1
2
3
4
5
6
7
8
9
10#include <linux/capability.h>
11#include <linux/audit.h>
12#include <linux/module.h>
13#include <linux/init.h>
14#include <linux/kernel.h>
15#include <linux/lsm_hooks.h>
16#include <linux/file.h>
17#include <linux/mm.h>
18#include <linux/mman.h>
19#include <linux/pagemap.h>
20#include <linux/swap.h>
21#include <linux/skbuff.h>
22#include <linux/netlink.h>
23#include <linux/ptrace.h>
24#include <linux/xattr.h>
25#include <linux/hugetlb.h>
26#include <linux/mount.h>
27#include <linux/sched.h>
28#include <linux/prctl.h>
29#include <linux/securebits.h>
30#include <linux/user_namespace.h>
31#include <linux/binfmts.h>
32#include <linux/personality.h>
33
34
35
36
37
38
39
40
41
42
43
44
45static void warn_setuid_and_fcaps_mixed(const char *fname)
46{
47 static int warned;
48 if (!warned) {
49 printk(KERN_INFO "warning: `%s' has both setuid-root and"
50 " effective capabilities. Therefore not raising all"
51 " capabilities.\n", fname);
52 warned = 1;
53 }
54}
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71int cap_capable(const struct cred *cred, struct user_namespace *targ_ns,
72 int cap, int audit)
73{
74 struct user_namespace *ns = targ_ns;
75
76
77
78
79
80 for (;;) {
81
82 if (ns == cred->user_ns)
83 return cap_raised(cred->cap_effective, cap) ? 0 : -EPERM;
84
85
86 if (ns == &init_user_ns)
87 return -EPERM;
88
89
90
91
92
93 if ((ns->parent == cred->user_ns) && uid_eq(ns->owner, cred->euid))
94 return 0;
95
96
97
98
99
100 ns = ns->parent;
101 }
102
103
104}
105
106
107
108
109
110
111
112
113
114int cap_settime(const struct timespec64 *ts, const struct timezone *tz)
115{
116 if (!capable(CAP_SYS_TIME))
117 return -EPERM;
118 return 0;
119}
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136int cap_ptrace_access_check(struct task_struct *child, unsigned int mode)
137{
138 int ret = 0;
139 const struct cred *cred, *child_cred;
140 const kernel_cap_t *caller_caps;
141
142 rcu_read_lock();
143 cred = current_cred();
144 child_cred = __task_cred(child);
145 if (mode & PTRACE_MODE_FSCREDS)
146 caller_caps = &cred->cap_effective;
147 else
148 caller_caps = &cred->cap_permitted;
149 if (cred->user_ns == child_cred->user_ns &&
150 cap_issubset(child_cred->cap_permitted, *caller_caps))
151 goto out;
152 if (ns_capable(child_cred->user_ns, CAP_SYS_PTRACE))
153 goto out;
154 ret = -EPERM;
155out:
156 rcu_read_unlock();
157 return ret;
158}
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173int cap_ptrace_traceme(struct task_struct *parent)
174{
175 int ret = 0;
176 const struct cred *cred, *child_cred;
177
178 rcu_read_lock();
179 cred = __task_cred(parent);
180 child_cred = current_cred();
181 if (cred->user_ns == child_cred->user_ns &&
182 cap_issubset(child_cred->cap_permitted, cred->cap_permitted))
183 goto out;
184 if (has_ns_capability(parent, child_cred->user_ns, CAP_SYS_PTRACE))
185 goto out;
186 ret = -EPERM;
187out:
188 rcu_read_unlock();
189 return ret;
190}
191
192
193
194
195
196
197
198
199
200
201
202int cap_capget(struct task_struct *target, kernel_cap_t *effective,
203 kernel_cap_t *inheritable, kernel_cap_t *permitted)
204{
205 const struct cred *cred;
206
207
208 rcu_read_lock();
209 cred = __task_cred(target);
210 *effective = cred->cap_effective;
211 *inheritable = cred->cap_inheritable;
