📄 security.h
字号:
/* allow module stacking */ int (*register_security) (const char *name, struct security_operations *ops); int (*unregister_security) (const char *name, struct security_operations *ops); void (*d_instantiate) (struct dentry *dentry, struct inode *inode); int (*getprocattr)(struct task_struct *p, char *name, void *value, size_t size); int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size);#ifdef CONFIG_SECURITY_NETWORK int (*unix_stream_connect) (struct socket * sock, struct socket * other, struct sock * newsk); int (*unix_may_send) (struct socket * sock, struct socket * other); int (*socket_create) (int family, int type, int protocol, int kern); void (*socket_post_create) (struct socket * sock, int family, int type, int protocol, int kern); int (*socket_bind) (struct socket * sock, struct sockaddr * address, int addrlen); int (*socket_connect) (struct socket * sock, struct sockaddr * address, int addrlen); int (*socket_listen) (struct socket * sock, int backlog); int (*socket_accept) (struct socket * sock, struct socket * newsock); void (*socket_post_accept) (struct socket * sock, struct socket * newsock); int (*socket_sendmsg) (struct socket * sock, struct msghdr * msg, int size); int (*socket_recvmsg) (struct socket * sock, struct msghdr * msg, int size, int flags); int (*socket_getsockname) (struct socket * sock); int (*socket_getpeername) (struct socket * sock); int (*socket_getsockopt) (struct socket * sock, int level, int optname); int (*socket_setsockopt) (struct socket * sock, int level, int optname); int (*socket_shutdown) (struct socket * sock, int how); int (*socket_sock_rcv_skb) (struct sock * sk, struct sk_buff * skb); int (*socket_getpeersec) (struct socket *sock, char *optval, int *optlen, unsigned len); int (*sk_alloc_security) (struct sock *sk, int family, int priority); void (*sk_free_security) (struct sock *sk);#endif /* CONFIG_SECURITY_NETWORK */};/* global variables */extern struct security_operations *security_ops;/* inline stuff */static inline int security_ptrace (struct task_struct * parent, struct task_struct * child){ return security_ops->ptrace (parent, child);}static inline int security_capget (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted){ return security_ops->capget (target, effective, inheritable, permitted);}static inline int security_capset_check (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted){ return security_ops->capset_check (target, effective, inheritable, permitted);}static inline void security_capset_set (struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted){ security_ops->capset_set (target, effective, inheritable, permitted);}static inline int security_acct (struct file *file){ return security_ops->acct (file);}static inline int security_sysctl(struct ctl_table *table, int op){ return security_ops->sysctl(table, op);}static inline int security_quotactl (int cmds, int type, int id, struct super_block *sb){ return security_ops->quotactl (cmds, type, id, sb);}static inline int security_quota_on (struct dentry * dentry){ return security_ops->quota_on (dentry);}static inline int security_syslog(int type){ return security_ops->syslog(type);}static inline int security_settime(struct timespec *ts, struct timezone *tz){ return security_ops->settime(ts, tz);}static inline int security_vm_enough_memory(long pages){ return security_ops->vm_enough_memory(pages);}static inline int security_bprm_alloc (struct linux_binprm *bprm){ return security_ops->bprm_alloc_security (bprm);}static inline void security_bprm_free (struct linux_binprm *bprm){ security_ops->bprm_free_security (bprm);}static inline void security_bprm_apply_creds (struct linux_binprm *bprm, int unsafe){ security_ops->bprm_apply_creds (bprm, unsafe);}static inline void security_bprm_post_apply_creds (struct linux_binprm *bprm){ security_ops->bprm_post_apply_creds (bprm);}static inline int security_bprm_set (struct linux_binprm *bprm){ return security_ops->bprm_set_security (bprm);}static inline int security_bprm_check (struct linux_binprm *bprm){ return security_ops->bprm_check_security (bprm);}static inline int security_bprm_secureexec (struct linux_binprm *bprm){ return security_ops->bprm_secureexec (bprm);}static inline int security_sb_alloc (struct super_block *sb){ return security_ops->sb_alloc_security (sb);}static inline void security_sb_free (struct super_block *sb){ security_ops->sb_free_security (sb);}static inline int security_sb_copy_data (struct file_system_type *type, void *orig, void *copy){ return security_ops->sb_copy_data (type, orig, copy);}static inline int security_sb_kern_mount (struct super_block *sb, void *data){ return security_ops->sb_kern_mount (sb, data);}static inline int security_sb_statfs (struct super_block *sb){ return security_ops->sb_statfs (sb);}static inline int security_sb_mount (char *dev_name, struct nameidata *nd, char *type, unsigned long flags, void *data){ return security_ops->sb_mount (dev_name, nd, type, flags, data);}static inline int security_sb_check_sb (struct vfsmount *mnt, struct nameidata *nd){ return security_ops->sb_check_sb (mnt, nd);}static inline int security_sb_umount (struct vfsmount *mnt, int flags){ return security_ops->sb_umount (mnt, flags);}static inline void security_sb_umount_close (struct vfsmount *mnt){ security_ops->sb_umount_close (mnt);}static inline void security_sb_umount_busy (struct vfsmount *mnt){ security_ops->sb_umount_busy (mnt);}static inline void security_sb_post_remount (struct vfsmount *mnt, unsigned long flags, void *data){ security_ops->sb_post_remount (mnt, flags, data);}static inline void security_sb_post_mountroot (void){ security_ops->sb_post_mountroot ();}static inline void security_sb_post_addmount (struct vfsmount *mnt, struct nameidata *mountpoint_nd){ security_ops->sb_post_addmount (mnt, mountpoint_nd);}static inline int security_sb_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd){ return security_ops->sb_pivotroot (old_nd, new_nd);}static inline void security_sb_post_pivotroot (struct nameidata *old_nd, struct nameidata *new_nd){ security_ops->sb_post_pivotroot (old_nd, new_nd);}static inline int security_inode_alloc (struct inode *inode){ if (unlikely (IS_PRIVATE (inode))) return 0; return security_ops->inode_alloc_security (inode);}static inline void security_inode_free (struct inode *inode){ if (unlikely (IS_PRIVATE (inode))) return; security_ops->inode_free_security (inode);} static inline int security_inode_create (struct inode *dir, struct dentry *dentry, int mode){ if (unlikely (IS_PRIVATE (dir))) return 0; return security_ops->inode_create (dir, dentry, mode);}static inline void security_inode_post_create (struct inode *dir, struct dentry *dentry, int mode){ if (dentry->d_inode && unlikely (IS_PRIVATE (dentry->d_inode))) return; security_ops->inode_post_create (dir, dentry, mode);}static inline int security_inode_link (struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry){ if (unlikely (IS_PRIVATE (old_dentry->d_inode))) return 0; return security_ops->inode_link (old_dentry, dir, new_dentry);}static inline void security_inode_post_link (struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry){ if (new_dentry->d_inode && unlikely (IS_PRIVATE (new_dentry->d_inode))) return; security_ops->inode_post_link (old_dentry, dir, new_dentry);}static inline int security_inode_unlink (struct inode *dir, struct dentry *dentry){ if (unlikely (IS_PRIVATE (dentry->d_inode))) return 0; return security_ops->inode_unlink (dir, dentry);}static inline int security_inode_symlink (struct inode *dir, struct dentry *dentry, const char *old_name){ if (unlikely (IS_PRIVATE (dir))) return 0; return security_ops->inode_symlink (dir, dentry, old_name);}static inline void security_inode_post_symlink (struct inode *dir, struct dentry *dentry, const char *old_name){ if (⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -