21 #include <linux/xattr.h>
24 #include <linux/stat.h>
26 #include <asm/ioctls.h>
28 #include <linux/tcp.h>
29 #include <linux/udp.h>
30 #include <linux/slab.h>
34 #include <linux/audit.h>
35 #include <linux/magic.h>
37 #include <linux/personality.h>
38 #include <linux/msg.h>
39 #include <linux/shm.h>
40 #include <linux/binfmts.h>
43 #define task_security(task) (task_cred_xxx((task), security))
45 #define TRANS_TRUE "TRUE"
46 #define TRANS_TRUE_SIZE 4
109 tsp = kzalloc(
sizeof(
struct task_smack), gfp);
135 INIT_LIST_HEAD(nhead);
137 list_for_each_entry_rcu(orp, ohead,
list) {
138 nrp = kzalloc(
sizeof(
struct smack_rule), gfp);
144 list_add_rcu(&nrp->
list, nhead);
163 static int smack_ptrace_access_check(
struct task_struct *ctp,
unsigned int mode)
175 smk_ad_setfield_u_tsk(&ad, ctp);
201 smk_ad_setfield_u_tsk(&ad, ptp);
215 static int smack_syslog(
int typefrom_file)
218 char *
sp = smk_of_current();
255 sb->s_security = sbsp;
265 static void smack_sb_free_security(
struct super_block *sb)
267 kfree(sb->s_security);
268 sb->s_security =
NULL;
281 static int smack_sb_copy_data(
char *orig,
char *smackopts)
283 char *
cp, *commap, *otheropts, *
dp;
286 if (otheropts ==
NULL)
289 for (cp = orig, commap = orig; commap !=
NULL; cp = commap + 1) {
339 for (op = data; op !=
NULL; op = commap) {
371 isp = inode->i_security;
394 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
411 static int smack_sb_mount(
const char *dev_name,
struct path *
path,
412 const char *
type,
unsigned long flags,
void *data)
418 smk_ad_setfield_u_fs_path(&ad, *path);
431 static int smack_sb_umount(
struct vfsmount *mnt,
int flags)
441 smk_ad_setfield_u_fs_path(&ad,
path);
457 static int smack_bprm_set_creds(
struct linux_binprm *bprm)
459 struct inode *inode = bprm->
file->f_path.dentry->d_inode;
471 isp = inode->i_security;
490 static void smack_bprm_committing_creds(
struct linux_binprm *bprm)
504 static int smack_bprm_secureexec(
struct linux_binprm *bprm)
525 static int smack_inode_alloc_security(
struct inode *inode)
528 if (inode->i_security ==
NULL)
539 static void smack_inode_free_security(
struct inode *inode)
541 kfree(inode->i_security);
542 inode->i_security =
NULL;
556 static int smack_inode_init_security(
struct inode *inode,
struct inode *dir,
558 void **
value,
size_t *len)
562 char *
csp = smk_of_current();
563 char *isp = smk_of_inode(inode);
564 char *
dsp = smk_of_inode(dir);
586 smk_inode_transmutable(dir)) {
610 static int smack_inode_link(
struct dentry *old_dentry,
struct inode *dir,
611 struct dentry *new_dentry)
618 smk_ad_setfield_u_fs_path_dentry(&ad, old_dentry);
620 isp = smk_of_inode(old_dentry->
d_inode);
624 isp = smk_of_inode(new_dentry->
d_inode);
625 smk_ad_setfield_u_fs_path_dentry(&ad, new_dentry);
640 static int smack_inode_unlink(
struct inode *dir,
struct dentry *
dentry)
647 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
657 smk_ad_setfield_u_fs_path_dentry(&ad,
NULL);
658 smk_ad_setfield_u_fs_inode(&ad, dir);
672 static int smack_inode_rmdir(
struct inode *dir,
struct dentry *dentry)
678 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
688 smk_ad_setfield_u_fs_path_dentry(&ad,
NULL);
689 smk_ad_setfield_u_fs_inode(&ad, dir);
708 static int smack_inode_rename(
struct inode *old_inode,
709 struct dentry *old_dentry,
711 struct dentry *new_dentry)
718 smk_ad_setfield_u_fs_path_dentry(&ad, old_dentry);
720 isp = smk_of_inode(old_dentry->
d_inode);
724 isp = smk_of_inode(new_dentry->
d_inode);
