[PATCH] PCI: Add pci_assign_resource_fixed -- allow fixed address assignments

[linux-2.6] / include / linux / security.h

diff --git a/include/linux/security.h b/include/linux/security.h
index aaa0a5cdbf751c857f5a5adcfbe880da478c1acf..4dfb1b84a9b3bef236ef041b3005692462d7b51b 100644 (file)
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -805,31 +805,37 @@ struct swap_info_struct;
  *     used by the XFRM system.
  *     @sec_ctx contains the security context information being provided by
  *     the user-level policy update program (e.g., setkey).
- *     Allocate a security structure to the xp->selector.security field.
+ *     Allocate a security structure to the xp->security field.
  *     The security field is initialized to NULL when the xfrm_policy is
  *     allocated.
  *     Return 0 if operation was successful (memory to allocate, legal context)
  * @xfrm_policy_clone_security:
  *     @old contains an existing xfrm_policy in the SPD.
  *     @new contains a new xfrm_policy being cloned from old.
- *     Allocate a security structure to the new->selector.security field
- *     that contains the information from the old->selector.security field.
+ *     Allocate a security structure to the new->security field
+ *     that contains the information from the old->security field.
  *     Return 0 if operation was successful (memory to allocate).
  * @xfrm_policy_free_security:
  *     @xp contains the xfrm_policy
- *     Deallocate xp->selector.security.
+ *     Deallocate xp->security.
+ * @xfrm_policy_delete_security:
+ *     @xp contains the xfrm_policy.
+ *     Authorize deletion of xp->security.
  * @xfrm_state_alloc_security:
  *     @x contains the xfrm_state being added to the Security Association
  *     Database by the XFRM system.
  *     @sec_ctx contains the security context information being provided by
  *     the user-level SA generation program (e.g., setkey or racoon).
- *     Allocate a security structure to the x->sel.security field.  The
+ *     Allocate a security structure to the x->security field.  The
  *     security field is initialized to NULL when the xfrm_state is
  *     allocated.
  *     Return 0 if operation was successful (memory to allocate, legal context).
  * @xfrm_state_free_security:
  *     @x contains the xfrm_state.
- *     Deallocate x>sel.security.
+ *     Deallocate x->security.
+ * @xfrm_state_delete_security:
+ *     @x contains the xfrm_state.
+ *     Authorize deletion of x->security.
  * @xfrm_policy_lookup:
  *     @xp contains the xfrm_policy for which the access control is being
  *     checked.
@@ -869,11 +875,6 @@ struct swap_info_struct;
  *     @ipcp contains the kernel IPC permission structure
  *     @flag contains the desired (requested) permission set
  *     Return 0 if permission is granted.
- * @ipc_getsecurity:
- *      Copy the security label associated with the ipc object into
- *      @buffer.  @buffer may be NULL to request the size of the buffer 
- *      required.  @size indicates the size of @buffer in bytes. Return 
- *      number of bytes used/required on success.
  *
  * Security hooks for individual messages held in System V IPC message queues
  * @msg_msg_alloc_security:
@@ -1223,7 +1224,6 @@ struct security_operations {
        void (*task_to_inode)(struct task_struct *p, struct inode *inode);
 
        int (*ipc_permission) (struct kern_ipc_perm * ipcp, short flag);
-       int (*ipc_getsecurity)(struct kern_ipc_perm *ipcp, void *buffer, size_t size);
 
        int (*msg_msg_alloc_security) (struct msg_msg * msg);
        void (*msg_msg_free_security) (struct msg_msg * msg);
@@ -1304,8 +1304,10 @@ struct security_operations {
        int (*xfrm_policy_alloc_security) (struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx);
        int (*xfrm_policy_clone_security) (struct xfrm_policy *old, struct xfrm_policy *new);
        void (*xfrm_policy_free_security) (struct xfrm_policy *xp);
+       int (*xfrm_policy_delete_security) (struct xfrm_policy *xp);
        int (*xfrm_state_alloc_security) (struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx);
        void (*xfrm_state_free_security) (struct xfrm_state *x);
+       int (*xfrm_state_delete_security) (struct xfrm_state *x);
        int (*xfrm_policy_lookup)(struct xfrm_policy *xp, u32 sk_sid, u8 dir);
 #endif /* CONFIG_SECURITY_NETWORK_XFRM */
 
@@ -1887,11 +1889,6 @@ static inline int security_ipc_permission (struct kern_ipc_perm *ipcp,
        return security_ops->ipc_permission (ipcp, flag);
 }
 
-static inline int security_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size)
-{
-       return security_ops->ipc_getsecurity(ipcp, buffer, size);
-}
-
 static inline int security_msg_msg_alloc (struct msg_msg * msg)
 {
        return security_ops->msg_msg_alloc_security (msg);
@@ -2532,11 +2529,6 @@ static inline int security_ipc_permission (struct kern_ipc_perm *ipcp,
        return 0;
 }
 
-static inline int security_ipc_getsecurity(struct kern_ipc_perm *ipcp, void *buffer, size_t size)
-{
-       return -EOPNOTSUPP;
-}
-
 static inline int security_msg_msg_alloc (struct msg_msg * msg)
 {
        return 0;
@@ -2950,11 +2942,21 @@ static inline void security_xfrm_policy_free(struct xfrm_policy *xp)
        security_ops->xfrm_policy_free_security(xp);
 }
 
+static inline int security_xfrm_policy_delete(struct xfrm_policy *xp)
+{
+       return security_ops->xfrm_policy_delete_security(xp);
+}
+
 static inline int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx)
 {
        return security_ops->xfrm_state_alloc_security(x, sec_ctx);
 }
 
+static inline int security_xfrm_state_delete(struct xfrm_state *x)
+{
+       return security_ops->xfrm_state_delete_security(x);
+}
+
 static inline void security_xfrm_state_free(struct xfrm_state *x)
 {
        security_ops->xfrm_state_free_security(x);
@@ -2979,6 +2981,11 @@ static inline void security_xfrm_policy_free(struct xfrm_policy *xp)
 {
 }
 
+static inline int security_xfrm_policy_delete(struct xfrm_policy *xp)
+{
+       return 0;
+}
+
 static inline int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx)
 {
        return 0;
@@ -2988,6 +2995,11 @@ static inline void security_xfrm_state_free(struct xfrm_state *x)
 {
 }
 
+static inline int security_xfrm_state_delete(struct xfrm_state *x)
+{
+       return 0;
+}
+
 static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid, u8 dir)
 {
        return 0;