212 *permitted = cred->cap_permitted;
213 rcu_read_unlock();
214 return 0;
215}
216
217
218
219
220
221static inline int cap_inh_is_capped(void)
222{
223
224
225
226
227 if (cap_capable(current_cred(), current_cred()->user_ns,
228 CAP_SETPCAP, SECURITY_CAP_AUDIT) == 0)
229 return 0;
230 return 1;
231}
232
233
234
235
236
237
238
239
240
241
242
243
244
245int cap_capset(struct cred *new,
246 const struct cred *old,
247 const kernel_cap_t *effective,
248 const kernel_cap_t *inheritable,
249 const kernel_cap_t *permitted)
250{
251 if (cap_inh_is_capped() &&
252 !cap_issubset(*inheritable,
253 cap_combine(old->cap_inheritable,
254 old->cap_permitted)))
255
256 return -EPERM;
257
258 if (!cap_issubset(*inheritable,
259 cap_combine(old->cap_inheritable,
260 old->cap_bset)))
261
262 return -EPERM;
263
264
265 if (!cap_issubset(*permitted, old->cap_permitted))
266 return -EPERM;
267
268
269 if (!cap_issubset(*effective, *permitted))
270 return -EPERM;
271
272 new->cap_effective = *effective;
273 new->cap_inheritable = *inheritable;
274 new->cap_permitted = *permitted;
275
276
277
278
279
280 new->cap_ambient = cap_intersect(new->cap_ambient,
281 cap_intersect(*permitted,
282 *inheritable));
283 if (WARN_ON(!cap_ambient_invariant_ok(new)))
284 return -EINVAL;
285 return 0;
286}
287
288
289
290
291static inline void bprm_clear_caps(struct linux_binprm *bprm)
292{
293 cap_clear(bprm->cred->cap_permitted);
294 bprm->cap_effective = false;
295}
296
297
298
299
300
301
302
303
304
305
306
307
308int cap_inode_need_killpriv(struct dentry *dentry)
309{
310 struct inode *inode = d_backing_inode(dentry);
311 int error;
312
313 error = __vfs_getxattr(dentry, inode, XATTR_NAME_CAPS, NULL, 0);
314 return error > 0;
315}
316
317
318
319
320
321
322
323
324
325int cap_inode_killpriv(struct dentry *dentry)
326{
327 int error;
328
329 error = __vfs_removexattr(dentry, XATTR_NAME_CAPS);
330 if (error == -EOPNOTSUPP)
331 error = 0;
332 return error;
333}
334
335
336
337
338
339static inline int bprm_caps_from_vfs_caps(struct cpu_vfs_cap_data *caps,
340 struct linux_binprm *bprm,
341 bool *effective,
342 bool *has_cap)
343{
344 struct cred *new = bprm->cred;
345 unsigned i;
346 int ret = 0;
347
348 if (caps->magic_etc & VFS_CAP_FLAGS_EFFECTIVE)
349 *effective = true;
350
351 if (caps->magic_etc & VFS_CAP_REVISION_MASK)
352 *has_cap = true;
353
354 CAP_FOR_EACH_U32(i) {
355 __u32 permitted = caps->permitted.cap[i];
356 __u32 inheritable = caps->inheritable.cap[i];
357
358
359
360
361
362 new->cap_permitted.cap[i] =
363 (new->cap_bset.cap[i] & permitted) |
364 (new->cap_inheritable.cap[i] & inheritable);
365
366 if (permitted & ~new->cap_permitted.cap[i])
367
368 ret = -EPERM;
369 }
370
371
372
373
374
375
376 return *effective ? ret : 0;
377}
378
379
380
381
382int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data *cpu_caps)
383{
384 struct inode *inode = d_backing_inode(dentry);
385 __u32 magic_etc;
386 unsigned tocopy, i;
387 int size;
388 struct vfs_cap_data caps;
389
390 memset(cpu_caps, 0, sizeof(struct cpu_vfs_cap_data));
391
392 if (!inode)
393 return -ENODATA;
394
395 size = __vfs_getxattr((struct dentry *)dentry, inode,
396 XATTR_NAME_CAPS, &caps, XATTR_CAPS_SZ);
397 if (size == -ENODATA || size == -EOPNOTSUPP)
398
399 return -ENODATA;
