Merge tag 'selinux-pr-20201214' of git://git.kernel.org/pub/scm/linux/kernel/git...

[platform/kernel/linux-rpi.git] / include / linux / security.h

diff --git a/include/linux/security.h b/include/linux/security.h
index 469273e..c35ea0f 100644 (file)
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -127,6 +127,7 @@ enum lockdown_reason {
        LOCKDOWN_PERF,
        LOCKDOWN_TRACEFS,
        LOCKDOWN_XMON_RW,
+       LOCKDOWN_XFRM_SECRET,
        LOCKDOWN_CONFIDENTIALITY_MAX,
 };
 
@@ -869,7 +870,7 @@ static inline int security_inode_killpriv(struct dentry *dentry)
 
 static inline int security_inode_getsecurity(struct inode *inode, const char *name, void **buffer, bool alloc)
 {
-       return -EOPNOTSUPP;
+       return cap_inode_getsecurity(inode, name, buffer, alloc);
 }
 
 static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
@@ -1359,7 +1360,7 @@ void security_sk_classify_flow(struct sock *sk, struct flowi_common *flic);
 void security_req_classify_flow(const struct request_sock *req,
                                struct flowi_common *flic);
 void security_sock_graft(struct sock*sk, struct socket *parent);
-int security_inet_conn_request(struct sock *sk,
+int security_inet_conn_request(const struct sock *sk,
                        struct sk_buff *skb, struct request_sock *req);
 void security_inet_csk_clone(struct sock *newsk,
                        const struct request_sock *req);
@@ -1522,7 +1523,7 @@ static inline void security_sock_graft(struct sock *sk, struct socket *parent)
 {
 }
 
-static inline int security_inet_conn_request(struct sock *sk,
+static inline int security_inet_conn_request(const struct sock *sk,
                        struct sk_buff *skb, struct request_sock *req)
 {
        return 0;