1/* 2 * Stub functions for the default security function pointers in case no 3 * security model is loaded. 4 * 5 * Copyright (C) 2001 WireX Communications, Inc <chris@wirex.com> 6 * Copyright (C) 2001-2002 Greg Kroah-Hartman <greg@kroah.com> 7 * Copyright (C) 2001 Networks Associates Technology, Inc <ssmalley@nai.com> 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License as published by 11 * the Free Software Foundation; either version 2 of the License, or 12 * (at your option) any later version. 13 */ 14 15#undef DEBUG 16 17#include <linux/capability.h> 18#include <linux/module.h> 19#include <linux/kernel.h> 20#include <linux/mman.h> 21#include <linux/pagemap.h> 22#include <linux/swap.h> 23#include <linux/security.h> 24#include <linux/skbuff.h> 25#include <linux/netlink.h> 26#include <net/sock.h> 27#include <linux/xattr.h> 28#include <linux/hugetlb.h> 29#include <linux/ptrace.h> 30#include <linux/file.h> 31 32static int dummy_ptrace (struct task_struct *parent, struct task_struct *child) 33{ 34 return 0; 35} 36 37static int dummy_capget (struct task_struct *target, kernel_cap_t * effective, 38 kernel_cap_t * inheritable, kernel_cap_t * permitted) 39{ 40 *effective = *inheritable = *permitted = 0; 41 if (!issecure(SECURE_NOROOT)) { 42 if (target->euid == 0) { 43 *permitted |= (~0 & ~CAP_FS_MASK); 44 *effective |= (~0 & ~CAP_TO_MASK(CAP_SETPCAP) & ~CAP_FS_MASK); 45 } 46 if (target->fsuid == 0) { 47 *permitted |= CAP_FS_MASK; 48 *effective |= CAP_FS_MASK; 49 } 50 } 51 return 0; 52} 53 54static int dummy_capset_check (struct task_struct *target, 55 kernel_cap_t * effective, 56 kernel_cap_t * inheritable, 57 kernel_cap_t * permitted) 58{ 59 return -EPERM; 60} 61 62static void dummy_capset_set (struct task_struct *target, 63 kernel_cap_t * effective, 64 kernel_cap_t * inheritable, 65 kernel_cap_t * permitted) 66{ 67 return; 68} 69 70static int dummy_acct (struct file *file) 71{ 72 return 0; 73} 74 75static int dummy_capable (struct task_struct *tsk, int cap) 76{ 77 if (cap_raised (tsk->cap_effective, cap)) 78 return 0; 79 return -EPERM; 80} 81 82static int dummy_sysctl (ctl_table * table, int op) 83{ 84 return 0; 85} 86 87static int dummy_quotactl (int cmds, int type, int id, struct super_block *sb) 88{ 89 return 0; 90} 91 92static int dummy_quota_on (struct dentry *dentry) 93{ 94 return 0; 95} 96 97static int dummy_syslog (int type) 98{ 99 if ((type != 3 && type != 10) && current->euid) 100 return -EPERM; 101 return 0; 102} 103 104static int dummy_settime(struct timespec *ts, struct timezone *tz) 105{ 106 if (!capable(CAP_SYS_TIME)) 107 return -EPERM; 108 return 0; 109} 110 111static int dummy_vm_enough_memory(long pages) 112{ 113 int cap_sys_admin = 0; 114 115 if (dummy_capable(current, CAP_SYS_ADMIN) == 0) 116 cap_sys_admin = 1; 117 return __vm_enough_memory(pages, cap_sys_admin); 118} 119 120static int dummy_bprm_alloc_security (struct linux_binprm *bprm) 121{ 122 return 0; 123} 124 125static void dummy_bprm_free_security (struct linux_binprm *bprm) 126{ 127 return; 128} 129 130static void dummy_bprm_apply_creds (struct linux_binprm *bprm, int unsafe) 131{ 132 if (bprm->e_uid != current->uid || bprm->e_gid != current->gid) { 133 current->mm->dumpable = suid_dumpable; 134 135 if ((unsafe & ~LSM_UNSAFE_PTRACE_CAP) && !capable(CAP_SETUID)) { 136 bprm->e_uid = current->uid; 137 bprm->e_gid = current->gid; 138 } 139 } 140 141 current->suid = current->euid = current->fsuid = bprm->e_uid; 142 current->sgid = current->egid = current->fsgid = bprm->e_gid; 143 144 dummy_capget(current, ¤t->cap_effective, ¤t->cap_inheritable, ¤t->cap_permitted); 145} 146 147static void