Rename security_scaffolding_startup() to security_init(). It always
bothered me.
Signed-off-by: Chris Wright <[email protected]>
include/linux/security.h | 2 +-
init/main.c | 2 +-
security/security.c | 8 ++++----
3 files changed, 6 insertions(+), 6 deletions(-)
===== include/linux/security.h 1.42 vs edited =====
--- 1.42/include/linux/security.h 2004-10-20 01:37:07 -07:00
+++ edited/include/linux/security.h 2004-10-21 16:36:30 -07:00
@@ -1903,7 +1903,7 @@
}
/* prototypes */
-extern int security_scaffolding_startup (void);
+extern int security_init (void);
extern int register_security (struct security_operations *ops);
extern int unregister_security (struct security_operations *ops);
extern int mod_reg_security (const char *name, struct security_operations *ops);
===== init/main.c 1.159 vs edited =====
--- 1.159/init/main.c 2004-10-08 21:09:14 -07:00
+++ edited/init/main.c 2004-10-21 16:35:35 -07:00
@@ -555,7 +555,7 @@
proc_caches_init();
buffer_init();
unnamed_dev_init();
- security_scaffolding_startup();
+ security_init();
vfs_caches_init(num_physpages);
radix_tree_init();
signals_init();
===== security/security.c 1.10 vs edited =====
--- 1.10/security/security.c 2004-08-24 02:08:51 -07:00
+++ edited/security/security.c 2004-10-21 16:44:06 -07:00
@@ -18,7 +18,7 @@
#include <linux/sched.h>
#include <linux/security.h>
-#define SECURITY_SCAFFOLD_VERSION "1.0.0"
+#define SECURITY_FRAMEWORK_VERSION "1.0.0"
/* things that live in dummy.c */
extern struct security_operations dummy_security_ops;
@@ -49,13 +49,13 @@
}
/**
- * security_scaffolding_startup - initializes the security scaffolding framework
+ * security_init - initializes the security framework
*
* This should be called early in the kernel initialization sequence.
*/
-int __init security_scaffolding_startup (void)
+int __init security_init(void)
{
- printk (KERN_INFO "Security Scaffold v" SECURITY_SCAFFOLD_VERSION
+ printk (KERN_INFO "Security Framework v" SECURITY_FRAMEWORK_VERSION
" initialized\n");
if (verify (&dummy_security_ops)) {
Lindent security/security.c.
Signed-off-by: Chris Wright <[email protected]>
security.c | 58 +++++++++++++++++++++++++++++-----------------------------
1 files changed, 29 insertions(+), 29 deletions(-)
--- linus-2.6/security/security.c~Lindent 2004-10-21 17:16:31.167148568 -0700
+++ linus-2.6/security/security.c 2004-10-21 17:16:46.739781168 -0700
@@ -22,16 +22,16 @@
/* things that live in dummy.c */
extern struct security_operations dummy_security_ops;
-extern void security_fixup_ops (struct security_operations *ops);
+extern void security_fixup_ops(struct security_operations *ops);
struct security_operations *security_ops; /* Initialized to NULL */
-static inline int verify (struct security_operations *ops)
+static inline int verify(struct security_operations *ops)
{
/* verify the security_operations structure exists */
if (!ops)
return -EINVAL;
- security_fixup_ops (ops);
+ security_fixup_ops(ops);
return 0;
}
@@ -40,7 +40,7 @@
initcall_t *call;
call = &__security_initcall_start;
while (call < &__security_initcall_end) {
- (*call)();
+ (*call) ();
call++;
}
}
@@ -52,12 +52,12 @@
*/
int __init security_init(void)
{
- printk (KERN_INFO "Security Framework v" SECURITY_FRAMEWORK_VERSION
- " initialized\n");
+ printk(KERN_INFO "Security Framework v" SECURITY_FRAMEWORK_VERSION
+ " initialized\n");
- if (verify (&dummy_security_ops)) {
- printk (KERN_ERR "%s could not verify "
- "dummy_security_ops structure.\n", __FUNCTION__);
+ if (verify(&dummy_security_ops)) {
+ printk(KERN_ERR "%s could not verify "
+ "dummy_security_ops structure.\n", __FUNCTION__);
return -EIO;
}
@@ -79,11 +79,11 @@
* If there is already a security module registered with the kernel,
* an error will be returned. Otherwise 0 is returned on success.
