summaryrefslogtreecommitdiff
path: root/security/capability.c
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2009-10-04 21:49:48 +0900
committerJames Morris <jmorris@namei.org>2009-10-12 10:56:02 +1100
commit8b8efb44033c7e86b3dc76f825c693ec92ae30e9 (patch)
tree8cf43afc59f88f36a86f3a8165770bccec28b3c3 /security/capability.c
parent89eda06837094ce9f34fae269b8773fcfd70f046 (diff)
downloadlinux-3.10-8b8efb44033c7e86b3dc76f825c693ec92ae30e9.tar.gz
linux-3.10-8b8efb44033c7e86b3dc76f825c693ec92ae30e9.tar.bz2
linux-3.10-8b8efb44033c7e86b3dc76f825c693ec92ae30e9.zip
LSM: Add security_path_chroot().
This patch allows pathname based LSM modules to check chroot() operations. This hook is used by TOMOYO. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/capability.c')
-rw-r--r--security/capability.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/security/capability.c b/security/capability.c
index 09279a8d4a1..4f3ab476937 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -319,6 +319,11 @@ static int cap_path_chown(struct path *path, uid_t uid, gid_t gid)
{
return 0;
}
+
+static int cap_path_chroot(struct path *root)
+{
+ return 0;
+}
#endif
static int cap_file_permission(struct file *file, int mask)
@@ -990,6 +995,7 @@ void security_fixup_ops(struct security_operations *ops)
set_to_cap_if_null(ops, path_truncate);
set_to_cap_if_null(ops, path_chmod);
set_to_cap_if_null(ops, path_chown);
+ set_to_cap_if_null(ops, path_chroot);
#endif
set_to_cap_if_null(ops, file_permission);
set_to_cap_if_null(ops, file_alloc_security);