dummy_bprm_post_apply_creds (struct linux_binprm *bprm) 148{ 149 return; 150} 151 152static int dummy_bprm_set_security (struct linux_binprm *bprm) 153{ 154 return 0; 155} 156 157static int dummy_bprm_check_security (struct linux_binprm *bprm) 158{ 159 return 0; 160} 161 162static int dummy_bprm_secureexec (struct linux_binprm *bprm) 163{ 164 /* The new userland will simply use the value provided 165 in the AT_SECURE field to decide whether secure mode 166 is required. Hence, this logic is required to preserve 167 the legacy decision algorithm used by the old userland. */ 168 return (current->euid != current->uid || 169 current->egid != current->gid); 170} 171 172static int dummy_sb_alloc_security (struct super_block *sb) 173{ 174 return 0; 175} 176 177static void dummy_sb_free_security (struct super_block *sb) 178{ 179 return; 180} 181 182static int dummy_sb_copy_data (struct file_system_type *type, 183 void *orig, void *copy) 184{ 185 return 0; 186} 187 188static int dummy_sb_kern_mount (struct super_block *sb, void *data) 189{ 190 return 0; 191} 192 193static int dummy_sb_statfs (struct dentry *dentry) 194{ 195 return 0; 196} 197 198static int dummy_sb_mount (char *dev_name, struct nameidata *nd, char *type, 199 unsigned long flags, void *data) 200{ 201 return 0; 202} 203 204static int dummy_sb_check_sb (struct vfsmount *mnt, struct nameidata *nd) 205{ 206 return 0; 207} 208 209static int dummy_sb_umount (struct vfsmount *mnt, int flags) 210{ 211 return 0; 212} 213 214static void dummy_sb_umount_close (struct vfsmount *mnt) 215{ 216 return; 217} 218 219static void dummy_sb_umount_busy (struct vfsmount *mnt) 220{ 221 return; 222} 223 224static void dummy_sb_post_remount (struct vfsmount *mnt, unsigned long flags, 225 void *data) 226{ 227 return; 228} 229 230 231static void dummy_sb_post_mountroot (void) 232{ 233 return; 234} 235 236static void dummy_sb_post_addmount (struct vfsmount *mnt, struct nameidata *nd) 237{ 238 return; 239} 240 241static int dummy_sb_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd) 242{ 243 return 0; 244} 245 246static void dummy_sb_post_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd) 247{ 248 return; 249} 250 251static int dummy_inode_alloc_security (struct inode *inode) 252{ 253 return 0; 254} 255 256static void dummy_inode_free_security (struct inode *inode) 257{ 258 return; 259} 260 261static int dummy_inode_init_security (struct inode *inode, struct inode *dir, 262 char **name, void **value, size_t *len) 263{ 264 return -EOPNOTSUPP; 265} 266 267static int dummy_inode_create (struct inode *inode, struct dentry *dentry, 268 int mask) 269{ 270 return 0; 271} 272 273static int dummy_inode_link (struct dentry *old_dentry, struct inode *inode, 274 struct dentry *new_dentry) 275{ 276 return 0; 277} 278 279static int dummy_inode_unlink (struct inode *inode, struct dentry *dentry) 280{ 281 return 0; 282} 283 284static int dummy_inode_symlink (struct inode *inode, struct dentry *dentry, 285 const char *name) 286{ 287 return 0; 288} 289 290static int dummy_inode_mkdir (struct inode *inode, struct dentry *dentry, 291 int mask) 292{ 293 return 0; 294} 295 296static int dummy_inode_rmdir (struct inode *inode, struct dentry *dentry) 297{ 298 return 0; 299} 300 301static int dummy_inode_mknod (struct inode *inode, struct dentry *dentry, 302 int mode, dev_t dev) 303{ 304 return 0; 305} 306 307static int dummy_inode_rename (struct inode *old_inode, 308 struct dentry *old_dentry, 309 struct inode *new_inode, 310 struct dentry *new_dentry) 311{ 312 return 0; 313} 314 315static int dummy_inode_readlink (struct dentry *dentry) 316{ 317 return 0; 318} 319 320static