diff options
| author | Rodrigo Vivi <rodrigo.vivi@intel.com> | 2021-05-18 00:48:02 +0300 |
|---|---|---|
| committer | Rodrigo Vivi <rodrigo.vivi@intel.com> | 2021-05-18 00:48:02 +0300 |
| commit | d22fe808f9a3456f16015e79f1b86a10ce13099f (patch) | |
| tree | 8e8c99d742696a810297d54d650f308f6156d466 /include/linux/lsm_hooks.h | |
| parent | 1a7910368cba1e76b992b116fc8ba28503e6dcc1 (diff) | |
| parent | 6efb943b8616ec53a5e444193dccf1af9ad627b5 (diff) | |
| download | linux-d22fe808f9a3456f16015e79f1b86a10ce13099f.tar.xz | |
Merge drm/drm-next into drm-intel-next
Time to get back in sync...
Signed-off-by: Rodrigo Vivi <rodrigo.vivi@intel.com>
Diffstat (limited to 'include/linux/lsm_hooks.h')
| -rw-r--r-- | include/linux/lsm_hooks.h | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index fb7f3193753d..5c4c5c0602cb 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -108,6 +108,9 @@ * allocated. * @sb contains the super_block structure to be modified. * Return 0 if operation was successful. + * @sb_delete: + * Release objects tied to a superblock (e.g. inodes). + * @sb contains the super_block structure being released. * @sb_free_security: * Deallocate and clear the sb->s_security field. * @sb contains the super_block structure to be modified. @@ -142,6 +145,12 @@ * @orig the original mount data copied from userspace. * @copy copied data which will be passed to the security module. * Returns 0 if the copy was successful. + * @sb_mnt_opts_compat: + * Determine if the new mount options in @mnt_opts are allowed given + * the existing mounted filesystem at @sb. + * @sb superblock being compared + * @mnt_opts new mount options + * Return 0 if options are compatible. * @sb_remount: * Extracts security system specific mount options and verifies no changes * are being made to those options. @@ -707,9 +716,15 @@ * @p. * @p contains the task_struct for the process. * Return 0 if permission is granted. - * @task_getsecid: - * Retrieve the security identifier of the process @p. - * @p contains the task_struct for the process and place is into @secid. + * @task_getsecid_subj: + * Retrieve the subjective security identifier of the task_struct in @p + * and return it in @secid. Special care must be taken to ensure that @p + * is the either the "current" task, or the caller has exclusive access + * to @p. + * In case of failure, @secid will be set to zero. + * @task_getsecid_obj: + * Retrieve the objective security identifier of the task_struct in @p + * and return it in @secid. * In case of failure, @secid will be set to zero. * * @task_setnice: @@ -1573,6 +1588,7 @@ struct lsm_blob_sizes { int lbs_cred; int lbs_file; int lbs_inode; + int lbs_superblock; int lbs_ipc; int lbs_msg_msg; int lbs_task; |