From 5915eb53861c5776cfec33ca4fcc1fd20d66dd27 Mon Sep 17 00:00:00 2001
From: Miklos Szeredi <mszeredi@suse.cz>
Date: Thu, 3 Jul 2008 20:56:05 +0200
Subject: security: remove dummy module

Remove the dummy module and make the "capability" module the default.

Compile and boot tested.

Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 security/capability.c | 1050 ++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 986 insertions(+), 64 deletions(-)

(limited to 'security/capability.c')

diff --git a/security/capability.c b/security/capability.c
index 38ac54e3aed..6e0671c8201 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -1,6 +1,8 @@
 /*
  *  Capabilities Linux Security Module
  *
+ *  This is the default security module in case no other module is loaded.
+ *
  *	This program is free software; you can redistribute it and/or modify
  *	it under the terms of the GNU General Public License as published by
  *	the Free Software Foundation; either version 2 of the License, or
@@ -8,75 +10,995 @@
  *
  */
 
-#include <linux/init.h>
-#include <linux/kernel.h>
 #include <linux/security.h>
-#include <linux/file.h>
-#include <linux/mm.h>
-#include <linux/mman.h>
-#include <linux/pagemap.h>
-#include <linux/swap.h>
-#include <linux/skbuff.h>
-#include <linux/netlink.h>
-#include <linux/ptrace.h>
-#include <linux/moduleparam.h>
-
-static struct security_operations capability_ops = {
-	.ptrace =			cap_ptrace,
-	.capget =			cap_capget,
-	.capset_check =			cap_capset_check,
-	.capset_set =			cap_capset_set,
-	.capable =			cap_capable,
-	.settime =			cap_settime,
-	.netlink_send =			cap_netlink_send,
-	.netlink_recv =			cap_netlink_recv,
-
-	.bprm_apply_creds =		cap_bprm_apply_creds,
-	.bprm_set_security =		cap_bprm_set_security,
-	.bprm_secureexec =		cap_bprm_secureexec,
-
-	.inode_setxattr =		cap_inode_setxattr,
-	.inode_removexattr =		cap_inode_removexattr,
-	.inode_need_killpriv =		cap_inode_need_killpriv,
-	.inode_killpriv =		cap_inode_killpriv,
-
-	.task_setscheduler =		cap_task_setscheduler,
-	.task_setioprio =		cap_task_setioprio,
-	.task_setnice =			cap_task_setnice,
-	.task_post_setuid =		cap_task_post_setuid,
-	.task_prctl =                   cap_task_prctl,
-	.task_reparent_to_init =	cap_task_reparent_to_init,
-
-	.syslog =                       cap_syslog,
-
-	.vm_enough_memory =             cap_vm_enough_memory,
-};
 
