[PATCH] Capture selinux subject/object context information.

			      struct timespec *t, unsigned int *serial);

extern int  audit_set_loginuid(struct task_struct *task, uid_t loginuid);

extern uid_t audit_get_loginuid(struct audit_context *ctx);

extern int audit_ipc_perms(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);

extern int audit_ipc_perms(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode, struct kern_ipc_perm *ipcp);

extern int audit_socketcall(int nargs, unsigned long *args);

extern int audit_sockaddr(int len, void *addr);

extern int audit_avc_path(struct dentry *dentry, struct vfsmount *mnt);

extern void audit_signal_info(int sig, struct task_struct *t);

extern int audit_filter_user(struct netlink_skb_parms *cb, int type);

extern int audit_filter_type(int type);

extern int audit_set_macxattr(const char *name);

#else

#define audit_alloc(t) ({ 0; })

#define audit_free(t) do { ; } while (0)

#define audit_receive_filter(t,p,u,s,d,l) ({ -EOPNOTSUPP; })

#define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)

#define audit_get_loginuid(c) ({ -1; })

#define audit_ipc_perms(q,u,g,m) ({ 0; })

#define audit_ipc_perms(q,u,g,m,i) ({ 0; })

#define audit_socketcall(n,a) ({ 0; })

#define audit_sockaddr(len, addr) ({ 0; })

#define audit_avc_path(dentry, mnt) ({ 0; })

#define audit_signal_info(s,t) do { ; } while (0)

#define audit_filter_user(cb,t) ({ 1; })

#define audit_set_macxattr(n) do { ; } while (0)

#endif

#ifdef CONFIG_AUDIT

					     int done, int multi,

					     void *payload, int size);

extern void		    audit_log_lost(const char *message);

extern void		    audit_panic(const char *message);

extern struct semaphore audit_netlink_sem;

#else

#define audit_log(c,g,t,f,...) do { ; } while (0)

#define audit_log_hex(a,b,l) do { ; } while (0)

#define audit_log_untrustedstring(a,s) do { ; } while (0)

#define audit_log_d_path(b,p,d,v) do { ; } while (0)

#define audit_panic(m) do { ; } while (0)

#endif

#endif

#endif

 *	@ipcp contains the kernel IPC permission structure

 *	@flag contains the desired (requested) permission set

 *	Return 0 if permission is granted.

 * @ipc_getsecurity:

 *      Copy the security label associated with the ipc object into

 *      @buffer.  @buffer may be NULL to request the size of the buffer 

 *      required.  @size indicates the size of @buffer in bytes. Return 

 *      number of bytes used/required on success.

 *

 * Security hooks for individual messages held in System V IPC message queues

 * @msg_msg_alloc_security:

	int (*inode_getxattr) (struct dentry *dentry, char *name);

	int (*inode_listxattr) (struct dentry *dentry);

	int (*inode_removexattr) (struct dentry *dentry, char *name);

	char *(*inode_xattr_getsuffix) (void);

  	int (*inode_getsecurity)(struct inode *inode, const char *name, void *buffer, size_t size, int err);

  	int (*inode_setsecurity)(struct inode *inode, const char *name, const void *value, size_t size, int flags);

  	int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t buffer_size);

	void (*task_to_inode)(struct task_struct *p, struct inode *inode);

	int (*ipc_permission) (struct kern_ipc_perm * ipcp, short flag);

	int (*ipc_getsecurity)(struct kern_ipc_perm *ipcp, void *buffer, size_t size);

	int (*msg_msg_alloc_security) (struct msg_msg * msg);

	void (*msg_msg_free_security) (struct msg_msg * msg);

	return security_ops->inode_removexattr (dentry, name);

}

static inline const char *security_inode_xattr_getsuffix(void)

{

	return security_ops->inode_xattr_getsuffix();

}

static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size, int err)

{

	if (unlikely (IS_PRIVATE (inode)))

	return security_ops->ipc_permission (ipcp, flag);

}

static inline int security_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size)

{

	return security_ops->ipc_getsecurity(ipcp, buffer, size);

}

static inline int security_msg_msg_alloc (struct msg_msg * msg)

{

	return security_ops->msg_msg_alloc_security (msg);

	return cap_inode_removexattr(dentry, name);

}

static inline const char *security_inode_xattr_getsuffix (void)

{

	return NULL ;

}

static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size, int err)

{

	return -EOPNOTSUPP;

	return 0;

}

static inline int security_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size)

{

	return -EOPNOTSUPP;

}

static inline int security_msg_msg_alloc (struct msg_msg * msg)

{

	return 0;

			return -EFAULT;

		if (copy_msqid_from_user (&setbuf, buf, version))

			return -EFAULT;

		if ((err = audit_ipc_perms(setbuf.qbytes, setbuf.uid, setbuf.gid, setbuf.mode)))

			return err;

		break;

	case IPC_RMID:

		break;

	switch (cmd) {

	case IPC_SET:

	{

		if ((err = audit_ipc_perms(setbuf.qbytes, setbuf.uid, setbuf.gid, setbuf.mode, ipcp)))

			goto out_unlock_up;

		err = -EPERM;

		if (setbuf.qbytes > msg_ctlmnb && !capable(CAP_SYS_RESOURCE))

			goto out_unlock_up;

	if(cmd == IPC_SET) {

		if(copy_semid_from_user (&setbuf, arg.buf, version))

			return -EFAULT;

		if ((err = audit_ipc_perms(0, setbuf.uid, setbuf.gid, setbuf.mode)))

			return err;

	}

	sma = sem_lock(semid);

	if(sma==NULL)

		goto out_unlock;

	}	

	ipcp = &sma->sem_perm;

	if (current->euid != ipcp->cuid && 

	    current->euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) {

	    	err=-EPERM;

		err = 0;

		break;

	case IPC_SET:

		if ((err = audit_ipc_perms(0, setbuf.uid, setbuf.gid, setbuf.mode, ipcp)))

			goto out_unlock;

		ipcp->uid = setbuf.uid;

		ipcp->gid = setbuf.gid;

		ipcp->mode = (ipcp->mode & ~S_IRWXUGO)

			err = -EFAULT;

			goto out;

		}

		if ((err = audit_ipc_perms(0, setbuf.uid, setbuf.gid, setbuf.mode)))

			return err;

		down(&shm_ids.sem);

		shp = shm_lock(shmid);

		err=-EINVAL;

		if(shp==NULL)

			goto out_up;

		if ((err = audit_ipc_perms(0, setbuf.uid, setbuf.gid, setbuf.mode, &(shp->shm_perm))))

			goto out_unlock_up;

		err = shm_checkid(shp,shmid);

		if(err)

			goto out_unlock_up;