725 smk_ad_setfield_u_fs_path_dentry(&ad, new_dentry);
740 static int smack_inode_permission(
struct inode *inode,
int mask)
756 smk_ad_setfield_u_fs_inode(&ad, inode);
757 return smk_curacc(smk_of_inode(inode), mask, &ad);
767 static int smack_inode_setattr(
struct dentry *dentry,
struct iattr *
iattr)
776 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
788 static int smack_inode_getattr(
struct vfsmount *mnt,
struct dentry *dentry)
797 smk_ad_setfield_u_fs_path(&ad,
path);
813 static int smack_inode_setxattr(
struct dentry *dentry,
const char *name,
814 const void *value,
size_t size,
int flags)
843 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
862 static void smack_inode_post_setxattr(
struct dentry *dentry,
const char *name,
863 const void *value,
size_t size,
int flags)
899 static int smack_inode_getxattr(
struct dentry *dentry,
const char *name)
904 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
918 static int smack_inode_removexattr(
struct dentry *dentry,
const char *name)
936 smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
941 isp = dentry->
d_inode->i_security;
958 static int smack_inode_getsecurity(
const struct inode *inode,
959 const char *name,
void **
buffer,
965 struct inode *ip = (
struct inode *)inode;
971 isp = smk_of_inode(inode);
988 ssp = sock->
sk->sk_security;
1015 static int smack_inode_listsecurity(
struct inode *inode,
char *buffer,
1020 if (buffer !=
NULL && len <= buffer_size) {
1032 static void smack_inode_getsecid(
const struct inode *inode,
u32 *secid)
1057 static int smack_file_permission(
struct file *
file,
int mask)
1071 static int smack_file_alloc_security(
struct file *
file)
1073 file->f_security = smk_of_current();
1084 static void smack_file_free_security(
struct file *
file)
1086 file->f_security =
NULL;
1099 static int smack_file_ioctl(
struct file *
file,
unsigned int cmd,
1106 smk_ad_setfield_u_fs_path(&ad, file->
f_path);
1124 static int smack_file_lock(
struct file *file,
unsigned int cmd)
1129 smk_ad_setfield_u_fs_path(&ad, file->
f_path);
1145 static int smack_file_fcntl(
struct file *file,
unsigned int cmd,
1159 smk_ad_setfield_u_fs_path(&ad, file->
f_path);
1179 static int smack_mmap_file(
struct file *file,
1180 unsigned long reqprot,
unsigned long prot,
1181 unsigned long flags)
1196 if (file ==
NULL || file->f_dentry ==
NULL)
1199 dp = file->f_dentry;
1204 isp = dp->
d_inode->i_security;
1210 sp = smk_of_current();
1225 if (msmack == osmack)
1268 if ((may | mmay) != mmay) {
1286 static int smack_file_set_fowner(
struct file *file)
1288 file->f_security = smk_of_current();
1303 static int smack_file_send_sigiotask(
struct task_struct *tsk,
1308 char *tsp = smk_of_task(tsk->
cred->security);
1322 smk_ad_setfield_u_tsk(&ad, tsk);
1333 static int smack_file_receive(
struct file *file)
1339 smk_ad_setfield_u_fs_path(&ad, file->
f_path);
1348 return smk_curacc(file->f_security, may, &ad);
1360 static int smack_file_open(
struct file *file,
const struct cred *
cred)
1382 static int smack_cred_alloc_blank(
struct cred *
cred,
gfp_t gfp)
1386 tsp = new_task_smack(
NULL,
NULL, gfp);
1390 cred->security =
tsp;
1401 static void smack_cred_free(
struct cred *cred)
1410 cred->security =
NULL;
1428 static int smack_cred_prepare(
struct cred *
new,
const struct cred *old,
1436 if (new_tsp ==
NULL)
1443 new->security = new_tsp;
1454 static void smack_cred_transfer(
struct cred *
new,
const struct cred *old)
1475 static int smack_kernel_act_as(
struct cred *
new,
u32 secid)