-/* flag to keep track of how we were registered */
-static int secondary;
+static int cap_acct(struct file *file)
+{
+	return 0;
+}
+
+static int cap_sysctl(ctl_table *table, int op)
+{
+	return 0;
+}
+
+static int cap_quotactl(int cmds, int type, int id, struct super_block *sb)
+{
+	return 0;
+}
+
+static int cap_quota_on(struct dentry *dentry)
+{
+	return 0;
+}
+
+static int cap_bprm_alloc_security(struct linux_binprm *bprm)
+{
+	return 0;
+}
+
+static void cap_bprm_free_security(struct linux_binprm *bprm)
+{
+}
+
+static void cap_bprm_post_apply_creds(struct linux_binprm *bprm)
+{
+}
+
+static int cap_bprm_check_security(struct linux_binprm *bprm)
+{
+	return 0;
+}
+
+static int cap_sb_alloc_security(struct super_block *sb)
+{
+	return 0;
+}
+
+static void cap_sb_free_security(struct super_block *sb)
+{
+}
+
+static int cap_sb_copy_data(char *orig, char *copy)
+{
+	return 0;
+}
+
+static int cap_sb_kern_mount(struct super_block *sb, void *data)
+{
+	return 0;
+}
+
+static int cap_sb_show_options(struct seq_file *m, struct super_block *sb)
+{
+	return 0;
+}
+
+static int cap_sb_statfs(struct dentry *dentry)
+{
+	return 0;
+}
+
+static int cap_sb_mount(char *dev_name, struct path *path, char *type,
+			unsigned long flags, void *data)
+{
+	return 0;
+}
+
+static int cap_sb_check_sb(struct vfsmount *mnt, struct path *path)
+{
+	return 0;
+}
+
+static int cap_sb_umount(struct vfsmount *mnt, int flags)
+{
+	return 0;
+}
+
+static void cap_sb_umount_close(struct vfsmount *mnt)
+{
+}
+
+static void cap_sb_umount_busy(struct vfsmount *mnt)
+{
+}
+
+static void cap_sb_post_remount(struct vfsmount *mnt, unsigned long flags,
+				void *data)
+{
+}
+
+static void cap_sb_post_addmount(struct vfsmount *mnt, struct path *path)
+{
+}
+
+static int cap_sb_pivotroot(struct path *old_path, struct path *new_path)
+{
+	return 0;
+}
+
+static void cap_sb_post_pivotroot(struct path *old_path, struct path *new_path)
+{
+}
+
+static int cap_sb_set_mnt_opts(struct super_block *sb,
+			       struct security_mnt_opts *opts)
+{
+	if (unlikely(opts->num_mnt_opts))
+		return -EOPNOTSUPP;
+	return 0;
+}
+
+static void cap_sb_clone_mnt_opts(const struct super_block *oldsb,
+				  struct super_block *newsb)
+{
+}
+
+static int cap_sb_parse_opts_str(char *options, struct security_mnt_opts *opts)
+{
+	return 0;
+}
+
+static int cap_inode_alloc_security(struct inode *inode)
+{
+	return 0;
+}
+
+static void cap_inode_free_security(struct inode *inode)
+{
+}
+
+static int cap_inode_init_security(struct inode *inode, struct inode *dir,
+				   char **name, void **value, size_t *len)
+{
+	return -EOPNOTSUPP;
+}
+
+static int cap_inode_create(struct inode *inode, struct dentry *dentry,
+			    int mask)
+{
+	return 0;
+}
+
+static int cap_inode_link(struct dentry *old_dentry, struct inode *inode,
+			  struct dentry *new_dentry)
+{
+	return 0;
+}
+
+static int cap_inode_unlink(struct inode *inode, struct dentry *dentry)
+{
+	return 0;
+}
+
+static int cap_inode_symlink(struct inode *inode, struct dentry *dentry,
+			     const char *name)
+{
+	return 0;
+}
+
+static int cap_inode_mkdir(struct inode *inode, struct dentry *dentry,
+			   int mask)
+{
+	return 0;
+}
+
+static int cap_inode_rmdir(struct inode *inode, struct dentry *dentry)
+{
+	return 0;
+}
+
+static int cap_inode_mknod(struct inode *inode, struct dentry *dentry,
+			   int mode, dev_t dev)
+{
+	return 0;
+}
+
+static int cap_inode_rename(struct inode *old_inode, struct dentry *old_dentry,
+			    struct inode *new_inode, struct dentry *new_dentry)
+{
+	return 0;
+}
+
+static int cap_inode_readlink(struct dentry *dentry)
+{
+	return 0;
+}
+
+static int cap_inode_follow_link(struct dentry *dentry,
+				 struct nameidata *nameidata)
+{
+	return 0;
+}
+
+static int cap_inode_permission(struct inode *inode, int mask,
+				struct nameidata *nd)
+{
+	return 0;
+}
+
+static int cap_inode_setattr(struct dentry *dentry, struct iattr *iattr)
+{
+	return 0;
+}
+
+static int cap_inode_getattr(struct vfsmount *mnt, struct dentry *dentry)
+{
+	return 0;
+}
+
+static void cap_inode_delete(struct inode *ino)
+{
+}
+
+static void cap_inode_post_setxattr(struct dentry *dentry, const char *name,
+				    const void *value, size_t size, int flags)
+{
+}
+
+static int cap_inode_getxattr(struct dentry *dentry, const char *name)
+{
+	return 0;
+}
+
+static int cap_inode_listxattr(struct dentry *dentry)
+{
+	return 0;
+}
+
+static int cap_inode_getsecurity(const struct inode *inode, const char *name,
+				 void **buffer, bool alloc)
+{
+	return -EOPNOTSUPP;
+}
+
+static int cap_inode_setsecurity(struct inode *inode, const char *name,
+				 const void *value, size_t size, int flags)
+{
+	return -EOPNOTSUPP;
+}
+
+static int cap_inode_listsecurity(struct inode *inode, char *buffer,
+				  size_t buffer_size)
+{
+	return 0;
+}
+
+static void cap_inode_getsecid(const struct inode *inode, u32 *secid)
+{
+	*secid = 0;
+}
+
+static int cap_file_permission(struct file *file, int mask)
+{
+	return 0;
+}
+
+static int cap_file_alloc_security(struct file *file)
+{
+	return 0;
+}
+
+static void cap_file_free_security(struct file *file)
+{
+}
+
+static int cap_file_ioctl(struct file *file, unsigned int command,
+			  unsigned long arg)
+{
+	return 0;
+}
+
+static int cap_file_mmap(struct file *file, unsigned long reqprot,
+			 unsigned long prot, unsigned long flags,
+			 unsigned long addr, unsigned long addr_only)
+{
+	if ((addr < mmap_min_addr) && !capable(CAP_SYS_RAWIO))
+		return -EACCES;
+	return 0;
+}
+
+static int cap_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
+			     unsigned long prot)
+{
+	return 0;
+}
+
+static int cap_file_lock(struct file *file, unsigned int cmd)
+{
+	return 0;
+}
+
+static int cap_file_fcntl(struct file *file, unsigned int cmd,
+			  unsigned long arg)
+{
+	return 0;
+}
+
+static int cap_file_set_fowner(struct file *file)
+{
+	return 0;
+}
+
+static int cap_file_send_sigiotask(struct task_struct *tsk,
+				   struct fown_struct *fown, int sig)
+{
+	return 0;
+}
+
+static int cap_file_receive(struct file *file)
+{
+	return 0;
+}
+
+static int cap_dentry_open(struct file *file)
+{
+	return 0;
+}
+
+static int cap_task_create(unsigned long clone_flags)
+{
+	return 0;
+}
+
+static int cap_task_alloc_security(struct task_struct *p)
+{
+	return 0;
+}
+
+static void cap_task_free_security(struct task_struct *p)
+{
+}
+
+static int cap_task_setuid(uid_t id0, uid_t id1, uid_t id2, int flags)
+{
+	return 0;
+}
+
+static int cap_task_setgid(gid_t id0, gid_t id1, gid_t id2, int flags)
+{
+	return 0;
+}
 
