ChangeSet 1.892, 2002/11/26 11:29:49-08:00, greg@kroah.com

Merge kroah.com:/home/greg/linux/BK/bleeding_edge-2.5
into kroah.com:/home/greg/linux/BK/lsm-2.5


diff -Nru a/arch/ppc/kernel/misc.S b/arch/ppc/kernel/misc.S
--- a/arch/ppc/kernel/misc.S	Tue Nov 26 14:02:05 2002
+++ b/arch/ppc/kernel/misc.S	Tue Nov 26 14:02:05 2002
@@ -1006,6 +1006,7 @@
 	mr	r31,r4		/* argument */
 	ori	r3,r5,CLONE_VM	/* flags */
 	oris	r3,r3,CLONE_UNTRACED>>16
+	li	r4,0		/* new sp (unused) */
 	li	r0,__NR_clone
 	sc
 	cmpi	0,r3,0		/* parent or child? */
diff -Nru a/fs/file_table.c b/fs/file_table.c
--- a/fs/file_table.c	Tue Nov 26 14:02:05 2002
+++ b/fs/file_table.c	Tue Nov 26 14:02:05 2002
@@ -48,7 +48,7 @@
 		files_stat.nr_free_files--;
 	new_one:
 		memset(f, 0, sizeof(*f));
-		if (security_ops->file_alloc_security(f)) {
+		if (security_file_alloc(f)) {
 			list_add(&f->f_list, &free_list);
 			files_stat.nr_free_files++;
 			file_list_unlock();
@@ -136,7 +136,7 @@
 
 	if (file->f_op && file->f_op->release)
 		file->f_op->release(inode, file);
-	security_ops->file_free_security(file);
+	security_file_free(file);
 	fops_put(file->f_op);
 	if (file->f_mode & FMODE_WRITE)
 		put_write_access(inode);
@@ -169,7 +169,7 @@
 void put_filp(struct file *file)
 {
 	if(atomic_dec_and_test(&file->f_count)) {
-		security_ops->file_free_security(file);
+		security_file_free(file);
 		file_list_lock();
 		list_del(&file->f_list);
 		list_add(&file->f_list, &free_list);
diff -Nru a/fs/proc/base.c b/fs/proc/base.c
--- a/fs/proc/base.c	Tue Nov 26 14:02:05 2002
+++ b/fs/proc/base.c	Tue Nov 26 14:02:05 2002
@@ -30,6 +30,7 @@
 #include <linux/smp_lock.h>
 #include <linux/kallsyms.h>
 #include <linux/mount.h>
+#include <linux/security.h>
 
 /*
  * For hysterical raisins we keep the same inumbers as in the old procfs.
@@ -416,7 +417,7 @@
 };
 
 #define MAY_PTRACE(p) \
-(p==current||(p->parent==current&&(p->ptrace & PT_PTRACED)&&p->state==TASK_STOPPED&&security_ops->ptrace(current,p)==0))
+(p==current||(p->parent==current&&(p->ptrace & PT_PTRACED)&&p->state==TASK_STOPPED&&security_ptrace(current,p)==0))
 
 
 static int mem_open(struct inode* inode, struct file* file)
diff -Nru a/include/linux/sched.h b/include/linux/sched.h
--- a/include/linux/sched.h	Tue Nov 26 14:02:05 2002
+++ b/include/linux/sched.h	Tue Nov 26 14:02:05 2002
@@ -538,9 +538,11 @@
 		: on_sig_stack(sp) ? SS_ONSTACK : 0);
 }
 
-/* capable prototype and code moved to security.[hc] */
-#include <linux/security.h>
-#if 0
+
+#ifdef CONFIG_SECURITY
+/* code is in security.c */
+extern int capable(int cap);
+#else
 static inline int capable(int cap)
 {
 	if (cap_raised(current->cap_effective, cap)) {
@@ -549,7 +551,7 @@
 	}
 	return 0;
 }
-#endif	/* if 0 */
+#endif
 
 /*
  * Routines for handling mm_structs
diff -Nru a/init/do_mounts.c b/init/do_mounts.c
--- a/init/do_mounts.c	Tue Nov 26 14:02:05 2002
+++ b/init/do_mounts.c	Tue Nov 26 14:02:05 2002
@@ -13,6 +13,7 @@
 #include <linux/suspend.h>
 #include <linux/root_dev.h>
 #include <linux/mount.h>
+#include <linux/security.h>
 
