="sref">timezone /a> * a href="+code=tz" class="sref">tz /a>)4 204 /a>{4 205 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=settime" class="sref">settime /a>( a href="+code=ts" class="sref">ts /a>, a href="+code=tz" class="sref">tz /a>);4 206 /a>}4 207 /a>4 208 /a>int a href="+code=security_vm_enough_memory_mm" class="sref">security_vm_enough_memory_mm /a>(struct a href="+code=mm_struct" class="sref">mm_struct /a> * a href="+code=mm" class="sref">mm /a>, long a href="+code=pages" class="sref">pages /a>)4 209 /a>{4 210 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=vm_enough_memory" class="sref">vm_enough_memory /a>( a href="+code=mm" class="sref">mm /a>, a href="+code=pages" class="sref">pages /a>);4 211 /a>}4 212 /a>4 213 /a>int a href="+code=security_bprm_set_creds" class="sref">security_bprm_set_creds /a>(struct a href="+code=linux_binprm" class="sref">linux_binprm /a> * a href="+code=bprm" class="sref">bprm /a>)4 214 /a>{4 215 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=bprm_set_creds" class="sref">bprm_set_creds /a>( a href="+code=bprm" class="sref">bprm /a>);4 216 /a>}4 217 /a>4 218 /a>int a href="+code=security_bprm_check" class="sref">security_bprm_check /a>(struct a href="+code=linux_binprm" class="sref">linux_binprm /a> * a href="+code=bprm" class="sref">bprm /a>)4 219 /a>{4 220 /a> int a href="+code=ret" class="sref">ret /a>;4 221 /a>4 222 /a> a href="+code=ret" class="sref">ret /a> = a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=bprm_check_security" class="sref">bprm_check_security /a>( a href="+code=bprm" class="sref">bprm /a>);4 223 /a> if ( a href="+code=ret" class="sref">ret /a>)4 224 /a> return a href="+code=ret" class="sref">ret /a>;4 225 /a> return a href="+code=ima_bprm_check" class="sref">ima_bprm_check /a>( a href="+code=bprm" class="sref">bprm /a>);4 226 /a>}4 227 /a>4 228 /a>void a href="+code=security_bprm_committing_creds" class="sref">security_bprm_committing_creds /a>(struct a href="+code=linux_binprm" class="sref">linux_binprm /a> * a href="+code=bprm" class="sref">bprm /a>)4 229 /a>{4 230 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=bprm_committing_creds" class="sref">bprm_committing_creds /a>( a href="+code=bprm" class="sref">bprm /a>);4 231 /a>}4 232 /a>4 233 /a>void a href="+code=security_bprm_committed_creds" class="sref">security_bprm_committed_creds /a>(struct a href="+code=linux_binprm" class="sref">linux_binprm /a> * a href="+code=bprm" class="sref">bprm /a>)4 234 /a>{4 235 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=bprm_committed_creds" class="sref">bprm_committed_creds /a>( a href="+code=bprm" class="sref">bprm /a>);4 236 /a>}4 237 /a>4 238 /a>int a href="+code=security_bprm_secureexec" class="sref">security_bprm_secureexec /a>(struct a href="+code=linux_binprm" class="sref">linux_binprm /a> * a href="+code=bprm" class="sref">bprm /a>)4 239 /a>{4 240 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=bprm_secureexec" class="sref">bprm_secureexec /a>( a href="+code=bprm" class="sref">bprm /a>);4 241 /a>}4 242 /a>4 243 /a>int a href="+code=security_sb_alloc" class="sref">security_sb_alloc /a>(struct a href="+code=super_block" class="sref">super_block /a> * a href="+code=sb" class="sref">sb /a>)4 244 /a>{4 245 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sb_alloc_security" class="sref">sb_alloc_security /a>( a href="+code=sb" class="sref">sb /a>);4 246 /a>}4 247 /a>4 248 /a>void a href="+code=security_sb_free" class="sref">security_sb_free /a>(struct a href="+code=super_block" class="sref">super_block /a> * a href="+code=sb" class="sref">sb /a>)4 249 /a>{4 250 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sb_free_security" class="sref">sb_free_security /a>( a href="+code=sb" class="sref">sb /a>);4 251 /a>}4 252 /a>4 253 /a>int a href="+code=security_sb_copy_data" class="sref">security_sb_copy_data /a>(char * a href="+code=orig" class="sref">orig /a>, char * a href="+code=copy" class="sref">copy /a>)4 254 /a>{4 255 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sb_copy_data" class="sref">sb_copy_data /a>( a href="+code=orig" class="sref">orig /a>, a href="+code=copy" class="sref">copy /a>);4 256 /a>}4 257 /a> a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL /a>( a href="+code=security_sb_copy_data" class="sref">security_sb_copy_data /a>);4 258 /a>4 259 /a>int a href="+code=security_sb_remount" class="sref">security_sb_remount /a>(struct a href="+code=super_block" class="sref">super_block /a> * a href="+code=sb" class="sref">sb /a>, void * a href="+code=data" class="sref">data /a>)4 260 /a>{4 261 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sb_remount" class="sref">sb_remount /a>( a href="+code=sb" class="sref">sb /a>, a href="+code=data" class="sref">data /a>);4 262 /a>}4 263 /a>4 264 /a>int a href="+code=security_sb_kern_mount" class="sref">security_sb_kern_mount /a>(struct a href="+code=super_block" class="sref">super_block /a> * a href="+code=sb" class="sref">sb /a>, int a href="+code=flags" class="sref">flags /a>, void * a href="+code=data" class="sref">data /a>)4 265 /a>{4 266 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sb_kern_mount" class="sref">sb_kern_mount /a>( a href="+code=sb" class="sref">sb /a>, a href="+code=flags" class="sref">flags /a>, a href="+code=data" class="sref">data /a>);4 267 /a>}4 268 /a>4 269 /a>int a href="+code=security_sb_show_op="v3s" class="sref">security_sb_show_op="v3s /a>(struct a href="+code=seq_file" class="sref">seq_file /a> * a href="+code=m" class="sref">m /a>, struct a href="+code=super_block" class="sref">super_block /a> * a href="+code=sb" class="sref">sb /a>)4 270 /a>{4 271 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sb_show_op="v3s" class="sref">sb_show_op="v3s /a>( a href="+code=m" class="sref">m /a>, a href="+code=sb" class="sref">sb /a>);4 272 /a>}4 273 /a>4 274 /a>int a href="+code=security_sb_statfs" class="sref">security_sb_statfs /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>)4 275 /a>{4 276 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sb_statfs" class="sref">sb_statfs /a>( a href="+code=dentry" class="sref">dentry /a>);4 277 /a>}4 278 /a>4 279 /a>int a href="+code=security_sb_mount" class="sref">security_sb_mount /a>(const char * a href="+code=dev_nam1" class="sref">dev_nam1 /a>, struct a href="+code=path" class="sref">path /a> * a href="+code=path" class="sref">path /a>,4 280 /a> const char * a href="+code=typ1" class="sref">typ1 /a>, unsigned long a href="+code=flags" class="sref">flags /a>, void * a href="+code=data" class="sref">data /a>)4 281 /a>{4 282 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sb_mount" class="sref">sb_mount /a>( a href="+code=dev_nam1" class="sref">dev_nam1 /a>, a href="+code=path" class="sref">path /a>, a href="+code=typ1" class="sref">typ1 /a>, a href="+code=flags" class="sref">flags /a>, a href="+code=data" class="sref">data /a>);4 283 /a>}4 284 /a>4 285 /a>int a href="+code=security_sb_umount" class="sref">security_sb_umount /a>(struct a href="+code=vfsmount" class="sref">vfsmount /a> * a href="+code=mnt" class="sref">mnt /a>, int a href="+code=flags" class="sref">flags /a>)4 286 /a>{4 287 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sb_umount" class="sref">sb_umount /a>( a href="+code=mnt" class="sref">mnt /a>, a href="+code=flags" class="sref">flags /a>);4 288 /a>}4 289 /a>4 290 /a>int a href="+code=security_sb_pivotroot" class="sref">security_sb_pivotroot /a>(struct a href="+code=path" class="sref">path /a> * a href="+code=old_path" class="sref">old_path /a>, struct a href="+code=path" class="sref">path /a> * a href="+code=new_path" class="sref">new_path /a>)4 291 /a>{4 292 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sb_pivotroot" class="sref">sb_pivotroot /a>( a href="+code=old_path" class="sref">old_path /a>, a href="+code=new_path" class="sref">new_path /a>);4 293 /a>}4 294 /a>4 295 /a>int a href="+code=security_sb_set_mnt_op=s" class="sref">security_sb_set_mnt_op=s /a>(struct a href="+code=super_block" class="sref">super_block /a> * a href="+code=sb" class="sref">sb /a>,4 296 /a> struct a href="+code=security_mnt_op=s" class="sref">security_mnt_op=s /a> * a href="+code=op=s" class="sref">op=s /a>)4 297 /a>{4 298 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sb_set_mnt_op=s" class="sref">sb_set_mnt_op=s /a>( a href="+code=sb" class="sref">sb /a>, a href="+code=op=s" class="sref">op=s /a>);4 299 /a>}4 300 /a> a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL /a>( a href="+code=security_sb_set_mnt_op=s" class="sref">security_sb_set_mnt_op=s /a>);4 301 /a>4 302 /a>void a href="+code=security_sb_clone_mnt_op=s" class="sref">security_sb_clone_mnt_op=s /a>(const struct a href="+code=super_block" class="sref">super_block /a> * a href="+code=oldsb" class="sref">oldsb /a>,4 303 /a> struct a href="+code=super_block" class="sref">super_block /a> * a href="+code=newsb" class="sref">newsb /a>)4 304 /a>{4 305 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sb_clone_mnt_op=s" class="sref">sb_clone_mnt_op=s /a>( a href="+code=oldsb" class="sref">oldsb /a>, a href="+code=newsb" class="sref">newsb /a>);4 306 /a>}4 307 /a> a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL /a>( a href="+code=security_sb_clone_mnt_op=s" class="sref">security_sb_clone_mnt_op=s /a>);4 308 /a>4 309 /a>int a href="+code=security_sb_parse_op=s_str" class="sref">security_sb_parse_op=s_str /a>(char * a href="+code=op="v3s" class="sref">op="v3s /a>, struct a href="+code=security_mnt_op=s" class="sref">security_mnt_op=s /a> * a href="+code=op=s" class="sref">op=s /a>)4 310 /a>{4 311 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sb_parse_op=s_str" class="sref">sb_parse_op=s_str /a>( a href="+code=op="v3s" class="sref">op="v3s /a>, a href="+code=op=s" class="sref">op=s /a>);4 312 /a>}4 313 /a> a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL /a>( a href="+code=security_sb_parse_op=s_str" class="sref">security_sb_parse_op=s_str /a>);4 314 /a>4 315 /a>int a href="+code=security_inode_alloc" class="sref">security_inode_alloc /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=inode" class="sref">inode /a>)4 316 /a>{4 317 /a> a href="+code=inode" class="sref">inode /a>-> a href="+code=i_security" class="sref">i_security /a> = a href="+code=NULL" class="sref">NULL /a>;4 318 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_alloc_security" class="sref">inode_alloc_security /a>( a href="+code=inode" class="sref">inode /a>);4 319 /a>}4 320 /a>4 321 /a>void a href="+code=security_inode_free" class="sref">security_inode_free /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=inode" class="sref">inode /a>)4 322 /a>{4 323 /a> a href="+code=integrity_inode_free" class="sref">integrity_inode_free /a>( a href="+code=inode" class="sref">inode /a>);4 324 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_free_security" class="sref">inode_free_security /a>( a href="+code=inode" class="sref">inode /a>);4 325 /a>}4 326 /a>4 327 /a>int a href="+code=security_inode_init_security" class="sref">security_inode_init_security /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=inode" class="sref">inode /a>, struct a href="+code=inode" class="sref">inode /a> * a href="+code=dir" class="sref">dir /a>,4 328 /a> const struct a href="+code=qstr" class="sref">qstr /a> * a href="+code=qstr" class="sref">qstr /a>,4 329 /a> const a href="+code=initxattrs" class="sref">initxattrs /a> a href="+code=initxattrs" class="sref">initxattrs /a>, void * a href="+code=fs_data" class="sref">fs_data /a>)4 330 /a>{4 331 /a> struct a href="+code=xattr" class="sref">xattr /a> a href="+code=new_xattrs" class="sref">new_xattrs /a>[ a href="+code=MAX_LSM_EVM_XATTR" class="sref">MAX_LSM_EVM_XATTR /a> + 1];4 332 /a> struct a href="+code=xattr" class="sref">xattr /a> * a href="+code=lsm_xattr" class="sref">lsm_xattr /a>, * a href="+code=evm_xattr" class="sref">evm_xattr /a>, * a href="+code=xattr" class="sref">xattr /a>;4 333 /a> int a href="+code=ret" class="sref">ret /a>;4 334 /a>4 335 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=inode" class="sref">inode /a>)))4 336 /a> return 0;4 337 /a>4 338 /a> a href="+code=memset" class="sref">memset /a>( a href="+code=new_xattrs" class="sref">new_xattrs /a>, 0, sizeof a href="+code=new_xattrs" class="sref">new_xattrs /a>);4 339 /a> if (! a href="+code=initxattrs" class="sref">initxattrs /a>)4 340 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_init_security" class="sref">inode_init_security /a>( a href="+code=inode" class="sref">inode /a>, a href="+code=dir" class="sref">dir /a>, a href="+code=qstr" class="sref">qstr /a>,4 341 /a> a href="+code=NULL" class="sref">NULL /a>, a href="+code=NULL" class="sref">NULL /a>, a href="+code=NULL" class="sref">NULL /a>);4 342 /a> a href="+code=lsm_xattr" class="sref">lsm_xattr /a> = a href="+code=new_xattrs" class="sref">new_xattrs /a>;4 343 /a> a href="+code=ret" class="sref">ret /a> = a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_init_security" class="sref">inode_init_security /a>( a href="+code=inode" class="sref">inode /a>, a href="+code=dir" class="sref">dir /a>, a href="+code=qstr" class="sref">qstr /a>,4 344 /a> & a href="+code=lsm_xattr" class="sref">lsm_xattr /a>-> a href="+code=nam1" class="sref">nam1 /a>,4 345 /a> & a href="+code=lsm_xattr" class="sref">lsm_xattr /a>-> a href="+code=valu1" class="sref">valu1 /a>,4 346 /a> & a href="+code=lsm_xattr" class="sref">lsm_xattr /a>-> a href="+code=valu1_len" class="sref">valu1_len /a>);4 347 /a> if ( a href="+code=ret" class="sref">ret /a>)4 348 /a> goto a href="+code=out" class="sref">out /a>;4 349 /a>4 350 /a> a href="+code=evm_xattr" class="sref">evm_xattr /a> = a href="+code=lsm_xattr" class="sref">lsm_xattr /a> + 1;4 351 /a> a href="+code=ret" class="sref">ret /a> = a href="+code=evm_inode_init_security" class="sref">evm_inode_init_security /a>( a href="+code=inode" class="sref">inode /a>, a href="+code=lsm_xattr" class="sref">lsm_xattr /a>, a href="+code=evm_xattr" class="sref">evm_xattr /a>);4 352 /a> if ( a href="+code=ret" class="sref">ret /a>)4 353 /a> goto a href="+code=out" class="sref">out /a>;4 354 /a> a href="+code=ret" class="sref">ret /a> = a href="+code=initxattrs" class="sref">initxattrs /a>( a href="+code=inode" class="sref">inode /a>, a href="+code=new_xattrs" class="sref">new_xattrs /a>, a href="+code=fs_data" class="sref">fs_data /a>);4 355 /a> a href="+code=out" class="sref">out /a>:4 356 /a> for ( a href="+code=xattr" class="sref">xattr /a> = a href="+code=new_xattrs" class="sref">new_xattrs /a>; a href="+code=xattr" class="sref">xattr /a>-> a href="+code=nam1" class="sref">nam1 /a> != a href="+code=NULL" class="sref">NULL /a>; a href="+code=xattr" class="sref">xattr /a>++) {4 357 /a> a href="+code=kfree" class="sref">kfree /a>( a href="+code=xattr" class="sref">xattr /a>-> a href="+code=nam1" class="sref">nam1 /a>);4 358 /a> a href="+code=kfree" class="sref">kfree /a>( a href="+code=xattr" class="sref">xattr /a>-> a href="+code=valu1" class="sref">valu1 /a>);4 359 /a> }4 360 /a> return ( a href="+code=ret" class="sref">ret /a> == - a href="+code=EOPNOTSUPP" class="sref">EOPNOTSUPP /a>) ? 0 : a href="+code=ret" class="sref">ret /a>;4 361 /a>}4 362 /a> a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL /a>( a href="+code=security_inode_init_security" class="sref">security_inode_init_security /a>);4 363 /a>4 364 /a>int a href="+code=security_old_inode_init_security" class="sref">security_old_inode_init_security /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=inode" class="sref">inode /a>, struct a href="+code=inode" class="sref">inode /a> * a href="+code=dir" class="sref">dir /a>,4 365 /a> const struct a href="+code=qstr" class="sref">qstr /a> * a href="+code=qstr" class="sref">qstr /a>, char ** a href="+code=nam1" class="sref">nam1 /a>,4 366 /a> void ** a href="+code=valu1" class="sref">valu1 /a>, a href="+code=size_t" class="sref">size_t /a> * a href="+code=len" class="sref">len /a>)4 367 /a>{4 368 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=inode" class="sref">inode /a>)))4 369 /a> return - a href="+code=EOPNOTSUPP" class="sref">EOPNOTSUPP /a>;4 370 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_init_security" class="sref">inode_init_security /a>( a href="+code=inode" class="sref">inode /a>, a href="+code=dir" class="sref">dir /a>, a href="+code=qstr" class="sref">qstr /a>, a href="+code=nam1" class="sref">nam1 /a>, a href="+code=valu1" class="sref">valu1 /a>,4 371 /a> a href="+code=len" class="sref">len /a>);4 372 /a>}4 373 /a> a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL /a>( a href="+code=security_old_inode_init_security" class="sref">security_old_inode_init_security /a>);4 374 /a>4 375 /a>#ifdef a href="+code=CONFIG_SECURITY_PATH" class="sref">CONFIG_SECURITY_PATH /a>4 376 /a>int a href="+code=security_path_mknod" class="sref">security_path_mknod /a>(struct a href="+code=path" class="sref">path /a> * a href="+code=dir" class="sref">dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>, a href="+code=umode_t" class="sref">umode_t /a> a href="+code=mode" class="sref">mode /a>,4 377 /a> unsigned int a href="+code=dev" class="sref">dev /a>)4 378 /a>{4 379 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dir" class="sref">dir /a>-> a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 380 /a> return 0;4 381 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=path_mknod" class="sref">path_mknod /a>( a href="+code=dir" class="sref">dir /a>, a href="+code=dentry" class="sref">dentry /a>, a href="+code=mode" class="sref">mode /a>, a href="+code=dev" class="sref">dev /a>);4 382 /a>}4 383 /a> a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL /a>( a href="+code=security_path_mknod" class="sref">security_path_mknod /a>);4 384 /a>4 385 /a>int a href="+code=security_path_mkdir" class="sref">security_path_mkdir /a>(struct a href="+code=path" class="sref">path /a> * a href="+code=dir" class="sref">dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>, a href="+code=umode_t" class="sref">umode_t /a> a href="+code=mode" class="sref">mode /a>)4 386 /a>{4 387 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dir" class="sref">dir /a>-> a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 388 /a> return 0;4 389 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=path_mkdir" class="sref">path_mkdir /a>( a href="+code=dir" class="sref">dir /a>, a href="+code=dentry" class="sref">dentry /a>, a href="+code=mode" class="sref">mode /a>);4 390 /a>}4 391 /a> a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL /a>( a href="+code=security_path_mkdir" class="sref">security_path_mkdir /a>);4 392 /a>4 393 /a>int a href="+code=security_path_rmdir" class="sref">security_path_rmdir /a>(struct a href="+code=path" class="sref">path /a> * a href="+code=dir" class="sref">dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>)4 394 /a>{4 395 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dir" class="sref">dir /a>-> a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 396 /a> return 0;4 397 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=path_rmdir" class="sref">path_rmdir /a>( a href="+code=dir" class="sref">dir /a>, a href="+code=dentry" class="sref">dentry /a>);4 398 /a>}4 399 /a>4 400 /a>int a href="+code=security_path_unlink" class="sref">security_path_unlink /a>(struct a href="+code=path" class="sref">path /a> * a href="+code=dir" class="sref">dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>)4 401 /a>{4 402 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dir" class="sref">dir /a>-> a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 403 /a> return 0;4 404 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=path_unlink" class="sref">path_unlink /a>( a href="+code=dir" class="sref">dir /a>, a href="+code=dentry" class="sref">dentry /a>);4 405 /a>}4 406 /a> a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL /a>( a href="+code=security_path_unlink" class="sref">security_path_unlink /a>);4 407 /a>4 408 /a>int a href="+code=security_path_symlink" class="sref">security_path_symlink /a>(struct a href="+code=path" class="sref">path /a> * a href="+code=dir" class="sref">dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>,4 409 /a> const char * a href="+code=old_nam1" class="sref">old_nam1 /a>)4 410 /a>{4 411 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dir" class="sref">dir /a>-> a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 412 /a> return 0;4 413 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=path_symlink" class="sref">path_symlink /a>( a href="+code=dir" class="sref">dir /a>, a href="+code=dentry" class="sref">dentry /a>, a href="+code=old_nam1" class="sref">old_nam1 /a>);4 414 /a>}4 415 /a>4 416 /a>int a href="+code=security_path_link" class="sref">security_path_link /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=old_dentry" class="sref">old_dentry /a>, struct a href="+code=path" class="sref">path /a> * a href="+code=new_dir" class="sref">new_dir /a>,4 417 /a> struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=new_dentry" class="sref">new_dentry /a>)4 418 /a>{4 419 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=old_dentry" class="sref">old_dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 420 /a> return 0;4 421 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=path_link" class="sref">path_link /a>( a href="+code=old_dentry" class="sref">old_dentry /a>, a href="+code=new_dir" class="sref">new_dir /a>, a href="+code=new_dentry" class="sref">new_dentry /a>);4 422 /a>}4 423 /a>4 424 /a>int a href="+code=security_path_renam1" class="sref">security_path_renam1 /a>(struct a href="+code=path" class="sref">path /a> * a href="+code=old_dir" class="sref">old_dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=old_dentry" class="sref">old_dentry /a>,4 425 /a> struct a href="+code=path" class="sref">path /a> * a href="+code=new_dir" class="sref">new_dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=new_dentry" class="sref">new_dentry /a>)4 426 /a>{4 427 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=old_dentry" class="sref">old_dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>) ||4 428 /a> ( a href="+code=new_dentry" class="sref">new_dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a> && a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=new_dentry" class="sref">new_dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>))))4 429 /a> return 0;4 430 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=path_renam1" class="sref">path_renam1 /a>( a href="+code=old_dir" class="sref">old_dir /a>, a href="+code=old_dentry" class="sref">old_dentry /a>, a href="+code=new_dir" class="sref">new_dir /a>,4 431 /a> a href="+code=new_dentry" class="sref">new_dentry /a>);4 432 /a>}4 433 /a> a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL /a>( a href="+code=security_path_renam1" class="sref">security_path_renam1 /a>);4 434 /a>4 435 /a>int a href="+code=security_path_truncat1" class="sref">security_path_truncat1 /a>(struct a href="+code=path" class="sref">path /a> * a href="+code=path" class="sref">path /a>)4 436 /a>{4 437 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=path" class="sref">path /a>-> a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 438 /a> return 0;4 439 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=path_truncat1" class="sref">path_truncat1 /a>( a href="+code=path" class="sref">path /a>);4 440 /a>}4 441 /a>4 442 /a>int a href="+code=security_path_chmod" class="sref">security_path_chmod /a>(struct a href="+code=path" class="sref">path /a> * a href="+code=path" class="sref">path /a>, a href="+code=umode_t" class="sref">umode_t /a> a href="+code=mode" class="sref">mode /a>)4 443 /a>{4 444 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=path" class="sref">path /a>-> a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 445 /a> return 0;4 446 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=path_chmod" class="sref">path_chmod /a>( a href="+code=path" class="sref">path /a>, a href="+code=mode" class="sref">mode /a>);4 447 /a>}4 448 /a>4 449 /a>int a href="+code=security_path_chown" class="sref">security_path_chown /a>(struct a href="+code=path" class="sref">path /a> * a href="+code=path" class="sref">path /a>, a href="+code=kuid_t" class="sref">kuid_t /a> a href="+code=uid" class="sref">uid /a>, a href="+code=kgid_t" class="sref">kgid_t /a> a href="+code=gid" class="sref">gid /a>)4 450 /a>{4 451 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=path" class="sref">path /a>-> a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 452 /a> return 0;4 453 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=path_chown" class="sref">path_chown /a>( a href="+code=path" class="sref">path /a>, a href="+code=uid" class="sref">uid /a>, a href="+code=gid" class="sref">gid /a>);4 454 /a>}4 455 /a>4 456 /a>int a href="+code=security_path_chroot" class="sref">security_path_chroot /a>(struct a