-static int capability_disable;
-module_param_named(disable, capability_disable, int, 0);
+static int cap_task_setpgid(struct task_struct *p, pid_t pgid)
+{
+	return 0;
+}
 
-static int __init capability_init (void)
+static int cap_task_getpgid(struct task_struct *p)
 {
-	if (capability_disable) {
-		printk(KERN_INFO "Capabilities disabled at initialization\n");
-		return 0;
-	}
-	/* register ourselves with the security framework */
-	if (register_security (&capability_ops)) {
-		/* try registering with primary module */
-		if (mod_reg_security (KBUILD_MODNAME, &capability_ops)) {
-			printk (KERN_INFO "Failure registering capabilities "
-				"with primary security module.\n");
-			return -EINVAL;
-		}
-		secondary = 1;
-	}
-	printk (KERN_INFO "Capability LSM initialized%s\n",
-		secondary ? " as secondary" : "");
 	return 0;
 }
 
-security_initcall (capability_init);
+static int cap_task_getsid(struct task_struct *p)
+{
+	return 0;
+}
+
+static void cap_task_getsecid(struct task_struct *p, u32 *secid)
+{
+	*secid = 0;
+}
+
+static int cap_task_setgroups(struct group_info *group_info)
+{
+	return 0;
+}
+
+static int cap_task_getioprio(struct task_struct *p)
+{
+	return 0;
+}
+
+static int cap_task_setrlimit(unsigned int resource, struct rlimit *new_rlim)
+{
+	return 0;
+}
+
+static int cap_task_getscheduler(struct task_struct *p)
+{
+	return 0;
+}
+
+static int cap_task_movememory(struct task_struct *p)
+{
+	return 0;
+}
+
+static int cap_task_wait(struct task_struct *p)
+{
+	return 0;
+}
+
+static int cap_task_kill(struct task_struct *p, struct siginfo *info,
+			 int sig, u32 secid)
+{
+	return 0;
+}
+
+static void cap_task_to_inode(struct task_struct *p, struct inode *inode)
+{
+}
+
+static int cap_ipc_permission(struct kern_ipc_perm *ipcp, short flag)
+{
+	return 0;
+}
+
+static void cap_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid)
+{
+	*secid = 0;
+}
+
+static int cap_msg_msg_alloc_security(struct msg_msg *msg)
+{
+	return 0;
+}
+
+static void cap_msg_msg_free_security(struct msg_msg *msg)
+{
+}
+
+static int cap_msg_queue_alloc_security(struct msg_queue *msq)
+{
+	return 0;
+}
+
+static void cap_msg_queue_free_security(struct msg_queue *msq)
+{
+}
+
+static int cap_msg_queue_associate(struct msg_queue *msq, int msqflg)
+{
+	return 0;
+}
+
+static int cap_msg_queue_msgctl(struct msg_queue *msq, int cmd)
+{
+	return 0;
+}
+
+static int cap_msg_queue_msgsnd(struct msg_queue *msq, struct msg_msg *msg,
+				int msgflg)
+{
+	return 0;
+}
+
+static int cap_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg,
+				struct task_struct *target, long type, int mode)
+{
+	return 0;
+}
+
+static int cap_shm_alloc_security(struct shmid_kernel *shp)
+{
+	return 0;
+}
+
+static void cap_shm_free_security(struct shmid_kernel *shp)
+{
+}
+
+static int cap_shm_associate(struct shmid_kernel *shp, int shmflg)
+{
+	return 0;
+}
+
+static int cap_shm_shmctl(struct shmid_kernel *shp, int cmd)
+{
+	return 0;
+}
+
+static int cap_shm_shmat(struct shmid_kernel *shp, char __user *shmaddr,
+			 int shmflg)
+{
+	return 0;
+}
+
+static int cap_sem_alloc_security(struct sem_array *sma)
+{
+	return 0;
+}
+
+static void cap_sem_free_security(struct sem_array *sma)
+{
+}
+
+static int cap_sem_associate(struct sem_array *sma, int semflg)
+{
+	return 0;
+}
+
+static int cap_sem_semctl(struct sem_array *sma, int cmd)
+{
+	return 0;
+}
+
+static int cap_sem_semop(struct sem_array *sma, struct sembuf *sops,
+			 unsigned nsops, int alter)
+{
+	return 0;
+}
+
+#ifdef CONFIG_SECURITY_NETWORK
+static int cap_unix_stream_connect(struct socket *sock, struct socket *other,
+				   struct sock *newsk)
+{
+	return 0;
+}
+
+static int cap_unix_may_send(struct socket *sock, struct socket *other)
+{
+	return 0;
+}
+
+static int cap_socket_create(int family, int type, int protocol, int kern)
+{
+	return 0;
+}
+
+static int cap_socket_post_create(struct socket *sock, int family, int type,
+				  int protocol, int kern)
+{
+	return 0;
+}
+
+static int cap_socket_bind(struct socket *sock, struct sockaddr *address,
+			   int addrlen)
+{
+	return 0;
+}
+
+static int cap_socket_connect(struct socket *sock, struct sockaddr *address,
+			      int addrlen)
+{
+	return 0;
+}
+
+static int cap_socket_listen(struct socket *sock, int backlog)
+{
+	return 0;
+}
+
+static int cap_socket_accept(struct socket *sock, struct socket *newsock)