int dummy_inode_follow_link (struct dentry *dentry, 321 struct nameidata *nameidata) 322{ 323 return 0; 324} 325 326static int dummy_inode_permission (struct inode *inode, int mask, struct nameidata *nd) 327{ 328 return 0; 329} 330 331static int dummy_inode_setattr (struct dentry *dentry, struct iattr *iattr) 332{ 333 return 0; 334} 335 336static int dummy_inode_getattr (struct vfsmount *mnt, struct dentry *dentry) 337{ 338 return 0; 339} 340 341static void dummy_inode_delete (struct inode *ino) 342{ 343 return; 344} 345 346static int dummy_inode_setxattr (struct dentry *dentry, char *name, void *value, 347 size_t size, int flags) 348{ 349 if (!strncmp(name, XATTR_SECURITY_PREFIX, 350 sizeof(XATTR_SECURITY_PREFIX) - 1) && 351 !capable(CAP_SYS_ADMIN)) 352 return -EPERM; 353 return 0; 354} 355 356static void dummy_inode_post_setxattr (struct dentry *dentry, char *name, void *value, 357 size_t size, int flags) 358{ 359} 360 361static int dummy_inode_getxattr (struct dentry *dentry, char *name) 362{ 363 return 0; 364} 365 366static int dummy_inode_listxattr (struct dentry *dentry) 367{ 368 return 0; 369} 370 371static int dummy_inode_removexattr (struct dentry *dentry, char *name) 372{ 373 if (!strncmp(name, XATTR_SECURITY_PREFIX, 374 sizeof(XATTR_SECURITY_PREFIX) - 1) && 375 !capable(CAP_SYS_ADMIN)) 376 return -EPERM; 377 return 0; 378} 379 380static int dummy_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err) 381{ 382 return -EOPNOTSUPP; 383} 384 385static int dummy_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags) 386{ 387 return -EOPNOTSUPP; 388} 389 390static int dummy_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size) 391{ 392 return 0; 393} 394 395static const char *dummy_inode_xattr_getsuffix(void) 396{ 397 return NULL; 398} 399 400static int dummy_file_permission (struct file *file, int mask) 401{ 402 return 0; 403} 404 405static int dummy_file_alloc_security (struct file *file) 406{ 407 return 0; 408} 409 410static void dummy_file_free_security (struct file *file) 411{ 412 return; 413} 414 415static int dummy_file_ioctl (struct file *file, unsigned int command, 416 unsigned long arg) 417{ 418 return 0; 419} 420 421static int dummy_file_mmap (struct file *file, unsigned long reqprot, 422 unsigned long prot, 423 unsigned long flags) 424{ 425 return 0; 426} 427 428static int dummy_file_mprotect (struct vm_area_struct *vma, 429 unsigned long reqprot, 430 unsigned long prot) 431{ 432 return 0; 433} 434 435static int dummy_file_lock (struct file *file, unsigned int cmd) 436{ 437 return 0; 438} 439 440static int dummy_file_fcntl (struct file *file, unsigned int cmd, 441 unsigned long arg) 442{ 443 return 0; 444} 445 446static int dummy_file_set_fowner (struct file *file) 447{ 448 return 0; 449} 450 451static int dummy_file_send_sigiotask (struct task_struct *tsk, 452 struct fown_struct *fown, int sig) 453{ 454 return 0; 455} 456 457static int dummy_file_receive (struct file *file) 458{ 459 return 0; 460} 461 462static int dummy_task_create (unsigned long clone_flags) 463{ 464 return 0; 465} 466 467static int dummy_task_alloc_security (struct task_struct *p) 468{ 469 return 0; 470} 471 472static void dummy_task_free_security (struct task_struct *p) 473{ 474 return; 475} 476 477static int dummy_task_setuid (uid_t id0, uid_t id1, uid_t id2, int flags) 478{ 479 return 0; 480} 481 482static int dummy_task_post_setuid (uid_t id0, uid_t id1, uid_t id2, int flags) 483{ 484 dummy_capget(current, ¤t->cap_effective, ¤t->cap_inheritable, ¤t->cap_permitted); 485 return 0; 486} 487 488static int dummy_task_setgid (gid_t id0, gid_t id1, gid_t id2, int flags) 489{ 490 