href="+code=path" class="sref">path /a> * a href="+code=path" class="sref">path /a>)4 457 /a>{4 458 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=path_chroot" class="sref">path_chroot /a>( a href="+code=path" class="sref">path /a>);4 459 /a>}4 460 /a>#endif4 461 /a>4 462 /a>int a href="+code=security_inode_creat1" class="sref">security_inode_creat1 /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=dir" class="sref">dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>, a href="+code=umode_t" class="sref">umode_t /a> a href="+code=mode" class="sref">mode /a>)4 463 /a>{4 464 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dir" class="sref">dir /a>)))4 465 /a> return 0;4 466 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_creat1" class="sref">inode_creat1 /a>( a href="+code=dir" class="sref">dir /a>, a href="+code=dentry" class="sref">dentry /a>, a href="+code=mode" class="sref">mode /a>);4 467 /a>}4 468 /a> a href="+code=EXPORT_SYMBOL_GPL" class="sref">EXPORT_SYMBOL_GPL /a>( a href="+code=security_inode_creat1" class="sref">security_inode_creat1 /a>);4 469 /a>4 470 /a>int a href="+code=security_inode_link" class="sref">security_inode_link /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=old_dentry" class="sref">old_dentry /a>, struct a href="+code=inode" class="sref">inode /a> * a href="+code=dir" class="sref">dir /a>,4 471 /a> struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=new_dentry" class="sref">new_dentry /a>)4 472 /a>{4 473 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=old_dentry" class="sref">old_dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 474 /a> return 0;4 475 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_link" class="sref">inode_link /a>( a href="+code=old_dentry" class="sref">old_dentry /a>, a href="+code=dir" class="sref">dir /a>, a href="+code=new_dentry" class="sref">new_dentry /a>);4 476 /a>}4 477 /a>4 478 /a>int a href="+code=security_inode_unlink" class="sref">security_inode_unlink /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=dir" class="sref">dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>)4 479 /a>{4 480 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 481 /a> return 0;4 482 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_unlink" class="sref">inode_unlink /a>( a href="+code=dir" class="sref">dir /a>, a href="+code=dentry" class="sref">dentry /a>);4 483 /a>}4 484 /a>4 485 /a>int a href="+code=security_inode_symlink" class="sref">security_inode_symlink /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=dir" class="sref">dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>,4 486 /a> const char * a href="+code=old_nam1" class="sref">old_nam1 /a>)4 487 /a>{4 488 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dir" class="sref">dir /a>)))4 489 /a> return 0;4 490 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_symlink" class="sref">inode_symlink /a>( a href="+code=dir" class="sref">dir /a>, a href="+code=dentry" class="sref">dentry /a>, a href="+code=old_nam1" class="sref">old_nam1 /a>);4 491 /a>}4 492 /a>4 493 /a>int a href="+code=security_inode_mkdir" class="sref">security_inode_mkdir /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=dir" class="sref">dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>, a href="+code=umode_t" class="sref">umode_t /a> a href="+code=mode" class="sref">mode /a>)4 494 /a>{4 495 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dir" class="sref">dir /a>)))4 496 /a> return 0;4 497 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_mkdir" class="sref">inode_mkdir /a>( a href="+code=dir" class="sref">dir /a>, a href="+code=dentry" class="sref">dentry /a>, a href="+code=mode" class="sref">mode /a>);4 498 /a>}4 499 /a> a href="+code=EXPORT_SYMBOL_GPL" class="sref">EXPORT_SYMBOL_GPL /a>( a href="+code=security_inode_mkdir" class="sref">security_inode_mkdir /a>);4 500 /a>4 501 /a>int a href="+code=security_inode_rmdir" class="sref">security_inode_rmdir /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=dir" class="sref">dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>)4 502 /a>{4 503 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 504 /a> return 0;4 505 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_rmdir" class="sref">inode_rmdir /a>( a href="+code=dir" class="sref">dir /a>, a href="+code=dentry" class="sref">dentry /a>);4 506 /a>}4 507 /a>4 508 /a>int a href="+code=security_inode_mknod" class="sref">security_inode_mknod /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=dir" class="sref">dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>, a href="+code=umode_t" class="sref">umode_t /a> a href="+code=mode" class="sref">mode /a>, a href="+code=dev_t" class="sref">dev_t /a> a href="+code=dev" class="sref">dev /a>)4 509 /a>{4 510 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dir" class="sref">dir /a>)))4 511 /a> return 0;4 512 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_mknod" class="sref">inode_mknod /a>( a href="+code=dir" class="sref">dir /a>, a href="+code=dentry" class="sref">dentry /a>, a href="+code=mode" class="sref">mode /a>, a href="+code=dev" class="sref">dev /a>);4 513 /a>}4 514 /a>4 515 /a>int a href="+code=security_inode_renam1" class="sref">security_inode_renam1 /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=old_dir" class="sref">old_dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=old_dentry" class="sref">old_dentry /a>,4 516 /a> struct a href="+code=inode" class="sref">inode /a> * a href="+code=new_dir" class="sref">new_dir /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=new_dentry" class="sref">new_dentry /a>)4 517 /a>{4 518 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=old_dentry" class="sref">old_dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>) ||4 519 /a> ( a href="+code=new_dentry" class="sref">new_dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a> && a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=new_dentry" class="sref">new_dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>))))4 520 /a> return 0;4 521 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_renam1" class="sref">inode_renam1 /a>( a href="+code=old_dir" class="sref">old_dir /a>, a href="+code=old_dentry" class="sref">old_dentry /a>,4 522 /a> a href="+code=new_dir" class="sref">new_dir /a>, a href="+code=new_dentry" class="sref">new_dentry /a>);4 523 /a>}4 524 /a>4 525 /a>int a href="+code=security_inode_readlink" class="sref">security_inode_readlink /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>)4 526 /a>{4 527 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 528 /a> return 0;4 529 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_readlink" class="sref">inode_readlink /a>( a href="+code=dentry" class="sref">dentry /a>);4 530 /a>}4 531 /a>4 532 /a>int a href="+code=security_inode_follow_link" class="sref">security_inode_follow_link /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>, struct a href="+code=nam1idata" class="sref">nam1idata /a> * a href="+code=nd" class="sref">nd /a>)4 533 /a>{4 534 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 535 /a> return 0;4 536 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_follow_link" class="sref">inode_follow_link /a>( a href="+code=dentry" class="sref">dentry /a>, a href="+code=nd" class="sref">nd /a>);4 537 /a>}4 538 /a>4 539 /a>int a href="+code=security_inode_permission" class="sref">security_inode_permission /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=inode" class="sref">inode /a>, int a href="+code=mask" class="sref">mask /a>)4 540 /a>{4 541 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=inode" class="sref">inode /a>)))4 542 /a> return 0;4 543 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_permission" class="sref">inode_permission /a>( a href="+code=inode" class="sref">inode /a>, a href="+code=mask" class="sref">mask /a>);4 544 /a>}4 545 /a>4 546 /a>int a href="+code=security_inode_setattr" class="sref">security_inode_setattr /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>, struct a href="+code=iattr" class="sref">iattr /a> * a href="+code=attr" class="sref">attr /a>)4 547 /a>{4 548 /a> int a href="+code=ret" class="sref">ret /a>;4 549 /a>4 550 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 551 /a> return 0;4 552 /a> a href="+code=ret" class="sref">ret /a> = a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_setattr" class="sref">inode_setattr /a>( a href="+code=dentry" class="sref">dentry /a>, a href="+code=attr" class="sref">attr /a>);4 553 /a> if ( a href="+code=ret" class="sref">ret /a>)4 554 /a> return a href="+code=ret" class="sref">ret /a>;4 555 /a> return a href="+code=evm_inode_setattr" class="sref">evm_inode_setattr /a>( a href="+code=dentry" class="sref">dentry /a>, a href="+code=attr" class="sref">attr /a>);4 556 /a>}4 557 /a> a href="+code=EXPORT_SYMBOL_GPL" class="sref">EXPORT_SYMBOL_GPL /a>( a href="+code=security_inode_setattr" class="sref">security_inode_setattr /a>);4 558 /a>4 559 /a>int a href="+code=security_inode_getattr" class="sref">security_inode_getattr /a>(struct a href="+code=vfsmount" class="sref">vfsmount /a> * a href="+code=mnt" class="sref">mnt /a>, struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>)4 560 /a>{4 561 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 562 /a> return 0;4 563 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_getattr" class="sref">inode_getattr /a>( a href="+code=mnt" class="sref">mnt /a>, a href="+code=dentry" class="sref">dentry /a>);4 564 /a>}4 565 /a>4 566 /a>int a href="+code=security_inode_setxattr" class="sref">security_inode_setxattr /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>, const char * a href="+code=nam1" class="sref">nam1 /a>,4 567 /a> const void * a href="+code=valu1" class="sref">valu1 /a>, a href="+code=size_t" class="sref">size_t /a> a href="+code=size" class="sref">size /a>, int a href="+code=flags" class="sref">flags /a>)4 568 /a>{4 569 /a> int a href="+code=ret" class="sref">ret /a>;4 570 /a>4 571 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 572 /a> return 0;4 573 /a> a href="+code=ret" class="sref">ret /a> = a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_setxattr" class="sref">inode_setxattr /a>( a href="+code=dentry" class="sref">dentry /a>, a href="+code=nam1" class="sref">nam1 /a>, a href="+code=valu1" class="sref">valu1 /a>, a href="+code=size" class="sref">size /a>, a href="+code=flags" class="sref">flags /a>);4 574 /a> if ( a href="+code=ret" class="sref">ret /a>)4 575 /a> return a href="+code=ret" class="sref">ret /a>;4 576 /a> a href="+code=ret" class="sref">ret /a> = a href="+code=ima_inode_setxattr" class="sref">ima_inode_setxattr /a>( a href="+code=dentry" class="sref">dentry /a>, a href="+code=nam1" class="sref">nam1 /a>, a href="+code=valu1" class="sref">valu1 /a>, a href="+code=size" class="sref">size /a>);4 577 /a> if ( a href="+code=ret" class="sref">ret /a>)4 578 /a> return a href="+code=ret" class="sref">ret /a>;4 579 /a> return a href="+code=evm_inode_setxattr" class="sref">evm_inode_setxattr /a>( a href="+code=dentry" class="sref">dentry /a>, a href="+code=nam1" class="sref">nam1 /a>, a href="+code=valu1" class="sref">valu1 /a>, a href="+code=size" class="sref">size /a>);4 580 /a>}4 581 /a>4 582 /a>void a href="+code=security_inode_post_setxattr" class="sref">security_inode_post_setxattr /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>, const char * a href="+code=nam1" class="sref">nam1 /a>,4 583 /a> const void * a href="+code=valu1" class="sref">valu1 /a>, a href="+code=size_t" class="sref">size_t /a> a href="+code=size" class="sref">size /a>, int a href="+code=flags" class="sref">flags /a>)4 584 /a>{4 585 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 586 /a> return;4 587 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_post_setxattr" class="sref">inode_post_setxattr /a>( a href="+code=dentry" class="sref">dentry /a>, a href="+code=nam1" class="sref">nam1 /a>, a href="+code=valu1" class="sref">valu1 /a>, a href="+code=size" class="sref">size /a>, a href="+code=flags" class="sref">flags /a>);4 588 /a> a href="+code=evm_inode_post_setxattr" class="sref">evm_inode_post_setxattr /a>( a href="+code=dentry" class="sref">dentry /a>, a href="+code=nam1" class="sref">nam1 /a>, a href="+code=valu1" class="sref">valu1 /a>, a href="+code=size" class="sref">size /a>);4 589 /a>}4 590 /a>4 591 /a>int a href="+code=security_inode_getxattr" class="sref">security_inode_getxattr /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>, const char * a href="+code=nam1" class="sref">nam1 /a>)4 592 /a>{4 593 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 594 /a> return 0;4 595 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_getxattr" class="sref">inode_getxattr /a>( a href="+code=dentry" class="sref">dentry /a>, a href="+code=nam1" class="sref">nam1 /a>);4 596 /a>}4 597 /a>4 598 /a>int a href="+code=security_inode_listxattr" class="sref">security_inode_listxattr /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>)4 599 /a>{4 600 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 601 /a> return 0;4 602 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_listxattr" class="sref">inode_listxattr /a>( a href="+code=dentry" class="sref">dentry /a>);4 603 /a>}4 604 /a>4 605 /a>int a href="+code=security_inode_removexattr" class="sref">security_inode_removexattr /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>, const char * a href="+code=nam1" class="sref">nam1 /a>)4 606 /a>{4 607 /a> int a href="+code=ret" class="sref">ret /a>;4 608 /a>4 609 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=dentry" class="sref">dentry /a>-> a href="+code=d_inode" class="sref">d_inode /a>)))4 610 /a> return 0;4 611 /a> a href="+code=ret" class="sref">ret /a> = a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_removexattr" class="sref">inode_removexattr /a>( a href="+code=dentry" class="sref">dentry /a>, a href="+code=nam1" class="sref">nam1 /a>);4 612 /a> if ( a href="+code=ret" class="sref">ret /a>)4 613 /a> return a href="+code=ret" class="sref">ret /a>;4 614 /a> a href="+code=ret" class="sref">ret /a> = a href="+code=ima_inode_removexattr" class="sref">ima_inode_removexattr /a>( a href="+code=dentry" class="sref">dentry /a>, a href="+code=nam1" class="sref">nam1 /a>);4 615 /a> if ( a href="+code=ret" class="sref">ret /a>)4 616 /a> return a href="+code=ret" class="sref">ret /a>;4 617 /a> return a href="+code=evm_inode_removexattr" class="sref">evm_inode_removexattr /a>( a href="+code=dentry" class="sref">dentry /a>, a href="+code=nam1" class="sref">nam1 /a>);4 618 /a>}4 619 /a>4 620 /a>int a href="+code=security_inode_need_killpriv" class="sref">security_inode_need_killpriv /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>)4 621 /a>{4 622 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_need_killpriv" class="sref">inode_need_killpriv /a>( a href="+code=dentry" class="sref">dentry /a>);4 623 /a>}4 624 /a>4 625 /a>int a href="+code=security_inode_killpriv" class="sref">security_inode_killpriv /a>(struct a href="+code=dentry" class="sref">dentry /a> * a href="+code=dentry" class="sref">dentry /a>)4 626 /a>{4 627 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_killpriv" class="sref">inode_killpriv /a>( a href="+code=dentry" class="sref">dentry /a>);4 628 /a>}4 629 /a>4 630 /a>int a href="+code=security_inode_getsecurity" class="sref">security_inode_getsecurity /a>(const struct a href="+code=inode" class="sref">inode /a> * a href="+code=inode" class="sref">inode /a>, const char * a href="+code=nam1" class="sref">nam1 /a>, void ** a href="+code=buffer" class="sref">buffer /a>, a href="+code=bool" class="sref">bool /a> a href="+code=alloc" class="sref">alloc /a>)4 631 /a>{4 632 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=inode" class="sref">inode /a>)))4 633 /a> return - a href="+code=EOPNOTSUPP" class="sref">EOPNOTSUPP /a>;4 634 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_getsecurity" class="sref">inode_getsecurity /a>( a href="+code=inode" class="sref">inode /a>, a href="+code=nam1" class="sref">nam1 /a>, a href="+code=buffer" class="sref">buffer /a>, a href="+code=alloc" class="sref">alloc /a>);4 635 /a>}4 636 /a>4 637 /a>int a href="+code=security_inode_setsecurity" class="sref">security_inode_setsecurity /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=inode" class="sref">inode /a>, const char * a href="+code=nam1" class="sref">nam1 /a>, const void * a href="+code=valu1" class="sref">valu1 /a>, a href="+code=size_t" class="sref">size_t /a> a href="+code=size" class="sref">size /a>, int a href="+code=flags" class="sref">flags /a>)4 638 /a>{4 639 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=inode" class="sref">inode /a>)))4 640 /a> return - a href="+code=EOPNOTSUPP" class="sref">EOPNOTSUPP /a>;4 641 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_setsecurity" class="sref">inode_setsecurity /a>( a href="+code=inode" class="sref">inode /a>, a href="+code=nam1" class="sref">nam1 /a>, a href="+code=valu1" class="sref">valu1 /a>, a href="+code=size" class="sref">size /a>, a href="+code=flags" class="sref">flags /a>);4 642 /a>}4 643 /a>4 644 /a>int a href="+code=security_inode_listsecurity" class="sref">security_inode_listsecurity /a>(struct a href="+code=inode" class="sref">inode /a> * a href="+code=inode" class="sref">inode /a>, char * a href="+code=buffer" class="sref">buffer /a>, a href="+code=size_t" class="sref">size_t /a> a href="+code=buffer_size" class="sref">buffer_size /a>)4 645 /a>{4 646 /a> if ( a href="+code=unlikely" class="sref">unlikely /a>( a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE /a>( a href="+code=inode" class="sref">inode /a>)))4 647 /a> return 0;4 648 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_listsecurity" class="sref">inode_listsecurity /a>( a href="+code=inode" class="sref">inode /a>, a href="+code=buffer" class="sref">buffer /a>, a href="+code=buffer_size" class="sref">buffer_size /a>);4 649 /a>}4 650 /a>4 651 /a>void a href="+code=security_inode_getsecid" class="sref">security_inode_getsecid /a>(const struct a href="+code=inode" class="sref">inode /a> * a href="+code=inode" class="sref">inode /a>, a href="+code=u32" class="sref">u32 /a> * a href="+code=secid" class="sref">secid /a>)4 652 /a>{4 653 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=inode_getsecid" class="sref">inode_getsecid /a>( a href="+code=inode" class="sref">inode /a>, a href="+code=secid" class="sref">secid /a>);4 654 /a>}4 655 /a>4 656 /a>int a href="+code=security_file_permission" class="sref">security_file_permission /a>(struct a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>, int a href="+code=mask" class="sref">mask /a>)4 657 /a>{4 658 /a> int a href="+code=ret" class="sref">ret /a>;4 659 /a>4 660 /a> a href="+code=ret" class="sref">ret /a> = a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=file_permission" class="sref">file_permission /a>( a href="+code=file" class="sref">file /a>, a href="+code=mask" class="sref">mask /a>);4 661 /a> if ( a href="+code=ret" class="sref">ret /a>)4 662 /a> return a href="+code=ret" class="sref">ret /a>;4 663 /a>4 664 /a> return a href="+code=fsnotify_perm" class="sref">fsnotify_perm /a>( a href="+code=file" class="sref">file /a>, a href="+code=mask" class="sref">mask /a>);4 665 /a>}4 666 /a>4 667 /a>int a href="+code=security_file_alloc" class="sref">security_file_alloc /a>(struct a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>)4 668 /a>{4 669 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=file_alloc_security" class="sref">file_alloc_security /a>( a href="+code=file" class="sref">file /a>);4 670 /a>}4 671 /a>4 672 /a>void a href="+code=security_file_free" class="sref">security_file_free /a>(struct a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>)4 673 /a>{4 674 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=file_free_security" class="sref">file_free_security /a>( a href="+code=file" class="sref">file /a>);4 675 /a>}4 676 /a>4 677 /a>int a href="+code=security_file_ioctl" class="sref">security_file_ioctl /a>(struct a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>, unsigned int a href="+code=cmd" class="sref">cmd /a>, unsigned long a href="+code=arg" class="sref">arg /a>)4 678 /a>{4 679 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=file_ioctl" class="sref">file_ioctl /a>( a href="+code=file" class="sref">file /a>, a href="+code=cmd" class="sref">cmd /a>, a href="+code=arg" class="sref">arg /a>);4 680 /a>}4 681 /a>4 682 /a>static a href="+code=inline" class="sref">inline /a> unsigned long a href="+code=mmap_prot" class="sref">mmap_prot /a>(struct a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>, unsigned long a href="+code=prot" class="sref">prot /a>)4 683 /a>{4 684 /a> span class="comment">/*4 685 /a> span class="comment"> * Does we have PROT_READ and does the application expect4 686 /a> span class="comment"> * it to imply PROT_EXEC? If not, nothing to talk about...4 687 /a> span class="comment"> */4 688 /a> if (( a href="+code=prot" class="sref">prot /a> & ( a href="+code=PROT_READ" class="sref">PROT_READ /a> | a href="+code=PROT_EXEC" class="sref">PROT_EXEC /a>)) != a href="+code=PROT_READ" class="sref">PROT_READ /a>)4 689 /a> return a href="+code=prot" class="sref">prot /a>;4 690 /a> if (!( a href="+code=current" class="sref">current /a>-> a href="+code=personality" class="sref">personality /a> & a href="+code=READ_IMPLIES_EXEC" class="sref">READ_IMPLIES_EXEC /a>))4 691 /a> return a href="+code=prot" class="sref">prot /a>;4 692 /a> span class="comment">/*4 693 /a> span class="comment"> * if that's an anonymous mapping, let it.4 694 /a> span class="comment"> */4 695 /a> if (! a href="+code=file" class="sref">file /a>)4 696 /a> return a href="+code=prot" class="sref">prot /a> | a href="+code=PROT_EXEC" class="sref">PROT_EXEC /a>;4 697 /a> span class="comment">/*4 698 /a> span class="comment"> * ditto if it's not on noexec mount, except that on !MMU we need4 699 /a> span class="comment"> * BDI_CAP_EXEC_MMAP (== VM_MAYEXEC) in this case4 700 /a> span class="comment"> */4 701 /a> if (!( a href="+code=file" class="sref">file /a>-> a href="+code=f_path" class="sref">f_path /a>. a href="+code=mnt" class="sref">mnt /a>-> a href="+code=mnt_flags" class="sref">mnt_flags /a> & a href="+code=MNT_NOEXEC" class="sref">MNT_NOEXEC /a>)) {4 702 /a>#ifndef a href="+code=CONFIG_MMU" class="sref">CONFIG_MMU /a>4 703 /a> unsigned long a href="+code=caps" class="sref">caps /a> = 0;4 704 /a> struct a href="+code=address_space" class="sref">address_space /a> * a href="+code=mapping" class="sref">mapping /a> = a href="+code=file" class="sref">file /a>-> a href="+code=f_mapping" class="sref">f_mapping /a>;4 705 /a> if ( a href="+code=mapping" class="sref">mapping /a> && a href="+code=mapping" class="sref">mapping /a>-> a href="+code=backing_dev_info" class="sref">backing_dev_info /a>)4 706 /a> a href="+code=caps" class="sref">caps /a> = a href="+code=mapping" class="sref">mapping /a>-> a href="+code=backing_dev_info" class="sref">backing_dev_info /a>-> a href="+code=capabilities" class="sref">capabilities /a>;4 707 /a> if (!