+{
+	return 0;
+}
+
+static void cap_socket_post_accept(struct socket *sock, struct socket *newsock)
+{
+}
+
+static int cap_socket_sendmsg(struct socket *sock, struct msghdr *msg, int size)
+{
+	return 0;
+}
+
+static int cap_socket_recvmsg(struct socket *sock, struct msghdr *msg,
+			      int size, int flags)
+{
+	return 0;
+}
+
+static int cap_socket_getsockname(struct socket *sock)
+{
+	return 0;
+}
+
+static int cap_socket_getpeername(struct socket *sock)
+{
+	return 0;
+}
+
+static int cap_socket_setsockopt(struct socket *sock, int level, int optname)
+{
+	return 0;
+}
+
+static int cap_socket_getsockopt(struct socket *sock, int level, int optname)
+{
+	return 0;
+}
+
+static int cap_socket_shutdown(struct socket *sock, int how)
+{
+	return 0;
+}
+
+static int cap_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb)
+{
+	return 0;
+}
+
+static int cap_socket_getpeersec_stream(struct socket *sock,
+					char __user *optval,
+					int __user *optlen, unsigned len)
+{
+	return -ENOPROTOOPT;
+}
+
+static int cap_socket_getpeersec_dgram(struct socket *sock,
+				       struct sk_buff *skb, u32 *secid)
+{
+	return -ENOPROTOOPT;
+}
+
+static int cap_sk_alloc_security(struct sock *sk, int family, gfp_t priority)
+{
+	return 0;
+}
+
+static void cap_sk_free_security(struct sock *sk)
+{
+}
+
+static void cap_sk_clone_security(const struct sock *sk, struct sock *newsk)
+{
+}
+
+static void cap_sk_getsecid(struct sock *sk, u32 *secid)
+{
+}
+
+static void cap_sock_graft(struct sock *sk, struct socket *parent)
+{
+}
+
+static int cap_inet_conn_request(struct sock *sk, struct sk_buff *skb,
+				 struct request_sock *req)
+{
+	return 0;
+}
+
+static void cap_inet_csk_clone(struct sock *newsk,
+			       const struct request_sock *req)
+{
+}
+
+static void cap_inet_conn_established(struct sock *sk, struct sk_buff *skb)
+{
+}
+
+static void cap_req_classify_flow(const struct request_sock *req,
+				  struct flowi *fl)
+{
+}
+#endif	/* CONFIG_SECURITY_NETWORK */
+
+#ifdef CONFIG_SECURITY_NETWORK_XFRM
+static int cap_xfrm_policy_alloc_security(struct xfrm_sec_ctx **ctxp,
+					  struct xfrm_user_sec_ctx *sec_ctx)
+{
+	return 0;
+}
+
+static int cap_xfrm_policy_clone_security(struct xfrm_sec_ctx *old_ctx,
+					  struct xfrm_sec_ctx **new_ctxp)
+{
+	return 0;
+}
+
+static void cap_xfrm_policy_free_security(struct xfrm_sec_ctx *ctx)
+{
+}
+
+static int cap_xfrm_policy_delete_security(struct xfrm_sec_ctx *ctx)
+{
+	return 0;
+}
+
+static int cap_xfrm_state_alloc_security(struct xfrm_state *x,
+					 struct xfrm_user_sec_ctx *sec_ctx,
+					 u32 secid)
+{
+	return 0;
+}
+
+static void cap_xfrm_state_free_security(struct xfrm_state *x)
+{
+}
+
+static int cap_xfrm_state_delete_security(struct xfrm_state *x)
+{
+	return 0;
+}
+
+static int cap_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 sk_sid, u8 dir)
+{
+	return 0;
+}
+
+static int cap_xfrm_state_pol_flow_match(struct xfrm_state *x,
+					 struct xfrm_policy *xp,
+					 struct flowi *fl)
+{
+	return 1;
+}
+
+static int cap_xfrm_decode_session(struct sk_buff *skb, u32 *fl, int ckall)
+{
+	return 0;
+}
+
+#endif /* CONFIG_SECURITY_NETWORK_XFRM */
+static int cap_register_security(const char *name,
+				 struct security_operations *ops)
+{
+	return -EINVAL;
+}
+
+static void cap_d_instantiate(struct dentry *dentry, struct inode *inode)
+{
+}
+
+static int cap_getprocattr(struct task_struct *p, char *name, char **value)
+{
+	return -EINVAL;
+}
+
+static int cap_setprocattr(struct task_struct *p, char *name, void *value,
+			   size_t size)
+{
+	return -EINVAL;
+}
+
+static int cap_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
+{
+	return -EOPNOTSUPP;
+}
+
+static int cap_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid)
+{
+	return -EOPNOTSUPP;
+}
+
+static void cap_release_secctx(char *secdata, u32 seclen)
+{
+}
+
+#ifdef CONFIG_KEYS
+static int cap_key_alloc(struct key *key, struct task_struct *ctx,
+			 unsigned long flags)
+{
+	return 0;
+}
+
+static void cap_key_free(struct key *key)
+{
+}
+
+static int cap_key_permission(key_ref_t key_ref, struct task_struct *context,
+			      key_perm_t perm)
+{
+	return 0;
+}
+
+static int cap_key_getsecurity(struct key *key, char **_buffer)
+{
+	*_buffer = NULL;
+	return 0;
+}
+
+#endif /* CONFIG_KEYS */
+
+#ifdef CONFIG_AUDIT
