Commit 3612605a authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 

Pull general security layer updates from James Morris:

 - Convert security hooks from list to hlist, a nice cleanup, saving
   about 50% of space, from Sargun Dhillon.

 - Only pass the cred, not the secid, to kill_pid_info_as_cred and
   security_task_kill (as the secid can be determined from the cred),
   from Stephen Smalley.

 - Close a potential race in kernel_read_file(), by making the file
   unwritable before calling the LSM check (vs after), from Kees Cook.

* 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  security: convert security hooks to use hlist
  exec: Set file unwritable before LSM check
  usb, signal, security: only pass the cred, not the secid, to kill_pid_info_as_cred and security_task_kill
parents 62f8e6c5 df0ce173

drivers/usb/core/devio.c

+2 −8
Original line number Diff line number Diff line
@@ -65,7 +65,6 @@ struct usb_dev_state { 
	const struct cred *cred;

	void __user *disccontext;

	unsigned long ifclaimed;

	u32 secid;

	u32 disabled_bulk_eps;

	bool privileges_dropped;

	unsigned long interface_allowed_mask;
@@ -95,7 +94,6 @@ struct async { 
	struct usb_memory *usbm;

	unsigned int mem_usage;

	int status;

	u32 secid;

	u8 bulk_addr;

	u8 bulk_status;

};
@@ -586,7 +584,6 @@ static void async_completed(struct urb *urb) 
	struct usb_dev_state *ps = as->ps;

	struct siginfo sinfo;

	struct pid *pid = NULL;

	u32 secid = 0;

	const struct cred *cred = NULL;

	int signr;
@@ -602,7 +599,6 @@ static void async_completed(struct urb *urb) 
		sinfo.si_addr = as->userurb;

		pid = get_pid(as->pid);

		cred = get_cred(as->cred);

		secid = as->secid;

	}

	snoop(&urb->dev->dev, "urb complete\n");

	snoop_urb(urb->dev, as->userurb, urb->pipe, urb->actual_length,
@@ -618,7 +614,7 @@ static void async_completed(struct urb *urb) 
	spin_unlock(&ps->lock);



	if (signr) {

		kill_pid_info_as_cred(sinfo.si_signo, &sinfo, pid, cred, secid);

		kill_pid_info_as_cred(sinfo.si_signo, &sinfo, pid, cred);

		put_pid(pid);

		put_cred(cred);

	}
@@ -1013,7 +1009,6 @@ static int usbdev_open(struct inode *inode, struct file *file) 
	init_waitqueue_head(&ps->wait);

	ps->disc_pid = get_pid(task_pid(current));

	ps->cred = get_current_cred();

	security_task_getsecid(current, &ps->secid);

	smp_wmb();

	list_add_tail(&ps->list, &dev->filelist);

	file->private_data = ps;
@@ -1727,7 +1722,6 @@ static int proc_do_submiturb(struct usb_dev_state *ps, struct usbdevfs_urb *uurb 
	as->ifnum = ifnum;

	as->pid = get_pid(task_pid(current));

	as->cred = get_current_cred();

	security_task_getsecid(current, &as->secid);

	snoop_urb(ps->dev, as->userurb, as->urb->pipe,

			as->urb->transfer_buffer_length, 0, SUBMIT,

			NULL, 0);
@@ -2617,7 +2611,7 @@ static void usbdev_remove(struct usb_device *udev) 
			sinfo.si_code = SI_ASYNCIO;

			sinfo.si_addr = ps->disccontext;

			kill_pid_info_as_cred(ps->discsignr, &sinfo,

					ps->disc_pid, ps->cred, ps->secid);

					ps->disc_pid, ps->cred);

		}

	}

}

fs/exec.c

+3 −3
Original line number Diff line number Diff line
@@ -895,13 +895,13 @@ int kernel_read_file(struct file *file, void **buf, loff_t *size, 
	if (!S_ISREG(file_inode(file)->i_mode) || max_size < 0)

		return -EINVAL;



	ret = security_kernel_read_file(file, id);

	ret = deny_write_access(file);

	if (ret)

		return ret;



	ret = deny_write_access(file);

	ret = security_kernel_read_file(file, id);

	if (ret)

		return ret;

		goto out;



	i_size = i_size_read(file_inode(file));

	if (max_size > 0 && i_size > max_size) {

include/linux/lsm_hooks.h

+220 −219
Original line number Diff line number Diff line
@@ -672,7 +672,8 @@ 
 *	@p contains the task_struct for process.

 *	@info contains the signal information.

 *	@sig contains the signal value.

 *	@secid contains the sid of the process where the signal originated

 *	@cred contains the cred of the process where the signal originated, or

 *	NULL if the current task is the originator.

 *	Return 0 if permission is granted.

 * @task_prctl:

 *	Check permission before performing a process control operation on the
@@ -1591,7 +1592,7 @@ union security_list_options { 
	int (*task_getscheduler)(struct task_struct *p);

	int (*task_movememory)(struct task_struct *p);

	int (*task_kill)(struct task_struct *p, struct siginfo *info,

				int sig, u32 secid);

				int sig, const struct cred *cred);

	int (*task_prctl)(int option, unsigned long arg2, unsigned long arg3,

				unsigned long arg4, unsigned long arg5);

	void (*task_to_inode)(struct task_struct *p, struct inode *inode);
@@ -1763,233 +1764,233 @@ union security_list_options { 
};



struct security_hook_heads {

	struct list_head binder_set_context_mgr;

	struct list_head binder_transaction;

	struct list_head binder_transfer_binder;

	struct list_head binder_transfer_file;

	struct list_head ptrace_access_check;

	struct list_head ptrace_traceme;

	struct list_head capget;

	struct list_head capset;

	struct list_head capable;

	struct list_head quotactl;

	struct list_head quota_on;

	struct list_head syslog;

	struct list_head settime;

	struct list_head vm_enough_memory;

	struct list_head bprm_set_creds;

	struct list_head bprm_check_security;

	struct list_head bprm_committing_creds;

	struct list_head bprm_committed_creds;

	struct list_head sb_alloc_security;

	struct list_head sb_free_security;

	struct list_head sb_copy_data;

	struct list_head sb_remount;

	struct list_head sb_kern_mount;

	struct list_head sb_show_options;

	struct list_head sb_statfs;

	struct list_head sb_mount;

	struct list_head sb_umount;

	struct list_head sb_pivotroot;

	struct list_head sb_set_mnt_opts;

	struct list_head sb_clone_mnt_opts;

	struct list_head sb_parse_opts_str;

	struct list_head dentry_init_security;

	struct list_head dentry_create_files_as;

	struct hlist_head binder_set_context_mgr;

	struct hlist_head binder_transaction;

	struct hlist_head binder_transfer_binder;

	struct hlist_head binder_transfer_file;

	struct hlist_head ptrace_access_check;

	struct hlist_head ptrace_traceme;

	struct hlist_head capget;

	struct hlist_head capset;

	struct hlist_head capable;

	struct hlist_head quotactl;

	struct hlist_head quota_on;

	struct hlist_head syslog;

	struct hlist_head settime;

	struct hlist_head vm_enough_memory;

	struct hlist_head bprm_set_creds;

	struct hlist_head bprm_check_security;

	struct hlist_head bprm_committing_creds;

	struct hlist_head bprm_committed_creds;

	struct hlist_head sb_alloc_security;

	struct hlist_head sb_free_security;

	struct hlist_head sb_copy_data;

	struct hlist_head sb_remount;

	struct hlist_head sb_kern_mount;

	struct hlist_head sb_show_options;

	struct hlist_head sb_statfs;

	struct hlist_head sb_mount;

	struct hlist_head sb_umount;

	struct hlist_head sb_pivotroot;

	struct hlist_head sb_set_mnt_opts;

	struct hlist_head sb_clone_mnt_opts;

	struct hlist_head sb_parse_opts_str;

	struct hlist_head dentry_init_security;

	struct hlist_head dentry_create_files_as;

#ifdef CONFIG_SECURITY_PATH

	struct list_head path_unlink;

	struct list_head path_mkdir;

	struct list_head path_rmdir;

	struct list_head path_mknod;

	struct list_head path_truncate;

	struct list_head path_symlink;

	struct list_head path_link;

	struct list_head path_rename;

	struct list_head path_chmod;

	struct list_head path_chown;

	struct list_head path_chroot;

	struct hlist_head path_unlink;

	struct hlist_head path_mkdir;

	struct hlist_head path_rmdir;

	struct hlist_head path_mknod;

	struct hlist_head path_truncate;

	struct hlist_head path_symlink;

	struct hlist_head path_link;

	struct hlist_head path_rename;

	struct hlist_head path_chmod;

	struct hlist_head path_chown;

	struct hlist_head path_chroot;