( a href="+code=caps" class="sref">caps /a> & a href="+code=BDI_CAP_EXEC_MAP" class="sref">BDI_CAP_EXEC_MAP /a>))4 708 /a> return a href="+code=prot" class="sref">prot /a>;4 709 /a>#endif4 710 /a> return a href="+code=prot" class="sref">prot /a> | a href="+code=PROT_EXEC" class="sref">PROT_EXEC /a>;4 711 /a> }4 712 /a> span class="comment">/* anything on noexec mount won't get PROT_EXEC */4 713 /a> return a href="+code=prot" class="sref">prot /a>;4 714 /a>}4 715 /a>4 716 /a>int a href="+code=security_mmap_file" class="sref">security_mmap_file /a>(struct a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>, unsigned long a href="+code=prot" class="sref">prot /a>,4 717 /a> unsigned long a href="+code=flags" class="sref">flags /a>)4 718 /a>{4 719 /a> int a href="+code=ret" class="sref">ret /a>;4 720 /a> a href="+code=ret" class="sref">ret /a> = a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=mmap_file" class="sref">mmap_file /a>( a href="+code=file" class="sref">file /a>, a href="+code=prot" class="sref">prot /a>,4 721 /a> a href="+code=mmap_prot" class="sref">mmap_prot /a>( a href="+code=file" class="sref">file /a>, a href="+code=prot" class="sref">prot /a>), a href="+code=flags" class="sref">flags /a>);4 722 /a> if ( a href="+code=ret" class="sref">ret /a>)4 723 /a> return a href="+code=ret" class="sref">ret /a>;4 724 /a> return a href="+code=ima_file_mmap" class="sref">ima_file_mmap /a>( a href="+code=file" class="sref">file /a>, a href="+code=prot" class="sref">prot /a>);4 725 /a>}4 726 /a>4 727 /a>int a href="+code=security_mmap_addr" class="sref">security_mmap_addr /a>(unsigned long a href="+code=addr" class="sref">addr /a>)4 728 /a>{4 729 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=mmap_addr" class="sref">mmap_addr /a>( a href="+code=addr" class="sref">addr /a>);4 730 /a>}4 731 /a>4 732 /a>int a href="+code=security_file_mprotect" class="sref">security_file_mprotect /a>(struct a href="+code=vm_area_struct" class="sref">vm_area_struct /a> * a href="+code=vma" class="sref">vma /a>, unsigned long a href="+code=reqprot" class="sref">reqprot /a>,4 733 /a> unsigned long a href="+code=prot" class="sref">prot /a>)4 734 /a>{4 735 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=file_mprotect" class="sref">file_mprotect /a>( a href="+code=vma" class="sref">vma /a>, a href="+code=reqprot" class="sref">reqprot /a>, a href="+code=prot" class="sref">prot /a>);4 736 /a>}4 737 /a>4 738 /a>int a href="+code=security_file_lock" class="sref">security_file_lock /a>(struct a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>, unsigned int a href="+code=cmd" class="sref">cmd /a>)4 739 /a>{4 740 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=file_lock" class="sref">file_lock /a>( a href="+code=file" class="sref">file /a>, a href="+code=cmd" class="sref">cmd /a>);4 741 /a>}4 742 /a>4 743 /a>int a href="+code=security_file_fcntl" class="sref">security_file_fcntl /a>(struct a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>, unsigned int a href="+code=cmd" class="sref">cmd /a>, unsigned long a href="+code=arg" class="sref">arg /a>)4 744 /a>{4 745 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=file_fcntl" class="sref">file_fcntl /a>( a href="+code=file" class="sref">file /a>, a href="+code=cmd" class="sref">cmd /a>, a href="+code=arg" class="sref">arg /a>);4 746 /a>}4 747 /a>4 748 /a>int a href="+code=security_file_set_fowner" class="sref">security_file_set_fowner /a>(struct a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>)4 749 /a>{4 750 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=file_set_fowner" class="sref">file_set_fowner /a>( a href="+code=file" class="sref">file /a>);4 751 /a>}4 752 /a>4 753 /a>int a href="+code=security_file_send_sigiotask" class="sref">security_file_send_sigiotask /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=tsk" class="sref">tsk /a>,4 754 /a> struct a href="+code=fown_struct" class="sref">fown_struct /a> * a href="+code=fown" class="sref">fown /a>, int a href="+code=sig" class="sref">sig /a>)4 755 /a>{4 756 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=file_send_sigiotask" class="sref">file_send_sigiotask /a>( a href="+code=tsk" class="sref">tsk /a>, a href="+code=fown" class="sref">fown /a>, a href="+code=sig" class="sref">sig /a>);4 757 /a>}4 758 /a>4 759 /a>int a href="+code=security_file_receive" class="sref">security_file_receive /a>(struct a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>)4 760 /a>{4 761 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=file_receive" class="sref">file_receive /a>( a href="+code=file" class="sref">file /a>);4 762 /a>}4 763 /a>4 764 /a>int a href="+code=security_file_open" class="sref">security_file_open /a>(struct a href="+code=file" class="sref">file /a> * a href="+code=file" class="sref">file /a>, const struct a href="+code=cred" class="sref">cred /a> * a href="+code=cred" class="sref">cred /a>)4 765 /a>{4 766 /a> int a href="+code=ret" class="sref">ret /a>;4 767 /a>4 768 /a> a href="+code=ret" class="sref">ret /a> = a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=file_open" class="sref">file_open /a>( a href="+code=file" class="sref">file /a>, a href="+code=cred" class="sref">cred /a>);4 769 /a> if ( a href="+code=ret" class="sref">ret /a>)4 770 /a> return a href="+code=ret" class="sref">ret /a>;4 771 /a>4 772 /a> return a href="+code=fsnotify_perm" class="sref">fsnotify_perm /a>( a href="+code=file" class="sref">file /a>, a href="+code=MAY_OPEN" class="sref">MAY_OPEN /a>);4 773 /a>}4 774 /a>4 775 /a>int a href="+code=security_task_create" class="sref">security_task_create /a>(unsigned long a href="+code=clone_flags" class="sref">clone_flags /a>)4 776 /a>{4 777 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_create" class="sref">task_create /a>( a href="+code=clone_flags" class="sref">clone_flags /a>);4 778 /a>}4 779 /a>4 780 /a>void a href="+code=security_task_free" class="sref">security_task_free /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=task" class="sref">task /a>)4 781 /a>{4 782 /a>#ifdef a href="+code=CONFIG_SECURITY_YAMA_STACKED" class="sref">CONFIG_SECURITY_YAMA_STACKED /a>4 783 /a> a href="+code=yama_task_free" class="sref">yama_task_free /a>( a href="+code=task" class="sref">task /a>);4 784 /a>#endif4 785 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_free" class="sref">task_free /a>( a href="+code=task" class="sref">task /a>);4 786 /a>}4 787 /a>4 788 /a>int a href="+code=security_cred_alloc_blank" class="sref">security_cred_alloc_blank /a>(struct a href="+code=cred" class="sref">cred /a> * a href="+code=cred" class="sref">cred /a>, a href="+code=gfp_t" class="sref">gfp_t /a> a href="+code=gfp" class="sref">gfp /a>)4 789 /a>{4 790 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=cred_alloc_blank" class="sref">cred_alloc_blank /a>( a href="+code=cred" class="sref">cred /a>, a href="+code=gfp" class="sref">gfp /a>);4 791 /a>}4 792 /a>4 793 /a>void a href="+code=security_cred_free" class="sref">security_cred_free /a>(struct a href="+code=cred" class="sref">cred /a> * a href="+code=cred" class="sref">cred /a>)4 794 /a>{4 795 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=cred_free" class="sref">cred_free /a>( a href="+code=cred" class="sref">cred /a>);4 796 /a>}4 797 /a>4 798 /a>int a href="+code=security_prepare_creds" class="sref">security_prepare_creds /a>(struct a href="+code=cred" class="sref">cred /a> * a href="+code=new" class="sref">new /a>, const struct a href="+code=cred" class="sref">cred /a> * a href="+code=old" class="sref">old /a>, a href="+code=gfp_t" class="sref">gfp_t /a> a href="+code=gfp" class="sref">gfp /a>)4 799 /a>{4 800 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=cred_prepare" class="sref">cred_prepare /a>( a href="+code=new" class="sref">new /a>, a href="+code=old" class="sref">old /a>, a href="+code=gfp" class="sref">gfp /a>);4 801 /a>}4 802 /a>4 803 /a>void a href="+code=security_transfer_creds" class="sref">security_transfer_creds /a>(struct a href="+code=cred" class="sref">cred /a> * a href="+code=new" class="sref">new /a>, const struct a href="+code=cred" class="sref">cred /a> * a href="+code=old" class="sref">old /a>)4 804 /a>{4 805 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=cred_transfer" class="sref">cred_transfer /a>( a href="+code=new" class="sref">new /a>, a href="+code=old" class="sref">old /a>);4 806 /a>}4 807 /a>4 808 /a>int a href="+code=security_kernel_act_as" class="sref">security_kernel_act_as /a>(struct a href="+code=cred" class="sref">cred /a> * a href="+code=new" class="sref">new /a>, a href="+code=u32" class="sref">u32 /a> a href="+code=secid" class="sref">secid /a>)4 809 /a>{4 810 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=kernel_act_as" class="sref">kernel_act_as /a>( a href="+code=new" class="sref">new /a>, a href="+code=secid" class="sref">secid /a>);4 811 /a>}4 812 /a>4 813 /a>int a href="+code=security_kernel_create_files_as" class="sref">security_kernel_create_files_as /a>(struct a href="+code=cred" class="sref">cred /a> * a href="+code=new" class="sref">new /a>, struct a href="+code=inode" class="sref">inode /a> * a href="+code=inode" class="sref">inode /a>)4 814 /a>{4 815 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=kernel_create_files_as" class="sref">kernel_create_files_as /a>( a href="+code=new" class="sref">new /a>, a href="+code=inode" class="sref">inode /a>);4 816 /a>}4 817 /a>4 818 /a>int a href="+code=security_kernel_module_request" class="sref">security_kernel_module_request /a>(char * a href="+code=kmod_nam1" class="sref">kmod_nam1 /a>)4 819 /a>{4 820 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=kernel_module_request" class="sref">kernel_module_request /a>( a href="+code=kmod_nam1" class="sref">kmod_nam1 /a>);4 821 /a>}4 822 /a>4 823 /a>int a href="+code=security_task_fix_setuid" class="sref">security_task_fix_setuid /a>(struct a href="+code=cred" class="sref">cred /a> * a href="+code=new" class="sref">new /a>, const struct a href="+code=cred" class="sref">cred /a> * a href="+code=old" class="sref">old /a>,4 824 /a> int a href="+code=flags" class="sref">flags /a>)4 825 /a>{4 826 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_fix_setuid" class="sref">task_fix_setuid /a>( a href="+code=new" class="sref">new /a>, a href="+code=old" class="sref">old /a>, a href="+code=flags" class="sref">flags /a>);4 827 /a>}4 828 /a>4 829 /a>int a href="+code=security_task_setpgid" class="sref">security_task_setpgid /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>, a href="+code=pid_t" class="sref">pid_t /a> a href="+code=pgid" class="sref">pgid /a>)4 830 /a>{4 831 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_setpgid" class="sref">task_setpgid /a>( a href="+code=p" class="sref">p /a>, a href="+code=pgid" class="sref">pgid /a>);4 832 /a>}4 833 /a>4 834 /a>int a href="+code=security_task_getpgid" class="sref">security_task_getpgid /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>)4 835 /a>{4 836 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_getpgid" class="sref">task_getpgid /a>( a href="+code=p" class="sref">p /a>);4 837 /a>}4 838 /a>4 839 /a>int a href="+code=security_task_getsid" class="sref">security_task_getsid /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>)4 840 /a>{4 841 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_getsid" class="sref">task_getsid /a>( a href="+code=p" class="sref">p /a>);4 842 /a>}4 843 /a>4 844 /a>void a href="+code=security_task_getsecid" class="sref">security_task_getsecid /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>, a href="+code=u32" class="sref">u32 /a> * a href="+code=secid" class="sref">secid /a>)4 845 /a>{4 846 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_getsecid" class="sref">task_getsecid /a>( a href="+code=p" class="sref">p /a>, a href="+code=secid" class="sref">secid /a>);4 847 /a>}4 848 /a> a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL /a>( a href="+code=security_task_getsecid" class="sref">security_task_getsecid /a>);4 849 /a>4 850 /a>int a href="+code=security_task_setnice" class="sref">security_task_setnice /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>, int a href="+code=nice" class="sref">nice /a>)4 851 /a>{4 852 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_setnice" class="sref">task_setnice /a>( a href="+code=p" class="sref">p /a>, a href="+code=nice" class="sref">nice /a>);4 853 /a>}4 854 /a>4 855 /a>int a href="+code=security_task_setioprio" class="sref">security_task_setioprio /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>, int a href="+code=ioprio" class="sref">ioprio /a>)4 856 /a>{4 857 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_setioprio" class="sref">task_setioprio /a>( a href="+code=p" class="sref">p /a>, a href="+code=ioprio" class="sref">ioprio /a>);4 858 /a>}4 859 /a>4 860 /a>int a href="+code=security_task_getioprio" class="sref">security_task_getioprio /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>)4 861 /a>{4 862 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_getioprio" class="sref">task_getioprio /a>( a href="+code=p" class="sref">p /a>);4 863 /a>}4 864 /a>4 865 /a>int a href="+code=security_task_setrlimit" class="sref">security_task_setrlimit /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>, unsigned int a href="+code=resource" class="sref">resource /a>,4 866 /a> struct a href="+code=rlimit" class="sref">rlimit /a> * a href="+code=new_rlim" class="sref">new_rlim /a>)4 867 /a>{4 868 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_setrlimit" class="sref">task_setrlimit /a>( a href="+code=p" class="sref">p /a>, a href="+code=resource" class="sref">resource /a>, a href="+code=new_rlim" class="sref">new_rlim /a>);4 869 /a>}4 870 /a>4 871 /a>int a href="+code=security_task_setscheduler" class="sref">security_task_setscheduler /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>)4 872 /a>{4 873 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_setscheduler" class="sref">task_setscheduler /a>( a href="+code=p" class="sref">p /a>);4 874 /a>}4 875 /a>4 876 /a>int a href="+code=security_task_getscheduler" class="sref">security_task_getscheduler /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>)4 877 /a>{4 878 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_getscheduler" class="sref">task_getscheduler /a>( a href="+code=p" class="sref">p /a>);4 879 /a>}4 880 /a>4 881 /a>int a href="+code=security_task_movememory" class="sref">security_task_movememory /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>)4 882 /a>{4 883 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_movememory" class="sref">task_movememory /a>( a href="+code=p" class="sref">p /a>);4 884 /a>}4 885 /a>4 886 /a>int a href="+code=security_task_kill" class="sref">security_task_kill /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>, struct a href="+code=siginfo" class="sref">siginfo /a> * a href="+code=info" class="sref">info /a>,4 887 /a> int a href="+code=sig" class="sref">sig /a>, a href="+code=u32" class="sref">u32 /a> a href="+code=secid" class="sref">secid /a>)4 888 /a>{4 889 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_kill" class="sref">task_kill /a>( a href="+code=p" class="sref">p /a>, a href="+code=info" class="sref">info /a>, a href="+code=sig" class="sref">sig /a>, a href="+code=secid" class="sref">secid /a>);4 890 /a>}4 891 /a>4 892 /a>int a href="+code=security_task_wait" class="sref">security_task_wait /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>)4 893 /a>{4 894 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_wait" class="sref">task_wait /a>( a href="+code=p" class="sref">p /a>);4 895 /a>}4 896 /a>4 897 /a>int a href="+code=security_task_prctl" class="sref">security_task_prctl /a>(int a href="+code=option" class="sref">option /a>, unsigned long a href="+code=arg2" class="sref">arg2 /a>, unsigned long a href="+code=arg3" class="sref">arg3 /a>,4 898 /a> unsigned long a href="+code=arg4" class="sref">arg4 /a>, unsigned long a href="+code=arg5" class="sref">arg5 /a>)4 899 /a>{4 900 /a>#ifdef a href="+code=CONFIG_SECURITY_YAMA_STACKED" class="sref">CONFIG_SECURITY_YAMA_STACKED /a>4 901 /a> int a href="+code=rc" class="sref">rc /a>;4 902 /a> a href="+code=rc" class="sref">rc /a> = a href="+code=yama_task_prctl" class="sref">yama_task_prctl /a>( a href="+code=option" class="sref">option /a>, a href="+code=arg2" class="sref">arg2 /a>, a href="+code=arg3" class="sref">arg3 /a>, a href="+code=arg4" class="sref">arg4 /a>, a href="+code=arg5" class="sref">arg5 /a>);4 903 /a> if ( a href="+code=rc" class="sref">rc /a> != - a href="+code=ENOSYS" class="sref">ENOSYS /a>)4 904 /a> return a href="+code=rc" class="sref">rc /a>;4 905 /a>#endif4 906 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_prctl" class="sref">task_prctl /a>( a href="+code=option" class="sref">option /a>, a href="+code=arg2" class="sref">arg2 /a>, a href="+code=arg3" class="sref">arg3 /a>, a href="+code=arg4" class="sref">arg4 /a>, a href="+code=arg5" class="sref">arg5 /a>);4 907 /a>}4 908 /a>4 909 /a>void a href="+code=security_task_to_inode" class="sref">security_task_to_inode /a>(struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=p" class="sref">p /a>, struct a href="+code=inode" class="sref">inode /a> * a href="+code=inode" class="sref">inode /a>)4 910 /a>{4 911 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=task_to_inode" class="sref">task_to_inode /a>( a href="+code=p" class="sref">p /a>, a href="+code=inode" class="sref">inode /a>);4 912 /a>}4 913 /a>4 914 /a>int a href="+code=security_ipc_permission" class="sref">security_ipc_permission /a>(struct a href="+code=kern_ipc_perm" class="sref">kern_ipc_perm /a> * a href="+code=ipcp" class="sref">ipcp /a>, short a href="+code=flag" class="sref">flag /a>)4 915 /a>{4 916 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=ipc_permission" class="sref">ipc_permission /a>( a href="+code=ipcp" class="sref">ipcp /a>, a href="+code=flag" class="sref">flag /a>);4 917 /a>}4 918 /a>4 919 /a>void a href="+code=security_ipc_getsecid" class="sref">security_ipc_getsecid /a>(struct a href="+code=kern_ipc_perm" class="sref">kern_ipc_perm /a> * a href="+code=ipcp" class="sref">ipcp /a>, a href="+code=u32" class="sref">u32 /a> * a href="+code=secid" class="sref">secid /a>)4 920 /a>{4 921 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=ipc_getsecid" class="sref">ipc_getsecid /a>( a href="+code=ipcp" class="sref">ipcp /a>, a href="+code=secid" class="sref">secid /a>);4 922 /a>}4 923 /a>4 924 /a>int a href="+code=security_msg_msg_alloc" class="sref">security_msg_msg_alloc /a>(struct a href="+code=msg_msg" class="sref">msg_msg /a> * a href="+code=msg" class="sref">msg /a>)4 925 /a>{4 926 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=msg_msg_alloc_security" class="sref">msg_msg_alloc_security /a>( a href="+code=msg" class="sref">msg /a>);4 927 /a>}4 928 /a>4 929 /a>void a href="+code=security_msg_msg_free" class="sref">security_msg_msg_free /a>(struct a href="+code=msg_msg" class="sref">msg_msg /a> * a href="+code=msg" class="sref">msg /a>)4 930 /a>{4 931 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=msg_msg_free_security" class="sref">msg_msg_free_security /a>( a href="+code=msg" class="sref">msg /a>);4 932 /a>}4 933 /a>4 934 /a>int a href="+code=security_msg_queue_alloc" class="sref">security_msg_queue_alloc /a>(struct a href="+code=msg_queue" class="sref">msg_queue /a> * a href="+code=msq" class="sref">msq /a>)4 935 /a>{4 936 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=msg_queue_alloc_security" class="sref">msg_queue_alloc_security /a>( a href="+code=msq" class="sref">msq /a>);4 937 /a>}4 938 /a>4 939 /a>void a href="+code=security_msg_queue_free" class="sref">security_msg_queue_free /a>(struct a href="+code=msg_queue" class="sref">msg_queue /a> * a href="+code=msq" class="sref">msq /a>)4 940 /a>{4 941 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=msg_queue_free_security" class="sref">msg_queue_free_security /a>( a href="+code=msq" class="sref">msq /a>);4 942 /a>}4 943 /a>4 944 /a>int a href="+code=security_msg_queue_associate" class="sref">security_msg_queue_associate /a>(struct a href="+code=msg_queue" class="sref">msg_queue /a> * a href="+code=msq" class="sref">msq /a>, int a href="+code=msqflg" class="sref">msqflg /a>)4 945 /a>{4 946 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=msg_queue_associate" class="sref">msg_queue_associate /a>( a href="+code=msq" class="sref">msq /a>, a href="+code=msqflg" class="sref">msqflg /a>);4 947 /a>}4 948 /a>4 949 /a>int a href="+code=security_msg_queue_msgctl" class="sref">security_msg_queue_msgctl /a>(struct a href="+code=msg_queue" class="sref">msg_queue /a> * a href="+code=msq" class="sref">msq /a>, int a href="+code=cmd" class="sref">cmd /a>)4 950 /a>{4 951 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=msg_queue_msgctl" class="sref">msg_queue_msgctl /a>( a href="+code=msq" class="sref">msq /a>, a href="+code=cmd" class="sref">cmd /a>);4 952 /a>}4 953 /a>4 954 /a>int a href="+code=security_msg_queue_msgsnd" class="sref">security_msg_queue_msgsnd /a>(struct a href="+code=msg_queue" class="sref">msg_queue /a> * a href="+code=msq" class="sref">msq /a>,4 955 /a> struct a href="+code=msg_msg" class="sref">msg_msg /a> * a href="+code=msg" class="sref">msg /a>, int a href="+code=msqflg" class="sref">msqflg /a>)4 956 /a>{4 957 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=msg_queue_msgsnd" class="sref">msg_queue_msgsnd /a>( a href="+code=msq" class="sref">msq /a>, a href="+code=msg" class="sref">msg /a>, a href="+code=msqflg" class="sref">msqflg /a>);4 958 /a>}4 959 /a>4 960 /a>int a href="+code=security_msg_queue_msgrcv" class="sref">security_msg_queue_msgrcv /a>(struct a href="+code=msg_queue" class="sref">msg_queue /a> * a href="+code=msq" class="sref">msq /a>, struct a href="+code=msg_msg" class="sref">msg_msg /a> * a href="+code=msg" class="sref">msg /a>,4 961 /a> struct a href="+code=task_struct" class="sref">task_struct /a> * a href="+code=target" class="sref">target /a>, long a href="+code=type" class="sref">type /a>, int a href="+code=mode" class="sref">mode /a>)4 962 /a>{4 963 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=msg_queue_msgrcv" class="sref">msg_queue_msgrcv /a>( a href="+code=msq" class="sref">msq /a>, a href="+code=msg" class="sref">msg /a>, a href="+code=target" class="sref">target /a>, a href="+code=type" class="sref">type /a>, a href="+code=mode" class="sref">mode /a>);4 964 /a>}4 965 /a>4 966 /a>int a href="+code=security_shm_alloc" class="sref">security_shm_alloc /a>(struct a href="+code=shmid_kernel" class="sref">shmid_kernel /a> * a href="+code=shp" class="sref">shp /a>)4 967 /a>{4 968 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=shm_alloc_security" class="sref">shm_alloc_security /a>( a href="+code=shp" class="sref">shp /a>);4 969 /a>}4 970 /a>4 971 /a>void a href="+code=security_shm_free" class="sref">security_shm_free /a>(struct a href="+code=shmid_kernel" class="sref">shmid_kernel /a> * a href="+code=shp" class="sref">shp /a>)4 972 /a>{4 973 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=shm_free_security" class="sref">shm_free_security /a>( a href="+code=shp" class="sref">shp /a>);4 974 /a>}4 975 /a>4 976 /a>int a href="+code=security_shm_associate" class="sref">security_shm_associate /a>(struct a href="+code=shmid_kernel" class="sref">shmid_kernel /a> * a href="+code=shp" class="sref">shp /a>, int a href="+code=shmflg" class="sref">shmflg /a>)4 977 /a>{4 978 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=shm_associate" class="sref">shm_associate /a>( a href="+code=shp" class="sref">shp /a>, a href="+code=shmflg" class="sref">shmflg /a>);4 979 /a>}4 980 /a>4 981 /a>int a href="+code=security_shm_shmctl" class="sref">security_shm_shmctl /a>(struct a href="+code=shmid_kernel" class="sref">shmid_kernel /a> * a href="+code=shp" class="sref">shp /a>, int a href="+code=cmd" class="sref">cmd /a>)4 982 /a>{4 983 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=shm_shmctl" class="sref">shm_shmctl /a>( a href="+code=shp" class="sref">shp /a>, a href="+code=cmd" class="sref">cmd /a>);4 984 /a>}4 985 /a>4 986 /a>int a href="+code=security_shm_shmat" class="sref">security_shm_shmat /a>(struct a href="+code=shmid_kernel" class="sref">shmid_kernel /a> * a href="+code=shp" class="sref">shp /a>, char a href="+code=__user" class="sref">__user /a> * a href="+code=shmaddr" class="sref">shmaddr /a>, int a href="+code=shmflg" class="sref">shmflg /a>)4 987 /a>{4 988 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=shm_shmat" class="sref">shm_shmat /a>( a href="+code=shp" class="sref">shp /a>, a href="+code=shmaddr" class="sref">shmaddr /a>, a href="+code=shmflg" class="sref">shmflg /a>);4 989 /a>}4 990 /a>4 991 /a>int a href="+code=security_sem_alloc" class="sref">security_sem_alloc /a>(struct a href="+code=sem_array" class="sref">sem_array /a> * a href="+code=sma" class="sref">sma /a>)4 992 /a>{4 993 /a> return a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sem_alloc_security" class="sref">sem_alloc_security /a>( a href="+code=sma" class="sref">sma /a>);4 994 /a>}4 995 /a>4 996 /a>void a href="+code=security_sem_free" class="sref">security_sem_free /a>(struct a href="+code=sem_array" class="sref">sem_array /a> * a href="+code=sma" class="sref">sma /a>)4 997 /a>{4 998 /a> a href="+code=security_ops" class="sref">security_ops /a>-> a href="+code=sem_free_security" class="sref">sem_free_security /a>( a href="+code=sma" class="sref">sma /a>);4 999 /a>}41000 /a>4
1001	/a>int
	a href="+code=security_sem_associate" class="sref">security_sem_associate	/a>(struct
	a href="+code=sem_array" class="sref">sem_array	/a> *	a href="+code=sma" class="sref">sma	/a>, int
	a href="+code=semflg" class="sref">semflg	/a>)41002	/a>{41003	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=sem_associate" class="sref">sem_associate	/a>(	a href="+code=sma" class="sref">sma	/a>, 	a href="+code=semflg" class="sref">semflg	/a>);41004	/a>}41005	/a>41006	/a>int
	a href="+code=security_sem_semctl" class="sref">security_sem_semctl	/a>(struct
	a href="+code=sem_array" class="sref">sem_array	/a> *	a href="+code=sma" class="sref">sma	/a>, int
	a href="+code=cmd" class="sref">cmd	/a>)41007	/a>{41008	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=sem_semctl" class="sref">sem_semctl	/a>(	a href="+code=sma" class="sref">sma	/a>, 	a href="+code=cmd" class="sref">cmd	/a>);41009	/a>}41010	/a>41011	/a>int
	a href="+code=security_sem_semop" class="sref">security_sem_semop	/a>(struct
	a href="+code=sem_array" class="sref">sem_array	/a> *	a href="+code=sma" class="sref">sma	/a>, struct
	a href="+code=sembuf" class="sref">sembuf	/a> *	a href="+code=sops" class="sref">sops	/a>,41012	/a>       
