+static int cap_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule)
+{
+	return 0;
+}
+
+static int cap_audit_rule_known(struct audit_krule *krule)
+{
+	return 0;
+}
+
+static int cap_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule,
+				struct audit_context *actx)
+{
+	return 0;
+}
+
+static void cap_audit_rule_free(void *lsmrule)
+{
+}
+#endif /* CONFIG_AUDIT */
+
+struct security_operations default_security_ops = {
+	.name	= "default",
+};
+
+#define set_to_cap_if_null(ops, function)				\
+	do {								\
+		if (!ops->function) {					\
+			ops->function = cap_##function;			\
+			pr_debug("Had to override the " #function	\
+				 " security operation with the default.\n");\
+			}						\
+	} while (0)
+
+void security_fixup_ops(struct security_operations *ops)
+{
+	set_to_cap_if_null(ops, ptrace);
+	set_to_cap_if_null(ops, capget);
+	set_to_cap_if_null(ops, capset_check);
+	set_to_cap_if_null(ops, capset_set);
+	set_to_cap_if_null(ops, acct);
+	set_to_cap_if_null(ops, capable);
+	set_to_cap_if_null(ops, quotactl);
+	set_to_cap_if_null(ops, quota_on);
+	set_to_cap_if_null(ops, sysctl);
+	set_to_cap_if_null(ops, syslog);
+	set_to_cap_if_null(ops, settime);
+	set_to_cap_if_null(ops, vm_enough_memory);
+	set_to_cap_if_null(ops, bprm_alloc_security);
+	set_to_cap_if_null(ops, bprm_free_security);
+	set_to_cap_if_null(ops, bprm_apply_creds);
+	set_to_cap_if_null(ops, bprm_post_apply_creds);
+	set_to_cap_if_null(ops, bprm_set_security);
+	set_to_cap_if_null(ops, bprm_check_security);
+	set_to_cap_if_null(ops, bprm_secureexec);
+	set_to_cap_if_null(ops, sb_alloc_security);
+	set_to_cap_if_null(ops, sb_free_security);
+	set_to_cap_if_null(ops, sb_copy_data);
+	set_to_cap_if_null(ops, sb_kern_mount);
+	set_to_cap_if_null(ops, sb_show_options);
+	set_to_cap_if_null(ops, sb_statfs);
+	set_to_cap_if_null(ops, sb_mount);
+	set_to_cap_if_null(ops, sb_check_sb);
+	set_to_cap_if_null(ops, sb_umount);
+	set_to_cap_if_null(ops, sb_umount_close);
+	set_to_cap_if_null(ops, sb_umount_busy);
+	set_to_cap_if_null(ops, sb_post_remount);
+	set_to_cap_if_null(ops, sb_post_addmount);
+	set_to_cap_if_null(ops, sb_pivotroot);
+	set_to_cap_if_null(ops, sb_post_pivotroot);
+	set_to_cap_if_null(ops, sb_set_mnt_opts);
+	set_to_cap_if_null(ops, sb_clone_mnt_opts);
+	set_to_cap_if_null(ops, sb_parse_opts_str);
+	set_to_cap_if_null(ops, inode_alloc_security);
+	set_to_cap_if_null(ops, inode_free_security);
+	set_to_cap_if_null(ops, inode_init_security);
+	set_to_cap_if_null(ops, inode_create);
+	set_to_cap_if_null(ops, inode_link);
+	set_to_cap_if_null(ops, inode_unlink);
+	set_to_cap_if_null(ops, inode_symlink);
+	set_to_cap_if_null(ops, inode_mkdir);
+	set_to_cap_if_null(ops, inode_rmdir);
+	set_to_cap_if_null(ops, inode_mknod);
+	set_to_cap_if_null(ops, inode_rename);
+	set_to_cap_if_null(ops, inode_readlink);
+	set_to_cap_if_null(ops, inode_follow_link);
+	set_to_cap_if_null(ops, inode_permission);
+	set_to_cap_if_null(ops, inode_setattr);
+	set_to_cap_if_null(ops, inode_getattr);
+	set_to_cap_if_null(ops, inode_delete);
+	set_to_cap_if_null(ops, inode_setxattr);
+	set_to_cap_if_null(ops, inode_post_setxattr);
+	set_to_cap_if_null(ops, inode_getxattr);
+	set_to_cap_if_null(ops, inode_listxattr);
+	set_to_cap_if_null(ops, inode_removexattr);
+	set_to_cap_if_null(ops, inode_need_killpriv);
+	set_to_cap_if_null(ops, inode_killpriv);
+	set_to_cap_if_null(ops, inode_getsecurity);
+	set_to_cap_if_null(ops, inode_setsecurity);
+	set_to_cap_if_null(ops, inode_listsecurity);
+	set_to_cap_if_null(ops, inode_getsecid);
+	set_to_cap_if_null(ops, file_permission);
+	set_to_cap_if_null(ops, file_alloc_security);
+	set_to_cap_if_null(ops, file_free_security);
+	set_to_cap_if_null(ops, file_ioctl);
+	set_to_cap_if_null(ops, file_mmap);
+	set_to_cap_if_null(ops, file_mprotect);
+	set_to_cap_if_null(ops, file_lock);
+	set_to_cap_if_null(ops, file_fcntl);
+	set_to_cap_if_null(ops, file_set_fowner);
+	set_to_cap_if_null(ops, file_send_sigiotask);
+	set_to_cap_if_null(ops, file_receive);
+	set_to_cap_if_null(ops, dentry_open);
+	set_to_cap_if_null(ops, task_create);
+	set_to_cap_if_null(ops, task_alloc_security);
+	set_to_cap_if_null(ops, task_free_security);
+	set_to_cap_if_null(ops, task_setuid);
+	set_to_cap_if_null(ops, task_post_setuid);
+	set_to_cap_if_null(ops, task_setgid);
+	set_to_cap_if_null(ops, task_setpgid);