return 0; 491} 492 493static int dummy_task_setpgid (struct task_struct *p, pid_t pgid) 494{ 495 return 0; 496} 497 498static int dummy_task_getpgid (struct task_struct *p) 499{ 500 return 0; 501} 502 503static int dummy_task_getsid (struct task_struct *p) 504{ 505 return 0; 506} 507 508static void dummy_task_getsecid (struct task_struct *p, u32 *secid) 509{ } 510 511static int dummy_task_setgroups (struct group_info *group_info) 512{ 513 return 0; 514} 515 516static int dummy_task_setnice (struct task_struct *p, int nice) 517{ 518 return 0; 519} 520 521static int dummy_task_setioprio (struct task_struct *p, int ioprio) 522{ 523 return 0; 524} 525 526static int dummy_task_getioprio (struct task_struct *p) 527{ 528 return 0; 529} 530 531static int dummy_task_setrlimit (unsigned int resource, struct rlimit *new_rlim) 532{ 533 return 0; 534} 535 536static int dummy_task_setscheduler (struct task_struct *p, int policy, 537 struct sched_param *lp) 538{ 539 return 0; 540} 541 542static int dummy_task_getscheduler (struct task_struct *p) 543{ 544 return 0; 545} 546 547static int dummy_task_movememory (struct task_struct *p) 548{ 549 return 0; 550} 551 552static int dummy_task_wait (struct task_struct *p) 553{ 554 return 0; 555} 556 557static int dummy_task_kill (struct task_struct *p, struct siginfo *info, 558 int sig, u32 secid) 559{ 560 return 0; 561} 562 563static int dummy_task_prctl (int option, unsigned long arg2, unsigned long arg3, 564 unsigned long arg4, unsigned long arg5) 565{ 566 return 0; 567} 568 569static void dummy_task_reparent_to_init (struct task_struct *p) 570{ 571 p->euid = p->fsuid = 0; 572 return; 573} 574 575static void dummy_task_to_inode(struct task_struct *p, struct inode *inode) 576{ } 577 578static int dummy_ipc_permission (struct kern_ipc_perm *ipcp, short flag) 579{ 580 return 0; 581} 582 583static int dummy_msg_msg_alloc_security (struct msg_msg *msg) 584{ 585 return 0; 586} 587 588static void dummy_msg_msg_free_security (struct msg_msg *msg) 589{ 590 return; 591} 592 593static int dummy_msg_queue_alloc_security (struct msg_queue *msq) 594{ 595 return 0; 596} 597 598static void dummy_msg_queue_free_security (struct msg_queue *msq) 599{ 600 return; 601} 602 603static int dummy_msg_queue_associate (struct msg_queue *msq, 604 int msqflg) 605{ 606 return 0; 607} 608 609static int dummy_msg_queue_msgctl (struct msg_queue *msq, int cmd) 610{ 611 return 0; 612} 613 614static int dummy_msg_queue_msgsnd (struct msg_queue *msq, struct msg_msg *msg, 615 int msgflg) 616{ 617 return 0; 618} 619 620static int dummy_msg_queue_msgrcv (struct msg_queue *msq, struct msg_msg *msg, 621 struct task_struct *target, long type, 622 int mode) 623{ 624 return 0; 625} 626 627static int dummy_shm_alloc_security (struct shmid_kernel *shp) 628{ 629 return 0; 630} 631 632static void dummy_shm_free_security (struct shmid_kernel *shp) 633{ 634 return; 635} 636 637static int dummy_shm_associate (struct shmid_kernel *shp, int shmflg) 638{ 639 return 0; 640} 641 642static int dummy_shm_shmctl (struct shmid_kernel *shp, int cmd) 643{ 644 return 0; 645} 646 647static int dummy_shm_shmat (struct shmid_kernel *shp, char __user *shmaddr, 648 int shmflg) 649{ 650 return 0; 651} 652 653static int dummy_sem_alloc_security (struct sem_array *sma) 654{ 655 return 0; 656} 657 658static void dummy_sem_free_security (struct sem_array *sma) 659{ 660 return; 661} 662 663static int dummy_sem_associate (struct sem_array *sma, int semflg) 664{ 665 return 0; 666} 667 668static int dummy_sem_semctl (struct sem_array *sma, int cmd) 669{ 670 return 0; 671} 672 673static int dummy_sem_semop (struct sem_array *sma, 674 struct sembuf *sops, unsigned nsops, int alter) 675{ 676 return 0; 677} 678 679static int dummy_netlink_send (struct sock *sk, struct sk_buff *skb) 680{ 681 NETLINK_CB(skb).eff_cap = current->cap_effective; 682 return 0; 683} 684 685static int dummy_netlink_recv (struct sk_buff *skb, int cap) 686{ 687 if (!cap_raised (NETLINK_CB (skb).eff_cap, cap)) 688 return -EPERM; 689 return 0; 690} 691 692#ifdef CONFIG_SECURITY_NETWORK 693static int dummy_unix_stream_connect (struct socket *sock, 694 struct socket *other, 695 struct sock *newsk) 696{ 697 return 0; 698} 699 700static int dummy_unix_may_send (struct socket *sock, 701 struct socket *other) 702{ 703 return 0; 704} 705 706static int dummy_socket_create (int family, int type, 707 int protocol, int kern) 708{ 709 return 0; 710} 711 712static int dummy_socket_post_create (struct socket *sock, int family, int type, 713 int protocol, int kern) 714{ 715 return 0; 716} 717 718static int dummy_socket_bind (struct socket *sock, struct sockaddr *address, 719 int addrlen) 720{ 721 return 0; 722} 723 724static int dummy_socket_connect (struct socket *sock, struct sockaddr *address, 725 int addrlen) 726{ 727 return 0; 728} 729 730static int dummy_socket_listen (struct socket *sock, int backlog) 731{ 732 return 0; 733} 734 735static int dummy_socket_accept (struct socket *sock, struct socket *newsock) 736{ 737 return 0; 738} 739 740static void dummy_socket_post_accept (struct socket *sock, 741 struct socket *newsock) 742{ 743 return; 744} 745 746static int dummy_socket_sendmsg (struct socket *sock, struct msghdr *msg, 747 int size) 748{ 749 return 0; 750} 751 752static int dummy_socket_recvmsg (struct socket *sock, struct msghdr *msg, 753 int size, int flags) 754{ 755 return 0; 756} 757 758static int dummy_socket_getsockname (struct socket *sock) 759{ 760 return 0; 761} 762 763static int dummy_socket_getpeername (struct socket *sock) 764{ 765 return 0; 766} 767 768static int dummy_socket_setsockopt (struct socket *sock, int level, int optname) 769{ 770 return 0; 771} 772 773static int dummy_socket_getsockopt (struct socket *sock, int level, int optname) 774{ 775 return 0; 776} 777 778static int dummy_socket_shutdown (struct socket *sock, int how) 779{ 780 return 0; 781} 782 783static int dummy_socket_sock_rcv_skb (struct sock *sk, struct sk_buff *skb) 784{ 785 return 0; 786} 787 788static int dummy_socket_getpeersec_stream(struct socket *sock, char __user *optval, 789 int __user *optlen, unsigned len) 790{ 791 return -ENOPROTOOPT; 792} 793 794static int dummy_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) 795{ 796 return -ENOPROTOOPT; 797} 798 799static inline int dummy_sk_alloc_security (struct sock *sk, int family, gfp_t priority) 800{ 801 return 0; 802} 803 804static inline void dummy_sk_free_security (struct sock *sk) 805{ 806} 807 808static inline void dummy_sk_clone_security (const struct sock *sk, struct sock *newsk) 809{ 810} 811 812static inline void dummy_sk_getsecid(struct sock *sk, u32 *secid) 813{ 814} 815 816static inline void dummy_sock_graft(struct sock* sk, struct socket *parent) 817{ 818} 819 820static inline int dummy_inet_conn_request(struct sock *sk, 821 struct sk_buff *skb, struct request_sock *req) 822{ 823 return 0; 824} 825 826static inline void dummy_inet_csk_clone(struct sock *newsk, 827 const struct request_sock *req) 828{ 829} 830 831static inline void dummy_inet_conn_established(struct sock *sk, 832 struct sk_buff *skb) 833{ 834} 835 836static inline void dummy_req_classify_flow(const struct request_sock *req, 837 struct flowi *fl) 838{ 839} 840#endif /* CONFIG_SECURITY_NETWORK */ 841 842#ifdef