400 if (size < 0)
401 return size;
402
403 if (size < sizeof(magic_etc))
404 return -EINVAL;
405
406 cpu_caps->magic_etc = magic_etc = le32_to_cpu(caps.magic_etc);
407
408 switch (magic_etc & VFS_CAP_REVISION_MASK) {
409 case VFS_CAP_REVISION_1:
410 if (size != XATTR_CAPS_SZ_1)
411 return -EINVAL;
412 tocopy = VFS_CAP_U32_1;
413 break;
414 case VFS_CAP_REVISION_2:
415 if (size != XATTR_CAPS_SZ_2)
416 return -EINVAL;
417 tocopy = VFS_CAP_U32_2;
418 break;
419 default:
420 return -EINVAL;
421 }
422
423 CAP_FOR_EACH_U32(i) {
424 if (i >= tocopy)
425 break;
426 cpu_caps->permitted.cap[i] = le32_to_cpu(caps.data[i].permitted);
427 cpu_caps->inheritable.cap[i] = le32_to_cpu(caps.data[i].inheritable);
428 }
429
430 cpu_caps->permitted.cap[CAP_LAST_U32] &= CAP_LAST_U32_VALID_MASK;
431 cpu_caps->inheritable.cap[CAP_LAST_U32] &= CAP_LAST_U32_VALID_MASK;
432
433 return 0;
434}
435
436
437
438
439
440
441static int get_file_caps(struct linux_binprm *bprm, bool *effective, bool *has_cap)
442{
443 int rc = 0;
444 struct cpu_vfs_cap_data vcaps;
445
446 bprm_clear_caps(bprm);
447
448 if (!file_caps_enabled)
449 return 0;
450
451 if (!mnt_may_suid(bprm->file->f_path.mnt))
452 return 0;
453
454
455
456
457
458
459 if (!current_in_userns(bprm->file->f_path.mnt->mnt_sb->s_user_ns))
460 return 0;
461
462 rc = get_vfs_caps_from_disk(bprm->file->f_path.dentry, &vcaps);
463 if (rc < 0) {
464 if (rc == -EINVAL)
465 printk(KERN_NOTICE "%s: get_vfs_caps_from_disk returned %d for %s\n",
466 __func__, rc, bprm->filename);
467 else if (rc == -ENODATA)
468 rc = 0;
469 goto out;
470 }
471
472 rc = bprm_caps_from_vfs_caps(&vcaps, bprm, effective, has_cap);
473 if (rc == -EINVAL)
474 printk(KERN_NOTICE "%s: cap_from_disk returned %d for %s\n",
475 __func__, rc, bprm->filename);
476
477out:
478 if (rc)
479 bprm_clear_caps(bprm);
480
481 return rc;
482}
483
484
485
486
487
488
489
490
491
492int cap_bprm_set_creds(struct linux_binprm *bprm)
493{
494 const struct cred *old = current_cred();
495 struct cred *new = bprm->cred;
496 bool effective, has_cap = false, is_setid;
497 int ret;
498 kuid_t root_uid;
499
500 if (WARN_ON(!cap_ambient_invariant_ok(old)))
501 return -EPERM;
502
503 effective = false;
504 ret = get_file_caps(bprm, &effective, &has_cap);
505 if (ret < 0)
506 return ret;
507
508 root_uid = make_kuid(new->user_ns, 0);
509
510 if (!issecure(SECURE_NOROOT)) {
511
512
513
514
515
516 if (has_cap && !uid_eq(new->uid, root_uid) && uid_eq(new->euid, root_uid)) {
517 warn_setuid_and_fcaps_mixed(bprm->filename);
518 goto skip;
519 }
520
521
522
523
524
525
526
527 if (uid_eq(new->euid, root_uid) || uid_eq(new->uid, root_uid)) {
528
529 new->cap_permitted = cap_combine(old->cap_bset,
530 old->cap_inheritable);
531 }
532 if (uid_eq(new->euid, root_uid))
533 effective = true;
534 }
535skip:
536
537
538 if (!cap_issubset(new->cap_permitted, old->cap_permitted))
539 bprm->per_clear |= PER_CLEAR_ON_SETID;
540
541
542
543
544
545
546
547 is_setid = !uid_eq(new->euid, old->uid) || !gid_eq(new->egid, old->gid);
548
549 if ((is_setid ||
550 !cap_issubset(new->cap_permitted, old->cap_permitted)) &&
551 ((bprm->unsafe & ~LSM_UNSAFE_PTRACE) ||
552 !ptracer_capable(current, new->user_ns))) {
553
554 if (!ns_capable(new->user_ns, CAP_SETUID) ||
555 (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS)) {
