diff options
author | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-10-17 01:53:20 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-10-17 01:53:20 +0200 |
commit | b883a688ce4ba60ba4295ef9bf9854647f4d106e (patch) | |
tree | ec11ae4b89d7a95e4f6e4d5be7b0ef1b87d54a2d /include | |
parent | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/iee... (diff) | |
parent | SELinux: kills warnings in Improve SELinux performance when AVC misses (diff) | |
download | linux-b883a688ce4ba60ba4295ef9bf9854647f4d106e.tar.xz linux-b883a688ce4ba60ba4295ef9bf9854647f4d106e.zip |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6:
SELinux: kills warnings in Improve SELinux performance when AVC misses
SELinux: improve performance when AVC misses.
SELinux: policy selectable handling of unknown classes and perms
SELinux: Improve read/write performance
SELinux: tune avtab to reduce memory usage
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/security.h | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index 1a15526e9f67..928d4793c6f4 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -504,6 +504,13 @@ struct request_sock; * @file contains the file structure being received. * Return 0 if permission is granted. * + * Security hook for dentry + * + * @dentry_open + * Save open-time permission checking state for later use upon + * file_permission, and recheck access if anything has changed + * since inode_permission. + * * Security hooks for task operations. * * @task_create: @@ -1256,6 +1263,7 @@ struct security_operations { int (*file_send_sigiotask) (struct task_struct * tsk, struct fown_struct * fown, int sig); int (*file_receive) (struct file * file); + int (*dentry_open) (struct file *file); int (*task_create) (unsigned long clone_flags); int (*task_alloc_security) (struct task_struct * p); @@ -1864,6 +1872,11 @@ static inline int security_file_receive (struct file *file) return security_ops->file_receive (file); } +static inline int security_dentry_open (struct file *file) +{ + return security_ops->dentry_open (file); +} + static inline int security_task_create (unsigned long clone_flags) { return security_ops->task_create (clone_flags); @@ -2546,6 +2559,11 @@ static inline int security_file_receive (struct file *file) return 0; } +static inline int security_dentry_open (struct file *file) +{ + return 0; +} + static inline int security_task_create (unsigned long clone_flags) { return 0; |