CONFIG_SECURITY_NETWORK_XFRM 843static int dummy_xfrm_policy_alloc_security(struct xfrm_policy *xp, 844 struct xfrm_user_sec_ctx *sec_ctx) 845{ 846 return 0; 847} 848 849static inline int dummy_xfrm_policy_clone_security(struct xfrm_policy *old, struct xfrm_policy *new) 850{ 851 return 0; 852} 853 854static void dummy_xfrm_policy_free_security(struct xfrm_policy *xp) 855{ 856} 857 858static int dummy_xfrm_policy_delete_security(struct xfrm_policy *xp) 859{ 860 return 0; 861} 862 863static int dummy_xfrm_state_alloc_security(struct xfrm_state *x, 864 struct xfrm_user_sec_ctx *sec_ctx, u32 secid) 865{ 866 return 0; 867} 868 869static void dummy_xfrm_state_free_security(struct xfrm_state *x) 870{ 871} 872 873static int dummy_xfrm_state_delete_security(struct xfrm_state *x) 874{ 875 return 0; 876} 877 878static int dummy_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid, u8 dir) 879{ 880 return 0; 881} 882 883static int dummy_xfrm_state_pol_flow_match(struct xfrm_state *x, 884 struct xfrm_policy *xp, struct flowi *fl) 885{ 886 return 1; 887} 888 889static int dummy_xfrm_decode_session(struct sk_buff *skb, u32 *fl, int ckall) 890{ 891 return 0; 892} 893 894#endif /* CONFIG_SECURITY_NETWORK_XFRM */ 895static int dummy_register_security (const char *name, struct security_operations *ops) 896{ 897 return -EINVAL; 898} 899 900static int dummy_unregister_security (const char *name, struct security_operations *ops) 901{ 902 return -EINVAL; 903} 904 905static void dummy_d_instantiate (struct dentry *dentry, struct inode *inode) 906{ 907 return; 908} 909 910static int dummy_getprocattr(struct task_struct *p, char *name, char **value) 911{ 912 return -EINVAL; 913} 914 915static int dummy_setprocattr(struct task_struct *p, char *name, void *value, size_t size) 916{ 917 return -EINVAL; 918} 919 920static int dummy_secid_to_secctx(u32 secid, char **secdata, u32 *seclen) 921{ 922 return -EOPNOTSUPP; 923} 924 925static void dummy_release_secctx(char *secdata, u32 seclen) 926{ 927} 928 929#ifdef CONFIG_KEYS 930static inline int dummy_key_alloc(struct key *key, struct task_struct *ctx, 931 unsigned long flags) 932{ 933 return 0; 934} 935 936static inline void dummy_key_free(struct key *key) 937{ 938} 939 940static inline int dummy_key_permission(key_ref_t key_ref, 941 struct task_struct *context, 942 key_perm_t perm) 943{ 944 return 0; 945} 946#endif /* CONFIG_KEYS */ 947 948struct security_operations dummy_security_ops; 949 950#define set_to_dummy_if_null(ops, function) \ 951 do { \ 952 if (!ops->function) { \ 953 ops->function = dummy_##function; \ 954 pr_debug("Had to override the " #function \ 955 " security operation with the dummy one.\n");\ 956 } \ 957 } while (0) 958 959void security_fixup_ops (struct security_operations *ops) 960{ 961 set_to_dummy_if_null(ops, ptrace); 962 set_to_dummy_if_null(ops, capget); 963 set_to_dummy_if_null(ops, capset_check); 964 set_to_dummy_if_null(ops, capset_set); 965 set_to_dummy_if_null(ops, acct); 966 set_to_dummy_if_null(ops, capable); 967 set_to_dummy_if_null(ops, quotactl); 968 set_to_dummy_if_null(ops, quota_on); 969 set_to_dummy_if_null(ops, sysctl); 970 set_to_dummy_if_null(ops, syslog); 971 set_to_dummy_if_null(ops, settime); 972 set_to_dummy_if_null(ops, vm_enough_memory); 973 set_to_dummy_if_null(ops, bprm_alloc_security); 974 set_to_dummy_if_null(ops, bprm_free_security); 975 set_to_dummy_if_null(ops, bprm_apply_creds); 976 set_to_dummy_if_null(ops, bprm_post_apply_creds); 977 set_to_dummy_if_null(ops, bprm_set_security); 978 set_to_dummy_if_null(ops, bprm_check_security); 979 set_to_dummy_if_null(ops, bprm_secureexec); 980 