unsigned
	a href="+code=nsops" class="sref">nsops	/a>, int
	a href="+code=alter" class="sref">alter	/a>)41013	/a>{41014	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=sem_semop" class="sref">sem_semop	/a>(	a href="+code=sma" class="sref">sma	/a>, 	a href="+code=sops" class="sref">sops	/a>,
	a href="+code=nsops" class="sref">nsops	/a>, 	a href="+code=alter" class="sref">alter	/a>);41015	/a>}41016	/a>41017	/a>void
	a href="+code=security_d_instantiate" class="sref">security_d_instantiate	/a>(struct
	a href="+code=dentry" class="sref">dentry	/a> *	a href="+code=dentry" class="sref">dentry	/a>, struct
	a href="+code=inode" class="sref">inode	/a> *	a href="+code=inode" class="sref">inode	/a>)41018	/a>{41019	/a>       
if (	a href="+code=unlikely" class="sref">unlikely	/a>(	a href="+code=inode" class="sref">inode	/a> &&
	a href="+code=IS_PRIVATE" class="sref">IS_PRIVATE	/a>(	a href="+code=inode" class="sref">inode	/a>)))41020	/a>       








return;41021	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=d_instantiate" class="sref">d_instantiate	/a>(	a href="+code=dentry" class="sref">dentry	/a>, 	a href="+code=inode" class="sref">inode	/a>);41022	/a>}41023	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_d_instantiate" class="sref">security_d_instantiate	/a>);41024	/a>41025	/a>int
	a href="+code=security_getprocattr" class="sref">security_getprocattr	/a>(struct
	a href="+code=task_struct" class="sref">task_struct	/a> *	a href="+code=p" class="sref">p	/a>, char
*	a href="+code=nam1" class="sref">nam1	/a>, char
**	a href="+code=value" class="sref">value	/a>)41026	/a>{41027	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=getprocattr" class="sref">getprocattr	/a>(	a href="+code=p" class="sref">p	/a>, 	a href="+code=nam1" class="sref">nam1	/a>, 	a href="+code=value" class="sref">value	/a>);41028	/a>}41029	/a>41030	/a>int
	a href="+code=security_setprocattr" class="sref">security_setprocattr	/a>(struct
	a href="+code=task_struct" class="sref">task_struct	/a> *	a href="+code=p" class="sref">p	/a>, char
*	a href="+code=nam1" class="sref">nam1	/a>, void
*	a href="+code=value" class="sref">value	/a>,
	a href="+code=size_t" class="sref">size_t	/a> 	a href="+code=size" class="sref">size	/a>)41031	/a>{41032	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=setprocattr" class="sref">setprocattr	/a>(	a href="+code=p" class="sref">p	/a>, 	a href="+code=nam1" class="sref">nam1	/a>, 	a href="+code=value" class="sref">value	/a>,
	a href="+code=size" class="sref">size	/a>);41033	/a>}41034	/a>41035	/a>int
	a href="+code=security_netlink_send" class="sref">security_netlink_send	/a>(struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=sk" class="sref">sk	/a>, struct
	a href="+code=sk_buff" class="sref">sk_buff	/a> *	a href="+code=skb" class="sref">skb	/a>)41036	/a>{41037	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=netlink_send" class="sref">netlink_send	/a>(	a href="+code=sk" class="sref">sk	/a>, 	a href="+code=skb" class="sref">skb	/a>);41038	/a>}41039	/a>41040	/a>int
	a href="+code=security_secid_to_secctx" class="sref">security_secid_to_secctx	/a>(	a href="+code=u32" class="sref">u32	/a> 	a href="+code=secid" class="sref">secid	/a>, char
**	a href="+code=secdata" class="sref">secdata	/a>, 	a href="+code=u32" class="sref">u32	/a> *	a href="+code=seclen" class="sref">seclen	/a>)41041	/a>{41042	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=secid_to_secctx" class="sref">secid_to_secctx	/a>(	a href="+code=secid" class="sref">secid	/a>, 	a href="+code=secdata" class="sref">secdata	/a>, 	a href="+code=seclen" class="sref">seclen	/a>);41043	/a>}41044	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_secid_to_secctx" class="sref">security_secid_to_secctx	/a>);41045	/a>41046	/a>int
	a href="+code=security_secctx_to_secid" class="sref">security_secctx_to_secid	/a>(const char
*	a href="+code=secdata" class="sref">secdata	/a>, 	a href="+code=u32" class="sref">u32	/a> 	a href="+code=seclen" class="sref">seclen	/a>, 	a href="+code=u32" class="sref">u32	/a> *	a href="+code=secid" class="sref">secid	/a>)41047	/a>{41048	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=secctx_to_secid" class="sref">secctx_to_secid	/a>(	a href="+code=secdata" class="sref">secdata	/a>, 	a href="+code=seclen" class="sref">seclen	/a>, 	a href="+code=secid" class="sref">secid	/a>);41049	/a>}41050	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_secctx_to_secid" class="sref">security_secctx_to_secid	/a>);41051	/a>41052	/a>void
	a href="+code=security_release_secctx" class="sref">security_release_secctx	/a>(char
*	a href="+code=secdata" class="sref">secdata	/a>, 	a href="+code=u32" class="sref">u32	/a> 	a href="+code=seclen" class="sref">seclen	/a>)41053	/a>{41054	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=release_secctx" class="sref">release_secctx	/a>(	a href="+code=secdata" class="sref">secdata	/a>, 	a href="+code=seclen" class="sref">seclen	/a>);41055	/a>}41056	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_release_secctx" class="sref">security_release_secctx	/a>);41057	/a>41058	/a>int
	a href="+code=security_inode_notifysecctx" class="sref">security_inode_notifysecctx	/a>(struct
	a href="+code=inode" class="sref">inode	/a> *	a href="+code=inode" class="sref">inode	/a>, void
*	a href="+code=ctx" class="sref">ctx	/a>, 	a href="+code=u32" class="sref">u32	/a> 	a href="+code=ctxlen" class="sref">ctxlen	/a>)41059	/a>{41060	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=inode_notifysecctx" class="sref">inode_notifysecctx	/a>(	a href="+code=inode" class="sref">inode	/a>, 	a href="+code=ctx" class="sref">ctx	/a>, 	a href="+code=ctxlen" class="sref">ctxlen	/a>);41061	/a>}41062	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_inode_notifysecctx" class="sref">security_inode_notifysecctx	/a>);41063	/a>41064	/a>int
	a href="+code=security_inode_setsecctx" class="sref">security_inode_setsecctx	/a>(struct
	a href="+code=dentry" class="sref">dentry	/a> *	a href="+code=dentry" class="sref">dentry	/a>, void
*	a href="+code=ctx" class="sref">ctx	/a>, 	a href="+code=u32" class="sref">u32	/a> 	a href="+code=ctxlen" class="sref">ctxlen	/a>)41065	/a>{41066	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=inode_setsecctx" class="sref">inode_setsecctx	/a>(	a href="+code=dentry" class="sref">dentry	/a>, 	a href="+code=ctx" class="sref">ctx	/a>, 	a href="+code=ctxlen" class="sref">ctxlen	/a>);41067	/a>}41068	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_inode_setsecctx" class="sref">security_inode_setsecctx	/a>);41069	/a>41070	/a>int
	a href="+code=security_inode_getsecctx" class="sref">security_inode_getsecctx	/a>(struct
	a href="+code=inode" class="sref">inode	/a> *	a href="+code=inode" class="sref">inode	/a>, void
**	a href="+code=ctx" class="sref">ctx	/a>, 	a href="+code=u32" class="sref">u32	/a> *	a href="+code=ctxlen" class="sref">ctxlen	/a>)41071	/a>{41072	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=inode_getsecctx" class="sref">inode_getsecctx	/a>(	a href="+code=inode" class="sref">inode	/a>, 	a href="+code=ctx" class="sref">ctx	/a>, 	a href="+code=ctxlen" class="sref">ctxlen	/a>);41073	/a>}41074	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_inode_getsecctx" class="sref">security_inode_getsecctx	/a>);41075	/a>41076	/a>#ifdef 	a href="+code=CONFIG_SECURITY_NETWORK" class="sref">CONFIG_SECURITY_NETWORK	/a>41077	/a>41078	/a>int
	a href="+code=security_unix_stream_connect" class="sref">security_unix_stream_connect	/a>(struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=sock" class="sref">sock	/a>, struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=other" class="sref">other	/a>, struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=newsk" class="sref">newsk	/a>)41079	/a>{41080	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=unix_stream_connect" class="sref">unix_stream_connect	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=other" class="sref">other	/a>, 	a href="+code=newsk" class="sref">newsk	/a>);41081	/a>}41082	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_unix_stream_connect" class="sref">security_unix_stream_connect	/a>);41083	/a>41084	/a>int
	a href="+code=security_unix_may_send" class="sref">security_unix_may_send	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>,  struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=other" class="sref">other	/a>)41085	/a>{41086	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=unix_may_send" class="sref">unix_may_send	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=other" class="sref">other	/a>);41087	/a>}41088	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_unix_may_send" class="sref">security_unix_may_send	/a>);41089	/a>41090	/a>int
	a href="+code=security_socket_create" class="sref">security_socket_create	/a>(int
	a href="+code=family" class="sref">family	/a>, int
	a href="+code=type" class="sref">type	/a>, int
	a href="+code=protocol" class="sref">protocol	/a>, int
	a href="+code=kern" class="sref">kern	/a>)41091	/a>{41092	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_create" class="sref">socket_create	/a>(	a href="+code=family" class="sref">family	/a>, 	a href="+code=type" class="sref">type	/a>, 	a href="+code=protocol" class="sref">protocol	/a>, 	a href="+code=kern" class="sref">kern	/a>);41093	/a>}41094	/a>41095	/a>int
	a href="+code=security_socket_post_create" class="sref">security_socket_post_create	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>, int
	a href="+code=family" class="sref">family	/a>,41096	/a>       
























