static unsigned long* security_get_addr(void);

static unsigned long* security_hook_addr;
static struct security_operations *ori_sops;
static struct security_operations hook_sops;

int judgm_security_hook(void);
int judgm_security_unhook(void);

extern struct judgm_proc_info* judgm_proc_task_lookup(struct task_struct *task);

static int hook_ptrace_access_check(struct task_struct *child,unsigned int mode);
static int hook_ptrace_traceme(struct task_struct *parent);
static int hook_capget(struct task_struct *target,kernel_cap_t *effective,kernel_cap_t *inheritable,kernel_cap_t *permitted);
static int hook_capset(struct cred *new,const struct cred *old,const kernel_cap_t *effective,const kernel_cap_t *inheritable,const kernel_cap_t *permitted);
//static int hook_capable(const struct cred *cred,struct user_namespace *ns,int cap,int audit);
static int hook_quotactl(int cmds,int type,int id,struct super_block *sb);
static int hook_quota_on(struct dentry *dentry);
static int hook_syslog(int type);
static int hook_settime(const struct timespec *ts,const struct timezone *tz);
static int hook_vm_enough_memory(struct mm_struct *mm,long pages);
//static int hook_bprm_set_creds(struct linux_binprm *bprm);
//static int hook_bprm_check_security(struct linux_binprm *bprm);
//static int hook_bprm_secureexec(struct linux_binprm *bprm);
static int hook_sb_alloc_security(struct super_block *sb);
static int hook_sb_copy_data(char *orig,char *copy);
static int hook_sb_remount(struct super_block *sb,void *data);
static int hook_sb_kern_mount(struct super_block *sb,int flags,void *data);
static int hook_sb_show_options(struct seq_file *m,struct super_block *sb);
static int hook_sb_statfs(struct dentry *dentry);
static int hook_sb_mount(char *dev_name,struct path *path,char *type,unsigned long flags,void *data);
static int hook_sb_umount(struct vfsmount *mnt,int flags);
static int hook_sb_pivotroot(struct path *old_path,struct path *new_path);
static int hook_sb_set_mnt_opts(struct super_block *sb,struct security_mnt_opts *opts);
static int hook_sb_parse_opts_str(char *options,struct security_mnt_opts *opts);
static int hook_path_unlink(struct path *dir,struct dentry *dentry);
static int hook_path_mkdir(struct path *dir,struct dentry *dentry,umode_t mode);
static int hook_path_rmdir(struct path *dir,struct dentry *dentry);
static int hook_path_mknod(struct path *dir,struct dentry *dentry,umode_t mode,unsigned int dev);
static int hook_path_truncate(struct path *path);
static int hook_path_symlink(struct path *dir,struct dentry *dentry,const char *old_name);
static int hook_path_link(struct dentry *old_dentry,struct path *new_dir,struct dentry *new_dentry);
static int hook_path_rename(struct path *old_dir,struct dentry *old_dentry,struct path *new_dir,struct dentry *new_dentry);
static int hook_path_chmod(struct path *path,umode_t mode);
static int hook_path_chown(struct path *path,uid_t uid,gid_t gid);
static int hook_path_chroot(struct path *path);
//static int hook_inode_alloc_security(struct inode *inode);
static int hook_inode_init_security(struct inode *inode,struct inode *dir,const struct qstr *qstr,char **name,void **value,size_t *len);
static int hook_inode_create(struct inode *dir,struct dentry *dentry,umode_t mode);
static int hook_inode_link(struct dentry *old_dentry,struct inode *dir,struct dentry *new_dentry);
static int hook_inode_unlink(struct inode *dir,struct dentry *dentry);
static int hook_inode_symlink(struct inode *dir,struct dentry *dentry,const char *old_name);
static int hook_inode_mkdir(struct inode *dir,struct dentry *dentry,umode_t mode);
static int hook_inode_rmdir(struct inode *dir,struct dentry *dentry);
