evm: posix acls modify i_mode

The posix xattr acls are 'system' prefixed, which normally would not affect security.evm. An interesting side affect of writing posix xattr acls is their modifying of the i_mode, which is included in security.evm. This patch updates security.evm when posix xattr acls are written. Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
author: Mimi Zohar <zohar@linux.vnet.ibm.com> 2011-08-18 18:07:44 -0400
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> 2011-09-14 15:24:51 -0400
commit: bf6d0f5dcda17df3cc5577e203d0f8ea1c2ad6aa (patch)
tree: c6c5f39d43fe0d27bc1d3aedbd2f9b3ba2f8f537 /include/linux/xattr.h
parent: a924ce0b35875ef9512135b46a32f4150fd700b2 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/include/linux/xattr.h b/include/linux/xattr.h
index b20cb965c322..e5d122031542 100644
--- a/include/linux/xattr.h
+++ b/include/linux/xattr.h
@@ -52,6 +52,11 @@
 #define XATTR_CAPS_SUFFIX "capability"
 #define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX
+#define XATTR_POSIX_ACL_ACCESS  "posix_acl_access"
+#define XATTR_NAME_POSIX_ACL_ACCESS XATTR_SYSTEM_PREFIX XATTR_POSIX_ACL_ACCESS
+#define XATTR_POSIX_ACL_DEFAULT  "posix_acl_default"
+#define XATTR_NAME_POSIX_ACL_DEFAULT XATTR_SYSTEM_PREFIX XATTR_POSIX_ACL_DEFAULT
 #ifdef  __KERNEL__
 #include <linux/types.h>
author	Mimi Zohar <zohar@linux.vnet.ibm.com>	2011-08-18 18:07:44 -0400
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	2011-09-14 15:24:51 -0400
commit	bf6d0f5dcda17df3cc5577e203d0f8ea1c2ad6aa (patch)
tree	c6c5f39d43fe0d27bc1d3aedbd2f9b3ba2f8f537 /include/linux/xattr.h
parent	a924ce0b35875ef9512135b46a32f4150fd700b2 (diff)