security.h

umon bootloader source code, support mips cpu.

				  struct sched_param * lp);
	int (*task_getscheduler) (struct task_struct * p);
	int (*task_kill) (struct task_struct * p,
			  struct siginfo * info, int sig);
	int (*task_wait) (struct task_struct * p);
	int (*task_prctl) (int option, unsigned long arg2,
			   unsigned long arg3, unsigned long arg4,
			   unsigned long arg5);
	void (*task_reparent_to_init) (struct task_struct * p);
	void (*task_to_inode)(struct task_struct *p, struct inode *inode);

	int (*ipc_permission) (struct kern_ipc_perm * ipcp, short flag);

	int (*msg_msg_alloc_security) (struct msg_msg * msg);
	void (*msg_msg_free_security) (struct msg_msg * msg);

	int (*msg_queue_alloc_security) (struct msg_queue * msq);
	void (*msg_queue_free_security) (struct msg_queue * msq);
	int (*msg_queue_associate) (struct msg_queue * msq, int msqflg);
	int (*msg_queue_msgctl) (struct msg_queue * msq, int cmd);
	int (*msg_queue_msgsnd) (struct msg_queue * msq,
				 struct msg_msg * msg, int msqflg);
	int (*msg_queue_msgrcv) (struct msg_queue * msq,
				 struct msg_msg * msg,
				 struct task_struct * target,
				 long type, int mode);

	int (*shm_alloc_security) (struct shmid_kernel * shp);
	void (*shm_free_security) (struct shmid_kernel * shp);
	int (*shm_associate) (struct shmid_kernel * shp, int shmflg);
	int (*shm_shmctl) (struct shmid_kernel * shp, int cmd);
	int (*shm_shmat) (struct shmid_kernel * shp, 
			  char __user *shmaddr, int shmflg);

	int (*sem_alloc_security) (struct sem_array * sma);
	void (*sem_free_security) (struct sem_array * sma);
	int (*sem_associate) (struct sem_array * sma, int semflg);
	int (*sem_semctl) (struct sem_array * sma, int cmd);
	int (*sem_semop) (struct sem_array * sma, 
			  struct sembuf * sops, unsigned nsops, int alter);

	int (*netlink_send) (struct sock * sk, struct sk_buff * skb);
	int (*netlink_recv) (struct sk_buff * skb);

	/* allow module stacking */
	int (*register_security) (const char *name,
	                          struct security_operations *ops);
	int (*unregister_security) (const char *name,
	                            struct security_operations *ops);

	void (*d_instantiate) (struct dentry *dentry, struct inode *inode);

 	int (*getprocattr)(struct task_struct *p, char *name, void *value, size_t size);
 	int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size);

#ifdef CONFIG_SECURITY_NETWORK
	int (*unix_stream_connect) (struct socket * sock,
				    struct socket * other, struct sock * newsk);
	int (*unix_may_send) (struct socket * sock, struct socket * other);

	int (*socket_create) (int family, int type, int protocol, int kern);
	void (*socket_post_create) (struct socket * sock, int family,
				    int type, int protocol, int kern);
	int (*socket_bind) (struct socket * sock,
			    struct sockaddr * address, int addrlen);
	int (*socket_connect) (struct socket * sock,
			       struct sockaddr * address, int addrlen);
	int (*socket_listen) (struct socket * sock, int backlog);
	int (*socket_accept) (struct socket * sock, struct socket * newsock);
	void (*socket_post_accept) (struct socket * sock,
				    struct socket * newsock);
	int (*socket_sendmsg) (struct socket * sock,
			       struct msghdr * msg, int size);
	int (*socket_recvmsg) (struct socket * sock,
			       struct msghdr * msg, int size, int flags);
	int (*socket_getsockname) (struct socket * sock);
	int (*socket_getpeername) (struct socket * sock);
	int (*socket_getsockopt) (struct socket * sock, int level, int optname);
	int (*socket_setsockopt) (struct socket * sock, int level, int optname);
	int (*socket_shutdown) (struct socket * sock, int how);
	int (*socket_sock_rcv_skb) (struct sock * sk, struct sk_buff * skb);
	int (*socket_getpeersec) (struct socket *sock, char __user *optval, int __user *optlen, unsigned len);
	int (*sk_alloc_security) (struct sock *sk, int family, int priority);
	void (*sk_free_security) (struct sock *sk);
#endif	/* CONFIG_SECURITY_NETWORK */
};

/* global variables */
extern struct security_operations *security_ops;

