| Message ID | 20221001154908.49665-2-gnoack3000@gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | landlock: truncate support | expand |
Thanks for the doc. On 01/10/2022 17:49, Günther Noack wrote: > Like path_truncate, the file_truncate hook also restricts file > truncation, but is called in the cases where truncation is attempted > on an already-opened file. > > This is required in a subsequent commit to handle ftruncate() > operations differently to truncate() operations. > > Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> > Acked-by: John Johansen <john.johansen@canonical.com> > Signed-off-by: Günther Noack <gnoack3000@gmail.com> > --- > fs/namei.c | 2 +- > fs/open.c | 2 +- > include/linux/lsm_hook_defs.h | 1 + > include/linux/lsm_hooks.h | 10 +++++++++- > include/linux/security.h | 6 ++++++ > security/apparmor/lsm.c | 6 ++++++ > security/security.c | 5 +++++ > security/tomoyo/tomoyo.c | 13 +++++++++++++ > 8 files changed, 42 insertions(+), 3 deletions(-) > > diff --git a/fs/namei.c b/fs/namei.c > index 53b4bc094db2..0e419bd30f8e 100644 > --- a/fs/namei.c > +++ b/fs/namei.c > @@ -3211,7 +3211,7 @@ static int handle_truncate(struct user_namespace *mnt_userns, struct file *filp) > if (error) > return error; > > - error = security_path_truncate(path); > + error = security_file_truncate(filp); > if (!error) { > error = do_truncate(mnt_userns, path->dentry, 0, > ATTR_MTIME|ATTR_CTIME|ATTR_OPEN, > diff --git a/fs/open.c b/fs/open.c > index cf7e5c350a54..0fa861873245 100644 > --- a/fs/open.c > +++ b/fs/open.c > @@ -188,7 +188,7 @@ long do_sys_ftruncate(unsigned int fd, loff_t length, int small) > if (IS_APPEND(file_inode(f.file))) > goto out_putf; > sb_start_write(inode->i_sb); > - error = security_path_truncate(&f.file->f_path); > + error = security_file_truncate(f.file); > if (!error) > error = do_truncate(file_mnt_user_ns(f.file), dentry, length, > ATTR_MTIME | ATTR_CTIME, f.file); > diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h > index 60fff133c0b1..dee35ab253ba 100644 > --- a/include/linux/lsm_hook_defs.h > +++ b/include/linux/lsm_hook_defs.h > @@ -177,6 +177,7 @@ LSM_HOOK(int, 0, file_send_sigiotask, struct task_struct *tsk, > struct fown_struct *fown, int sig) > LSM_HOOK(int, 0, file_receive, struct file *file) > LSM_HOOK(int, 0, file_open, struct file *file) > +LSM_HOOK(int, 0, file_truncate, struct file *file) > LSM_HOOK(int, 0, task_alloc, struct task_struct *task, > unsigned long clone_flags) > LSM_HOOK(void, LSM_RET_VOID, task_free, struct task_struct *task) > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > index 3aa6030302f5..4acc975f28d9 100644 > --- a/include/linux/lsm_hooks.h > +++ b/include/linux/lsm_hooks.h > @@ -409,7 +409,9 @@ > * @attr is the iattr structure containing the new file attributes. > * Return 0 if permission is granted. > * @path_truncate: > - * Check permission before truncating a file. > + * Check permission before truncating the file indicated by path. > + * Note that truncation permissions may also be checked based on > + * already opened files, using the @file_truncate hook. The documentation comments (mostly) use tabs, not spaces. > * @path contains the path structure for the file. > * Return 0 if permission is granted. > * @inode_getattr: > @@ -598,6 +600,12 @@ > * to receive an open file descriptor via socket IPC. > * @file contains the file structure being received. > * Return 0 if permission is granted. > + * @file_truncate: > + * Check permission before truncating a file, i.e. using ftruncate. > + * Note that truncation permission may also be checked based on the path, > + * using the @path_truncate hook. Same here. > + * @file contains the file structure