 #include <linux/nfs_fs.h>
 #include <linux/nfs_fs_sb.h>
@@ -888,7 +889,7 @@
 	sys_umount("/dev", 0);
 	sys_mount(".", "/", NULL, MS_MOVE, NULL);
 	sys_chroot(".");
-	security_ops->sb_post_mountroot();
+	security_sb_post_mountroot();
 	mount_devfs_fs ();
 }
 
diff -Nru a/kernel/exit.c b/kernel/exit.c
--- a/kernel/exit.c	Tue Nov 26 14:02:05 2002
+++ b/kernel/exit.c	Tue Nov 26 14:02:05 2002
@@ -68,7 +68,7 @@
 		wait_task_inactive(p);
 
 	atomic_dec(&p->user->processes);
-	security_ops->task_free_security(p);
+	security_task_free(p);
 	free_uid(p->user);
 	write_lock_irq(&tasklist_lock);
 	if (unlikely(p->ptrace))
@@ -249,7 +249,7 @@
 	/* cpus_allowed? */
 	/* rt_priority? */
 	/* signals? */
-	security_ops->task_reparent_to_init(current);
+	security_task_reparent_to_init(current);
 	memcpy(current->rlim, init_task.rlim, sizeof(*(current->rlim)));
 	current->user = INIT_USER;
 
@@ -787,7 +787,7 @@
 	if (current->tgid != p->tgid && delay_group_leader(p))
 		return 2;
 
-	if (security_ops->task_wait(p))
+	if (security_task_wait(p))
 		return 0;
 
 	return 1;
diff -Nru a/kernel/fork.c b/kernel/fork.c
--- a/kernel/fork.c	Tue Nov 26 14:02:05 2002
+++ b/kernel/fork.c	Tue Nov 26 14:02:05 2002
@@ -717,8 +717,7 @@
 	if ((clone_flags & CLONE_DETACHED) && !(clone_flags & CLONE_THREAD))
 		return ERR_PTR(-EINVAL);
 
-	retval = security_ops->task_create(clone_flags);
-	if (retval)
+	if ((retval = security_task_create(clone_flags)))
 		goto fork_out;
 
 	retval = -ENOMEM;
@@ -802,7 +801,7 @@
 
 	p->core_waiter = 0;
 	retval = -ENOMEM;
-	if (security_ops->task_alloc_security(p))
+	if (security_task_alloc(p))
 		goto bad_fork_cleanup;
 	/* copy all the process information */
 	if (copy_semundo(clone_flags, p))
@@ -955,7 +954,7 @@
 bad_fork_cleanup_semundo:
 	exit_semundo(p);
 bad_fork_cleanup_security:
-	security_ops->task_free_security(p);
+	security_task_free(p);
 bad_fork_cleanup:
 	if (p->pid > 0)
 		free_pidmap(p->pid);
diff -Nru a/kernel/sched.c b/kernel/sched.c
--- a/kernel/sched.c	Tue Nov 26 14:02:05 2002
+++ b/kernel/sched.c	Tue Nov 26 14:02:05 2002
@@ -1348,8 +1348,7 @@
 	if (nice > 19)
 		nice = 19;
 
-	retval = security_ops->task_setnice(current, nice);
-	if (retval)
+	if ((retval = security_task_setnice(current, nice)))
 		return retval;
 
 	set_user_nice(current, nice);
@@ -1470,8 +1469,7 @@
 	    !capable(CAP_SYS_NICE))
 		goto out_unlock;
 
-	retval = security_ops->task_setscheduler(p, policy, &lp);
-	if (retval)
+	if ((retval = security_task_setscheduler(p, policy, &lp)))
 		goto out_unlock;
 
 	array = p->array;
@@ -1534,8 +1532,7 @@
 	read_lock(&tasklist_lock);
 	p = find_process_by_pid(pid);
 	if (p) {
-		retval = security_ops->task_getscheduler(p);
-		if (!retval)
+		if (!(retval = security_task_getscheduler(p)))
 			retval = p->policy;
 	}
 	read_unlock(&tasklist_lock);
@@ -1564,8 +1561,7 @@
 	if (!p)
 		goto out_unlock;
 
-	retval = security_ops->task_getscheduler(p);
-	if (retval)
+	if ((retval = security_task_getscheduler(p)))
 		goto out_unlock;
 
 	lp.sched_priority = p->rt_priority;
@@ -1824,8 +1820,7 @@
 	if (!p)
 		goto out_unlock;
 
-	retval = security_ops->task_getscheduler(p);
-	if (retval)
+	if ((retval = security_task_getscheduler(p)))
 		goto out_unlock;
 
 	jiffies_to_timespec(p->policy & SCHED_FIFO ?
diff -Nru a/kernel/sys.c b/kernel/sys.c
--- a/kernel/sys.c	Tue Nov 26 14:02:05 2002
+++ b/kernel/sys.c	Tue Nov 26 14:02:05 2002
@@ -485,8 +485,7 @@
 	int new_egid = old_egid;
 	int retval;
 
-	retval = security_ops->task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE);
-	if (retval)
+	if ((retval = security_task_setgid(rgid, egid, (gid_t)-1, LSM_SETID_RE)))
 		return retval;
 
 	if (rgid != (gid_t) -1) {
@@ -531,8 +530,7 @@
 	int old_egid = current->egid;
 	int retval;
 
