diff options
author | Andreas Gruenbacher <agruenba@redhat.com> | 2015-12-24 11:09:40 -0500 |
---|---|---|
committer | Paul Moore <pmoore@redhat.com> | 2015-12-24 11:09:40 -0500 |
commit | 6f3be9f562e3027c77bc4482ccf2cea8600a7f74 (patch) | |
tree | 3f854d23263cefa95365b9e671b3347404083079 /include/linux/security.h | |
parent | 83da53c5a34564a0a63b26f84293c6e2a639e1e4 (diff) | |
download | lwn-6f3be9f562e3027c77bc4482ccf2cea8600a7f74.tar.gz lwn-6f3be9f562e3027c77bc4482ccf2cea8600a7f74.zip |
security: Add hook to invalidate inode security labels
Add a hook to invalidate an inode's security label when the cached
information becomes invalid.
Add the new hook in selinux: set a flag when a security label becomes
invalid.
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Reviewed-by: James Morris <james.l.morris@oracle.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to 'include/linux/security.h')
-rw-r--r-- | include/linux/security.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index e79149a06454..4824a4ccaf1c 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -353,6 +353,7 @@ int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); void security_release_secctx(char *secdata, u32 seclen); +void security_inode_invalidate_secctx(struct inode *inode); int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); @@ -1093,6 +1094,10 @@ static inline void security_release_secctx(char *secdata, u32 seclen) { } +static inline void security_inode_invalidate_secctx(struct inode *inode) +{ +} + static inline int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) { return -EOPNOTSUPP; |