[PATCH] lsm: remove net related includes from security.h

With this we're back to the times when changing skbuff.h only triggers rebuild of _net_ related stuff 8) This uncovered a bug in rmap.h, that was not including mm.h to get the definition of struct vm_area_struct, working by luck. Signed-off-by: Arnaldo Carvalho de Melo <acme@conectiva.com.br> Signed-off-by: Chris Wright <chrisw@osdl.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

[PATCH] lsm: remove net related includes from security.h
With this we're back to the times when changing skbuff.h only triggers rebuild of _net_ related stuff 8) This uncovered a bug in rmap.h, that was not including mm.h to get the definition of struct vm_area_struct, working by luck. Signed-off-by: Arnaldo Carvalho de Melo <acme@conectiva.com.br> Signed-off-by: Chris Wright <chrisw@osdl.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
7c73faed · Chris Wright · Linus Torvalds · 6f62d840 · 7c73faed · 7c73faed
Commit 7c73faed authored Oct 25, 2004 by Chris Wright Committed by Linus Torvalds Oct 25, 2004
Hide whitespace changes
Inline Side-by-side

Showing with 25 additions and 18 deletions

include/linux/rmap.h include/linux/rmap.h +1 -0

include/linux/security.h include/linux/security.h +7 -18

security/commoncap.c security/commoncap.c +17 -0

No files found.
--- a/include/linux/rmap.h
+++ b/include/linux/rmap.h
@@ -7,6 +7,7 @@
 #include <linux/config.h>
 #include <linux/list.h>
 #include <linux/slab.h>
+#include <linux/mm.h>
 #include <linux/spinlock.h>

 /*

--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -30,8 +30,6 @@
 #include <linux/shm.h>
 #include <linux/msg.h>
 #include <linux/sched.h>
-#include <linux/skbuff.h>
-#include <linux/netlink.h>

 struct ctl_table;

@@ -55,18 +53,14 @@ extern void cap_task_reparent_to_init (struct task_struct *p);
 extern int cap_syslog (int type);
 extern int cap_vm_enough_memory (long pages);

-static inline int cap_netlink_send (struct sock *sk, struct sk_buff *skb)
-{
-	NETLINK_CB (skb).eff_cap = current->cap_effective;
-	return 0;
-}
+struct msghdr;
+struct sk_buff;
+struct sock;
+struct sockaddr;
+struct socket;

-static inline int cap_netlink_recv (struct sk_buff *skb)
-{
-	if (!cap_raised (NETLINK_CB (skb).eff_cap, CAP_NET_ADMIN))
-		return -EPERM;
-	return 0;
-}
+extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb);
+extern int cap_netlink_recv(struct sk_buff *skb);

 /*
 * Values used in the task_security_ops calls
@@ -2518,11 +2512,6 @@ static inline int security_setprocattr(struct task_struct *p, char *name, void *
 	return -EINVAL;
 }

-/*
- * The netlink capability defaults need to be used inline by default
- * (rather than hooking into the capability module) to reduce overhead
- * in the networking code.
- */
 static inline int security_netlink_send (struct sock *sk, struct sk_buff *skb)
 {
 	return cap_netlink_send (sk, skb);

--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -24,6 +24,23 @@
 #include <linux/xattr.h>
 #include <linux/hugetlb.h>

+int cap_netlink_send(struct sock *sk, struct sk_buff *skb)
+{
+	NETLINK_CB(skb).eff_cap = current->cap_effective;
+	return 0;
+}
+
+EXPORT_SYMBOL(cap_netlink_send);
+
+int cap_netlink_recv(struct sk_buff *skb)
+{
+	if (!cap_raised(NETLINK_CB(skb).eff_cap, CAP_NET_ADMIN))
+		return -EPERM;
+	return 0;
+}
+
+EXPORT_SYMBOL(cap_netlink_recv);
+
 int cap_capable (struct task_struct *tsk, int cap)
 {
 	/* Derived from include/linux/sched.h:capable. */