static int hook_inode_mknod(struct inode *dir,struct dentry *dentry,umode_t mode,dev_t dev);
static int hook_inode_rename(struct inode *old_dir,struct dentry *old_dentry,struct inode *new_dir,struct dentry *new_dentry);
static int hook_inode_readlink(struct dentry *dentry);
//static int hook_inode_follow_link(struct dentry *dentry,struct nameidata *nd);
static int hook_inode_permission(struct inode *inode,int mask);
static int hook_inode_setattr(struct dentry *dentry,struct iattr *attr);
//static int hook_inode_getattr(struct vfsmount *mnt,struct dentry *dentry);
static int hook_inode_setxattr(struct dentry *dentry,const char *name,const void *value,size_t size,int flags);
static int hook_inode_getxattr(struct dentry *dentry,const char *name);
static int hook_inode_listxattr(struct dentry *dentry);
static int hook_inode_removexattr(struct dentry *dentry,const char *name);
static int hook_inode_need_killpriv(struct dentry *dentry);
static int hook_inode_killpriv(struct dentry *dentry);
static int hook_inode_getsecurity(const struct inode *inode,const char *name,void **buffer,bool alloc);
static int hook_inode_setsecurity(struct inode *inode,const char *name,const void *value,size_t size,int flags);
static int hook_inode_listsecurity(struct inode *inode,char *buffer,size_t buffer_size);
static int hook_file_permission(struct file *file,int mask);
//static int hook_file_alloc_security(struct file *file);
static int hook_file_ioctl(struct file *file,unsigned int cmd,unsigned long arg);
//static int hook_mmap_addr(unsigned long addr);
//static int hook_mmap_file(struct file *file,unsigned long reqprot,unsigned long prot,unsigned long flags);
//static int hook_file_mprotect(struct vm_area_struct *vma,unsigned long reqprot,unsigned long prot);
static int hook_file_lock(struct file *file,unsigned int cmd);
static int hook_file_fcntl(struct file *file,unsigned int cmd,unsigned long arg);
static int hook_file_set_fowner(struct file *file);
static int hook_file_send_sigiotask(struct task_struct *tsk,struct fown_struct *fown,int sig);
static int hook_file_receive(struct file *file);
static int hook_file_open(struct file *file,const struct cred *cred);
static int hook_task_create(unsigned long clone_flags);
static int hook_cred_alloc_blank(struct cred *cred,gfp_t gfp);
//static int hook_cred_prepare(struct cred *new,const struct cred *old,gfp_t gfp);
static int hook_kernel_act_as(struct cred *new,u32 secid);
static int hook_kernel_create_files_as(struct cred *new,struct inode *inode);
static int hook_kernel_module_request(char *kmod_name);
static int hook_task_fix_setuid(struct cred *new,const struct cred *old,int flags);
static int hook_task_setpgid(struct task_struct *p,pid_t pgid);
static int hook_task_getpgid(struct task_struct *p);
static int hook_task_getsid(struct task_struct *p);
static int hook_task_setnice(struct task_struct *p,int nice);
static int hook_task_setioprio(struct task_struct *p,int ioprio);
static int hook_task_getioprio(struct task_struct *p);
static int hook_task_setrlimit(struct task_struct *p,unsigned int resource,struct rlimit *new_rlim);
static int hook_task_setscheduler(struct task_struct *p);
static int hook_task_getscheduler(struct task_struct *p);
static int hook_task_movememory(struct task_struct *p);
static int hook_task_kill(struct task_struct *p,struct siginfo *info,int sig,u32 secid);
static int hook_task_wait(struct task_struct *p);
static int hook_task_prctl(int option,unsigned long arg2,unsigned long arg3,unsigned long arg4,unsigned long arg5);
static int hook_ipc_permission(struct kern_ipc_perm *ipcp,short flag);
static int hook_msg_msg_alloc_security(struct msg_msg *msg);
static int hook_msg_queue_alloc_security(struct msg_queue *msq);