-	retval = security_ops->task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID);
-	if (retval)
+	if ((retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_ID)))
 		return retval;
 
 	if (capable(CAP_SETGID))
@@ -605,8 +603,7 @@
 	int old_ruid, old_euid, old_suid, new_ruid, new_euid;
 	int retval;
 
-	retval = security_ops->task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE);
-	if (retval)
+	if ((retval = security_task_setuid(ruid, euid, (uid_t)-1, LSM_SETID_RE)))
 		return retval;
 
 	new_ruid = old_ruid = current->uid;
@@ -644,7 +641,7 @@
 		current->suid = current->euid;
 	current->fsuid = current->euid;
 
-	return security_ops->task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE);
+	return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RE);
 }
 
 
@@ -666,8 +663,7 @@
 	int old_ruid, old_suid, new_ruid, new_suid;
 	int retval;
 
-	retval = security_ops->task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID);
-	if (retval)
+	if ((retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_ID)))
 		return retval;
 
 	old_ruid = new_ruid = current->uid;
@@ -689,7 +685,7 @@
 	current->fsuid = current->euid = uid;
 	current->suid = new_suid;
 
-	return security_ops->task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID);
+	return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_ID);
 }
 
 
@@ -704,8 +700,7 @@
 	int old_suid = current->suid;
 	int retval;
 
-	retval = security_ops->task_setuid(ruid, euid, suid, LSM_SETID_RES);
-	if (retval)
+	if ((retval = security_task_setuid(ruid, euid, suid, LSM_SETID_RES)))
 		return retval;
 
 	if (!capable(CAP_SETUID)) {
@@ -735,7 +730,7 @@
 	if (suid != (uid_t) -1)
 		current->suid = suid;
 
-	return security_ops->task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES);
+	return security_task_post_setuid(old_ruid, old_euid, old_suid, LSM_SETID_RES);
 }
 
 asmlinkage long sys_getresuid(uid_t *ruid, uid_t *euid, uid_t *suid)
@@ -756,8 +751,7 @@
 {
 	int retval;
 
-	retval = security_ops->task_setgid(rgid, egid, sgid, LSM_SETID_RES);
-	if (retval)
+	if ((retval = security_task_setgid(rgid, egid, sgid, LSM_SETID_RES)))
 		return retval;
 
 	if (!capable(CAP_SETGID)) {
@@ -810,8 +804,7 @@
 	int old_fsuid;
 	int retval;
 
-	retval = security_ops->task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
-	if (retval)
+	if ((retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS)))
 		return retval;
 
 	old_fsuid = current->fsuid;
@@ -827,8 +820,7 @@
 		current->fsuid = uid;
 	}
 
-	retval = security_ops->task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
-	if (retval)
+	if ((retval = security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS)))
 		return retval;
 
 	return old_fsuid;
@@ -842,8 +834,7 @@
 	int old_fsgid;
 	int retval;
 
-	retval = security_ops->task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_FS);
-	if (retval)
+	if ((retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_FS)))
 		return retval;
 
 	old_fsgid = current->fsgid;
@@ -968,8 +959,7 @@
 
 		retval = -ESRCH;
 		if (p) {
-			retval = security_ops->task_getpgid(p);
-			if (!retval)
+			if (!(retval = security_task_getpgid(p)))
 				retval = p->pgrp;
 		}
 		read_unlock(&tasklist_lock);
@@ -996,8 +986,7 @@
 
 		retval = -ESRCH;
 		if(p) {
-			retval = security_ops->task_getsid(p);
-			if (!retval)
+			if (!(retval = security_task_getsid(p)))
 				retval = p->session;
 		}
 		read_unlock(&tasklist_lock);
@@ -1078,8 +1067,7 @@
 		return -EINVAL;
 	if(copy_from_user(groups, grouplist, gidsetsize * sizeof(gid_t)))
 		return -EFAULT;
-	retval = security_ops->task_setgroups(gidsetsize, groups);
-	if (retval)
+	if ((retval = security_task_setgroups(gidsetsize, groups)))
 		return retval;
 	memcpy(current->groups, groups, gidsetsize * sizeof(gid_t));
 	current->ngroups = gidsetsize;
@@ -1242,8 +1230,7 @@
 			return -EPERM;
 	}
 
-	retval = security_ops->task_setrlimit(resource, &new_rlim);
-	if (retval)
+	if ((retval = security_task_setrlimit(resource, &new_rlim)))
 		return retval;
 
 	*old_rlim = new_rlim;
@@ -1317,8 +1304,7 @@
 	int error = 0;
 	int sig;
 
-	error = security_ops->task_prctl(option, arg2, arg3, arg4, arg5);
-	if (error)
+	if ((error = security_task_prctl(option, arg2, arg3, arg4, arg5)))
 		return error;
 
 	switch (option) {