1 files changed, 17 insertions, 0 deletions

diff --git a/security/security.c b/security/security.c
index c7afd35aa2b..7fb3683fdad 100644
--- a/security/security.c
+++ b/security/security.c
@@ -135,6 +135,10 @@ int __init register_security(struct security_operations *ops)
 
 int security_ptrace_access_check(struct task_struct *child, unsigned int mode)
 {
+	int rc;
+	rc = yama_ptrace_access_check(child, mode);
+	if (rc)
+		return rc;
 	return security_ops->ptrace_access_check(child, mode);
 }
 
@@ -405,8 +409,12 @@ EXPORT_SYMBOL(security_path_symlink);
 int security_path_link(struct dentry *old_dentry, struct path *new_dir,
 		       struct dentry *new_dentry)
 {
+	int rc;
 	if (unlikely(IS_PRIVATE(old_dentry->d_inode)))
 		return 0;
+	rc = yama_path_link(old_dentry, new_dir, new_dentry);
+	if (rc)
+		return rc;
 	return security_ops->path_link(old_dentry, new_dir, new_dentry);
 }
 EXPORT_SYMBOL(security_path_link);
@@ -525,8 +533,12 @@ EXPORT_SYMBOL(security_inode_readlink);
 
 int security_inode_follow_link(struct dentry *dentry, struct nameidata *nd)
 {
+	int rc;
 	if (unlikely(IS_PRIVATE(dentry->d_inode)))
 		return 0;
+	rc = yama_inode_follow_link(dentry, nd);
+	if (rc)
+		return rc;
 	return security_ops->inode_follow_link(dentry, nd);
 }
 
@@ -770,6 +782,7 @@ int security_task_create(unsigned long clone_flags)
 
 void security_task_free(struct task_struct *task)
 {
+	yama_task_free(task);
 	security_ops->task_free(task);
 }
 
@@ -885,6 +898,10 @@ int security_task_wait(struct task_struct *p)
 int security_task_prctl(int option, unsigned long arg2, unsigned long arg3,
 			 unsigned long arg4, unsigned long arg5)
 {
+	int rc;
+	rc = yama_task_prctl(option, arg2, arg3, arg4, arg5);
+	if (rc != -ENOSYS)
+		return rc;
 	return security_ops->task_prctl(option, arg2, arg3, arg4, arg5);
 }