lsm: styling fixes to security/security.c

	pr_info("initializing lsm=");

	/* Report each enabled LSM name, comma separated. */

	for (early = __start_early_lsm_info; early < __end_early_lsm_info; early++)

	for (early = __start_early_lsm_info;

	     early < __end_early_lsm_info; early++)

		if (is_enabled(early))

			pr_cont("%s%s", first++ == 0 ? "" : ",", early->name);

	for (lsm = ordered_lsms; *lsm; lsm++)

 *

 * Return: Returns 0 if permission is granted.

 */

int security_sb_pivotroot(const struct path *old_path, const struct path *new_path)

int security_sb_pivotroot(const struct path *old_path,

			  const struct path *new_path)

{

	return call_int_hook(sb_pivotroot, 0, old_path, new_path);

}

 *

 * Return: Returns 0 if permission is granted.

 */

int security_move_mount(const struct path *from_path, const struct path *to_path)

int security_move_mount(const struct path *from_path,

			const struct path *to_path)

{

	return call_int_hook(move_mount, 0, from_path, to_path);

}

	/*

	 * Only one module will provide a security context.

	 */

	hlist_for_each_entry(hp, &security_hook_heads.dentry_init_security, list) {

	hlist_for_each_entry(hp, &security_hook_heads.dentry_init_security,

			     list) {

		rc = hp->hook.dentry_init_security(dentry, mode, name,

						   xattr_name, ctx, ctxlen);

		if (rc != LSM_RET_DEFAULT(dentry_init_security))

 *

 * Return: Returns 0 if permission is granted.

 */

int security_path_mknod(const struct path *dir, struct dentry *dentry, umode_t mode,

			unsigned int dev)

int security_path_mknod(const struct path *dir, struct dentry *dentry,

			umode_t mode, unsigned int dev)

{

	if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))

		return 0;

 *

 * Return: Returns 0 if permission is granted.

 */

int security_path_mkdir(const struct path *dir, struct dentry *dentry, umode_t mode)

int security_path_mkdir(const struct path *dir, struct dentry *dentry,

			umode_t mode)

{

	if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))

		return 0;

			 unsigned int flags)

{

	if (unlikely(IS_PRIVATE(d_backing_inode(old_dentry)) ||

		     (d_is_positive(new_dentry) && IS_PRIVATE(d_backing_inode(new_dentry)))))

		     (d_is_positive(new_dentry) &&

		      IS_PRIVATE(d_backing_inode(new_dentry)))))

		return 0;

	return call_int_hook(path_rename, 0, old_dir, old_dentry, new_dir,

{

	return call_int_hook(path_chroot, 0, path);

}

#endif

#endif /* CONFIG_SECURITY_PATH */

/**

 * security_inode_create() - Check if creating a file is allowed

 *

 * Return: Returns 0 if permission is granted.

 */

int security_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode)

int security_inode_create(struct inode *dir, struct dentry *dentry,

			  umode_t mode)

{

	if (unlikely(IS_PRIVATE(dir)))

		return 0;

 *

 * Return: Returns 0 if permission is granted.

 */

int security_inode_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev)

int security_inode_mknod(struct inode *dir, struct dentry *dentry,

			 umode_t mode, dev_t dev)

{

	if (unlikely(IS_PRIVATE(dir)))

		return 0;

			  unsigned int flags)

{

	if (unlikely(IS_PRIVATE(d_backing_inode(old_dentry)) ||

            (d_is_positive(new_dentry) && IS_PRIVATE(d_backing_inode(new_dentry)))))

		     (d_is_positive(new_dentry) &&

		      IS_PRIVATE(d_backing_inode(new_dentry)))))

		return 0;

	if (flags & RENAME_EXCHANGE) {

	 * Only one module will provide an attribute with a given name.

	 */

	hlist_for_each_entry(hp, &security_hook_heads.inode_getsecurity, list) {

		rc = hp->hook.inode_getsecurity(idmap, inode, name, buffer, alloc);

		rc = hp->hook.inode_getsecurity(idmap, inode, name, buffer,

						alloc);

		if (rc != LSM_RET_DEFAULT(inode_getsecurity))

			return rc;

	}

 *

 * Return: Returns 0 on success.

