Merge branch 'next' of git://git.monstr.eu/linux-2.6-microblaze

[platform/adaptation/renesas_rcar/renesas_kernel.git] / security / security.c
diff --git a/security/security.c b/security/security.c

index 214502c..bf619ff 100644 (file)
--- a/security/security.c
+++ b/security/security.c
@@ -19,6 +19,8 @@
  #include <linux/integrity.h>
  #include <linux/ima.h>
  #include <linux/evm.h>
+#include <linux/fsnotify.h>
+#include <net/flow.h>
  
  #define MAX_LSM_EVM_XATTR      2
  
@@ -155,35 +157,16 @@ int security_capset(struct cred *new, const struct cred *old,
                                     effective, inheritable, permitted);
  }
  
-int security_capable(struct user_namespace *ns, const struct cred *cred,
+int security_capable(const struct cred *cred, struct user_namespace *ns,
                      int cap)
  {
-       return security_ops->capable(current, cred, ns, cap,
-                                    SECURITY_CAP_AUDIT);
+       return security_ops->capable(cred, ns, cap, SECURITY_CAP_AUDIT);
  }
  
-int security_real_capable(struct task_struct *tsk, struct user_namespace *ns,
-                         int cap)
+int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns,
+                            int cap)
  {
-       const struct cred *cred;
-       int ret;
-
-       cred = get_task_cred(tsk);
-       ret = security_ops->capable(tsk, cred, ns, cap, SECURITY_CAP_AUDIT);
-       put_cred(cred);
-       return ret;
-}
-
-int security_real_capable_noaudit(struct task_struct *tsk,
-                                 struct user_namespace *ns, int cap)
-{
-       const struct cred *cred;
-       int ret;
-
-       cred = get_task_cred(tsk);
-       ret = security_ops->capable(tsk, cred, ns, cap, SECURITY_CAP_NOAUDIT);
-       put_cred(cred);
-       return ret;
+       return security_ops->capable(cred, ns, cap, SECURITY_CAP_NOAUDIT);
  }
  
  int security_quotactl(int cmds, int type, int id, struct super_block *sb)
@@ -206,25 +189,11 @@ int security_settime(const struct timespec *ts, const struct timezone *tz)
         return security_ops->settime(ts, tz);
  }
  
-int security_vm_enough_memory(long pages)
-{
-       WARN_ON(current->mm == NULL);
-       return security_ops->vm_enough_memory(current->mm, pages);
-}
-
  int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
  {
-       WARN_ON(mm == NULL);
         return security_ops->vm_enough_memory(mm, pages);
  }
  
-int security_vm_enough_memory_kern(long pages)
-{
-       /* If current->mm is a kernel thread then we will pass NULL,
-          for this specific case that is fine */
-       return security_ops->vm_enough_memory(current->mm, pages);
-}
-
  int security_bprm_set_creds(struct linux_binprm *bprm)
  {
         return security_ops->bprm_set_creds(bprm);
@@ -748,6 +717,11 @@ int security_task_create(unsigned long clone_flags)
         return security_ops->task_create(clone_flags);
  }
  
+void security_task_free(struct task_struct *task)
+{
+       security_ops->task_free(task);
+}
+
  int security_cred_alloc_blank(struct cred *cred, gfp_t gfp)
  {
         return security_ops->cred_alloc_blank(cred, gfp);
@@ -994,12 +968,6 @@ int security_netlink_send(struct sock *sk, struct sk_buff *skb)
         return security_ops->netlink_send(sk, skb);
  }
  
-int security_netlink_recv(struct sk_buff *skb, int cap)
-{
-       return security_ops->netlink_recv(skb, cap);
-}
-EXPORT_SYMBOL(security_netlink_recv);
-
  int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
  {
         return security_ops->secid_to_secctx(secid, secdata, seclen);