for the file. > + * Return 0 if permission is granted. > * @file_open: > * Save open-time permission checking state for later use upon > * file_permission, and recheck access if anything has changed > diff --git a/include/linux/security.h b/include/linux/security.h > index 7bd0c490703d..f80b23382dd9 100644 > --- a/include/linux/security.h > +++ b/include/linux/security.h > @@ -394,6 +394,7 @@ int security_file_send_sigiotask(struct task_struct *tsk, > struct fown_struct *fown, int sig); > int security_file_receive(struct file *file); > int security_file_open(struct file *file); > +int security_file_truncate(struct file *file); > int security_task_alloc(struct task_struct *task, unsigned long clone_flags); > void security_task_free(struct task_struct *task); > int security_cred_alloc_blank(struct cred *cred, gfp_t gfp); > @@ -1011,6 +1012,11 @@ static inline int security_file_open(struct file *file) > return 0; > } > > +static inline int security_file_truncate(struct file *file) > +{ > + return 0; > +} > + > static inline int security_task_alloc(struct task_struct *task, > unsigned long clone_flags) > { > diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c > index e29cade7b662..98ecb7f221b8 100644 > --- a/security/apparmor/lsm.c > +++ b/security/apparmor/lsm.c > @@ -329,6 +329,11 @@ static int apparmor_path_truncate(const struct path *path) > return common_perm_cond(OP_TRUNC, path, MAY_WRITE | AA_MAY_SETATTR); > } > > +static int apparmor_file_truncate(struct file *file) > +{ > + return apparmor_path_truncate(&file->f_path); > +} > + > static int apparmor_path_symlink(const struct path *dir, struct dentry *dentry, > const char *old_name) > { > @@ -1232,6 +1237,7 @@ static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { > LSM_HOOK_INIT(mmap_file, apparmor_mmap_file), > LSM_HOOK_INIT(file_mprotect, apparmor_file_mprotect), > LSM_HOOK_INIT(file_lock, apparmor_file_lock), > + LSM_HOOK_INIT(file_truncate, apparmor_file_truncate), > > LSM_HOOK_INIT(getprocattr, apparmor_getprocattr), > LSM_HOOK_INIT(setprocattr, apparmor_setprocattr), > diff --git a/security/security.c b/security/security.c > index 4b95de24bc8d..d73e423005c3 100644 > --- a/security/security.c > +++ b/security/security.c > @@ -1650,6 +1650,11 @@ int security_file_open(struct file *file) > return fsnotify_perm(file, MAY_OPEN); > } > > +int security_file_truncate(struct file *file) > +{ > + return call_int_hook(file_truncate, 0, file); > +} > + > int security_task_alloc(struct task_struct *task, unsigned long clone_flags) > { > int rc = lsm_task_alloc(task); > diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c > index 71e82d855ebf..af04a7b7eb28 100644 > --- a/security/tomoyo/tomoyo.c > +++ b/security/tomoyo/tomoyo.c > @@ -134,6 +134,18 @@ static int tomoyo_path_truncate(const struct path *path) > return tomoyo_path_perm(TOMOYO_TYPE_TRUNCATE, path, NULL); > } > > +/** > + * tomoyo_file_truncate - Target for security_file_truncate(). > + * > + * @file: Pointer to "struct file". > + * > + * Returns 0 on success, negative value otherwise. > + */ > +static int tomoyo_file_truncate(struct file *file) > +{ > + return tomoyo_path_truncate(&file->f_path); > +} > + > /** > * tomoyo_path_unlink - Target for security_path_unlink(). > * > @@ -545,6 +557,7 @@ static struct security_hook_list tomoyo_hooks[] __lsm_ro_after_init = { > LSM_HOOK_INIT(bprm_check_security, tomoyo_bprm_check_security), > LSM_HOOK_INIT(file_fcntl, tomoyo_file_fcntl), > LSM_HOOK_INIT(file_open, tomoyo_file_open), > + LSM_HOOK_INIT(file_truncate, tomoyo_file_truncate), > LSM_HOOK_INIT(path_truncate, tomoyo_path_truncate), > LSM_HOOK_INIT(path_unlink, tomoyo_path_unlink), > LSM_HOOK_INIT(path_mkdir, tomoyo_path_mkdir),