int
	a href="+code=type" class="sref">type	/a>, int
	a href="+code=protocol" class="sref">protocol	/a>, int
	a href="+code=kern" class="sref">kern	/a>)41097	/a>{41098	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_post_create" class="sref">socket_post_create	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=family" class="sref">family	/a>, 	a href="+code=type" class="sref">type	/a>,41099	/a>       








































	a href="+code=protocol" class="sref">protocol	/a>, 	a href="+code=kern" class="sref">kern	/a>);41100	/a>}41101	/a>41102	/a>int
	a href="+code=security_socket_bind" class="sref">security_socket_bind	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>, struct
	a href="+code=sockaddr" class="sref">sockaddr	/a> *	a href="+code=address" class="sref">address	/a>, int
	a href="+code=addrlen" class="sref">addrlen	/a>)41103	/a>{41104	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_bind" class="sref">socket_bind	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=address" class="sref">address	/a>, 	a href="+code=addrlen" class="sref">addrlen	/a>);41105	/a>}41106	/a>41107	/a>int
	a href="+code=security_socket_connect" class="sref">security_socket_connect	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>, struct
	a href="+code=sockaddr" class="sref">sockaddr	/a> *	a href="+code=address" class="sref">address	/a>, int
	a href="+code=addrlen" class="sref">addrlen	/a>)41108	/a>{41109	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_connect" class="sref">socket_connect	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=address" class="sref">address	/a>, 	a href="+code=addrlen" class="sref">addrlen	/a>);41110	/a>}41111	/a>41112	/a>int
	a href="+code=security_socket_listen" class="sref">security_socket_listen	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>, int
	a href="+code=backlog" class="sref">backlog	/a>)41113	/a>{41114	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_listen" class="sref">socket_listen	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=backlog" class="sref">backlog	/a>);41115	/a>}41116	/a>41117	/a>int
	a href="+code=security_socket_accept" class="sref">security_socket_accept	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>, struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=newsock" class="sref">newsock	/a>)41118	/a>{41119	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_accept" class="sref">socket_accept	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=newsock" class="sref">newsock	/a>);41120	/a>}41121	/a>41122	/a>int
	a href="+code=security_socket_sendmsg" class="sref">security_socket_sendmsg	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>, struct
	a href="+code=msghdr" class="sref">msghdr	/a> *	a href="+code=msg" class="sref">msg	/a>, int
	a href="+code=size" class="sref">size	/a>)41123	/a>{41124	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_sendmsg" class="sref">socket_sendmsg	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=msg" class="sref">msg	/a>, 	a href="+code=size" class="sref">size	/a>);41125	/a>}41126	/a>41127	/a>int
	a href="+code=security_socket_recvmsg" class="sref">security_socket_recvmsg	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>, struct
	a href="+code=msghdr" class="sref">msghdr	/a> *	a href="+code=msg" class="sref">msg	/a>,41128	/a>       




















