LSM: Add security_path_chroot().

[safe/jmp/linux-2.6] / include / linux / security.h

diff --git a/include/linux/security.h b/include/linux/security.h
index c8a584c..ed0faea 100644 (file)
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -459,6 +459,10 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  *     @uid contains new owner's ID.
  *     @gid contains new group's ID.
  *     Return 0 if permission is granted.
+ * @path_chroot:
+ *     Check for permission to change root directory.
+ *     @path contains the path structure.
+ *     Return 0 if permission is granted.
  * @inode_readlink:
  *     Check the permission to read the symbolic link.
  *     @dentry contains the dentry structure for the file link.
@@ -1503,6 +1507,7 @@ struct security_operations {
        int (*path_chmod) (struct dentry *dentry, struct vfsmount *mnt,
                           mode_t mode);
        int (*path_chown) (struct path *path, uid_t uid, gid_t gid);
+       int (*path_chroot) (struct path *path);
 #endif
 
        int (*inode_alloc_security) (struct inode *inode);
@@ -2970,6 +2975,7 @@ int security_path_rename(struct path *old_dir, struct dentry *old_dentry,
 int security_path_chmod(struct dentry *dentry, struct vfsmount *mnt,
                        mode_t mode);
 int security_path_chown(struct path *path, uid_t uid, gid_t gid);
+int security_path_chroot(struct path *path);
 #else  /* CONFIG_SECURITY_PATH */
 static inline int security_path_unlink(struct path *dir, struct dentry *dentry)
 {
@@ -3031,6 +3037,11 @@ static inline int security_path_chown(struct path *path, uid_t uid, gid_t gid)
 {
        return 0;
 }
+
+static inline int security_path_chroot(struct path *path)
+{
+       return 0;
+}
 #endif /* CONFIG_SECURITY_PATH */
 
 #ifdef CONFIG_KEYS