set_to_dummy_if_null(ops, sb_alloc_security); 981 set_to_dummy_if_null(ops, sb_free_security); 982 set_to_dummy_if_null(ops, sb_copy_data); 983 set_to_dummy_if_null(ops, sb_kern_mount); 984 set_to_dummy_if_null(ops, sb_statfs); 985 set_to_dummy_if_null(ops, sb_mount); 986 set_to_dummy_if_null(ops, sb_check_sb); 987 set_to_dummy_if_null(ops, sb_umount); 988 set_to_dummy_if_null(ops, sb_umount_close); 989 set_to_dummy_if_null(ops, sb_umount_busy); 990 set_to_dummy_if_null(ops, sb_post_remount); 991 set_to_dummy_if_null(ops, sb_post_mountroot); 992 set_to_dummy_if_null(ops, sb_post_addmount); 993 set_to_dummy_if_null(ops, sb_pivotroot); 994 set_to_dummy_if_null(ops, sb_post_pivotroot); 995 set_to_dummy_if_null(ops, inode_alloc_security); 996 set_to_dummy_if_null(ops, inode_free_security); 997 set_to_dummy_if_null(ops, inode_init_security); 998 set_to_dummy_if_null(ops, inode_create); 999 set_to_dummy_if_null(ops, inode_link); 1000 set_to_dummy_if_null(ops, inode_unlink); 1001 set_to_dummy_if_null(ops, inode_symlink); 1002 set_to_dummy_if_null(ops, inode_mkdir); 1003 set_to_dummy_if_null(ops, inode_rmdir); 1004 set_to_dummy_if_null(ops, inode_mknod); 1005 set_to_dummy_if_null(ops, inode_rename); 1006 set_to_dummy_if_null(ops, inode_readlink); 1007 set_to_dummy_if_null(ops, inode_follow_link); 1008 set_to_dummy_if_null(ops, inode_permission); 1009 set_to_dummy_if_null(ops, inode_setattr); 1010 set_to_dummy_if_null(ops, inode_getattr); 1011 set_to_dummy_if_null(ops, inode_delete); 1012 set_to_dummy_if_null(ops, inode_setxattr); 1013 set_to_dummy_if_null(ops, inode_post_setxattr); 1014 set_to_dummy_if_null(ops, inode_getxattr); 1015 set_to_dummy_if_null(ops, inode_listxattr); 1016 set_to_dummy_if_null(ops, inode_removexattr); 1017 set_to_dummy_if_null(ops, inode_xattr_getsuffix); 1018 set_to_dummy_if_null(ops, inode_getsecurity); 1019 set_to_dummy_if_null(ops, inode_setsecurity); 1020 set_to_dummy_if_null(ops, inode_listsecurity); 1021 set_to_dummy_if_null(ops, file_permission); 1022 set_to_dummy_if_null(ops, file_alloc_security); 1023 set_to_dummy_if_null(ops, file_free_security); 1024 set_to_dummy_if_null(ops, file_ioctl); 1025 set_to_dummy_if_null(ops, file_mmap); 1026 set_to_dummy_if_null(ops, file_mprotect); 1027 set_to_dummy_if_null(ops, file_lock); 1028 set_to_dummy_if_null(ops, file_fcntl); 1029 set_to_dummy_if_null(ops, file_set_fowner); 1030 set_to_dummy_if_null(ops, file_send_sigiotask); 1031 set_to_dummy_if_null(ops, file_receive); 1032 set_to_dummy_if_null(ops, task_create); 1033 set_to_dummy_if_null(ops, task_alloc_security); 1034 set_to_dummy_if_null(ops, task_free_security); 1035 set_to_dummy_if_null(ops, task_setuid); 1036 set_to_dummy_if_null(ops, task_post_setuid); 1037 set_to_dummy_if_null(ops, task_setgid); 1038 set_to_dummy_if_null(ops, task_setpgid); 1039 set_to_dummy_if_null(ops, task_getpgid); 1040 set_to_dummy_if_null(ops, task_getsid); 1041 set_to_dummy_if_null(ops, task_getsecid); 1042 set_to_dummy_if_null(ops, task_setgroups); 1043 set_to_dummy_if_null(ops, task_setnice); 1044 set_to_dummy_if_null(ops, task_setioprio); 1045 set_to_dummy_if_null(ops, task_getioprio); 1046 set_to_dummy_if_null(ops, task_setrlimit); 1047 set_to_dummy_if_null(ops, task_setscheduler); 1048 set_to_dummy_if_null(ops, task_getscheduler); 1049 set_to_dummy_if_null(ops, task_movememory); 1050 set_to_dummy_if_null(ops, task_wait); 1051 set_to_dummy_if_null(ops, task_kill); 1052 set_to_dummy_if_null(ops, task_prctl); 1053 set_to_dummy_if_null(ops, task_reparent_to_init); 1054 set_to_dummy_if_null(ops, task_to_inode); 1055 set_to_dummy_if_null(ops, ipc_permission); 1056 set_to_dummy_if_null(ops, msg_msg_alloc_security); 