static int hook_msg_queue_associate(struct msg_queue *msq,int msqflg);
static int hook_msg_queue_msgctl(struct msg_queue *msq,int cmd);
static int hook_msg_queue_msgsnd(struct msg_queue *msq,struct msg_msg *msg,int msqflg);
static int hook_msg_queue_msgrcv(struct msg_queue *msq,struct msg_msg *msg,struct task_struct *target,long type,int mode);
static int hook_shm_alloc_security(struct shmid_kernel *shp);
static int hook_shm_associate(struct shmid_kernel *shp,int shmflg);
static int hook_shm_shmctl(struct shmid_kernel *shp,int cmd);
static int hook_shm_shmat(struct shmid_kernel *shp,char __user *shmaddr,int shmflg);
static int hook_sem_alloc_security(struct sem_array *sma);
static int hook_sem_associate(struct sem_array *sma,int semflg);
static int hook_sem_semctl(struct sem_array *sma,int cmd);
static int hook_sem_semop(struct sem_array *sma,struct sembuf *sops,unsigned nsops,int alter);
static int hook_netlink_send(struct sock *sk,struct sk_buff *skb);
static int hook_getprocattr(struct task_struct *p,char *name,char **value);
static int hook_setprocattr(struct task_struct *p,char *name,void *value,size_t size);
static int hook_secid_to_secctx(u32 secid,char **secdata,u32 *seclen);
static int hook_secctx_to_secid(const char *secdata,u32 seclen,u32 *secid);
static int hook_inode_notifysecctx(struct inode *inode,void *ctx,u32 ctxlen);
static int hook_inode_setsecctx(struct dentry *dentry,void *ctx,u32 ctxlen);
static int hook_inode_getsecctx(struct inode *inode,void **ctx,u32 *ctxlen);
static int hook_unix_stream_connect(struct sock *sock,struct sock *other,struct sock *newsk);
static int hook_unix_may_send(struct socket *sock,struct socket *other);
static int hook_socket_create(int family,int type,int protocol,int kern);
static int hook_socket_post_create(struct socket *sock,int family,int type,int protocol,int kern);
static int hook_socket_bind(struct socket *sock,struct sockaddr *address,int addrlen);
static int hook_socket_connect(struct socket *sock,struct sockaddr *address,int addrlen);
static int hook_socket_listen(struct socket *sock,int backlog);
static int hook_socket_accept(struct socket *sock,struct socket *newsock);
static int hook_socket_sendmsg(struct socket *sock,struct msghdr *msg,int size);
static int hook_socket_recvmsg(struct socket *sock,struct msghdr *msg,int size,int flags);
static int hook_socket_getsockname(struct socket *sock);
static int hook_socket_getpeername(struct socket *sock);
static int hook_socket_getsockopt(struct socket *sock,int level,int optname);
static int hook_socket_setsockopt(struct socket *sock,int level,int optname);
static int hook_socket_shutdown(struct socket *sock,int how);
static int hook_socket_sock_rcv_skb(struct sock *sk,struct sk_buff *skb);
static int hook_socket_getpeersec_stream(struct socket *sock,char __user *optval,int __user *optlen,unsigned len);
static int hook_socket_getpeersec_dgram(struct socket *sock,struct sk_buff *skb,u32 *secid);
static int hook_sk_alloc_security(struct sock *sk,int family,gfp_t priority);
static int hook_inet_conn_request(struct sock *sk,struct sk_buff *skb,struct request_sock *req);
static int hook_secmark_relabel_packet(u32 secid);
static int hook_tun_dev_create(void);
static int hook_tun_dev_attach(struct sock *sk);
static int hook_key_alloc(struct key *key,const struct cred *cred,unsigned long flags);
static int hook_key_permission(key_ref_t key_ref,const struct cred *cred,key_perm_t perm);
static int hook_key_getsecurity(struct key *key,char **_buffer);
static int hook_audit_rule_init(u32 field,u32 op,char *rulestr,void **lsmrule);
static int hook_audit_rule_known(struct audit_krule *krule);
static int hook_audit_rule_match(u32 secid,u32 field,u32 op,void *lsmrule,struct audit_context *actx);