1495 static int smack_kernel_create_files_as(
struct cred *
new,
1496 struct inode *inode)
1520 smk_ad_setfield_u_tsk(&ad, p);
1533 return smk_curacc_on_task(p,
MAY_WRITE, __func__);
1542 static int smack_task_getpgid(
struct task_struct *p)
1544 return smk_curacc_on_task(p,
MAY_READ, __func__);
1553 static int smack_task_getsid(
struct task_struct *p)
1555 return smk_curacc_on_task(p,
MAY_READ, __func__);
1565 static void smack_task_getsecid(
struct task_struct *p,
u32 *secid)
1577 static int smack_task_setnice(
struct task_struct *p,
int nice)
1583 rc = smk_curacc_on_task(p,
MAY_WRITE, __func__);
1594 static int smack_task_setioprio(
struct task_struct *p,
int ioprio)
1600 rc = smk_curacc_on_task(p,
MAY_WRITE, __func__);
1610 static int smack_task_getioprio(
struct task_struct *p)
1612 return smk_curacc_on_task(p,
MAY_READ, __func__);
1623 static int smack_task_setscheduler(
struct task_struct *p)
1629 rc = smk_curacc_on_task(p,
MAY_WRITE, __func__);
1639 static int smack_task_getscheduler(
struct task_struct *p)
1641 return smk_curacc_on_task(p,
MAY_READ, __func__);
1650 static int smack_task_movememory(
struct task_struct *p)
1652 return smk_curacc_on_task(p,
MAY_WRITE, __func__);
1673 smk_ad_setfield_u_tsk(&ad, p);
1716 static void smack_task_to_inode(
struct task_struct *p,
struct inode *inode)
1736 static int smack_sk_alloc_security(
struct sock *
sk,
int family,
gfp_t gfp_flags)
1738 char *csp = smk_of_current();
1749 sk->sk_security =
ssp;
1760 static void smack_sk_free_security(
struct sock *sk)
1762 kfree(sk->sk_security);
1777 static char *smack_host_label(
struct sockaddr_in *sip)
1785 list_for_each_entry_rcu(snp, &smk_netlbladdr_list,
list)
1791 if ((&snp->smk_host.sin_addr)->
s_addr ==
1812 static int smack_netlabel(
struct sock *sk,
int labeled)
1854 static int smack_netlabel_send(
struct sock *sk,
struct sockaddr_in *sap)
1863 hostsp = smack_host_label(sap);
1864 if (hostsp !=
NULL) {
1871 ad.a.u.net->v4info.daddr = sap->
sin_addr.s_addr;
1883 return smack_netlabel(sk, sk_lbl);
1898 static int smack_inode_setsecurity(
struct inode *inode,
const char *name,
1899 const void *value,
size_t size,
int flags)
1925 sock = SOCKET_I(inode);
1929 ssp = sock->
sk->sk_security;
1939 "Smack: \"%s\" netlbl error %d.\n",
1960 static int smack_socket_post_create(
struct socket *sock,
int family,
1981 static int smack_socket_connect(
struct socket *sock,
struct sockaddr *sap,
1989 return smack_netlabel_send(sock->
sk, (
struct sockaddr_in *)sap);
1998 static int smack_flags_to_may(
int flags)
2018 static int smack_msg_msg_alloc_security(
struct msg_msg *
msg)
2030 static void smack_msg_msg_free_security(
struct msg_msg *
msg)
2043 return (
char *)shp->
shm_perm.security;
2052 static int smack_shm_alloc_security(
struct shmid_kernel *shp)
2066 static void smack_shm_free_security(
struct shmid_kernel *shp)
2080 static int smk_curacc_shm(
struct shmid_kernel *shp,
int access)
2082 char *ssp = smack_of_shm(shp);
2099 static int smack_shm_associate(
struct shmid_kernel *shp,
int shmflg)
2103 may = smack_flags_to_may(shmflg);
2104 return smk_curacc_shm(shp, may);
2114 static int smack_shm_shmctl(
struct shmid_kernel *shp,
int cmd)
2138 return smk_curacc_shm(shp, may);
2149 static int smack_shm_shmat(
struct shmid_kernel *shp,
char __user *shmaddr,
2154 may = smack_flags_to_may(shmflg);
2155 return smk_curacc_shm(shp, may);
2164 static char *smack_of_sem(
struct sem_array *sma)
2166 return (
char *)sma->
sem_perm.security;