On Sat, Oct 1, 2022 at 11:49 AM Günther Noack <gnoack3000@gmail.com> wrote: > > Like path_truncate, the file_truncate hook also restricts file > truncation, but is called in the cases where truncation is attempted > on an already-opened file. > > This is required in a subsequent commit to handle ftruncate() > operations differently to truncate() operations. > > Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> > Acked-by: John Johansen <john.johansen@canonical.com> > Signed-off-by: Günther Noack <gnoack3000@gmail.com> > --- > fs/namei.c | 2 +- > fs/open.c | 2 +- > include/linux/lsm_hook_defs.h | 1 + > include/linux/lsm_hooks.h | 10 +++++++++- > include/linux/security.h | 6 ++++++ > security/apparmor/lsm.c | 6 ++++++ > security/security.c | 5 +++++ > security/tomoyo/tomoyo.c | 13 +++++++++++++ > 8 files changed, 42 insertions(+), 3 deletions(-) I agree with Mickaël's comments regarding the formatting, but otherwise it looks okay to me from a LSM perspective. If you make the whitespace changes you can add my ACK. Acked-by: Paul Moore <paul@paul-moore.com>
On Wed, Oct 05, 2022 at 08:53:35PM +0200, Mickaël Salaün wrote: > Thanks for the doc. > > On 01/10/2022 17:49, Günther Noack wrote: > > Like path_truncate, the file_truncate hook also restricts file > > truncation, but is called in the cases where truncation is attempted > > on an already-opened file. > > > > This is required in a subsequent commit to handle ftruncate() > > operations differently to truncate() operations. > > > > Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> > > Acked-by: John Johansen <john.johansen@canonical.com> > > Signed-off-by: Günther Noack <gnoack3000@gmail.com> > > --- > > fs/namei.c | 2 +- > > fs/open.c | 2 +- > > include/linux/lsm_hook_defs.h | 1 + > > include/linux/lsm_hooks.h | 10 +++++++++- > > include/linux/security.h | 6 ++++++ > > security/apparmor/lsm.c | 6 ++++++ > > security/security.c | 5 +++++ > > security/tomoyo/tomoyo.c | 13 +++++++++++++ > > 8 files changed, 42 insertions(+), 3 deletions(-) > > > > diff --git a/fs/namei.c b/fs/namei.c > > index 53b4bc094db2..0e419bd30f8e 100644 > > --- a/fs/namei.c > > +++ b/fs/namei.c > > @@ -3211,7 +3211,7 @@ static int handle_truncate(struct user_namespace *mnt_userns, struct file *filp) > > if (error) > > return error; > > - error = security_path_truncate(path); > > + error = security_file_truncate(filp); > > if (!error) { > > error = do_truncate(mnt_userns, path->dentry, 0, > > ATTR_MTIME|ATTR_CTIME|ATTR_OPEN, > > diff --git a/fs/open.c b/fs/open.c > > index cf7e5c350a54..0fa861873245 100644 > > --- a/fs/open.c > > +++ b/fs/open.c > > @@ -188,7 +188,7 @@ long do_sys_ftruncate(unsigned int fd, loff_t length, int small) > > if (IS_APPEND(file_inode(f.file))) > > goto out_putf; > > sb_start_write(inode->i_sb); > > - error = security_path_truncate(&f.file->f_path); > > + error = security_file_truncate(f.file); > > if (!error) > > error = do_truncate(file_mnt_user_ns(f.file), dentry, length, > > ATTR_MTIME | ATTR_CTIME, f.file); > > diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h > > index 60fff133c0b1..dee35ab253ba 100644 > > --- a/include/linux/lsm_hook_defs.h > > +++ b/include/linux/lsm_hook_defs.h > > @@ -177,6 +177,7 @@ LSM_HOOK(int, 0, file_send_sigiotask, struct task_struct *tsk, > > struct fown_struct *fown, int sig) > > LSM_HOOK(int, 0, file_receive, struct file *file) > > LSM_HOOK(int, 0, file_open, struct file *file) > > +LSM_HOOK(int, 0, file_truncate, struct file *file) > > LSM_HOOK(int, 0, task_alloc, struct task_struct *task, > > unsigned long clone_flags) > > LSM_HOOK(void, LSM_RET_VOID, task_free, struct task_struct *task) > > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > > index 3aa6030302f5..4acc975f28d9 100644 > > --- a/include/linux/lsm_hooks.h > > +++ b/include/linux/lsm_hooks.h > > @@ -409,7 +409,9 @@ > > * @attr is the iattr structure containing the new file attributes. > > * Return 0 if permission is granted. > > * @path_truncate: > > - * Check permission before truncating a file. > > + * Check permission before truncating the file indicated by path. > > + * Note that truncation permissions may also be checked based on > > + * already opened files, using the @file_truncate hook. > > The documentation comments (mostly) use tabs, not spaces. Oops, well spotted. Done. > > * @path contains the path structure for the file. > > * Return 0 if permission is granted. > > * @inode_getattr: > > @@ -598,6 +600,12 @@ > > * to receive an open file descriptor via socket IPC. > > * @file contains the file structure being received. > > * Return 0 if permission is granted. > > + * @file_truncate: > > + * Check permission before truncating a file, i.e. using ftruncate. > > + * Note that truncation permission may also be checked based on the path, > > + * using the @path_truncate hook. > > Same here. Done. > > + * @file contains the file structure for the file. > > + * Return 0 if permission is granted. > > * @file_open: > > * Save open-time permission checking state for later use upon > > * file_permission, and recheck access if anything has changed > > diff --git a/include/linux/security.h b/include/linux/security.h > > index 7bd0c490703d..f80b23382dd9 100644 > > --- a/include/linux/security.h > > +++ b/include/linux/security.h > > @@ -394,6 +394,7 @@ int security_file_send_sigiotask(struct task_struct *tsk, > > struct fown_struct *fown, int sig); > > int security_file_receive(struct file *file); > > int security_file_open(struct file *file); > > +int security_file_truncate(struct file *file); > > int security_task_alloc(struct task_struct *task, unsigned long clone_flags); > > void security_task_free(struct task_struct *task); > > int security_cred_alloc_blank(struct cred *cred, gfp_t gfp); > > @@ -1011,6 +1012,11 @@ static inline int security_file_open(struct file *file) > > return 0; > > } > > +static inline int security_file_truncate(struct file *file) > > +{ > > + return 0; > > +} > > + > > static inline int security_task_alloc(struct task_struct *task, > > unsigned long clone_flags) > > { > > diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c > > index e29cade7b662..98ecb7f221b8 100644 > > --- a/security/apparmor/lsm.c > > +++ b/security/apparmor/lsm.c > > @@ -329,6 +329,11 @@ static int apparmor_path_truncate(const struct path *path) > > return common_perm_cond(OP_TRUNC, path, MAY_WRITE | AA_MAY_SETATTR); > > } > > +static int apparmor_file_truncate(struct file *file) > > +{ > > + return apparmor_path_truncate(&file->f_path); > > +} > > + > > static int apparmor_path_symlink(const struct path *dir, struct dentry *dentry, > > const char *old_name) > > { > > @@ -1232,6 +1237,7 @@ static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { > > LSM_HOOK_INIT(mmap_file, apparmor_mmap_file), > > LSM_HOOK_INIT(file_mprotect, apparmor_file_mprotect), > > LSM_HOOK_INIT(file_lock, apparmor_file_lock), > > + LSM_HOOK_INIT(file_truncate, apparmor_file_truncate), > > LSM_HOOK_INIT(getprocattr, apparmor_getprocattr), > > LSM_HOOK_INIT(setprocattr, apparmor_setprocattr), > > diff --git a/security/security.c b/security/security.c > > index 4b95de24bc8d..d73e423005c3 100644 > > --- a/security/security.c > > +++ b/security/security.c > > @@ -1650,6 +1650,11 @@ int security_file_open(struct file *file) > > return fsnotify_perm(file, MAY_OPEN); > > } > > +int