#endif

	struct list_head inode_alloc_security;

	struct list_head inode_free_security;

	struct list_head inode_init_security;

	struct list_head inode_create;

	struct list_head inode_link;

	struct list_head inode_unlink;

	struct list_head inode_symlink;

	struct list_head inode_mkdir;

	struct list_head inode_rmdir;

	struct list_head inode_mknod;

	struct list_head inode_rename;

	struct list_head inode_readlink;

	struct list_head inode_follow_link;

	struct list_head inode_permission;

	struct list_head inode_setattr;

	struct list_head inode_getattr;

	struct list_head inode_setxattr;

	struct list_head inode_post_setxattr;

	struct list_head inode_getxattr;

	struct list_head inode_listxattr;

	struct list_head inode_removexattr;

	struct list_head inode_need_killpriv;

	struct list_head inode_killpriv;

	struct list_head inode_getsecurity;

	struct list_head inode_setsecurity;

	struct list_head inode_listsecurity;

	struct list_head inode_getsecid;

	struct list_head inode_copy_up;

	struct list_head inode_copy_up_xattr;

	struct list_head file_permission;

	struct list_head file_alloc_security;

	struct list_head file_free_security;

	struct list_head file_ioctl;

	struct list_head mmap_addr;

	struct list_head mmap_file;

	struct list_head file_mprotect;

	struct list_head file_lock;

	struct list_head file_fcntl;

	struct list_head file_set_fowner;

	struct list_head file_send_sigiotask;

	struct list_head file_receive;

	struct list_head file_open;

	struct list_head task_alloc;

	struct list_head task_free;

	struct list_head cred_alloc_blank;

	struct list_head cred_free;

	struct list_head cred_prepare;

	struct list_head cred_transfer;

	struct list_head kernel_act_as;

	struct list_head kernel_create_files_as;

	struct list_head kernel_read_file;

	struct list_head kernel_post_read_file;

	struct list_head kernel_module_request;

	struct list_head task_fix_setuid;

	struct list_head task_setpgid;

	struct list_head task_getpgid;

	struct list_head task_getsid;

	struct list_head task_getsecid;

	struct list_head task_setnice;

	struct list_head task_setioprio;

	struct list_head task_getioprio;

	struct list_head task_prlimit;

	struct list_head task_setrlimit;

	struct list_head task_setscheduler;

	struct list_head task_getscheduler;

	struct list_head task_movememory;

	struct list_head task_kill;

	struct list_head task_prctl;

	struct list_head task_to_inode;

	struct list_head ipc_permission;

	struct list_head ipc_getsecid;

	struct list_head msg_msg_alloc_security;

	struct list_head msg_msg_free_security;

	struct list_head msg_queue_alloc_security;

	struct list_head msg_queue_free_security;

	struct list_head msg_queue_associate;

	struct list_head msg_queue_msgctl;

	struct list_head msg_queue_msgsnd;

	struct list_head msg_queue_msgrcv;

	struct list_head shm_alloc_security;

	struct list_head shm_free_security;

	struct list_head shm_associate;

	struct list_head shm_shmctl;

	struct list_head shm_shmat;

	struct list_head sem_alloc_security;

	struct list_head sem_free_security;

	struct list_head sem_associate;

	struct list_head sem_semctl;

	struct list_head sem_semop;

	struct list_head netlink_send;

	struct list_head d_instantiate;

	struct list_head getprocattr;

	struct list_head setprocattr;

	struct list_head ismaclabel;

	struct list_head secid_to_secctx;

	struct list_head secctx_to_secid;

	struct list_head release_secctx;

	struct list_head inode_invalidate_secctx;

	struct list_head inode_notifysecctx;

	struct list_head inode_setsecctx;

	struct list_head inode_getsecctx;

	struct hlist_head inode_alloc_security;

	struct hlist_head inode_free_security;

	struct hlist_head inode_init_security;

	struct hlist_head inode_create;

	struct hlist_head inode_link;

	struct hlist_head inode_unlink;

	struct hlist_head inode_symlink;

	struct hlist_head inode_mkdir;

