/** * secfs_Init - security file initialize * * This function is security file initialize. * * return infomation * int:result */ static int __init secfs_Init(void) { int i; int result = 0; struct secfs_entry_file *pef; secfunc_init(); /* create directory */ secfsdir = securityfs_create_dir(SECFS_FOLDERNAME, NULL); if (IS_ERR(secfsdir)) { result = PTR_ERR(secfsdir); } else { struct dentry* pEntry[ARRAY_SIZE(g_entry_files)]; pef = g_entry_files; for (i = 0; i < ARRAY_SIZE(g_entry_files); i++, pef++) { pEntry[i] = secfs_create_entry(secfsdir, pef); if (IS_ERR(pEntry[i])) { result = PTR_ERR(pEntry[i]); for (--i; i >= 0; i--) { securityfs_remove(pEntry[i]); } securityfs_remove(secfsdir); secfsdir = NULL; SECERROR("securityfs_remove"); break; } else { pef->mExist = true; } } } return result; }
/** * tomoyo_initerface_init - Initialize /sys/kernel/security/tomoyo/ interface. * * Returns 0. */ static int __init tomoyo_initerface_init(void) { struct dentry *tomoyo_dir; /* Don't create securityfs entries unless registered. */ if (current_cred()->security != &tomoyo_kernel_domain) return 0; tomoyo_dir = securityfs_create_dir("tomoyo", NULL); tomoyo_create_entry("query", 0600, tomoyo_dir, TOMOYO_QUERY); tomoyo_create_entry("domain_policy", 0600, tomoyo_dir, TOMOYO_DOMAINPOLICY); tomoyo_create_entry("exception_policy", 0600, tomoyo_dir, TOMOYO_EXCEPTIONPOLICY); tomoyo_create_entry("audit", 0400, tomoyo_dir, TOMOYO_AUDIT); tomoyo_create_entry("self_domain", 0400, tomoyo_dir, TOMOYO_SELFDOMAIN); tomoyo_create_entry(".process_status", 0600, tomoyo_dir, TOMOYO_PROCESS_STATUS); tomoyo_create_entry("stat", 0644, tomoyo_dir, TOMOYO_STAT); tomoyo_create_entry("profile", 0600, tomoyo_dir, TOMOYO_PROFILE); tomoyo_create_entry("manager", 0600, tomoyo_dir, TOMOYO_MANAGER); tomoyo_create_entry("version", 0400, tomoyo_dir, TOMOYO_VERSION); return 0; }
int hp_init_sysfs(void) { struct dentry *hp_dir_entry = securityfs_create_dir(HP_DIR_NAME, NULL); memset(hp_dentries, 0x0, sizeof(hp_dentries)); if (IS_ERR(hp_dir_entry)) { alert("failed securityfs_create_dir.\n"); } if ((long)hp_dir_entry == -ENODEV) { alert("securityfs is not enabled in this machine.\n"); hp_dir_entry = NULL; } debug( "\"/sys/kernel/security/%s/\" was created.\n", HP_DIR_NAME); hp_dentries[HP_DENTRY_KEY_ROOT] = hp_dir_entry; if (hp_init_interfaces()) { debug("Failed creating interfaces"); } if (hp_init_tty_output_sysfs()) { debug("Failed creating subdirs of tty_output"); } /* Success */ return 0; }
/** * aa_create_aafs - create the apparmor security filesystem * * dentries created here are released by aa_destroy_aafs * * Returns: error on failure */ static int __init aa_create_aafs(void) { int error; if (!apparmor_initialized) return 0; if (aa_fs_dentry) { AA_ERROR("%s: AppArmor securityfs already exists\n", __func__); return -EEXIST; } aa_fs_dentry = securityfs_create_dir("apparmor", NULL); if (IS_ERR(aa_fs_dentry)) { error = PTR_ERR(aa_fs_dentry); aa_fs_dentry = NULL; goto error; } #ifdef CONFIG_SECURITY_APPARMOR_COMPAT_24 error = aafs_create("matching", 0444, &aa_fs_matching_fops); if (error) goto error; error = aafs_create("features", 0444, &aa_fs_features_fops); if (error) goto error; #endif error = aafs_create("profiles", 0440, &aa_fs_profiles_fops); if (error) goto error; error = aafs_create(".load", 0640, &aa_fs_profile_load); if (error) goto error; error = aafs_create(".replace", 0640, &aa_fs_profile_replace); if (error) goto error; error = aafs_create(".remove", 0640, &aa_fs_profile_remove); if (error) goto error; /* TODO: add support for apparmorfs_null and apparmorfs_mnt */ /* Report that AppArmor fs is enabled */ aa_info_message("AppArmor Filesystem Enabled"); return 0; error: aa_destroy_aafs(); AA_ERROR("Error creating AppArmor securityfs\n"); return error; }
void hp_create_dir_entry(const char *dirname, struct dentry *parent, const u8 key) { struct dentry *de = securityfs_create_dir(dirname, parent); if (!de) { alert("cannot create %s directory.\n", dirname); } if ((long)de == -ENODEV) { /* Parent is missing */ alert("securityfs is not enabled in this machine.\n"); de = NULL; } hp_dentries[key] = de; return; }
static __init int sony_ric_secfs_init(void) { if (!security_state) { ric_dir = securityfs_create_dir("sony_ric", NULL); if (!ric_dir || IS_ERR(ric_dir)) { pr_err("RIC: failed to create sony_ric dir\n"); return -EFAULT; } ric_entry = securityfs_create_file("enable", S_IRUSR | S_IRGRP, ric_dir, NULL, &ric_enable_ops); if (!ric_entry || IS_ERR(ric_entry)) { pr_err("RIC: failed to create secfs fuse entry\n"); return -EFAULT; } pr_info("RIC: securityfs entry created\n"); } else { ric_enable = security_state; pr_info("RIC: securityfs entry not created\n"); } return 0; }
SYSCALL_DEFINE2(mod_securityfs_create_dir, const char*, name, struct dentry*, parent) { return securityfs_create_dir (name, parent); }