1057 set_to_dummy_if_null(ops, msg_msg_free_security); 1058 set_to_dummy_if_null(ops, msg_queue_alloc_security); 1059 set_to_dummy_if_null(ops, msg_queue_free_security); 1060 set_to_dummy_if_null(ops, msg_queue_associate); 1061 set_to_dummy_if_null(ops, msg_queue_msgctl); 1062 set_to_dummy_if_null(ops, msg_queue_msgsnd); 1063 set_to_dummy_if_null(ops, msg_queue_msgrcv); 1064 set_to_dummy_if_null(ops, shm_alloc_security); 1065 set_to_dummy_if_null(ops, shm_free_security); 1066 set_to_dummy_if_null(ops, shm_associate); 1067 set_to_dummy_if_null(ops, shm_shmctl); 1068 set_to_dummy_if_null(ops, shm_shmat); 1069 set_to_dummy_if_null(ops, sem_alloc_security); 1070 set_to_dummy_if_null(ops, sem_free_security); 1071 set_to_dummy_if_null(ops, sem_associate); 1072 set_to_dummy_if_null(ops, sem_semctl); 1073 set_to_dummy_if_null(ops, sem_semop); 1074 set_to_dummy_if_null(ops, netlink_send); 1075 set_to_dummy_if_null(ops, netlink_recv); 1076 set_to_dummy_if_null(ops, register_security); 1077 set_to_dummy_if_null(ops, unregister_security); 1078 set_to_dummy_if_null(ops, d_instantiate); 1079 set_to_dummy_if_null(ops, getprocattr); 1080 set_to_dummy_if_null(ops, setprocattr); 1081 set_to_dummy_if_null(ops, secid_to_secctx); 1082 set_to_dummy_if_null(ops, release_secctx); 1083#ifdef CONFIG_SECURITY_NETWORK 1084 set_to_dummy_if_null(ops, unix_stream_connect); 1085 set_to_dummy_if_null(ops, unix_may_send); 1086 set_to_dummy_if_null(ops, socket_create); 1087 set_to_dummy_if_null(ops, socket_post_create); 1088 set_to_dummy_if_null(ops, socket_bind); 1089 set_to_dummy_if_null(ops, socket_connect); 1090 set_to_dummy_if_null(ops, socket_listen); 1091 set_to_dummy_if_null(ops, socket_accept); 1092 set_to_dummy_if_null(ops, socket_post_accept); 1093 set_to_dummy_if_null(ops, socket_sendmsg); 1094 set_to_dummy_if_null(ops, socket_recvmsg); 1095 set_to_dummy_if_null(ops, socket_getsockname); 1096 set_to_dummy_if_null(ops, socket_getpeername); 1097 set_to_dummy_if_null(ops, socket_setsockopt); 1098 set_to_dummy_if_null(ops, socket_getsockopt); 1099 set_to_dummy_if_null(ops, socket_shutdown); 1100 set_to_dummy_if_null(ops, socket_sock_rcv_skb); 1101 set_to_dummy_if_null(ops, socket_getpeersec_stream); 1102 set_to_dummy_if_null(ops, socket_getpeersec_dgram); 1103 set_to_dummy_if_null(ops, sk_alloc_security); 1104 set_to_dummy_if_null(ops, sk_free_security); 1105 set_to_dummy_if_null(ops, sk_clone_security); 1106 set_to_dummy_if_null(ops, sk_getsecid); 1107 set_to_dummy_if_null(ops, sock_graft); 1108 set_to_dummy_if_null(ops, inet_conn_request); 1109 set_to_dummy_if_null(ops, inet_csk_clone); 1110 set_to_dummy_if_null(ops, inet_conn_established); 1111 set_to_dummy_if_null(ops, req_classify_flow); 1112 #endif /* CONFIG_SECURITY_NETWORK */ 1113#ifdef CONFIG_SECURITY_NETWORK_XFRM 1114 set_to_dummy_if_null(ops, xfrm_policy_alloc_security); 1115 set_to_dummy_if_null(ops, xfrm_policy_clone_security); 1116 set_to_dummy_if_null(ops, xfrm_policy_free_security); 1117 set_to_dummy_if_null(ops, xfrm_policy_delete_security); 1118 set_to_dummy_if_null(ops, xfrm_state_alloc_security); 1119 set_to_dummy_if_null(ops, xfrm_state_free_security); 1120 set_to_dummy_if_null(ops, xfrm_state_delete_security); 1121 set_to_dummy_if_null(ops, xfrm_policy_lookup); 1122 set_to_dummy_if_null(ops, xfrm_state_pol_flow_match); 1123 set_to_dummy_if_null(ops, xfrm_decode_session); 1124#endif /* CONFIG_SECURITY_NETWORK_XFRM */ 1125#ifdef CONFIG_KEYS 1126 set_to_dummy_if_null(ops, key_alloc); 1127 set_to_dummy_if_null(ops, key_free); 1128 set_to_dummy_if_null(ops, key_permission); 1129#endif /* CONFIG_KEYS */ 1130 1131} 1132