2175 static int smack_sem_alloc_security(
struct sem_array *sma)
2189 static void smack_sem_free_security(
struct sem_array *sma)
2203 static int smk_curacc_sem(
struct sem_array *sma,
int access)
2205 char *ssp = smack_of_sem(sma);
2222 static int smack_sem_associate(
struct sem_array *sma,
int semflg)
2226 may = smack_flags_to_may(semflg);
2227 return smk_curacc_sem(sma, may);
2237 static int smack_sem_semctl(
struct sem_array *sma,
int cmd)
2267 return smk_curacc_sem(sma, may);
2281 static int smack_sem_semop(
struct sem_array *sma,
struct sembuf *sops,
2282 unsigned nsops,
int alter)
2293 static int smack_msg_queue_alloc_security(
struct msg_queue *msq)
2307 static void smack_msg_queue_free_security(
struct msg_queue *msq)
2320 static char *smack_of_msq(
struct msg_queue *msq)
2322 return (
char *)msq->
q_perm.security;
2332 static int smk_curacc_msq(
struct msg_queue *msq,
int access)
2334 char *msp = smack_of_msq(msq);
2339 ad.a.u.ipc_id = msq->
q_perm.id;
2351 static int smack_msg_queue_associate(
struct msg_queue *msq,
int msqflg)
2355 may = smack_flags_to_may(msqflg);
2356 return smk_curacc_msq(msq, may);
2366 static int smack_msg_queue_msgctl(
struct msg_queue *msq,
int cmd)
2389 return smk_curacc_msq(msq, may);
2405 may = smack_flags_to_may(msqflg);
2406 return smk_curacc_msq(msq, may);
2435 int may = smack_flags_to_may(flag);
2440 ad.a.u.ipc_id = ipp->
id;
2464 static void smack_d_instantiate(
struct dentry *opt_dentry,
struct inode *inode)
2469 char *csp = smk_of_current();
2480 isp = inode->i_security;
2491 sbsp = sbp->s_security;
2504 if (opt_dentry->
d_parent == opt_dentry) {
2591 dp = dget(opt_dentry);
2593 if (fetched !=
NULL)
2611 rc = inode->
i_op->setxattr(dp,
2616 rc = inode->
i_op->getxattr(dp,
2655 static int smack_getprocattr(
struct task_struct *p,
char *name,
char **value)
2660 if (
strcmp(name,
"current") != 0)
2684 static int smack_setprocattr(
struct task_struct *p,
char *name,
2685 void *value,
size_t size)
2704 if (
strcmp(name,
"current") != 0)
2708 if (newsmack ==
NULL)
2721 tsp =
new->security;
2737 static int smack_unix_stream_connect(
struct sock *sock,
2738 struct sock *
other,
struct sock *newsk)
2750 smk_ad_setfield_u_net_sk(&ad, other);
2775 static int smack_unix_may_send(
struct socket *sock,
struct socket *other)
2786 smk_ad_setfield_u_net_sk(&ad, other->
sk);
2805 static int smack_socket_sendmsg(
struct socket *sock,
struct msghdr *
msg,
2816 return smack_netlabel_send(sock->
sk, sip);
2894 static int smack_socket_sock_rcv_skb(
struct sock *sk,
struct sk_buff *
skb)
2910 netlbl_secattr_init(&secattr);
2914 csp = smack_from_secattr(&secattr, ssp);
2918 netlbl_secattr_destroy(&secattr);
2922 ad.a.u.net->family = sk->sk_family;
2923 ad.a.u.net->netif = skb->
skb_iif;
2947 static int smack_socket_getpeersec_stream(
struct socket *sock,
2948 char __user *optval,
2949 int __user *optlen,
unsigned len)
2956 ssp = sock->
sk->sk_security;
2982 static int smack_socket_getpeersec_dgram(
struct socket *sock,
3000 family = sock->
sk->sk_family;
3003 ssp = sock->
sk->sk_security;
3010 ssp = sock->
sk->sk_security;
3011 netlbl_secattr_init(&secattr);
3014 sp = smack_from_secattr(&secattr, ssp);
3017 netlbl_secattr_destroy(&secattr);
3033 static void smack_sock_graft(
struct sock *sk,
struct socket *parent)
3041 ssp = sk->sk_security;
3055 static int smack_inet_conn_request(
struct sock *sk,
struct sk_buff *skb,
3058 u16 family = sk->sk_family;
3076 netlbl_secattr_init(&secattr);
3079 sp = smack_from_secattr(&secattr, ssp);