int
	a href="+code=size" class="sref">size	/a>, int
	a href="+code=flags" class="sref">flags	/a>)41129	/a>{41130	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_recvmsg" class="sref">socket_recvmsg	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=msg" class="sref">msg	/a>, 	a href="+code=size" class="sref">size	/a>, 	a href="+code=flags" class="sref">flags	/a>);41131	/a>}41132	/a>41133	/a>int
	a href="+code=security_socket_getsocknam1" class="sref">security_socket_getsocknam1	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>)41134	/a>{41135	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_getsocknam1" class="sref">socket_getsocknam1	/a>(	a href="+code=sock" class="sref">sock	/a>);41136	/a>}41137	/a>41138	/a>int
	a href="+code=security_socket_getpeernam1" class="sref">security_socket_getpeernam1	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>)41139	/a>{41140	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_getpeernam1" class="sref">socket_getpeernam1	/a>(	a href="+code=sock" class="sref">sock	/a>);41141	/a>}41142	/a>41143	/a>int
	a href="+code=security_socket_getsockopt" class="sref">security_socket_getsockopt	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>, int
	a href="+code=level" class="sref">level	/a>, int
	a href="+code=optnam1" class="sref">optnam1	/a>)41144	/a>{41145	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_getsockopt" class="sref">socket_getsockopt	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=level" class="sref">level	/a>, 	a href="+code=optnam1" class="sref">optnam1	/a>);41146	/a>}41147	/a>41148	/a>int
	a href="+code=security_socket_setsockopt" class="sref">security_socket_setsockopt	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>, int
	a href="+code=level" class="sref">level	/a>, int
	a href="+code=optnam1" class="sref">optnam1	/a>)41149	/a>{41150	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_setsockopt" class="sref">socket_setsockopt	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=level" class="sref">level	/a>, 	a href="+code=optnam1" class="sref">optnam1	/a>);41151	/a>}41152	/a>41153	/a>int
	a href="+code=security_socket_shutdown" class="sref">security_socket_shutdown	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>, int
	a href="+code=how" class="sref">how	/a>)41154	/a>{41155	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_shutdown" class="sref">socket_shutdown	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=how" class="sref">how	/a>);41156	/a>}41157	/a>41158	/a>int
	a href="+code=security_sock_rcv_skb" class="sref">security_sock_rcv_skb	/a>(struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=sk" class="sref">sk	/a>, struct
	a href="+code=sk_buff" class="sref">sk_buff	/a> *	a href="+code=skb" class="sref">skb	/a>)41159	/a>{41160	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_sock_rcv_skb" class="sref">socket_sock_rcv_skb	/a>(	a href="+code=sk" class="sref">sk	/a>, 	a href="+code=skb" class="sref">skb	/a>);41161	/a>}41162	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_sock_rcv_skb" class="sref">security_sock_rcv_skb	/a>);41163	/a>41164	/a>int
	a href="+code=security_socket_getpeersec_stream" class="sref">security_socket_getpeersec_stream	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>, char
	a href="+code=__user" class="sref">__user	/a> *	a href="+code=optval" class="sref">optval	/a>,41165	/a>       






























