LSM: Add security_path_chroot(). This patch allows pathname based LSM modules to check chroot() operations. This hook is used by TOMOYO. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>

commit: 8b8efb44033c7e86b3dc76f825c693ec92ae30e9 [log] [tgz]
author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Sun Oct 04 21:49:48 2009 +0900
committer: James Morris <jmorris@namei.org> Mon Oct 12 10:56:02 2009 +1100
tree: 8cf43afc59f88f36a86f3a8165770bccec28b3c3
parent: 89eda06837094ce9f34fae269b8773fcfd70f046 [diff] [blame]
diff --git a/security/capability.c b/security/capability.c
index 09279a8..4f3ab47 100644
--- a/security/capability.c
+++ b/security/capability.c

@@ -319,6 +319,11 @@
 {
 	return 0;
 }
+
+static int cap_path_chroot(struct path *root)
+{
+	return 0;
+}
 #endif
 
 static int cap_file_permission(struct file *file, int mask)
@@ -990,6 +995,7 @@
 	set_to_cap_if_null(ops, path_truncate);
 	set_to_cap_if_null(ops, path_chmod);
 	set_to_cap_if_null(ops, path_chown);
+	set_to_cap_if_null(ops, path_chroot);
 #endif
 	set_to_cap_if_null(ops, file_permission);
 	set_to_cap_if_null(ops, file_alloc_security);
commit	8b8efb44033c7e86b3dc76f825c693ec92ae30e9	[log] [tgz]
author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>	Sun Oct 04 21:49:48 2009 +0900
committer	James Morris <jmorris@namei.org>	Mon Oct 12 10:56:02 2009 +1100
tree	8cf43afc59f88f36a86f3a8165770bccec28b3c3
parent	89eda06837094ce9f34fae269b8773fcfd70f046 [diff] [blame]