3082 netlbl_secattr_destroy(&secattr);
3086 ad.a.u.net->family =
family;
3087 ad.a.u.net->netif = skb->
skb_iif;
3112 hsp = smack_host_label(&
addr);
3131 static void smack_inet_csk_clone(
struct sock *sk,
3161 static int smack_key_alloc(
struct key *
key,
const struct cred *cred,
3162 unsigned long flags)
3164 key->security = smk_of_task(cred->security);
3174 static void smack_key_free(
struct key *
key)
3176 key->security =
NULL;
3188 static int smack_key_permission(key_ref_t key_ref,
3189 const struct cred *cred, key_perm_t
perm)
3193 char *tsp = smk_of_task(cred->security);
3195 keyp = key_ref_to_ptr(key_ref);
3202 if (keyp->security ==
NULL)
3211 ad.a.u.key_struct.key = keyp->serial;
3212 ad.a.u.key_struct.key_desc = keyp->description;
3244 static int smack_audit_rule_init(
u32 field,
u32 op,
char *rulestr,
void **vrule)
3246 char **
rule = (
char **)vrule;
3268 static int smack_audit_rule_known(
struct audit_krule *krule)
3294 static int smack_audit_rule_match(
u32 secid,
u32 field,
u32 op,
void *vrule,
3302 "Smack: missing rule\n");
3317 return (rule == smack);
3319 return (rule != smack);
3330 static void smack_audit_rule_free(
void *vrule)
3345 static int smack_secid_to_secctx(
u32 secid,
char **secdata,
u32 *seclen)
3363 static int smack_secctx_to_secid(
const char *secdata,
u32 seclen,
u32 *secid)
3376 static void smack_release_secctx(
char *secdata,
u32 seclen)
3380 static int smack_inode_notifysecctx(
struct inode *inode,
void *
ctx,
u32 ctxlen)
3385 static int smack_inode_setsecctx(
struct dentry *dentry,
void *
ctx,
u32 ctxlen)
3390 static int smack_inode_getsecctx(
struct inode *inode,
void **
ctx,
u32 *ctxlen)
3404 .ptrace_access_check = smack_ptrace_access_check,
3405 .ptrace_traceme = smack_ptrace_traceme,
3406 .syslog = smack_syslog,
3408 .sb_alloc_security = smack_sb_alloc_security,
3409 .sb_free_security = smack_sb_free_security,
3410 .sb_copy_data = smack_sb_copy_data,
3411 .sb_kern_mount = smack_sb_kern_mount,
3412 .sb_statfs = smack_sb_statfs,
3413 .sb_mount = smack_sb_mount,
3414 .sb_umount = smack_sb_umount,
3416 .bprm_set_creds = smack_bprm_set_creds,
3417 .bprm_committing_creds = smack_bprm_committing_creds,
3418 .bprm_secureexec = smack_bprm_secureexec,
3420 .inode_alloc_security = smack_inode_alloc_security,
3421 .inode_free_security = smack_inode_free_security,
3422 .inode_init_security = smack_inode_init_security,
3423 .inode_link = smack_inode_link,
3424 .inode_unlink = smack_inode_unlink,
3425 .inode_rmdir = smack_inode_rmdir,
3426 .inode_rename = smack_inode_rename,
3427 .inode_permission = smack_inode_permission,
3428 .inode_setattr = smack_inode_setattr,
3429 .inode_getattr = smack_inode_getattr,
3430 .inode_setxattr = smack_inode_setxattr,
3431 .inode_post_setxattr = smack_inode_post_setxattr,
3432 .inode_getxattr = smack_inode_getxattr,
3433 .inode_removexattr = smack_inode_removexattr,
3434 .inode_getsecurity = smack_inode_getsecurity,
3435 .inode_setsecurity = smack_inode_setsecurity,
3436 .inode_listsecurity = smack_inode_listsecurity,
3437 .inode_getsecid = smack_inode_getsecid,
3439 .file_permission = smack_file_permission,
3440 .file_alloc_security = smack_file_alloc_security,
3441 .file_free_security = smack_file_free_security,
3442 .file_ioctl = smack_file_ioctl,
3443 .file_lock = smack_file_lock,
3444 .file_fcntl = smack_file_fcntl,
3445 .mmap_file = smack_mmap_file,
3447 .file_set_fowner = smack_file_set_fowner,
3448 .file_send_sigiotask = smack_file_send_sigiotask,