556 new->euid = new->uid;
557 new->egid = new->gid;
558 }
559 new->cap_permitted = cap_intersect(new->cap_permitted,
560 old->cap_permitted);
561 }
562
563 new->suid = new->fsuid = new->euid;
564 new->sgid = new->fsgid = new->egid;
565
566
567 if (has_cap || is_setid)
568 cap_clear(new->cap_ambient);
569
570
571
572
573
574 new->cap_permitted = cap_combine(new->cap_permitted, new->cap_ambient);
575
576
577
578
579
580 if (effective)
581 new->cap_effective = new->cap_permitted;
582 else
583 new->cap_effective = new->cap_ambient;
584
585 if (WARN_ON(!cap_ambient_invariant_ok(new)))
586 return -EPERM;
587
588 bprm->cap_effective = effective;
589
590
591
592
593
594
595
596
597
598
599
600
601
602 if (!cap_issubset(new->cap_effective, new->cap_ambient)) {
603 if (!cap_issubset(CAP_FULL_SET, new->cap_effective) ||
604 !uid_eq(new->euid, root_uid) || !uid_eq(new->uid, root_uid) ||
605 issecure(SECURE_NOROOT)) {
606 ret = audit_log_bprm_fcaps(bprm, new, old);
607 if (ret < 0)
608 return ret;
609 }
610 }
611
612 new->securebits &= ~issecure_mask(SECURE_KEEP_CAPS);
613
614 if (WARN_ON(!cap_ambient_invariant_ok(new)))
615 return -EPERM;
616
617 return 0;
618}
619
620
621
622
623
624
625
626
627
628
629
630int cap_bprm_secureexec(struct linux_binprm *bprm)
631{
632 const struct cred *cred = current_cred();
633 kuid_t root_uid = make_kuid(cred->user_ns, 0);
634
635 if (!uid_eq(cred->uid, root_uid)) {
636 if (bprm->cap_effective)
637 return 1;
638 if (!cap_issubset(cred->cap_permitted, cred->cap_ambient))
639 return 1;
640 }
641
642 return (!uid_eq(cred->euid, cred->uid) ||
643 !gid_eq(cred->egid, cred->gid));
644}
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660int cap_inode_setxattr(struct dentry *dentry, const char *name,
661 const void *value, size_t size, int flags)
662{
663 if (!strcmp(name, XATTR_NAME_CAPS)) {
664 if (!capable(CAP_SETFCAP))
665 return -EPERM;
666 return 0;
667 }
668
669 if (!strncmp(name, XATTR_SECURITY_PREFIX,
670 sizeof(XATTR_SECURITY_PREFIX) - 1) &&
671 !capable(CAP_SYS_ADMIN))
672 return -EPERM;
673 return 0;
674}
675
676
677
678
679
680
681
682
683
684
685
686
687int cap_inode_removexattr(struct dentry *dentry, const char *name)
688{
689 if (!strcmp(name, XATTR_NAME_CAPS)) {
690 if (!capable(CAP_SETFCAP))
691 return -EPERM;
692 return 0;
693 }
694
695 if (!strncmp(name, XATTR_SECURITY_PREFIX,
696 sizeof(XATTR_SECURITY_PREFIX) - 1) &&
697 !capable(CAP_SYS_ADMIN))
698 return -EPERM;
699 return 0;
700}
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731static inline void cap_emulate_setxuid(struct cred *new, const struct cred *old)
732{
733 kuid_t root_uid = make_kuid(old->user_ns, 0);
734
735 if ((uid_eq(old->uid, root_uid) ||
736 uid_eq(old->euid, root_uid) ||
737 uid_eq(old->suid, root_uid)) &&
738 (!uid_eq(new->uid, root_uid) &&
739 !uid_eq(new->euid, root_uid) &&
740 !uid_eq(new->suid, root_uid))) {
741 if (!issecure(SECURE_KEEP_CAPS)) {
742 cap_clear(new->cap_permitted);
743 cap_clear(new->cap_effective);
744 }
745
746
747
748
749
750
751 cap_clear(new->cap_ambient);
752 }
753 if (uid_eq(old->euid, root_uid) && !uid_eq(new->euid, root_uid))
754 cap_clear(new->cap_effective);
755 if (!uid_eq(old->euid, root_uid) && uid_eq(new->euid, root_uid))
756 new->cap_effective = new->cap_permitted;