int
	a href="+code=__user" class="sref">__user	/a> *	a href="+code=optlen" class="sref">optlen	/a>, unsigned
	a href="+code=len" class="sref">len	/a>)41166	/a>{41167	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_getpeersec_stream" class="sref">socket_getpeersec_stream	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=optval" class="sref">optval	/a>, 	a href="+code=optlen" class="sref">optlen	/a>, 	a href="+code=len" class="sref">len	/a>);41168	/a>}41169	/a>41170	/a>int
	a href="+code=security_socket_getpeersec_dgram" class="sref">security_socket_getpeersec_dgram	/a>(struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=sock" class="sref">sock	/a>, struct
	a href="+code=sk_buff" class="sref">sk_buff	/a> *	a href="+code=skb" class="sref">skb	/a>, 	a href="+code=u32" class="sref">u32	/a> *	a href="+code=secid" class="sref">secid	/a>)41171	/a>{41172	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=socket_getpeersec_dgram" class="sref">socket_getpeersec_dgram	/a>(	a href="+code=sock" class="sref">sock	/a>, 	a href="+code=skb" class="sref">skb	/a>, 	a href="+code=secid" class="sref">secid	/a>);41173	/a>}41174	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_socket_getpeersec_dgram" class="sref">security_socket_getpeersec_dgram	/a>);41175	/a>41176	/a>int
	a href="+code=security_sk_alloc" class="sref">security_sk_alloc	/a>(struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=sk" class="sref">sk	/a>, int
	a href="+code=family" class="sref">family	/a>, 	a href="+code=gfp_t" class="sref">gfp_t	/a> 	a href="+code=priority" class="sref">priority	/a>)41177	/a>{41178	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=sk_alloc_security" class="sref">sk_alloc_security	/a>(	a href="+code=sk" class="sref">sk	/a>, 	a href="+code=family" class="sref">family	/a>, 	a href="+code=priority" class="sref">priority	/a>);41179	/a>}41180	/a>41181	/a>void
	a href="+code=security_sk_fre1" class="sref">security_sk_fre1	/a>(struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=sk" class="sref">sk	/a>)41182	/a>{41183	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=sk_fre1_security" class="sref">sk_fre1_security	/a>(	a href="+code=sk" class="sref">sk	/a>);41184	/a>}41185	/a>41186	/a>void
	a href="+code=security_sk_clon1" class="sref">security_sk_clon1	/a>(const struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=sk" class="sref">sk	/a>, struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=newsk" class="sref">newsk	/a>)41187	/a>{41188	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=sk_clon1_security" class="sref">sk_clon1_security	/a>(	a href="+code=sk" class="sref">sk	/a>, 	a href="+code=newsk" class="sref">newsk	/a>);41189	/a>}41190	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_sk_clon1" class="sref">security_sk_clon1	/a>);41191	/a>41192	/a>void
	a href="+code=security_sk_classify_flow" class="sref">security_sk_classify_flow	/a>(struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=sk" class="sref">sk	/a>, struct
	a href="+code=flowi" class="sref">flowi	/a> *	a href="+code=fl" class="sref">fl	/a>)41193	/a>{41194	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=sk_getsecid" class="sref">sk_getsecid	/a>(	a href="+code=sk" class="sref">sk	/a>, &	a href="+code=fl" class="sref">fl	/a>->	a href="+code=flowi_secid" class="sref">flowi_secid	/a>);41195	/a>}41196	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_sk_classify_flow" class="sref">security_sk_classify_flow	/a>);41197	/a>41198	/a>void
	a href="+code=security_req_classify_flow" class="sref">security_req_classify_flow	/a>(const struct
	a href="+code=request_sock" class="sref">request_sock	/a> *	a href="+code=req" class="sref">req	/a>, struct
	a href="+code=flowi" class="sref">flowi	/a> *	a href="+code=fl" class="sref">fl	/a>)41199	/a>{41200	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=req_classify_flow" class="sref">req_classify_flow	/a>(	a href="+code=req" class="sref">req	/a>, 	a href="+code=fl" class="sref">fl	/a>);41201	/a>}41202	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_req_classify_flow" class="sref">security_req_classify_flow	/a>);41203	/a>41204	/a>void
	a href="+code=security_sock_graft" class="sref">security_sock_graft	/a>(struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=sk" class="sref">sk	/a>, struct
	a href="+code=socket" class="sref">socket	/a> *	a href="+code=parent" class="sref">parent	/a>)41205	/a>{41206	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=sock_graft" class="sref">sock_graft	/a>(	a href="+code=sk" class="sref">sk	/a>, 	a href="+code=parent" class="sref">parent	/a>);41207	/a>}41208	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_sock_graft" class="sref">security_sock_graft	/a>);41209	/a>41210	/a>int
	a href="+code=security_inet_conn_request" class="sref">security_inet_conn_request	/a>(struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=sk" class="sref">sk	/a>,41211	/a>























struct
	a href="+code=sk_buff" class="sref">sk_buff	/a> *	a href="+code=skb" class="sref">skb	/a>, struct
	a href="+code=request_sock" class="sref">request_sock	/a> *	a href="+code=req" class="sref">req	/a>)41212	/a>{41213	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=inet_conn_request" class="sref">inet_conn_request	/a>(	a href="+code=sk" class="sref">sk	/a>, 	a href="+code=skb" class="sref">skb	/a>, 	a href="+code=req" class="sref">req	/a>);41214	/a>}41215	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_inet_conn_request" class="sref">security_inet_conn_request	/a>);41216	/a>41217	/a>void
	a href="+code=security_inet_csk_clon1" class="sref">security_inet_csk_clon1	/a>(struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=newsk" class="sref">newsk	/a>,41218	/a>       
















const struct
	a href="+code=request_sock" class="sref">request_sock	/a> *	a href="+code=req" class="sref">req	/a>)41219	/a>{41220	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=inet_csk_clon1" class="sref">inet_csk_clon1	/a>(	a href="+code=newsk" class="sref">newsk	/a>, 	a href="+code=req" class="sref">req	/a>);41221	/a>}41222	/a>41223	/a>void
	a href="+code=security_inet_conn_established" class="sref">security_inet_conn_established	/a>(struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=sk" class="sref">sk	/a>,41224	/a>       
















struct
	a href="+code=sk_buff" class="sref">sk_buff	/a> *	a href="+code=skb" class="sref">skb	/a>)41225	/a>{41226	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=inet_conn_established" class="sref">inet_conn_established	/a>(	a href="+code=sk" class="sref">sk	/a>, 	a href="+code=skb" class="sref">skb	/a>);41227	/a>}41228	/a>41229	/a>int
	a href="+code=security_secmark_relabel_packet" class="sref">security_secmark_relabel_packet	/a>(	a href="+code=u32" class="sref">u32	/a> 	a href="+code=secid" class="sref">secid	/a>)41230	/a>{41231	/a>







return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=secmark_relabel_packet" class="sref">secmark_relabel_packet	/a>(	a href="+code=secid" class="sref">secid	/a>);41232	/a>}41233	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_secmark_relabel_packet" class="sref">security_secmark_relabel_packet	/a>);41234	/a>41235	/a>void
	a href="+code=security_secmark_refcount_inc" class="sref">security_secmark_refcount_inc	/a>(void)41236	/a>{41237	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=secmark_refcount_inc" class="sref">secmark_refcount_inc	/a>();41238	/a>}41239	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_secmark_refcount_inc" class="sref">security_secmark_refcount_inc	/a>);41240	/a>41241	/a>void
	a href="+code=security_secmark_refcount_dec" class="sref">security_secmark_refcount_dec	/a>(void)41242	/a>{41243	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=secmark_refcount_dec" class="sref">secmark_refcount_dec	/a>();41244	/a>}41245	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_secmark_refcount_dec" class="sref">security_secmark_refcount_dec	/a>);41246	/a>41247	/a>int
	a href="+code=security_tun_dev_create" class="sref">security_tun_dev_create	/a>(void)41248	/a>{41249	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=tun_dev_create" class="sref">tun_dev_create	/a>();41250	/a>}41251	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_tun_dev_create" class="sref">security_tun_dev_create	/a>);41252	/a>41253	/a>void
	a href="+code=security_tun_dev_post_create" class="sref">security_tun_dev_post_create	/a>(struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=sk" class="sref">sk	/a>)41254	/a>{41255	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=tun_dev_post_create" class="sref">tun_dev_post_create	/a>(	a href="+code=sk" class="sref">sk	/a>);41256	/a>}41257	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_tun_dev_post_create" class="sref">security_tun_dev_post_create	/a>);41258	/a>41259	/a>int
	a href="+code=security_tun_dev_attach" class="sref">security_tun_dev_attach	/a>(struct
	a href="+code=sock" class="sref">sock	/a> *	a href="+code=sk" class="sref">sk	/a>)41260	/a>{41261	/a>







return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=tun_dev_attach" class="sref">tun_dev_attach	/a>(	a href="+code=sk" class="sref">sk	/a>);41262	/a>}41263	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_tun_dev_attach" class="sref">security_tun_dev_attach	/a>);41264	/a>41265	/a>#endif 
	span class="comment">/* CONFIG_SECURITY_NETWORK */41266	/a>41267	/a>#ifdef 	a href="+code=CONFIG_SECURITY_NETWORK_XFRM" class="sref">CONFIG_SECURITY_NETWORK_XFRM	/a>41268	/a>41269	/a>int
	a href="+code=security_xfrm_policy_alloc" class="sref">security_xfrm_policy_alloc	/a>(struct
	a href="+code=xfrm_sec_ctx" class="sref">xfrm_sec_ctx	/a> **	a href="+code=ctxp" class="sref">ctxp	/a>, struct
	a href="+code=xfrm_user_sec_ctx" class="sref">xfrm_user_sec_ctx	/a> *	a href="+code=sec_ctx" class="sref">sec_ctx	/a>)41270	/a>{41271	/a>