	struct hlist_head inode_rmdir;

	struct hlist_head inode_mknod;

	struct hlist_head inode_rename;

	struct hlist_head inode_readlink;

	struct hlist_head inode_follow_link;

	struct hlist_head inode_permission;

	struct hlist_head inode_setattr;

	struct hlist_head inode_getattr;

	struct hlist_head inode_setxattr;

	struct hlist_head inode_post_setxattr;

	struct hlist_head inode_getxattr;

	struct hlist_head inode_listxattr;

	struct hlist_head inode_removexattr;

	struct hlist_head inode_need_killpriv;

	struct hlist_head inode_killpriv;

	struct hlist_head inode_getsecurity;

	struct hlist_head inode_setsecurity;

	struct hlist_head inode_listsecurity;

	struct hlist_head inode_getsecid;

	struct hlist_head inode_copy_up;

	struct hlist_head inode_copy_up_xattr;

	struct hlist_head file_permission;

	struct hlist_head file_alloc_security;

	struct hlist_head file_free_security;

	struct hlist_head file_ioctl;

	struct hlist_head mmap_addr;

	struct hlist_head mmap_file;

	struct hlist_head file_mprotect;

	struct hlist_head file_lock;

	struct hlist_head file_fcntl;

	struct hlist_head file_set_fowner;

	struct hlist_head file_send_sigiotask;

	struct hlist_head file_receive;

	struct hlist_head file_open;

	struct hlist_head task_alloc;

	struct hlist_head task_free;

	struct hlist_head cred_alloc_blank;

	struct hlist_head cred_free;

	struct hlist_head cred_prepare;

	struct hlist_head cred_transfer;

	struct hlist_head kernel_act_as;

	struct hlist_head kernel_create_files_as;

	struct hlist_head kernel_read_file;

	struct hlist_head kernel_post_read_file;

	struct hlist_head kernel_module_request;

	struct hlist_head task_fix_setuid;

	struct hlist_head task_setpgid;

	struct hlist_head task_getpgid;

	struct hlist_head task_getsid;

	struct hlist_head task_getsecid;

	struct hlist_head task_setnice;

	struct hlist_head task_setioprio;

	struct hlist_head task_getioprio;

	struct hlist_head task_prlimit;

	struct hlist_head task_setrlimit;

	struct hlist_head task_setscheduler;

	struct hlist_head task_getscheduler;

	struct hlist_head task_movememory;

	struct hlist_head task_kill;

	struct hlist_head task_prctl;

	struct hlist_head task_to_inode;

	struct hlist_head ipc_permission;

	struct hlist_head ipc_getsecid;

	struct hlist_head msg_msg_alloc_security;

	struct hlist_head msg_msg_free_security;

	struct hlist_head msg_queue_alloc_security;

	struct hlist_head msg_queue_free_security;

	struct hlist_head msg_queue_associate;

	struct hlist_head msg_queue_msgctl;

	struct hlist_head msg_queue_msgsnd;

	struct hlist_head msg_queue_msgrcv;

	struct hlist_head shm_alloc_security;

	struct hlist_head shm_free_security;

	struct hlist_head shm_associate;

	struct hlist_head shm_shmctl;

	struct hlist_head shm_shmat;

	struct hlist_head sem_alloc_security;

	struct hlist_head sem_free_security;

	struct hlist_head sem_associate;

	struct hlist_head sem_semctl;

	struct hlist_head sem_semop;

	struct hlist_head netlink_send;

	struct hlist_head d_instantiate;

	struct hlist_head getprocattr;

	struct hlist_head setprocattr;

	struct hlist_head ismaclabel;

	struct hlist_head secid_to_secctx;

	struct hlist_head secctx_to_secid;

	struct hlist_head release_secctx;

	struct hlist_head inode_invalidate_secctx;

	struct hlist_head inode_notifysecctx;

	struct hlist_head inode_setsecctx;

	struct hlist_head inode_getsecctx;