757}
758
759
760
761
762
763
764
765
766
767
768int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags)
769{
770 switch (flags) {
771 case LSM_SETID_RE:
772 case LSM_SETID_ID:
773 case LSM_SETID_RES:
774
775
776 if (!issecure(SECURE_NO_SETUID_FIXUP))
777 cap_emulate_setxuid(new, old);
778 break;
779
780 case LSM_SETID_FS:
781
782
783
784
785
786
787 if (!issecure(SECURE_NO_SETUID_FIXUP)) {
788 kuid_t root_uid = make_kuid(old->user_ns, 0);
789 if (uid_eq(old->fsuid, root_uid) && !uid_eq(new->fsuid, root_uid))
790 new->cap_effective =
791 cap_drop_fs_set(new->cap_effective);
792
793 if (!uid_eq(old->fsuid, root_uid) && uid_eq(new->fsuid, root_uid))
794 new->cap_effective =
795 cap_raise_fs_set(new->cap_effective,
796 new->cap_permitted);
797 }
798 break;
799
800 default:
801 return -EINVAL;
802 }
803
804 return 0;
805}
806
807
808
809
810
811
812
813
814
815
816
817static int cap_safe_nice(struct task_struct *p)
818{
819 int is_subset, ret = 0;
820
821 rcu_read_lock();
822 is_subset = cap_issubset(__task_cred(p)->cap_permitted,
823 current_cred()->cap_permitted);
824 if (!is_subset && !ns_capable(__task_cred(p)->user_ns, CAP_SYS_NICE))
825 ret = -EPERM;
826 rcu_read_unlock();
827
828 return ret;
829}
830
831
832
833
834
835
836
837
838int cap_task_setscheduler(struct task_struct *p)
839{
840 return cap_safe_nice(p);
841}
842
843
844
845
846
847
848
849
850
851int cap_task_setioprio(struct task_struct *p, int ioprio)
852{
853 return cap_safe_nice(p);
854}
855
856
857
858
859
860
861
862
863
864int cap_task_setnice(struct task_struct *p, int nice)
865{
866 return cap_safe_nice(p);
867}
868
869
870
871
872
873static int cap_prctl_drop(unsigned long cap)
874{
875 struct cred *new;
876
877 if (!ns_capable(current_user_ns(), CAP_SETPCAP))
878 return -EPERM;
879 if (!cap_valid(cap))
880 return -EINVAL;
881
882 new = prepare_creds();
883 if (!new)
884 return -ENOMEM;
885 cap_lower(new->cap_bset, cap);
886 return commit_creds(new);
887}
888
889
890
891
892
893
894
895
896
897
898
899
900
901int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3,
902 unsigned long arg4, unsigned long arg5)
903{
904 const struct cred *old = current_cred();
905 struct cred *new;
906
907 switch (option) {
908 case PR_CAPBSET_READ:
909 if (!cap_valid(arg2))
910 return -EINVAL;
911 return !!cap_raised(old->cap_bset, arg2);
912
913 case PR_CAPBSET_DROP:
914 return cap_prctl_drop(arg2);
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935 case PR_SET_SECUREBITS:
936 if ((((old->securebits & SECURE_ALL_LOCKS) >> 1)
937 & (old->securebits ^ arg2))
938 || ((old->securebits & SECURE_ALL_LOCKS & ~arg2))
939 || (arg2 & ~(SECURE_ALL_LOCKS | SECURE_ALL_BITS))
940 || (cap_capable(current_cred(),
941 current_cred()->user_ns, CAP_SETPCAP,
942 SECURITY_CAP_AUDIT) != 0)
943
944
945
946
947
948
949
950 )
951
952 return -EPERM;
953
954 new = prepare_creds();
955 if (!new)
956 return -ENOMEM;
957 new->securebits = arg2;
958 return commit_creds(new);
959
960 case PR_GET_SECUREBITS:
961 return old->securebits;
962
963 case PR_GET_KEEPCAPS:
964 return !!issecure(SECURE_KEEP_CAPS);
965
966 case PR_SET_KEEPCAPS:
967 if (arg2 > 1)
968 return -EINVAL;
969 if (issecure(SECURE_KEEP_CAPS_LOCKED))
970 return -EPERM;
971
972 new = prepare_creds();
973 if (!new)