+	set_to_cap_if_null(ops, task_getpgid);
+	set_to_cap_if_null(ops, task_getsid);
+	set_to_cap_if_null(ops, task_getsecid);
+	set_to_cap_if_null(ops, task_setgroups);
+	set_to_cap_if_null(ops, task_setnice);
+	set_to_cap_if_null(ops, task_setioprio);
+	set_to_cap_if_null(ops, task_getioprio);
+	set_to_cap_if_null(ops, task_setrlimit);
+	set_to_cap_if_null(ops, task_setscheduler);
+	set_to_cap_if_null(ops, task_getscheduler);
+	set_to_cap_if_null(ops, task_movememory);
+	set_to_cap_if_null(ops, task_wait);
+	set_to_cap_if_null(ops, task_kill);
+	set_to_cap_if_null(ops, task_prctl);
+	set_to_cap_if_null(ops, task_reparent_to_init);
+	set_to_cap_if_null(ops, task_to_inode);
+	set_to_cap_if_null(ops, ipc_permission);
+	set_to_cap_if_null(ops, ipc_getsecid);
+	set_to_cap_if_null(ops, msg_msg_alloc_security);
+	set_to_cap_if_null(ops, msg_msg_free_security);
+	set_to_cap_if_null(ops, msg_queue_alloc_security);
+	set_to_cap_if_null(ops, msg_queue_free_security);
+	set_to_cap_if_null(ops, msg_queue_associate);
+	set_to_cap_if_null(ops, msg_queue_msgctl);
+	set_to_cap_if_null(ops, msg_queue_msgsnd);
+	set_to_cap_if_null(ops, msg_queue_msgrcv);
+	set_to_cap_if_null(ops, shm_alloc_security);
+	set_to_cap_if_null(ops, shm_free_security);
+	set_to_cap_if_null(ops, shm_associate);
+	set_to_cap_if_null(ops, shm_shmctl);
+	set_to_cap_if_null(ops, shm_shmat);
+	set_to_cap_if_null(ops, sem_alloc_security);
+	set_to_cap_if_null(ops, sem_free_security);
+	set_to_cap_if_null(ops, sem_associate);
+	set_to_cap_if_null(ops, sem_semctl);
+	set_to_cap_if_null(ops, sem_semop);
+	set_to_cap_if_null(ops, netlink_send);
+	set_to_cap_if_null(ops, netlink_recv);
+	set_to_cap_if_null(ops, register_security);
+	set_to_cap_if_null(ops, d_instantiate);
+	set_to_cap_if_null(ops, getprocattr);
+	set_to_cap_if_null(ops, setprocattr);
+	set_to_cap_if_null(ops, secid_to_secctx);
+	set_to_cap_if_null(ops, secctx_to_secid);
+	set_to_cap_if_null(ops, release_secctx);
+#ifdef CONFIG_SECURITY_NETWORK
+	set_to_cap_if_null(ops, unix_stream_connect);
+	set_to_cap_if_null(ops, unix_may_send);
+	set_to_cap_if_null(ops, socket_create);
+	set_to_cap_if_null(ops, socket_post_create);
+	set_to_cap_if_null(ops, socket_bind);
+	set_to_cap_if_null(ops, socket_connect);
+	set_to_cap_if_null(ops, socket_listen);
+	set_to_cap_if_null(ops, socket_accept);
+	set_to_cap_if_null(ops, socket_post_accept);
+	set_to_cap_if_null(ops, socket_sendmsg);
+	set_to_cap_if_null(ops, socket_recvmsg);
+	set_to_cap_if_null(ops, socket_getsockname);
+	set_to_cap_if_null(ops, socket_getpeername);
+	set_to_cap_if_null(ops, socket_setsockopt);
+	set_to_cap_if_null(ops, socket_getsockopt);
+	set_to_cap_if_null(ops, socket_shutdown);
+	set_to_cap_if_null(ops, socket_sock_rcv_skb);
+	set_to_cap_if_null(ops, socket_getpeersec_stream);
+	set_to_cap_if_null(ops, socket_getpeersec_dgram);
+	set_to_cap_if_null(ops, sk_alloc_security);
+	set_to_cap_if_null(ops, sk_free_security);
+	set_to_cap_if_null(ops, sk_clone_security);
+	set_to_cap_if_null(ops, sk_getsecid);
+	set_to_cap_if_null(ops, sock_graft);
+	set_to_cap_if_null(ops, inet_conn_request);
+	set_to_cap_if_null(ops, inet_csk_clone);
+	set_to_cap_if_null(ops, inet_conn_established);
+	set_to_cap_if_null(ops, req_classify_flow);
+#endif	/* CONFIG_SECURITY_NETWORK */
+#ifdef CONFIG_SECURITY_NETWORK_XFRM
+	set_to_cap_if_null(ops, xfrm_policy_alloc_security);
+	set_to_cap_if_null(ops, xfrm_policy_clone_security);
+	set_to_cap_if_null(ops, xfrm_policy_free_security);
+	set_to_cap_if_null(ops, xfrm_policy_delete_security);
+	set_to_cap_if_null(ops, xfrm_state_alloc_security);
+	set_to_cap_if_null(ops, xfrm_state_free_security);
+	set_to_cap_if_null(ops, xfrm_state_delete_security);
+	set_to_cap_if_null(ops, xfrm_policy_lookup);
+	set_to_cap_if_null(ops, xfrm_state_pol_flow_match);
+	set_to_cap_if_null(ops, xfrm_decode_session);
+#endif	/* CONFIG_SECURITY_NETWORK_XFRM */
+#ifdef CONFIG_KEYS
+	set_to_cap_if_null(ops, key_alloc);
+	set_to_cap_if_null(ops, key_free);
+	set_to_cap_if_null(ops, key_permission);
+	set_to_cap_if_null(ops, key_getsecurity);
+#endif	/* CONFIG_KEYS */
+#ifdef CONFIG_AUDIT
+	set_to_cap_if_null(ops, audit_rule_init);
+	set_to_cap_if_null(ops, audit_rule_known);
+	set_to_cap_if_null(ops, audit_rule_match);
+	set_to_cap_if_null(ops, audit_rule_free);
+#endif
+}
-- 
cgit v1.2.3-70-g09d2


From 6f0f0fd496333777d53daff21a4e3b28c4d03a6d Mon Sep 17 00:00:00 2001
From: James Morris <jmorris@namei.org>
Date: Thu, 10 Jul 2008 17:02:07 +0900
Subject: security: remove register_security hook

The register security hook is no longer required, as the capability
module is always registered.  LSMs wishing to stack capability as
a secondary module should do so explicitly.

Signed-off-by: James Morris <jmorris@namei.org>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Greg Kroah-Hartman <gregkh@suse.de>
---
 include/linux/security.h   | 10 ----------
 security/capability.c      |  7 -------
 security/root_plug.c       |  9 ---------
 security/security.c        | 29 -----------------------------
 security/selinux/hooks.c   | 32 +++++---------------------------
 security/smack/smack_lsm.c | 23 -----------------------
 6 files changed, 5 insertions(+), 105 deletions(-)

(limited to 'security/capability.c')

diff --git a/include/linux/security.h b/include/linux/security.h
index 43c6357568a..31c8851ec5d 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1239,11 +1239,6 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  *	@pages contains the number of pages.
  *	Return 0 if permission is granted.
  *
- * @register_security:
- *	allow module stacking.
- *	@name contains the name of the security module being stacked.
- *	@ops contains a pointer to the struct security_operations of the module to stack.
- *
  * @secid_to_secctx:
  *	Convert secid to security context.
  *	@secid contains the security ID.
@@ -1471,10 +1466,6 @@ struct security_operations {
 	int (*netlink_send) (struct sock *sk, struct sk_buff *skb);
 	int (*netlink_recv) (struct sk_buff *skb, int cap);
 
-	/* allow module stacking */
-	int (*register_security) (const char *name,
-				  struct security_operations *ops);
-
 	void (*d_instantiate) (struct dentry *dentry, struct inode *inode);
 
 	int (*getprocattr) (struct task_struct *p, char *name, char **value);
@@ -1564,7 +1555,6 @@ struct security_operations {
 extern int security_init(void);
 extern int security_module_enable(struct security_operations *ops);
 extern int register_security(struct security_operations *ops);
-extern int mod_reg_security(const char *name, struct security_operations *ops);
 extern struct dentry *securityfs_create_file(const char *name, mode_t mode,
 					     struct dentry *parent, void *data,
 					     const struct file_operations *fops);
diff --git a/security/capability.c b/security/capability.c
index 6e0671c8201..5b01c0b0242 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -721,12 +721,6 @@ static int cap_xfrm_decode_session(struct sk_buff *skb, u32 *fl, int ckall)
 }
 
 #endif /* CONFIG_SECURITY_NETWORK_XFRM */
-static int cap_register_security(const char *name,
-				 struct security_operations *ops)
-{
-	return -EINVAL;
-}
-
 static void cap_d_instantiate(struct dentry *dentry, struct inode *inode)
 {
 }
@@ -940,7 +934,6 @@ void security_fixup_ops(struct security_operations *ops)
 	set_to_cap_if_null(ops, sem_semop);
 	set_to_cap_if_null(ops, netlink_send);
 	set_to_cap_if_null(ops, netlink_recv);
-	set_to_cap_if_null(ops, register_security);
 	set_to_cap_if_null(ops, d_instantiate);
 	set_to_cap_if_null(ops, getprocattr);
 	set_to_cap_if_null(ops, setprocattr);
diff --git a/security/root_plug.c b/security/root_plug.c
index a41cf42a4fa..be0ebec2580 100644
--- a/security/root_plug.c
+++ b/security/root_plug.c
@@ -28,9 +28,6 @@
 #include <linux/usb.h>
 #include <linux/moduleparam.h>
 