#ifdef CONFIG_SECURITY_NETWORK

	struct list_head unix_stream_connect;

	struct list_head unix_may_send;

	struct list_head socket_create;

	struct list_head socket_post_create;

	struct list_head socket_bind;

	struct list_head socket_connect;

	struct list_head socket_listen;

	struct list_head socket_accept;

	struct list_head socket_sendmsg;

	struct list_head socket_recvmsg;

	struct list_head socket_getsockname;

	struct list_head socket_getpeername;

	struct list_head socket_getsockopt;

	struct list_head socket_setsockopt;

	struct list_head socket_shutdown;

	struct list_head socket_sock_rcv_skb;

	struct list_head socket_getpeersec_stream;

	struct list_head socket_getpeersec_dgram;

	struct list_head sk_alloc_security;

	struct list_head sk_free_security;

	struct list_head sk_clone_security;

	struct list_head sk_getsecid;

	struct list_head sock_graft;

	struct list_head inet_conn_request;

	struct list_head inet_csk_clone;

	struct list_head inet_conn_established;

	struct list_head secmark_relabel_packet;

	struct list_head secmark_refcount_inc;

	struct list_head secmark_refcount_dec;

	struct list_head req_classify_flow;

	struct list_head tun_dev_alloc_security;

	struct list_head tun_dev_free_security;

	struct list_head tun_dev_create;

	struct list_head tun_dev_attach_queue;

	struct list_head tun_dev_attach;

	struct list_head tun_dev_open;

	struct list_head sctp_assoc_request;

	struct list_head sctp_bind_connect;

	struct list_head sctp_sk_clone;

	struct hlist_head unix_stream_connect;

	struct hlist_head unix_may_send;

	struct hlist_head socket_create;

	struct hlist_head socket_post_create;

	struct hlist_head socket_bind;

	struct hlist_head socket_connect;

	struct hlist_head socket_listen;

	struct hlist_head socket_accept;

	struct hlist_head socket_sendmsg;

	struct hlist_head socket_recvmsg;

	struct hlist_head socket_getsockname;

	struct hlist_head socket_getpeername;

	struct hlist_head socket_getsockopt;

	struct hlist_head socket_setsockopt;

	struct hlist_head socket_shutdown;

	struct hlist_head socket_sock_rcv_skb;

	struct hlist_head socket_getpeersec_stream;

	struct hlist_head socket_getpeersec_dgram;

	struct hlist_head sk_alloc_security;

	struct hlist_head sk_free_security;

	struct hlist_head sk_clone_security;

	struct hlist_head sk_getsecid;

	struct hlist_head sock_graft;

	struct hlist_head inet_conn_request;

	struct hlist_head inet_csk_clone;

	struct hlist_head inet_conn_established;

	struct hlist_head secmark_relabel_packet;

	struct hlist_head secmark_refcount_inc;

	struct hlist_head secmark_refcount_dec;

	struct hlist_head req_classify_flow;

	struct hlist_head tun_dev_alloc_security;

	struct hlist_head tun_dev_free_security;

	struct hlist_head tun_dev_create;

	struct hlist_head tun_dev_attach_queue;

	struct hlist_head tun_dev_attach;

	struct hlist_head tun_dev_open;

	struct hlist_head sctp_assoc_request;

	struct hlist_head sctp_bind_connect;

	struct hlist_head sctp_sk_clone;

#endif	/* CONFIG_SECURITY_NETWORK */

#ifdef CONFIG_SECURITY_INFINIBAND

	struct list_head ib_pkey_access;

	struct list_head ib_endport_manage_subnet;

	struct list_head ib_alloc_security;

	struct list_head ib_free_security;

	struct hlist_head ib_pkey_access;

	struct hlist_head ib_endport_manage_subnet;

	struct hlist_head ib_alloc_security;

	struct hlist_head ib_free_security;

#endif	/* CONFIG_SECURITY_INFINIBAND */

#ifdef CONFIG_SECURITY_NETWORK_XFRM

	struct list_head xfrm_policy_alloc_security;

	struct list_head xfrm_policy_clone_security;

	struct list_head xfrm_policy_free_security;

	struct list_head xfrm_policy_delete_security;

	struct list_head xfrm_state_alloc;

	struct list_head xfrm_state_alloc_acquire;

	struct list_head xfrm_state_free_security;

	struct list_head xfrm_state_delete_security;

	struct list_head xfrm_policy_lookup;

	struct list_head xfrm_state_pol_flow_match;

	struct list_head xfrm_decode_session;

	struct hlist_head xfrm_policy_alloc_security;

	struct hlist_head xfrm_policy_clone_security;

	struct hlist_head xfrm_policy_free_security;

	struct hlist_head xfrm_policy_delete_security;

	struct hlist_head xfrm_state_alloc;

	struct hlist_head xfrm_state_alloc_acquire;

	struct hlist_head xfrm_state_free_security;

	struct hlist_head xfrm_state_delete_security;

	struct hlist_head xfrm_policy_lookup;

	struct hlist_head xfrm_state_pol_flow_match;

	struct hlist_head xfrm_decode_session;

