apfs/linux-apfs
0
0
Fork 0
mirror of https://github.com/linux-apfs/linux-apfs.git synced 2026-05-01 15:00:59 -07:00
Code Issues Packages Projects Releases Wiki Activity

LSM: Add security_path_chmod() and security_path_chown().

Browse Source 
This patch allows pathname based LSM modules to check chmod()/chown()
operations. Since notify_change() does not receive "struct vfsmount *",
we add security_path_chmod() and security_path_chown() to the caller of
notify_change().

These hooks are used by TOMOYO.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Tetsuo Handa
2009-10-04 21:49:47 +09:00
committed by James Morris
parent 941fc5b2bf
commit 89eda06837
4 changed files with 78 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
security/capability.c
+13
View File
@@ -308,6 +308,17 @@ static int cap_path_truncate(struct path *path, loff_t length,
{
return 0;
}
static int cap_path_chmod(struct dentry *dentry, struct vfsmount *mnt,
mode_t mode)
{
return 0;
}
static int cap_path_chown(struct path *path, uid_t uid, gid_t gid)
{
return 0;
}
#endif
static int cap_file_permission(struct file *file, int mask)
@@ -977,6 +988,8 @@ void security_fixup_ops(struct security_operations *ops)
set_to_cap_if_null(ops, path_link);
set_to_cap_if_null(ops, path_rename);
set_to_cap_if_null(ops, path_truncate);
set_to_cap_if_null(ops, path_chmod);
set_to_cap_if_null(ops, path_chown);
#endif
set_to_cap_if_null(ops, file_permission);
set_to_cap_if_null(ops, file_alloc_security);