diff options
Diffstat (limited to 'security/smack/smack_lsm.c')
| -rw-r--r-- | security/smack/smack_lsm.c | 32 |
1 files changed, 14 insertions, 18 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 770eb067e165..93f5b0ce662a 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -189,17 +189,10 @@ static void smack_sb_free_security(struct super_block *sb) * Copy the Smack specific mount options out of the mount * options list. */ -static int smack_sb_copy_data(struct file_system_type *type, void *orig, - void *smackopts) +static int smack_sb_copy_data(char *orig, char *smackopts) { char *cp, *commap, *otheropts, *dp; - /* Binary mount data: just copy */ - if (type->fs_flags & FS_BINARY_MOUNTDATA) { - copy_page(smackopts, orig); - return 0; - } - otheropts = (char *)get_zeroed_page(GFP_KERNEL); if (otheropts == NULL) return -ENOMEM; @@ -1124,11 +1117,6 @@ static int smack_task_movememory(struct task_struct *p) static int smack_task_kill(struct task_struct *p, struct siginfo *info, int sig, u32 secid) { - int rc; - - rc = cap_task_kill(p, info, sig, secid); - if (rc != 0) - return rc; /* * Special cases where signals really ought to go through * in spite of policy. Stephen Smalley suggests it may @@ -1287,7 +1275,7 @@ static void smack_to_secattr(char *smack, struct netlbl_lsm_secattr *nlsp) switch (smack_net_nltype) { case NETLBL_NLTYPE_CIPSOV4: - nlsp->domain = kstrdup(smack, GFP_ATOMIC); + nlsp->domain = smack; nlsp->flags = NETLBL_SECATTR_DOMAIN | NETLBL_SECATTR_MLS_LVL; rc = smack_to_cipso(smack, &cipso); @@ -1515,7 +1503,7 @@ static int smack_shm_associate(struct shmid_kernel *shp, int shmflg) */ static int smack_shm_shmctl(struct shmid_kernel *shp, int cmd) { - char *ssp = smack_of_shm(shp); + char *ssp; int may; switch (cmd) { @@ -1539,6 +1527,7 @@ static int smack_shm_shmctl(struct shmid_kernel *shp, int cmd) return -EINVAL; } + ssp = smack_of_shm(shp); return smk_curacc(ssp, may); } @@ -1623,7 +1612,7 @@ static int smack_sem_associate(struct sem_array *sma, int semflg) */ static int smack_sem_semctl(struct sem_array *sma, int cmd) { - char *ssp = smack_of_sem(sma); + char *ssp; int may; switch (cmd) { @@ -1652,6 +1641,7 @@ static int smack_sem_semctl(struct sem_array *sma, int cmd) return -EINVAL; } + ssp = smack_of_sem(sma); return smk_curacc(ssp, may); } @@ -1737,7 +1727,7 @@ static int smack_msg_queue_associate(struct msg_queue *msq, int msqflg) */ static int smack_msg_queue_msgctl(struct msg_queue *msq, int cmd) { - char *msp = smack_of_msq(msq); + char *msp; int may; switch (cmd) { @@ -1759,6 +1749,7 @@ static int smack_msg_queue_msgctl(struct msg_queue *msq, int cmd) return -EINVAL; } + msp = smack_of_msq(msq); return smk_curacc(msp, may); } @@ -2433,7 +2424,9 @@ static void smack_release_secctx(char *secdata, u32 seclen) { } -static struct security_operations smack_ops = { +struct security_operations smack_ops = { + .name = "smack", + .ptrace = smack_ptrace, .capget = cap_capget, .capset_check = cap_capset_check, @@ -2566,6 +2559,9 @@ static struct security_operations smack_ops = { */ static __init int smack_init(void) { + if (!security_module_enable(&smack_ops)) + return 0; + printk(KERN_INFO "Smack: Initializing.\n"); /* |