3449 .file_receive = smack_file_receive,
3451 .file_open = smack_file_open,
3453 .cred_alloc_blank = smack_cred_alloc_blank,
3454 .cred_free = smack_cred_free,
3455 .cred_prepare = smack_cred_prepare,
3456 .cred_transfer = smack_cred_transfer,
3457 .kernel_act_as = smack_kernel_act_as,
3458 .kernel_create_files_as = smack_kernel_create_files_as,
3459 .task_setpgid = smack_task_setpgid,
3460 .task_getpgid = smack_task_getpgid,
3461 .task_getsid = smack_task_getsid,
3462 .task_getsecid = smack_task_getsecid,
3463 .task_setnice = smack_task_setnice,
3464 .task_setioprio = smack_task_setioprio,
3465 .task_getioprio = smack_task_getioprio,
3466 .task_setscheduler = smack_task_setscheduler,
3467 .task_getscheduler = smack_task_getscheduler,
3468 .task_movememory = smack_task_movememory,
3469 .task_kill = smack_task_kill,
3470 .task_wait = smack_task_wait,
3471 .task_to_inode = smack_task_to_inode,
3473 .ipc_permission = smack_ipc_permission,
3474 .ipc_getsecid = smack_ipc_getsecid,
3476 .msg_msg_alloc_security = smack_msg_msg_alloc_security,
3477 .msg_msg_free_security = smack_msg_msg_free_security,
3479 .msg_queue_alloc_security = smack_msg_queue_alloc_security,
3480 .msg_queue_free_security = smack_msg_queue_free_security,
3481 .msg_queue_associate = smack_msg_queue_associate,
3482 .msg_queue_msgctl = smack_msg_queue_msgctl,
3483 .msg_queue_msgsnd = smack_msg_queue_msgsnd,
3484 .msg_queue_msgrcv = smack_msg_queue_msgrcv,
3486 .shm_alloc_security = smack_shm_alloc_security,
3487 .shm_free_security = smack_shm_free_security,
3488 .shm_associate = smack_shm_associate,
3489 .shm_shmctl = smack_shm_shmctl,
3490 .shm_shmat = smack_shm_shmat,
3492 .sem_alloc_security = smack_sem_alloc_security,
3493 .sem_free_security = smack_sem_free_security,
3494 .sem_associate = smack_sem_associate,
3495 .sem_semctl = smack_sem_semctl,
3496 .sem_semop = smack_sem_semop,
3498 .d_instantiate = smack_d_instantiate,
3500 .getprocattr = smack_getprocattr,
3501 .setprocattr = smack_setprocattr,
3503 .unix_stream_connect = smack_unix_stream_connect,
3504 .unix_may_send = smack_unix_may_send,
3506 .socket_post_create = smack_socket_post_create,
3507 .socket_connect = smack_socket_connect,
3508 .socket_sendmsg = smack_socket_sendmsg,
3509 .socket_sock_rcv_skb = smack_socket_sock_rcv_skb,
3510 .socket_getpeersec_stream = smack_socket_getpeersec_stream,
3511 .socket_getpeersec_dgram = smack_socket_getpeersec_dgram,
3512 .sk_alloc_security = smack_sk_alloc_security,
3513 .sk_free_security = smack_sk_free_security,
3514 .sock_graft = smack_sock_graft,
3515 .inet_conn_request = smack_inet_conn_request,
3516 .inet_csk_clone = smack_inet_csk_clone,
3520 .key_alloc = smack_key_alloc,
3521 .key_free = smack_key_free,
3522 .key_permission = smack_key_permission,
3527 .audit_rule_init = smack_audit_rule_init,
3528 .audit_rule_known = smack_audit_rule_known,
3529 .audit_rule_match = smack_audit_rule_match,
3530 .audit_rule_free = smack_audit_rule_free,
3533 .secid_to_secctx = smack_secid_to_secctx,
3534 .secctx_to_secid = smack_secctx_to_secid,
3535 .release_secctx = smack_release_secctx,
3536 .inode_notifysecctx = smack_inode_notifysecctx,
3537 .inode_setsecctx = smack_inode_setsecctx,
3538 .inode_getsecctx = smack_inode_getsecctx,
3542 static __init void init_smack_known_list(
void)
3578 static __init int smack_init(
void)
3596 cred = (
struct cred *)
current->cred;
3597 cred->security = tsp;
3600 init_smack_known_list();
3606 panic(
"smack: Unable to register with kernel.\n");