#endif	/* CONFIG_SECURITY_NETWORK_XFRM */

#ifdef CONFIG_KEYS

	struct list_head key_alloc;

	struct list_head key_free;

	struct list_head key_permission;

	struct list_head key_getsecurity;

	struct hlist_head key_alloc;

	struct hlist_head key_free;

	struct hlist_head key_permission;

	struct hlist_head key_getsecurity;

#endif	/* CONFIG_KEYS */

#ifdef CONFIG_AUDIT

	struct list_head audit_rule_init;

	struct list_head audit_rule_known;

	struct list_head audit_rule_match;

	struct list_head audit_rule_free;

	struct hlist_head audit_rule_init;

	struct hlist_head audit_rule_known;

	struct hlist_head audit_rule_match;

	struct hlist_head audit_rule_free;

#endif /* CONFIG_AUDIT */

#ifdef CONFIG_BPF_SYSCALL

	struct list_head bpf;

	struct list_head bpf_map;

	struct list_head bpf_prog;

	struct list_head bpf_map_alloc_security;

	struct list_head bpf_map_free_security;

	struct list_head bpf_prog_alloc_security;

	struct list_head bpf_prog_free_security;

	struct hlist_head bpf;

	struct hlist_head bpf_map;

	struct hlist_head bpf_prog;

	struct hlist_head bpf_map_alloc_security;

	struct hlist_head bpf_map_free_security;

	struct hlist_head bpf_prog_alloc_security;

	struct hlist_head bpf_prog_free_security;

#endif /* CONFIG_BPF_SYSCALL */

} __randomize_layout;
@@ -1998,8 +1999,8 @@ struct security_hook_heads { 
 * For use with generic list macros for common operations.

 */

struct security_hook_list {

	struct list_head		list;

	struct list_head		*head;

	struct hlist_node		list;

	struct hlist_head		*head;

	union security_list_options	hook;

	char				*lsm;

} __randomize_layout;
@@ -2038,7 +2039,7 @@ static inline void security_delete_hooks(struct security_hook_list *hooks, 
	int i;



	for (i = 0; i < count; i++)

		list_del_rcu(&hooks[i].list);

		hlist_del_rcu(&hooks[i].list);

}

#endif /* CONFIG_SECURITY_SELINUX_DISABLE */

include/linux/sched/signal.h

+1 −1
Original line number Diff line number Diff line
@@ -319,7 +319,7 @@ extern int force_sig_info(int, struct siginfo *, struct task_struct *); 
extern int __kill_pgrp_info(int sig, struct siginfo *info, struct pid *pgrp);

extern int kill_pid_info(int sig, struct siginfo *info, struct pid *pid);

extern int kill_pid_info_as_cred(int, struct siginfo *, struct pid *,

				const struct cred *, u32);

				const struct cred *);

extern int kill_pgrp(struct pid *pid, int sig, int priv);

extern int kill_pid(struct pid *pid, int sig, int priv);

extern __must_check bool do_notify_parent(struct task_struct *, int);

include/linux/security.h

+2 −2
Original line number Diff line number Diff line
@@ -345,7 +345,7 @@ int security_task_setscheduler(struct task_struct *p); 
int security_task_getscheduler(struct task_struct *p);

int security_task_movememory(struct task_struct *p);

int security_task_kill(struct task_struct *p, struct siginfo *info,

			int sig, u32 secid);

			int sig, const struct cred *cred);

int security_task_prctl(int option, unsigned long arg2, unsigned long arg3,

			unsigned long arg4, unsigned long arg5);

void security_task_to_inode(struct task_struct *p, struct inode *inode);
@@ -1008,7 +1008,7 @@ static inline int security_task_movememory(struct task_struct *p) 


static inline int security_task_kill(struct task_struct *p,

				     struct siginfo *info, int sig,

				     u32 secid)

				     const struct cred *cred)

{

	return 0;

}

CRA Git | Maintained and supported by SUSTech CRA and CCSE