*/
-int register_security (struct security_operations *ops)
+int register_security(struct security_operations *ops)
{
- if (verify (ops)) {
+ if (verify(ops)) {
printk(KERN_DEBUG "%s could not verify "
- "security_operations structure.\n", __FUNCTION__);
+ "security_operations structure.\n", __FUNCTION__);
return -EINVAL;
}
@@ -106,12 +106,12 @@
* an error is returned. Otherwise the default security options is set to the
* the dummy_security_ops structure, and 0 is returned.
*/
-int unregister_security (struct security_operations *ops)
+int unregister_security(struct security_operations *ops)
{
if (ops != security_ops) {
- printk (KERN_INFO "%s: trying to unregister "
- "a security_opts structure that is not "
- "registered, failing.\n", __FUNCTION__);
+ printk(KERN_INFO "%s: trying to unregister "
+ "a security_opts structure that is not "
+ "registered, failing.\n", __FUNCTION__);
return -EINVAL;
}
@@ -132,21 +132,21 @@
* The return value depends on the currently loaded security module, with 0 as
* success.
*/
-int mod_reg_security (const char *name, struct security_operations *ops)
+int mod_reg_security(const char *name, struct security_operations *ops)
{
- if (verify (ops)) {
- printk (KERN_INFO "%s could not verify "
- "security operations.\n", __FUNCTION__);
+ if (verify(ops)) {
+ printk(KERN_INFO "%s could not verify "
+ "security operations.\n", __FUNCTION__);
return -EINVAL;
}
if (ops == security_ops) {
- printk (KERN_INFO "%s security operations "
- "already registered.\n", __FUNCTION__);
+ printk(KERN_INFO "%s security operations "
+ "already registered.\n", __FUNCTION__);
return -EINVAL;
}
- return security_ops->register_security (name, ops);
+ return security_ops->register_security(name, ops);
}
/**
@@ -162,15 +162,15 @@
* The return value depends on the currently loaded security module, with 0 as
* success.
*/
-int mod_unreg_security (const char *name, struct security_operations *ops)
+int mod_unreg_security(const char *name, struct security_operations *ops)
{
if (ops == security_ops) {
- printk (KERN_INFO "%s invalid attempt to unregister "
- " primary security ops.\n", __FUNCTION__);
+ printk(KERN_INFO "%s invalid attempt to unregister "
+ " primary security ops.\n", __FUNCTION__);
return -EINVAL;
}
- return security_ops->unregister_security (name, ops);
+ return security_ops->unregister_security(name, ops);
}
/**
@@ -183,9 +183,9 @@
* This allows the security module to implement the capable function call
* however it chooses to.
*/
-int capable (int cap)
+int capable(int cap)
{
- if (security_ops->capable (current, cap)) {
+ if (security_ops->capable(current, cap)) {
/* capability denied */
return 0;
}
Registering a security module can be a noisy operation, esp. when it
retries registration with the primary module. Eliminate some noise, and
distinguish the return values for register_security so a module can tell
the difference between failure modes.
Signed-off-by: Chris Wright <[email protected]>
security.c | 14 ++++----------
1 files changed, 4 insertions(+), 10 deletions(-)
--- linus-2.6/security/security.c~verbose 2004-10-21 16:50:30.844353688 -0700
+++ linus-2.6/security/security.c 2004-10-21 17:00:54.386560864 -0700
@@ -29,11 +29,8 @@
static inline int verify (struct security_operations *ops)
{
/* verify the security_operations structure exists */
- if (!ops) {
- printk (KERN_INFO "Passed a NULL security_operations "
- "pointer, %s failed.\n", __FUNCTION__);
+ if (!ops)
return -EINVAL;
- }
security_fixup_ops (ops);
return 0;
}
@@ -85,16 +82,13 @@
int register_security (struct security_operations *ops)
{
if (verify (ops)) {
- printk (KERN_INFO "%s could not verify "
+ printk(KERN_DEBUG "%s could not verify "
"security_operations structure.\n", __FUNCTION__);
return -EINVAL;
}
- if (security_ops != &dummy_security_ops) {
- printk (KERN_INFO "There is already a security "
- "framework initialized, %s failed.\n", __FUNCTION__);
- return -EINVAL;
- }
+ if (security_ops != &dummy_security_ops)
+ return -EAGAIN;
security_ops = ops;