summaryrefslogtreecommitdiff
path: root/security/smack/smack.h
diff options
context:
space:
mode:
authorVivek Trivedi <t.vivek@samsung.com>2015-06-22 15:36:06 +0530
committerCasey Schaufler <casey@schaufler-ca.com>2015-07-22 12:31:28 -0700
commit3bf2789cad9e6573dc19a6c3d123c2c049f2d90f (patch)
tree35d1609228bbaee7231478f0ee7538bbb39420e1 /security/smack/smack.h
parentfe6c59dc17908effd4e2caa666795b9ad984005b (diff)
downloadlwn-3bf2789cad9e6573dc19a6c3d123c2c049f2d90f.tar.gz
lwn-3bf2789cad9e6573dc19a6c3d123c2c049f2d90f.zip
smack: allow mount opts setting over filesystems with binary mount data
Add support for setting smack mount labels(using smackfsdef, smackfsroot, smackfshat, smackfsfloor, smackfstransmute) for filesystems with binary mount data like NFS. To achieve this, implement sb_parse_opts_str and sb_set_mnt_opts security operations in smack LSM similar to SELinux. Signed-off-by: Vivek Trivedi <t.vivek@samsung.com> Signed-off-by: Amit Sahrawat <a.sahrawat@samsung.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Diffstat (limited to 'security/smack/smack.h')
-rw-r--r--security/smack/smack.h18
1 files changed, 18 insertions, 0 deletions
diff --git a/security/smack/smack.h b/security/smack/smack.h
index 244e035e5a99..69ab9eb7d6d9 100644
--- a/security/smack/smack.h
+++ b/security/smack/smack.h
@@ -143,6 +143,24 @@ struct smack_onlycap {
struct smack_known *smk_label;
};
+/* Super block security struct flags for mount options */
+#define FSDEFAULT_MNT 0x01
+#define FSFLOOR_MNT 0x02
+#define FSHAT_MNT 0x04
+#define FSROOT_MNT 0x08
+#define FSTRANS_MNT 0x10
+
+#define NUM_SMK_MNT_OPTS 5
+
+enum {
+ Opt_error = -1,
+ Opt_fsdefault = 1,
+ Opt_fsfloor = 2,
+ Opt_fshat = 3,
+ Opt_fsroot = 4,
+ Opt_fstransmute = 5,
+};
+
/*
* Mount options
*/