split ->file_mmap() into ->mmap_addr()/->mmap_file()

	vma->vm_page_prot = vm_get_page_prot(vma->vm_flags);

	INIT_LIST_HEAD(&vma->anon_vma_chain);

	err = security_file_mmap(NULL, 0, 0, 0, vma->vm_start, 1);

	if (err)

		goto err;

	err = insert_vm_struct(mm, vma);

	if (err)

		goto err;

extern int cap_inode_need_killpriv(struct dentry *dentry);

extern int cap_inode_killpriv(struct dentry *dentry);

extern int cap_mmap_addr(unsigned long addr);

extern int cap_file_mmap(struct file *file, unsigned long reqprot,

			 unsigned long prot, unsigned long flags,

			 unsigned long addr, unsigned long addr_only);

extern int cap_mmap_file(struct file *file, unsigned long reqprot,

			 unsigned long prot, unsigned long flags);

extern int cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags);

extern int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3,

			  unsigned long arg4, unsigned long arg5);

 *	simple integer value.  When @arg represents a user space pointer, it

 *	should never be used by the security module.

 *	Return 0 if permission is granted.

 * @file_mmap :

 * @mmap_addr :

 *	Check permissions for a mmap operation at @addr.

 *	@addr contains virtual address that will be used for the operation.

 *	Return 0 if permission is granted.

 * @mmap_file :

 *	Check permissions for a mmap operation.  The @file may be NULL, e.g.

 *	if mapping anonymous memory.

 *	@file contains the file structure for file to map (may be NULL).

 *	@reqprot contains the protection requested by the application.

 *	@prot contains the protection that will be applied by the kernel.

 *	@flags contains the operational flags.

 *	@addr contains virtual address that will be used for the operation.

 *	@addr_only contains a boolean: 0 if file-backed VMA, otherwise 1.

 *	Return 0 if permission is granted.

 * @file_mprotect:

 *	Check permissions before changing memory access permissions.

	void (*file_free_security) (struct file *file);

	int (*file_ioctl) (struct file *file, unsigned int cmd,

			   unsigned long arg);

	int (*file_mmap) (struct file *file,

	int (*mmap_addr) (unsigned long addr);

	int (*mmap_file) (struct file *file,

			  unsigned long reqprot, unsigned long prot,

			  unsigned long flags, unsigned long addr,

			  unsigned long addr_only);

			  unsigned long flags);

	int (*file_mprotect) (struct vm_area_struct *vma,

			      unsigned long reqprot,

			      unsigned long prot);

int security_file_alloc(struct file *file);

void security_file_free(struct file *file);

int security_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg);

int security_file_mmap(struct file *file, unsigned long reqprot,

			unsigned long prot, unsigned long flags,

			unsigned long addr, unsigned long addr_only);

int security_mmap_file(struct file *file, unsigned long reqprot,

			unsigned long prot, unsigned long flags);

int security_mmap_addr(unsigned long addr);

int security_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,

			   unsigned long prot);

int security_file_lock(struct file *file, unsigned int cmd);

	return 0;

}

static inline int security_file_mmap(struct file *file, unsigned long reqprot,

static inline int security_mmap_file(struct file *file, unsigned long reqprot,

				     unsigned long prot,

				     unsigned long flags,

				     unsigned long addr,

				     unsigned long addr_only)

				     unsigned long flags)

{

	return 0;

}

static inline int security_mmap_addr(unsigned long addr)

{

	return cap_mmap_addr(addr);

}

		}

	}

	error = security_file_mmap(file, reqprot, prot, flags, addr, 0);

	error = security_mmap_addr(addr);

	if (error)

		return error;

	error = security_mmap_file(file, reqprot, prot, flags);

	if (error)

		return error;

		return -ENOMEM;

	address &= PAGE_MASK;

	error = security_file_mmap(NULL, 0, 0, 0, address, 1);

	error = security_mmap_addr(address);

	if (error)

		return error;

	if (!len)

		return addr;

	error = security_file_mmap(NULL, 0, 0, 0, addr, 1);

	error = security_mmap_addr(addr);

	if (error)

		return error;

	vma->vm_ops = &special_mapping_vmops;

	vma->vm_private_data = pages;

	ret = security_file_mmap(NULL, 0, 0, 0, vma->vm_start, 1);

	ret = security_mmap_addr(vma->vm_start);

	if (ret)

		goto out;

	if ((addr <= new_addr) && (addr+old_len) > new_addr)

		goto out;

	ret = security_file_mmap(NULL, 0, 0, 0, new_addr, 1);

	ret = security_mmap_addr(new_addr);

	if (ret)

		goto out;

			goto out;

		}

		ret = security_file_mmap(NULL, 0, 0, 0, new_addr, 1);

		ret = security_mmap_addr(new_addr);

		if (ret)

			goto out;

		ret = move_vma(vma, addr, old_len, new_len, new_addr);

	}

	/* allow the security API to have its say */

	ret = security_file_mmap(file, reqprot, prot, flags, addr, 0);

	ret = security_mmap_addr(addr);

	if (ret < 0)

		return ret;

	ret = security_mmap_file(file, reqprot, prot, flags);

	if (ret < 0)

		return ret;