974 return -ENOMEM;
975 if (arg2)
976 new->securebits |= issecure_mask(SECURE_KEEP_CAPS);
977 else
978 new->securebits &= ~issecure_mask(SECURE_KEEP_CAPS);
979 return commit_creds(new);
980
981 case PR_CAP_AMBIENT:
982 if (arg2 == PR_CAP_AMBIENT_CLEAR_ALL) {
983 if (arg3 | arg4 | arg5)
984 return -EINVAL;
985
986 new = prepare_creds();
987 if (!new)
988 return -ENOMEM;
989 cap_clear(new->cap_ambient);
990 return commit_creds(new);
991 }
992
993 if (((!cap_valid(arg3)) | arg4 | arg5))
994 return -EINVAL;
995
996 if (arg2 == PR_CAP_AMBIENT_IS_SET) {
997 return !!cap_raised(current_cred()->cap_ambient, arg3);
998 } else if (arg2 != PR_CAP_AMBIENT_RAISE &&
999 arg2 != PR_CAP_AMBIENT_LOWER) {
1000 return -EINVAL;
1001 } else {
1002 if (arg2 == PR_CAP_AMBIENT_RAISE &&
1003 (!cap_raised(current_cred()->cap_permitted, arg3) ||
1004 !cap_raised(current_cred()->cap_inheritable,
1005 arg3) ||
1006 issecure(SECURE_NO_CAP_AMBIENT_RAISE)))
1007 return -EPERM;
1008
1009 new = prepare_creds();
1010 if (!new)
1011 return -ENOMEM;
1012 if (arg2 == PR_CAP_AMBIENT_RAISE)
1013 cap_raise(new->cap_ambient, arg3);
1014 else
1015 cap_lower(new->cap_ambient, arg3);
1016 return commit_creds(new);
1017 }
1018
1019 default:
1020
1021 return -ENOSYS;
1022 }
1023}
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033int cap_vm_enough_memory(struct mm_struct *mm, long pages)
1034{
1035 int cap_sys_admin = 0;
1036
1037 if (cap_capable(current_cred(), &init_user_ns, CAP_SYS_ADMIN,
1038 SECURITY_CAP_NOAUDIT) == 0)
1039 cap_sys_admin = 1;
1040 return cap_sys_admin;
1041}
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052int cap_mmap_addr(unsigned long addr)
1053{
1054 int ret = 0;
1055
1056 if (addr < dac_mmap_min_addr) {
1057 ret = cap_capable(current_cred(), &init_user_ns, CAP_SYS_RAWIO,
1058 SECURITY_CAP_AUDIT);
1059
1060 if (ret == 0)
1061 current->flags |= PF_SUPERPRIV;
1062 }
1063 return ret;
1064}
1065
1066int cap_mmap_file(struct file *file, unsigned long reqprot,
1067 unsigned long prot, unsigned long flags)
1068{
1069 return 0;
1070}
1071
1072#ifdef CONFIG_SECURITY
1073
1074struct security_hook_list capability_hooks[] __lsm_ro_after_init = {
1075 LSM_HOOK_INIT(capable, cap_capable),
1076 LSM_HOOK_INIT(settime, cap_settime),
1077 LSM_HOOK_INIT(ptrace_access_check, cap_ptrace_access_check),
1078 LSM_HOOK_INIT(ptrace_traceme, cap_ptrace_traceme),
1079 LSM_HOOK_INIT(capget, cap_capget),
1080 LSM_HOOK_INIT(capset, cap_capset),
1081 LSM_HOOK_INIT(bprm_set_creds, cap_bprm_set_creds),
1082 LSM_HOOK_INIT(bprm_secureexec, cap_bprm_secureexec),
1083 LSM_HOOK_INIT(inode_need_killpriv, cap_inode_need_killpriv),
1084 LSM_HOOK_INIT(inode_killpriv, cap_inode_killpriv),
1085 LSM_HOOK_INIT(mmap_addr, cap_mmap_addr),
1086 LSM_HOOK_INIT(mmap_file, cap_mmap_file),
1087 LSM_HOOK_INIT(task_fix_setuid, cap_task_fix_setuid),
1088 LSM_HOOK_INIT(task_prctl, cap_task_prctl),
1089 LSM_HOOK_INIT(task_setscheduler, cap_task_setscheduler),
1090 LSM_HOOK_INIT(task_setioprio, cap_task_setioprio),
1091 LSM_HOOK_INIT(task_setnice, cap_task_setnice),
1092 LSM_HOOK_INIT(vm_enough_memory, cap_vm_enough_memory),
1093};
1094
1095void __init capability_add_hooks(void)
1096{
1097 security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks),
1098 "capability");
1099}
1100
1101#endif
1102