mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-10-30 16:07:39 +00:00
e261301c85
This patch relocates the LSM hook function comments to the function definitions, in keeping with the current kernel conventions. This should make the hook descriptions more easily discoverable and easier to maintain. While formatting changes have been done to better fit the kernel-doc style, content changes have been kept to a minimum and limited to text which was obviously incorrect and/or outdated. It is expected the future patches will improve the quality of the function header comments. Acked-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
151 lines
4.5 KiB
C
151 lines
4.5 KiB
C
/*
|
|
* Linux Security Module interfaces
|
|
*
|
|
* Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com>
|
|
* Copyright (C) 2001 Greg Kroah-Hartman <greg@kroah.com>
|
|
* Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com>
|
|
* Copyright (C) 2001 James Morris <jmorris@intercode.com.au>
|
|
* Copyright (C) 2001 Silicon Graphics, Inc. (Trust Technology Group)
|
|
* Copyright (C) 2015 Intel Corporation.
|
|
* Copyright (C) 2015 Casey Schaufler <casey@schaufler-ca.com>
|
|
* Copyright (C) 2016 Mellanox Techonologies
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* Due to this file being licensed under the GPL there is controversy over
|
|
* whether this permits you to write a module that #includes this file
|
|
* without placing your module under the GPL. Please consult a lawyer for
|
|
* advice before doing this.
|
|
*
|
|
*/
|
|
|
|
#ifndef __LINUX_LSM_HOOKS_H
|
|
#define __LINUX_LSM_HOOKS_H
|
|
|
|
#include <linux/security.h>
|
|
#include <linux/init.h>
|
|
#include <linux/rculist.h>
|
|
|
|
union security_list_options {
|
|
#define LSM_HOOK(RET, DEFAULT, NAME, ...) RET (*NAME)(__VA_ARGS__);
|
|
#include "lsm_hook_defs.h"
|
|
#undef LSM_HOOK
|
|
};
|
|
|
|
struct security_hook_heads {
|
|
#define LSM_HOOK(RET, DEFAULT, NAME, ...) struct hlist_head NAME;
|
|
#include "lsm_hook_defs.h"
|
|
#undef LSM_HOOK
|
|
} __randomize_layout;
|
|
|
|
/*
|
|
* Security module hook list structure.
|
|
* For use with generic list macros for common operations.
|
|
*/
|
|
struct security_hook_list {
|
|
struct hlist_node list;
|
|
struct hlist_head *head;
|
|
union security_list_options hook;
|
|
const char *lsm;
|
|
} __randomize_layout;
|
|
|
|
/*
|
|
* Security blob size or offset data.
|
|
*/
|
|
struct lsm_blob_sizes {
|
|
int lbs_cred;
|
|
int lbs_file;
|
|
int lbs_inode;
|
|
int lbs_superblock;
|
|
int lbs_ipc;
|
|
int lbs_msg_msg;
|
|
int lbs_task;
|
|
};
|
|
|
|
/*
|
|
* LSM_RET_VOID is used as the default value in LSM_HOOK definitions for void
|
|
* LSM hooks (in include/linux/lsm_hook_defs.h).
|
|
*/
|
|
#define LSM_RET_VOID ((void) 0)
|
|
|
|
/*
|
|
* Initializing a security_hook_list structure takes
|
|
* up a lot of space in a source file. This macro takes
|
|
* care of the common case and reduces the amount of
|
|
* text involved.
|
|
*/
|
|
#define LSM_HOOK_INIT(HEAD, HOOK) \
|
|
{ .head = &security_hook_heads.HEAD, .hook = { .HEAD = HOOK } }
|
|
|
|
extern struct security_hook_heads security_hook_heads;
|
|
extern char *lsm_names;
|
|
|
|
extern void security_add_hooks(struct security_hook_list *hooks, int count,
|
|
const char *lsm);
|
|
|
|
#define LSM_FLAG_LEGACY_MAJOR BIT(0)
|
|
#define LSM_FLAG_EXCLUSIVE BIT(1)
|
|
|
|
enum lsm_order {
|
|
LSM_ORDER_FIRST = -1, /* This is only for capabilities. */
|
|
LSM_ORDER_MUTABLE = 0,
|
|
};
|
|
|
|
struct lsm_info {
|
|
const char *name; /* Required. */
|
|
enum lsm_order order; /* Optional: default is LSM_ORDER_MUTABLE */
|
|
unsigned long flags; /* Optional: flags describing LSM */
|
|
int *enabled; /* Optional: controlled by CONFIG_LSM */
|
|
int (*init)(void); /* Required. */
|
|
struct lsm_blob_sizes *blobs; /* Optional: for blob sharing. */
|
|
};
|
|
|
|
extern struct lsm_info __start_lsm_info[], __end_lsm_info[];
|
|
extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[];
|
|
|
|
#define DEFINE_LSM(lsm) \
|
|
static struct lsm_info __lsm_##lsm \
|
|
__used __section(".lsm_info.init") \
|
|
__aligned(sizeof(unsigned long))
|
|
|
|
#define DEFINE_EARLY_LSM(lsm) \
|
|
static struct lsm_info __early_lsm_##lsm \
|
|
__used __section(".early_lsm_info.init") \
|
|
__aligned(sizeof(unsigned long))
|
|
|
|
#ifdef CONFIG_SECURITY_SELINUX_DISABLE
|
|
/*
|
|
* Assuring the safety of deleting a security module is up to
|
|
* the security module involved. This may entail ordering the
|
|
* module's hook list in a particular way, refusing to disable
|
|
* the module once a policy is loaded or any number of other
|
|
* actions better imagined than described.
|
|
*
|
|
* The name of the configuration option reflects the only module
|
|
* that currently uses the mechanism. Any developer who thinks
|
|
* disabling their module is a good idea needs to be at least as
|
|
* careful as the SELinux team.
|
|
*/
|
|
static inline void security_delete_hooks(struct security_hook_list *hooks,
|
|
int count)
|
|
{
|
|
int i;
|
|
|
|
for (i = 0; i < count; i++)
|
|
hlist_del_rcu(&hooks[i].list);
|
|
}
|
|
#endif /* CONFIG_SECURITY_SELINUX_DISABLE */
|
|
|
|
/* Currently required to handle SELinux runtime hook disable. */
|
|
#ifdef CONFIG_SECURITY_WRITABLE_HOOKS
|
|
#define __lsm_ro_after_init
|
|
#else
|
|
#define __lsm_ro_after_init __ro_after_init
|
|
#endif /* CONFIG_SECURITY_WRITABLE_HOOKS */
|
|
|
|
extern int lsm_inode_alloc(struct inode *inode);
|
|
|
|
#endif /* ! __LINUX_LSM_HOOKS_H */
|