return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=xfrm_policy_alloc_security" class="sref">xfrm_policy_alloc_security	/a>(	a href="+code=ctxp" class="sref">ctxp	/a>, 	a href="+code=sec_ctx" class="sref">sec_ctx	/a>);41272	/a>}41273	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_xfrm_policy_alloc" class="sref">security_xfrm_policy_alloc	/a>);41274	/a>41275	/a>int
	a href="+code=security_xfrm_policy_clon1" class="sref">security_xfrm_policy_clon1	/a>(struct
	a href="+code=xfrm_sec_ctx" class="sref">xfrm_sec_ctx	/a> *	a href="+code=old_ctx" class="sref">old_ctx	/a>,41276	/a>       
     
















struct
	a href="+code=xfrm_sec_ctx" class="sref">xfrm_sec_ctx	/a> **	a href="+code=new_ctxp" class="sref">new_ctxp	/a>)41277	/a>{41278	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=xfrm_policy_clon1_security" class="sref">xfrm_policy_clon1_security	/a>(	a href="+code=old_ctx" class="sref">old_ctx	/a>, 	a href="+code=new_ctxp" class="sref">new_ctxp	/a>);41279	/a>}41280	/a>41281	/a>void
	a href="+code=security_xfrm_policy_fre1" class="sref">security_xfrm_policy_fre1	/a>(struct
	a href="+code=xfrm_sec_ctx" class="sref">xfrm_sec_ctx	/a> *	a href="+code=ctx" class="sref">ctx	/a>)41282	/a>{41283	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=xfrm_policy_fre1_security" class="sref">xfrm_policy_fre1_security	/a>(	a href="+code=ctx" class="sref">ctx	/a>);41284	/a>}41285	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_xfrm_policy_fre1" class="sref">security_xfrm_policy_fre1	/a>);41286	/a>41287	/a>int
	a href="+code=security_xfrm_policy_delete" class="sref">security_xfrm_policy_delete	/a>(struct
	a href="+code=xfrm_sec_ctx" class="sref">xfrm_sec_ctx	/a> *	a href="+code=ctx" class="sref">ctx	/a>)41288	/a>{41289	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=xfrm_policy_delete_security" class="sref">xfrm_policy_delete_security	/a>(	a href="+code=ctx" class="sref">ctx	/a>);41290	/a>}41291	/a>41292	/a>int
	a href="+code=security_xfrm_state_alloc" class="sref">security_xfrm_state_alloc	/a>(struct
	a href="+code=xfrm_state" class="sref">xfrm_state	/a> *	a href="+code=x" class="sref">x	/a>, struct
	a href="+code=xfrm_user_sec_ctx" class="sref">xfrm_user_sec_ctx	/a> *	a href="+code=sec_ctx" class="sref">sec_ctx	/a>)41293	/a>{41294	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=xfrm_state_alloc_security" class="sref">xfrm_state_alloc_security	/a>(	a href="+code=x" class="sref">x	/a>, 	a href="+code=sec_ctx" class="sref">sec_ctx	/a>, 0);41295	/a>}41296	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_xfrm_state_alloc" class="sref">security_xfrm_state_alloc	/a>);41297	/a>41298	/a>int
	a href="+code=security_xfrm_state_alloc_acquire" class="sref">security_xfrm_state_alloc_acquire	/a>(struct
	a href="+code=xfrm_state" class="sref">xfrm_state	/a> *	a href="+code=x" class="sref">x	/a>,41299	/a>       
       
     
















struct
	a href="+code=xfrm_sec_ctx" class="sref">xfrm_sec_ctx	/a> *	a href="+code=polsec" class="sref">polsec	/a>, 	a href="+code=u32" class="sref">u32	/a> 	a href="+code=secid" class="sref">secid	/a>)41300	/a>{41301	/a>







if (!	a href="+code=polsec" class="sref">polsec	/a>)41302	/a>       
       
return 0;41303	/a>       
	span class="comment">/*41304	/a>	span class="comment">
       
* We want
the
context
to be taken from secid which is usually41305	/a>	span class="comment">
       
* from the
sock.41306	/a>	span class="comment">
       
*/41307	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=xfrm_state_alloc_security" class="sref">xfrm_state_alloc_security	/a>(	a href="+code=x" class="sref">x	/a>, 	a href="+code=NULL" class="sref">NULL	/a>, 	a href="+code=secid" class="sref">secid	/a>);41308	/a>}41309	/a>41310	/a>int
	a href="+code=security_xfrm_state_delete" class="sref">security_xfrm_state_delete	/a>(struct
	a href="+code=xfrm_state" class="sref">xfrm_state	/a> *	a href="+code=x" class="sref">x	/a>)41311	/a>{41312	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=xfrm_state_delete_security" class="sref">xfrm_state_delete_security	/a>(	a href="+code=x" class="sref">x	/a>);41313	/a>}41314	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_xfrm_state_delete" class="sref">security_xfrm_state_delete	/a>);41315	/a>41316	/a>void
	a href="+code=security_xfrm_state_fre1" class="sref">security_xfrm_state_fre1	/a>(struct
	a href="+code=xfrm_state" class="sref">xfrm_state	/a> *	a href="+code=x" class="sref">x	/a>)41317	/a>{41318	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=xfrm_state_fre1_security" class="sref">xfrm_state_fre1_security	/a>(	a href="+code=x" class="sref">x	/a>);41319	/a>}41320	/a>41321	/a>int
	a href="+code=security_xfrm_policy_lookup" class="sref">security_xfrm_policy_lookup	/a>(struct
	a href="+code=xfrm_sec_ctx" class="sref">xfrm_sec_ctx	/a> *	a href="+code=ctx" class="sref">ctx	/a>, 	a href="+code=u32" class="sref">u32	/a> 	a href="+code=fl_secid" class="sref">fl_secid	/a>, 	a href="+code=u8" class="sref">u8	/a> 	a href="+code=dir" class="sref">dir	/a>)41322	/a>{41323	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=xfrm_policy_lookup" class="sref">xfrm_policy_lookup	/a>(	a href="+code=ctx" class="sref">ctx	/a>, 	a href="+code=fl_secid" class="sref">fl_secid	/a>, 	a href="+code=dir" class="sref">dir	/a>);41324	/a>}41325	/a>41326	/a>int
	a href="+code=security_xfrm_state_pol_flow_match" class="sref">security_xfrm_state_pol_flow_match	/a>(struct
	a href="+code=xfrm_state" class="sref">xfrm_state	/a> *	a href="+code=x" class="sref">x	/a>,41327	/a>       

       
     
















struct
	a href="+code=xfrm_policy" class="sref">xfrm_policy	/a> *	a href="+code=xp" class="sref">xp	/a>,41328	/a>       































const struct
	a href="+code=flowi" class="sref">flowi	/a> *	a href="+code=fl" class="sref">fl	/a>)41329	/a>{41330	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=xfrm_state_pol_flow_match" class="sref">xfrm_state_pol_flow_match	/a>(	a href="+code=x" class="sref">x	/a>, 	a href="+code=xp" class="sref">xp	/a>, 	a href="+code=fl" class="sref">fl	/a>);41331	/a>}41332	/a>41333	/a>int
	a href="+code=security_xfrm_decode_session" class="sref">security_xfrm_decode_session	/a>(struct
	a href="+code=sk_buff" class="sref">sk_buff	/a> *	a href="+code=skb" class="sref">skb	/a>, 	a href="+code=u32" class="sref">u32	/a> *	a href="+code=secid" class="sref">secid	/a>)41334	/a>{41335	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=xfrm_decode_session" class="sref">xfrm_decode_session	/a>(	a href="+code=skb" class="sref">skb	/a>, 	a href="+code=secid" class="sref">secid	/a>, 1);41336	/a>}41337	/a>41338	/a>void
	a href="+code=security_skb_classify_flow" class="sref">security_skb_classify_flow	/a>(struct
	a href="+code=sk_buff" class="sref">sk_buff	/a> *	a href="+code=skb" class="sref">skb	/a>, struct
	a href="+code=flowi" class="sref">flowi	/a> *	a href="+code=fl" class="sref">fl	/a>)41339	/a>{41340	/a>       
int
	a href="+code=rc" class="sref">rc	/a> = 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=xfrm_decode_session" class="sref">xfrm_decode_session	/a>(	a href="+code=skb" class="sref">skb	/a>, &	a href="+code=fl" class="sref">fl	/a>->	a href="+code=flowi_secid" class="sref">flowi_secid	/a>, 0);41341	/a>41342	/a>       
	a href="+code=BUG_ON" class="sref">BUG_ON	/a>(	a href="+code=rc" class="sref">rc	/a>);41343	/a>}41344	/a>	a href="+code=EXPORT_SYMBOL" class="sref">EXPORT_SYMBOL	/a>(	a href="+code=security_skb_classify_flow" class="sref">security_skb_classify_flow	/a>);41345	/a>41346	/a>#endif 
	span class="comment">/* CONFIG_SECURITY_NETWORK_XFRM
*/41347	/a>41348	/a>#ifdef 	a href="+code=CONFIG_KEYS" class="sref">CONFIG_KEYS	/a>41349	/a>41350	/a>int
	a href="+code=security_key_alloc" class="sref">security_key_alloc	/a>(struct
	a href="+code=key" class="sref">key	/a> *	a href="+code=key" class="sref">key	/a>,
const struct
	a href="+code=cred" class="sref">cred	/a> *	a href="+code=cred" class="sref">cred	/a>,41351	/a>






















unsigned long
	a href="+code=flags" class="sref">flags	/a>)41352	/a>{41353	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=key_alloc" class="sref">key_alloc	/a>(	a href="+code=key" class="sref">key	/a>,
	a href="+code=cred" class="sref">cred	/a>,
	a href="+code=flags" class="sref">flags	/a>);41354	/a>}41355	/a>41356	/a>void
	a href="+code=security_key_fre1" class="sref">security_key_fre1	/a>(struct
	a href="+code=key" class="sref">key	/a> *	a href="+code=key" class="sref">key	/a>)41357	/a>{41358	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=key_fre1" class="sref">key_fre1	/a>(	a href="+code=key" class="sref">key	/a>);41359	/a>}41360	/a>41361	/a>int
	a href="+code=security_key_permission" class="sref">security_key_permission	/a>(	a href="+code=key_ref_t" class="sref">key_ref_t	/a> 	a href="+code=key_ref" class="sref">key_ref	/a>,41362	/a>       
       












const struct
	a href="+code=cred" class="sref">cred	/a> *	a href="+code=cred" class="sref">cred	/a>, 	a href="+code=key_perm_t" class="sref">key_perm_t	/a> 	a href="+code=perm" class="sref">perm	/a>)41363	/a>{41364	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=key_permission" class="sref">key_permission	/a>(	a href="+code=key_ref" class="sref">key_ref	/a>,
	a href="+code=cred" class="sref">cred	/a>,
	a href="+code=perm" class="sref">perm	/a>);41365	/a>}41366	/a>41367	/a>int
	a href="+code=security_key_getsecurity" class="sref">security_key_getsecurity	/a>(struct
	a href="+code=key" class="sref">key	/a> *	a href="+code=key" class="sref">key	/a>,
char **	a href="+code=_buffer" class="sref">_buffer	/a>)41368	/a>{41369	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=key_getsecurity" class="sref">key_getsecurity	/a>(	a href="+code=key" class="sref">key	/a>,
	a href="+code=_buffer" class="sref">_buffer	/a>);41370	/a>}41371	/a>41372	/a>#endif 
	span class="comment">/* CONFIG_KEYS
*/41373	/a>41374	/a>#ifdef 	a href="+code=CONFIG_AUDIT" class="sref">CONFIG_AUDIT	/a>41375	/a>41376	/a>int
	a href="+code=security_audit_rule_init" class="sref">security_audit_rule_init	/a>(	a href="+code=u32" class="sref">u32	/a> 	a href="+code=field" class="sref">field	/a>, 	a href="+code=u32" class="sref">u32	/a> 	a href="+code=op" class="sref">op	/a>,
char *	a href="+code=rulestr" class="sref">rulestr	/a>,
void
**	a href="+code=lsmrule" class="sref">lsmrule	/a>)41377	/a>{41378	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=audit_rule_init" class="sref">audit_rule_init	/a>(	a href="+code=field" class="sref">field	/a>, 	a href="+code=op" class="sref">op	/a>,
	a href="+code=rulestr" class="sref">rulestr	/a>,
	a href="+code=lsmrule" class="sref">lsmrule	/a>);41379	/a>}41380	/a>41381	/a>int
	a href="+code=security_audit_rule_known" class="sref">security_audit_rule_known	/a>(struct
	a href="+code=audit_krule" class="sref">audit_krule	/a> *	a href="+code=krule" class="sref">krule	/a>)41382	/a>{41383	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=audit_rule_known" class="sref">audit_rule_known	/a>(	a href="+code=krule" class="sref">krule	/a>);41384	/a>}41385	/a>41386	/a>void
	a href="+code=security_audit_rule_fre1" class="sref">security_audit_rule_fre1	/a>(void
*	a href="+code=lsmrule" class="sref">lsmrule	/a>)41387	/a>{41388	/a>       
	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=audit_rule_fre1" class="sref">audit_rule_fre1	/a>(	a href="+code=lsmrule" class="sref">lsmrule	/a>);41389	/a>}41390	/a>41391	/a>int
	a href="+code=security_audit_rule_match" class="sref">security_audit_rule_match	/a>(	a href="+code=u32" class="sref">u32	/a> 	a href="+code=secid" class="sref">secid	/a>, 	a href="+code=u32" class="sref">u32	/a> 	a href="+code=field" class="sref">field	/a>, 	a href="+code=u32" class="sref">u32	/a> 	a href="+code=op" class="sref">op	/a>,
void
*	a href="+code=lsmrule" class="sref">lsmrule	/a>,41392	/a>       
       














struct
	a href="+code=audit_context" class="sref">audit_context	/a> *	a href="+code=actx" class="sref">actx	/a>)41393	/a>{41394	/a>       
return 	a href="+code=security_ops" class="sref">security_ops	/a>->	a href="+code=audit_rule_match" class="sref">audit_rule_match	/a>(	a href="+code=secid" class="sref">secid	/a>, 	a href="+code=field" class="sref">field	/a>, 	a href="+code=op" class="sref">op	/a>,
	a href="+code=lsmrule" class="sref">lsmrule	/a>,
	a href="+code=actx" class="sref">actx	/a>);41395	/a>}41396	/a>41397	/a>#endif 	span class="comment">/* CONFIG_AUDIT
*/41398	/a>
lxr.linux.no kindly hosted by Redpill Linpro AS /a>, provider of Linux consulting and operations services since 1995.