summaryrefslogtreecommitdiff
path: root/include/linux/lsm_hooks.h
diff options
context:
space:
mode:
authorRandy Dunlap <rdunlap@infradead.org>2020-02-15 23:08:38 -0800
committerJames Morris <jmorris@namei.org>2020-02-19 16:08:01 -0800
commitbd1a5a53d7c1231f89c51705f6a894516b40aa88 (patch)
tree20b487e0d6de764f209e5c85cb3ae9c82659bae7 /include/linux/lsm_hooks.h
parent10c2d111c906599942efd13109061885631c4a0c (diff)
downloadlwn-bd1a5a53d7c1231f89c51705f6a894516b40aa88.tar.gz
lwn-bd1a5a53d7c1231f89c51705f6a894516b40aa88.zip
security: <linux/lsm_hooks.h>: fix all kernel-doc warnings
Fix all kernel-doc warnings in <linux/lsm_hooks.h>. Fixes the following warnings: ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quotactl' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quota_on' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_free_mnt_opts' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_eat_lsm_opts' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_kern_mount' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_show_options' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_add_mnt_opt' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'd_instantiate' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'getprocattr' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'setprocattr' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'locked_down' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_open' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_alloc' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_free' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_read' not described in 'security_list_options' ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_write' not described in 'security_list_options' Signed-off-by: Randy Dunlap <rdunlap@infradead.org> Cc: John Johansen <john.johansen@canonical.com> Cc: Kees Cook <keescook@chromium.org> Cc: Micah Morton <mortonm@chromium.org> Cc: James Morris <jmorris@namei.org> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: linux-security-module@vger.kernel.org Cc: Paul Moore <paul@paul-moore.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: Eric Paris <eparis@parisplace.org> Cc: Casey Schaufler <casey@schaufler-ca.com> Cc: Kentaro Takeda <takedakn@nttdata.co.jp> Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include/linux/lsm_hooks.h')
-rw-r--r--include/linux/lsm_hooks.h36
1 files changed, 35 insertions, 1 deletions
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index a3763247547c..59f5ee945c1c 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -103,6 +103,10 @@
* @sb_free_security:
* Deallocate and clear the sb->s_security field.
* @sb contains the super_block structure to be modified.
+ * @sb_free_mnt_opts:
+ * Free memory associated with @mnt_ops.
+ * @sb_eat_lsm_opts:
+ * Eat (scan @orig options) and save them in @mnt_opts.
* @sb_statfs:
* Check permission before obtaining filesystem statistics for the @mnt
* mountpoint.
@@ -136,6 +140,10 @@
* @sb superblock being remounted
* @data contains the filesystem-specific data.
* Return 0 if permission is granted.
+ * @sb_kern_mount:
+ * Mount this @sb if allowed by permissions.
+ * @sb_show_options:
+ * Show (print on @m) mount options for this @sb.
* @sb_umount:
* Check permission before the @mnt file system is unmounted.
* @mnt contains the mounted file system.
@@ -155,6 +163,8 @@
* Copy all security options from a given superblock to another
* @oldsb old superblock which contain information to clone
* @newsb new superblock which needs filled in
+ * @sb_add_mnt_opt:
+ * Add one mount @option to @mnt_opts.
* @sb_parse_opts_str:
* Parse a string of security data filling in the opts structure
* @options string containing all mount options known by the LSM
@@ -451,6 +461,12 @@
* security module does not know about attribute or a negative error code
* to abort the copy up. Note that the caller is responsible for reading
* and writing the xattrs as this hook is merely a filter.
+ * @d_instantiate:
+ * Fill in @inode security information for a @dentry if allowed.
+ * @getprocattr:
+ * Read attribute @name for process @p and store it into @value if allowed.
+ * @setprocattr:
+ * Write (set) attribute @name to @value, size @size if allowed.
*
* Security hooks for kernfs node operations
*
@@ -1113,6 +1129,7 @@
* In case of failure, @secid will be set to zero.
*
* Security hooks for individual messages held in System V IPC message queues
+ *
* @msg_msg_alloc_security:
* Allocate and attach a security structure to the msg->security field.
* The security field is initialized to NULL when the structure is first
@@ -1302,6 +1319,10 @@
* @cap contains the capability <include/linux/capability.h>.
* @opts contains options for the capable check <include/linux/security.h>
* Return 0 if the capability is granted for @tsk.
+ * @quotactl:
+ * Check whether the quotactl syscall is allowed for this @sb.
+ * @quota_on:
+ * Check whether QUOTAON is allowed for this @dentry.
* @syslog:
* Check permission before accessing the kernel message ring or changing
* logging to the console.
@@ -1449,11 +1470,24 @@
* @bpf_prog_free_security:
* Clean up the security information stored inside bpf prog.
*
- * @locked_down
+ * @locked_down:
* Determine whether a kernel feature that potentially enables arbitrary
* code execution in kernel space should be permitted.
*
* @what: kernel feature being accessed
+ *
+ * Security hooks for perf events
+ *
+ * @perf_event_open:
+ * Check whether the @type of perf_event_open syscall is allowed.
+ * @perf_event_alloc:
+ * Allocate and save perf_event security info.
+ * @perf_event_free:
+ * Release (free) perf_event security info.
+ * @perf_event_read:
+ * Read perf_event security info if allowed.
+ * @perf_event_write:
+ * Write perf_event security info if allowed.
*/
union security_list_options {
int (*binder_set_context_mgr)(struct task_struct *mgr);