aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux/xattr.h
diff options
context:
space:
mode:
authorCasey Schaufler <casey@schaufler-ca.com>2010-12-02 09:43:39 -0500
committerCasey Schaufler <casey@schaufler-ca.com>2010-12-02 09:43:39 -0500
commit676dac4b1bee0469d6932f698aeb77e8489f5861 (patch)
tree196b4cb35cf8dfdff0698dc4368cfd00acc7391a /include/linux/xattr.h
parent93ae86e759299718c611bc543b9b1633bf32905a (diff)
This patch adds a new security attribute to Smack called
SMACK64EXEC. It defines label that is used while task is running. Exception: in smack_task_wait() child task is checked for write access to parent task using label inherited from the task that forked it. Fixed issues from previous submit: - SMACK64EXEC was not read when SMACK64 was not set. - inode security blob was not updated after setting SMACK64EXEC - inode security blob was not updated when removing SMACK64EXEC
Diffstat (limited to 'include/linux/xattr.h')
-rw-r--r--include/linux/xattr.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/include/linux/xattr.h b/include/linux/xattr.h
index f1e5bde4b35a..351c7901d74a 100644
--- a/include/linux/xattr.h
+++ b/include/linux/xattr.h
@@ -40,9 +40,11 @@
40#define XATTR_SMACK_SUFFIX "SMACK64" 40#define XATTR_SMACK_SUFFIX "SMACK64"
41#define XATTR_SMACK_IPIN "SMACK64IPIN" 41#define XATTR_SMACK_IPIN "SMACK64IPIN"
42#define XATTR_SMACK_IPOUT "SMACK64IPOUT" 42#define XATTR_SMACK_IPOUT "SMACK64IPOUT"
43#define XATTR_SMACK_EXEC "SMACK64EXEC"
43#define XATTR_NAME_SMACK XATTR_SECURITY_PREFIX XATTR_SMACK_SUFFIX 44#define XATTR_NAME_SMACK XATTR_SECURITY_PREFIX XATTR_SMACK_SUFFIX
44#define XATTR_NAME_SMACKIPIN XATTR_SECURITY_PREFIX XATTR_SMACK_IPIN 45#define XATTR_NAME_SMACKIPIN XATTR_SECURITY_PREFIX XATTR_SMACK_IPIN
45#define XATTR_NAME_SMACKIPOUT XATTR_SECURITY_PREFIX XATTR_SMACK_IPOUT 46#define XATTR_NAME_SMACKIPOUT XATTR_SECURITY_PREFIX XATTR_SMACK_IPOUT
47#define XATTR_NAME_SMACKEXEC XATTR_SECURITY_PREFIX XATTR_SMACK_EXEC
46 48
47#define XATTR_CAPS_SUFFIX "capability" 49#define XATTR_CAPS_SUFFIX "capability"
48#define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX 50#define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX