353 static void __init lsm_early_cred(struct cred *cred);
399 	init_debug("cred blob size       = %d\n", blob_sizes.lbs_cred);
420 	lsm_early_cred((struct cred *) current->cred);
599  * lsm_cred_alloc - allocate a composite cred blob
600  * @cred: the cred that needs a blob
603  * Allocate the cred blob for all the modules
607 static int lsm_cred_alloc(struct cred *cred, gfp_t gfp)
610 		cred->security = NULL;
614 	cred->security = kzalloc(blob_sizes.lbs_cred, gfp);
615 	if (cred->security == NULL)
621  * lsm_early_cred - during initialization allocate a composite cred blob
622  * @cred: the cred that needs a blob
624  * Allocate the cred blob for all the modules
626 static void __init lsm_early_cred(struct cred *cred)
628 	int rc = lsm_cred_alloc(cred, GFP_KERNEL);
631 		panic("%s: Early cred alloc failed.\n", __func__);
889 int security_binder_set_context_mgr(const struct cred *mgr)
903 int security_binder_transaction(const struct cred *from,
904 				const struct cred *to)
918 int security_binder_transfer_binder(const struct cred *from,
919 				    const struct cred *to)
934 int security_binder_transfer_file(const struct cred *from,
935 				  const struct cred *to, const struct file *file)
1009 int security_capset(struct cred *new, const struct cred *old,
1020  * @cred: credentials to examine
1031 int security_capable(const struct cred *cred,
1036 	return call_int_hook(capable, cred, ns, cap, opts);
1138  * If the setup in prepare_exec_creds did not setup @bprm->cred->security
1140  * @bprm->cred->security to be what commit_creds needs to install for the new
1159  * exec, update @bprm->cred to reflect that change. This is called after
1182  * It allows a check against the @bprm->cred->security value which was set in
1200  * by @current->cred and the information set in @bprm->cred by the
1212  * security_bprm_committed_creds() - Tidy up after cred install during exec()
1217  * point, been set to @current->cred.  @bprm points to the linux_binprm
1670 				    const struct cred *old, struct cred *new)
2623 int security_inode_copy_up(struct dentry *src, struct cred **new)
3039  * @cred: credentials
3042  * Only allocate sufficient memory and attach to @cred such that
3047 int security_cred_alloc_blank(struct cred *cred, gfp_t gfp)
3049 	int rc = lsm_cred_alloc(cred, gfp);
3054 	rc = call_int_hook(cred_alloc_blank, cred, gfp);
3056 		security_cred_free(cred);
3061  * security_cred_free() - Free the cred's LSM blob and associated resources
3062  * @cred: credentials
3064  * Deallocate and clear the cred->security field in a set of credentials.
3066 void security_cred_free(struct cred *cred)
3072 	if (unlikely(cred->security == NULL))
3075 	call_void_hook(cred_free, cred);
3077 	kfree(cred->security);
3078 	cred->security = NULL;
3091 int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp)
3111 void security_transfer_creds(struct cred *new, const struct cred *old)
3121  * Retrieve the security identifier of the cred structure @c.  In case of
3124 void security_cred_getsecid(const struct cred *c, u32 *secid)
3141 int security_kernel_act_as(struct cred *new, u32 secid)
3157 int security_kernel_create_files_as(struct cred *new, struct inode *inode)
3260  * rather than to @current->cred.
3264 int security_task_fix_setuid(struct cred *new, const struct cred *old,
3280  * @current->cred.
3284 int security_task_fix_setgid(struct cred *new, const struct cred *old,
3298  * @current->cred.
3302 int security_task_fix_setgroups(struct cred *new, const struct cred *old)
3421  * @cred: current task credentials
3430 int security_task_prlimit(const struct cred *cred, const struct cred *tcred,
3433 	return call_int_hook(task_prlimit, cred, tcred, flags);
3499  * @cred: credentials of the signal sender, NULL if @current
3510 		       int sig, const struct cred *cred)
3512 	return call_int_hook(task_kill, p, info, sig, cred);
3562  * @cred: prepared creds
3568 int security_create_user_ns(const struct cred *cred)
3570 	return call_int_hook(userns_create, cred);
4276  * @cred: credentials of the task which triggered the watch
4283 int security_post_notification(const struct cred *w_cred,
4284 			       const struct cred *cred,
4287 	return call_int_hook(post_notification, w_cred, cred, n);
5248  * @cred: credentials
5256 int security_key_alloc(struct key *key, const struct cred *cred,
5259 	return call_int_hook(key_alloc, key, cred, flags);
5276  * @cred: credentials of actor requesting access
5283 int security_key_permission(key_ref_t key_ref, const struct cred *cred,
5286 	return call_int_hook(key_permission, key_ref, cred, need_perm);
5647 int security_uring_override_creds(const struct cred *new)

Indexes created Sat May 25 20:21:57 MDT 2024