/* inline stuff */
static inline int security_ptrace (struct task_struct * parent, struct task_struct * child)
{
	return security_ops->ptrace (parent, child);
}

static inline int security_capget (struct task_struct *target,
				   kernel_cap_t *effective,
				   kernel_cap_t *inheritable,
				   kernel_cap_t *permitted)
{
	return security_ops->capget (target, effective, inheritable, permitted);
}

static inline int security_capset_check (struct task_struct *target,
					 kernel_cap_t *effective,
					 kernel_cap_t *inheritable,
					 kernel_cap_t *permitted)
{
	return security_ops->capset_check (target, effective, inheritable, permitted);
}

static inline void security_capset_set (struct task_struct *target,
					kernel_cap_t *effective,
					kernel_cap_t *inheritable,
					kernel_cap_t *permitted)
{
	security_ops->capset_set (target, effective, inheritable, permitted);
}

static inline int security_acct (struct file *file)
{
	return security_ops->acct (file);
}

static inline int security_sysctl(struct ctl_table *table, int op)
{
	return security_ops->sysctl(table, op);
}

static inline int security_quotactl (int cmds, int type, int id,
				     struct super_block *sb)
{
	return security_ops->quotactl (cmds, type, id, sb);
}

static inline int security_quota_on (struct dentry * dentry)
{
	return security_ops->quota_on (dentry);
}

static inline int security_syslog(int type)
{
	return security_ops->syslog(type);
}

static inline int security_settime(struct timespec *ts, struct timezone *tz)
{
	return security_ops->settime(ts, tz);
}


static inline int security_vm_enough_memory(long pages)
{
	return security_ops->vm_enough_memory(pages);
}

static inline int security_bprm_alloc (struct linux_binprm *bprm)
{
	return security_ops->bprm_alloc_security (bprm);
}
static inline void security_bprm_free (struct linux_binprm *bprm)
{
	security_ops->bprm_free_security (bprm);
}
static inline void security_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
{
	security_ops->bprm_apply_creds (bprm, unsafe);
}
static inline void security_bprm_post_apply_creds (struct linux_binprm *bprm)
{
	security_ops->bprm_post_apply_creds (bprm);
}
static inline int security_bprm_set (struct linux_binprm *bprm)
{
	return security_ops->bprm_set_security (bprm);
}

static inline int security_bprm_check (struct linux_binprm *bprm)
{
	return security_ops->bprm_check_security (bprm);
}

static inline int security_bprm_secureexec (struct linux_binprm *bprm)
{
	return security_ops->bprm_secureexec (bprm);
}

static inline int security_sb_alloc (struct super_block *sb)
{
	return security_ops->sb_alloc_security (sb);
}

static inline void security_sb_free (struct super_block *sb)
{
	security_ops->sb_free_security (sb);
}

static inline int security_sb_copy_data (struct file_system_type *type,
					 void *orig, void *copy)
{
	return security_ops->sb_copy_data (type, orig, copy);
}

static inline int security_sb_kern_mount (struct super_block *sb, void *data)
{
	return security_ops->sb_kern_mount (sb, data);
}

static inline int security_sb_statfs (struct super_block *sb)
{
	return security_ops->sb_statfs (sb);
}

static inline int security_sb_mount (char *dev_name, struct nameidata *nd,
				    char *type, unsigned long flags,
				    void *data)
{
	return security_ops->sb_mount (dev_name, nd, type, flags, data);
}

static inline int security_sb_check_sb (struct vfsmount *mnt,
					struct nameidata *nd)
{
	return security_ops->sb_check_sb (mnt, nd);
}

static inline int security_sb_umount (struct vfsmount *mnt, int flags)
{
	return security_ops->sb_umount (mnt, flags);
}

static inline void security_sb_umount_close (struct vfsmount *mnt)
{
	security_ops->sb_umount_close (mnt);
}

static inline void security_sb_umount_busy (struct vfsmount *mnt)
{
	security_ops->sb_umount_busy (mnt);
}

static inline void security_sb_post_remount (struct vfsmount *mnt,
					     unsigned long flags, void *data)
{
	security_ops->sb_post_remount (mnt, flags, data);
}

static inline void security_sb_post_mountroot (void)
{
	security_ops->sb_post_mountroot ();
}

static inline void security_sb_post_addmount (struct vfsmount *mnt,
					      struct nameidata *mountpoint_nd)
{
	security_ops->sb_post_addmount (mnt, mountpoint_nd);
}

static inline int security_sb_pivotroot (struct nameidata *old_nd,
					 struct nameidata *new_nd)
{
	return security_ops->sb_pivotroot (old_nd, new_nd);
}

static inline void security_sb_post_pivotroot (struct nameidata *old_nd,
					       struct nameidata *new_nd)
{
	security_ops->sb_post_pivotroot (old_nd, new_nd);
}

static inline int security_inode_alloc (struct inode *inode)
{
	if (unlikely (IS_PRIVATE (inode)))
		return 0;
	return security_ops->inode_alloc_security (inode);
}

static inline void security_inode_free (struct inode *inode)
{
	if (unlikely (IS_PRIVATE (inode)))
		return;
	security_ops->inode_free_security (inode);
}
	
static inline int security_inode_create (struct inode *dir,
					 struct dentry *dentry,
					 int mode)
{
	if (unlik