security_file_truncate(struct file *file) > > +{ > > + return call_int_hook(file_truncate, 0, file); > > +} > > + > > int security_task_alloc(struct task_struct *task, unsigned long clone_flags) > > { > > int rc = lsm_task_alloc(task); > > diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c > > index 71e82d855ebf..af04a7b7eb28 100644 > > --- a/security/tomoyo/tomoyo.c > > +++ b/security/tomoyo/tomoyo.c > > @@ -134,6 +134,18 @@ static int tomoyo_path_truncate(const struct path *path) > > return tomoyo_path_perm(TOMOYO_TYPE_TRUNCATE, path, NULL); > > } > > +/** > > + * tomoyo_file_truncate - Target for security_file_truncate(). > > + * > > + * @file: Pointer to "struct file". > > + * > > + * Returns 0 on success, negative value otherwise. > > + */ > > +static int tomoyo_file_truncate(struct file *file) > > +{ > > + return tomoyo_path_truncate(&file->f_path); > > +} > > + > > /** > > * tomoyo_path_unlink - Target for security_path_unlink(). > > * > > @@ -545,6 +557,7 @@ static struct security_hook_list tomoyo_hooks[] __lsm_ro_after_init = { > > LSM_HOOK_INIT(bprm_check_security, tomoyo_bprm_check_security), > > LSM_HOOK_INIT(file_fcntl, tomoyo_file_fcntl), > > LSM_HOOK_INIT(file_open, tomoyo_file_open), > > + LSM_HOOK_INIT(file_truncate, tomoyo_file_truncate), > > LSM_HOOK_INIT(path_truncate, tomoyo_path_truncate), > > LSM_HOOK_INIT(path_unlink, tomoyo_path_unlink), > > LSM_HOOK_INIT(path_mkdir, tomoyo_path_mkdir), --
diff --git a/fs/namei.c b/fs/namei.c index 53b4bc094db2..0e419bd30f8e 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -3211,7 +3211,7 @@ static int handle_truncate(struct user_namespace *mnt_userns, struct file *filp) if (error) return error; - error = security_path_truncate(path); + error = security_file_truncate(filp); if (!error) { error = do_truncate(mnt_userns, path->dentry, 0, ATTR_MTIME|ATTR_CTIME|ATTR_OPEN, diff --git a/fs/open.c b/fs/open.c index cf7e5c350a54..0fa861873245 100644 --- a/fs/open.c +++ b/fs/open.c @@ -188,7 +188,7 @@ long do_sys_ftruncate(unsigned int fd, loff_t length, int small) if (IS_APPEND(file_inode(f.file))) goto out_putf; sb_start_write(inode->i_sb); - error = security_path_truncate(&f.file->f_path); + error = security_file_truncate(f.file); if (!error) error = do_truncate(file_mnt_user_ns(f.file), dentry, length, ATTR_MTIME | ATTR_CTIME, f.file); diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 60fff133c0b1..dee35ab253ba 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -177,6 +177,7 @@ LSM_HOOK(int, 0, file_send_sigiotask, struct task_struct *tsk, struct fown_struct *fown, int sig) LSM_HOOK(int, 0, file_receive, struct file *file) LSM_HOOK(int, 0, file_open, struct file *file) +LSM_HOOK(int, 0, file_truncate, struct file *file) LSM_HOOK(int, 0, task_alloc, struct task_struct *task, unsigned long clone_flags) LSM_HOOK(void, LSM_RET_VOID, task_free, struct task_struct *task) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 3aa6030302f5..4acc975f28d9 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -409,7 +409,9 @@ * @attr is the iattr structure containing the new file attributes. * Return 0 if permission is granted. * @path_truncate: - * Check permission before truncating a file. + * Check permission before truncating the file indicated by path. + * Note that truncation permissions may also be checked based on + * already opened files, using the @file_truncate hook. * @path contains the path structure for the file. * Return 0 if permission is granted. * @inode_getattr: @@ -598,6 +600,12 @@ * to receive an open file descriptor via socket IPC. * @file contains the file structure being received. * Return 0 if permission is granted. + * @file_truncate: + * Check