 */

int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)

int security_inode_setsecurity(struct inode *inode, const char *name,

			       const void *value, size_t size, int flags)

{

	struct security_hook_list *hp;

	int rc;

 *

 * Return: Returns number of bytes used/required on success.

 */

int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)

int security_inode_listsecurity(struct inode *inode,

				char *buffer, size_t buffer_size)

{

	if (unlikely(IS_PRIVATE(inode)))

		return 0;

 *

 * Return: Returns 0 if permission is granted.

 */

int security_shm_shmat(struct kern_ipc_perm *shp, char __user *shmaddr, int shmflg)

int security_shm_shmat(struct kern_ipc_perm *shp,

		       char __user *shmaddr, int shmflg)

{

	return call_int_hook(shm_shmat, 0, shp, shmaddr, shmflg);

}

{

	return call_int_hook(watch_key, 0, key);

}

#endif

#endif /* CONFIG_KEY_NOTIFICATIONS */

#ifdef CONFIG_SECURITY_NETWORK

/**

 *

 * Return: Returns 0 if permission is granted.

 */

int security_unix_stream_connect(struct sock *sock, struct sock *other, struct sock *newsk)

int security_unix_stream_connect(struct sock *sock, struct sock *other,

				 struct sock *newsk)

{

	return call_int_hook(unix_stream_connect, 0, sock, other, newsk);

}

 *

 * Return: Returns 0 if permission is granted.

 */

int security_socket_bind(struct socket *sock, struct sockaddr *address, int addrlen)

int security_socket_bind(struct socket *sock,

			 struct sockaddr *address, int addrlen)

{

	return call_int_hook(socket_bind, 0, sock, address, addrlen);

}

 *

 * Return: Returns 0 if permission is granted.

 */

int security_socket_connect(struct socket *sock, struct sockaddr *address, int addrlen)

int security_socket_connect(struct socket *sock,

			    struct sockaddr *address, int addrlen)

{

	return call_int_hook(socket_connect, 0, sock, address, addrlen);

}

 *

 * Return: Returns 0 on success, error on failure.

 */

int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid)

int security_socket_getpeersec_dgram(struct socket *sock,

				     struct sk_buff *skb, u32 *secid)

{

	return call_int_hook(socket_getpeersec_dgram, -ENOPROTOOPT, sock,

			     skb, secid);

 *

 * Return: Returns 0 on success, error on failure.

 */

int security_sctp_assoc_request(struct sctp_association *asoc, struct sk_buff *skb)

int security_sctp_assoc_request(struct sctp_association *asoc,

				struct sk_buff *skb)

{

	return call_int_hook(sctp_assoc_request, 0, asoc, skb);

}

#endif	/* CONFIG_SECURITY_NETWORK */

#ifdef CONFIG_SECURITY_INFINIBAND

/**

 * security_ib_pkey_access() - Check if access to an IB pkey is allowed

 * @sec: LSM blob

 *

 * Return: Returns 0 if permission is granted.

 */

int security_ib_endport_manage_subnet(void *sec, const char *dev_name, u8 port_num)

int security_ib_endport_manage_subnet(void *sec,

				      const char *dev_name, u8 port_num)

{

	return call_int_hook(ib_endport_manage_subnet, 0, sec, dev_name, port_num);

	return call_int_hook(ib_endport_manage_subnet, 0, sec,

			     dev_name, port_num);

}

EXPORT_SYMBOL(security_ib_endport_manage_subnet);

#endif	/* CONFIG_SECURITY_INFINIBAND */

#ifdef CONFIG_SECURITY_NETWORK_XFRM

/**

 * security_xfrm_policy_alloc() - Allocate a xfrm policy LSM blob

 * @ctxp: xfrm security context being added to the SPD

	BUG_ON(rc);

}

EXPORT_SYMBOL(security_skb_classify_flow);

#endif	/* CONFIG_SECURITY_NETWORK_XFRM */

#ifdef CONFIG_KEYS

/**

 * security_key_alloc() - Allocate and initialize a kernel key LSM blob

 * @key: key

	*_buffer = NULL;

	return call_int_hook(key_getsecurity, 0, key, _buffer);

}

#endif	/* CONFIG_KEYS */

#ifdef CONFIG_AUDIT

/**

 * security_audit_rule_init() - Allocate and init an LSM audit rule struct

 * @field: audit action