-/* flag to keep track of how we were registered */
-static int secondary;
-
 /* default is a generic type of usb to serial converter */
 static int vendor_id = 0x0557;
 static int product_id = 0x2008;
@@ -97,13 +94,7 @@ static int __init rootplug_init (void)
 	if (register_security (&rootplug_security_ops)) {
 		printk (KERN_INFO 
 			"Failure registering Root Plug module with the kernel\n");
-		/* try registering with primary module */
-		if (mod_reg_security (MY_NAME, &rootplug_security_ops)) {
-			printk (KERN_INFO "Failure registering Root Plug "
-				" module with primary security module.\n");
 			return -EINVAL;
-		}
-		secondary = 1;
 	}
 	printk (KERN_INFO "Root Plug module initialized, "
 		"vendor_id = %4.4x, product id = %4.4x\n", vendor_id, product_id);
diff --git a/security/security.c b/security/security.c
index 30b0278de39..59f23b5918b 100644
--- a/security/security.c
+++ b/security/security.c
@@ -125,35 +125,6 @@ int register_security(struct security_operations *ops)
 	return 0;
 }
 
-/**
- * mod_reg_security - allows security modules to be "stacked"
- * @name: a pointer to a string with the name of the security_options to be registered
- * @ops: a pointer to the struct security_options that is to be registered
- *
- * This function allows security modules to be stacked if the currently loaded
- * security module allows this to happen.  It passes the @name and @ops to the
- * register_security function of the currently loaded security module.
- *
- * The return value depends on the currently loaded security module, with 0 as
- * success.
- */
-int mod_reg_security(const char *name, struct security_operations *ops)
-{
-	if (verify(ops)) {
-		printk(KERN_INFO "%s could not verify "
-		       "security operations.\n", __func__);
-		return -EINVAL;
-	}
-
-	if (ops == security_ops) {
-		printk(KERN_INFO "%s security operations "
-		       "already registered.\n", __func__);
-		return -EINVAL;
-	}
-
-	return security_ops->register_security(name, ops);
-}
-
 /* Security operations */
 
 int security_ptrace(struct task_struct *parent, struct task_struct *child,
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 745a69e74e3..91200feb3f9 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -126,13 +126,11 @@ __setup("selinux=", selinux_enabled_setup);
 int selinux_enabled = 1;
 #endif
 
-/* Original (dummy) security module. */
-static struct security_operations *original_ops;
 
-/* Minimal support for a secondary security module,
-   just to allow the use of the dummy or capability modules.
-   The owlsm module can alternatively be used as a secondary
-   module as long as CONFIG_OWLSM_FD is not enabled. */
+/*
+ * Minimal support for a secondary security module,
+ * just to allow the use of the capability module.
+ */
 static struct security_operations *secondary_ops;
 
 /* Lists of inode and superblock security structures initialized
@@ -5115,24 +5113,6 @@ static void selinux_ipc_getsecid(struct kern_ipc_perm *ipcp, u32 *secid)
 	*secid = isec->sid;
 }
 
-/* module stacking operations */
-static int selinux_register_security(const char *name, struct security_operations *ops)
-{
-	if (secondary_ops != original_ops) {
-		printk(KERN_ERR "%s:  There is already a secondary security "
-		       "module registered.\n", __func__);
-		return -EINVAL;
-	}
-
-	secondary_ops = ops;
-
-	printk(KERN_INFO "%s:  Registering secondary module %s\n",
-	       __func__,
-	       name);
-
-	return 0;
-}
-
 static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode)
 {
 	if (inode)
@@ -5517,8 +5497,6 @@ static struct security_operations selinux_ops = {
 	.sem_semctl =			selinux_sem_semctl,
 	.sem_semop =			selinux_sem_semop,
 
-	.register_security =		selinux_register_security,
-
 	.d_instantiate =		selinux_d_instantiate,
 
 	.getprocattr =			selinux_getprocattr,
@@ -5612,7 +5590,7 @@ static __init int selinux_init(void)
 					    0, SLAB_PANIC, NULL);
 	avc_init();
 
-	original_ops = secondary_ops = security_ops;
+	secondary_ops = security_ops;
 	if (!secondary_ops)
 		panic("SELinux: No initial security operations\n");
 	if (register_security(&selinux_ops))
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 3c7150b3493..ee5a51cbc5e 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -1822,27 +1822,6 @@ static void smack_ipc_getsecid(struct kern_ipc_perm *ipp, u32 *secid)
 	*secid = smack_to_secid(smack);
 }
 
-/* module stacking operations */
-
-/**
- * smack_register_security - stack capability module
- * @name: module name
- * @ops: module operations - ignored
- *
- * Allow the capability module to register.
- */
-static int smack_register_security(const char *name,
-				   struct security_operations *ops)
-{
-	if (strcmp(name, "capability") != 0)
-		return -EINVAL;
-
-	printk(KERN_INFO "%s:  Registering secondary module %s\n",
-	       __func__, name);
-
-	return 0;
-}
-
 /**
  * smack_d_instantiate - Make sure the blob is correct on an inode
  * @opt_dentry: unused
@@ -2673,8 +2652,6 @@ struct security_operations smack_ops = {
 	.netlink_send =			cap_netlink_send,
 	.netlink_recv = 		cap_netlink_recv,
 
-	.register_security = 		smack_register_security,
-
 	.d_instantiate = 		smack_d_instantiate,
 
 	.getprocattr = 			smack_getprocattr,
-- 
cgit v1.2.3-70-g09d2