permission before truncating a file, i.e. using ftruncate. + * Note that truncation permission may also be checked based on the path, + * using the @path_truncate hook. + * @file contains the file structure for the file. + * Return 0 if permission is granted. * @file_open: * Save open-time permission checking state for later use upon * file_permission, and recheck access if anything has changed diff --git a/include/linux/security.h b/include/linux/security.h index 7bd0c490703d..f80b23382dd9 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -394,6 +394,7 @@ int security_file_send_sigiotask(struct task_struct *tsk, struct fown_struct *fown, int sig); int security_file_receive(struct file *file); int security_file_open(struct file *file); +int security_file_truncate(struct file *file); int security_task_alloc(struct task_struct *task, unsigned long clone_flags); void security_task_free(struct task_struct *task); int security_cred_alloc_blank(struct cred *cred, gfp_t gfp); @@ -1011,6 +1012,11 @@ static inline int security_file_open(struct file *file) return 0; } +static inline int security_file_truncate(struct file *file) +{ + return 0; +} + static inline int security_task_alloc(struct task_struct *task, unsigned long clone_flags) { diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index e29cade7b662..98ecb7f221b8 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -329,6 +329,11 @@ static int apparmor_path_truncate(const struct path *path) return common_perm_cond(OP_TRUNC, path, MAY_WRITE | AA_MAY_SETATTR); } +static int apparmor_file_truncate(struct file *file) +{ + return apparmor_path_truncate(&file->f_path); +} + static int apparmor_path_symlink(const struct path *dir, struct dentry *dentry, const char *old_name) { @@ -1232,6 +1237,7 @@ static struct security_hook_list apparmor_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(mmap_file, apparmor_mmap_file), LSM_HOOK_INIT(file_mprotect, apparmor_file_mprotect), LSM_HOOK_INIT(file_lock, apparmor_file_lock), + LSM_HOOK_INIT(file_truncate, apparmor_file_truncate), LSM_HOOK_INIT(getprocattr, apparmor_getprocattr), LSM_HOOK_INIT(setprocattr, apparmor_setprocattr), diff --git a/security/security.c b/security/security.c index 4b95de24bc8d..d73e423005c3 100644 --- a/security/security.c +++ b/security/security.c @@ -1650,6 +1650,11 @@ int security_file_open(struct file *file) return fsnotify_perm(file, MAY_OPEN); } +int security_file_truncate(struct file *file) +{ + return call_int_hook(file_truncate, 0, file); +} + int security_task_alloc(struct task_struct *task, unsigned long clone_flags) { int rc = lsm_task_alloc(task); diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 71e82d855ebf..af04a7b7eb28 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -134,6 +134,18 @@ static int tomoyo_path_truncate(const struct path *path) return tomoyo_path_perm(TOMOYO_TYPE_TRUNCATE, path, NULL); } +/** + * tomoyo_file_truncate - Target for security_file_truncate(). + * + * @file: Pointer to "struct file". + * + * Returns 0 on success, negative value otherwise. + */ +static int tomoyo_file_truncate(struct file *file) +{ + return tomoyo_path_truncate(&file->f_path); +} + /** * tomoyo_path_unlink - Target for security_path_unlink(). * @@ -545,6 +557,7 @@ static struct security_hook_list tomoyo_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(bprm_check_security, tomoyo_bprm_check_security), LSM_HOOK_INIT(file_fcntl, tomoyo_file_fcntl), LSM_HOOK_INIT(file_open, tomoyo_file_open), + LSM_HOOK_INIT(file_truncate, tomoyo_file_truncate), LSM_HOOK_INIT(path_truncate, tomoyo_path_truncate), LSM_HOOK_INIT(path_unlink, tomoyo_path_unlink), LSM_HOOK_INIT(path_mkdir, tomoyo_path_mkdir),