summaryrefslogtreecommitdiff
path: root/include/linux/security.h
diff options
context:
space:
mode:
authorAndreas Gruenbacher <agruenba@redhat.com>2015-12-24 19:09:40 +0300
committerPaul Moore <pmoore@redhat.com>2015-12-24 19:09:40 +0300
commit6f3be9f562e3027c77bc4482ccf2cea8600a7f74 (patch)
tree3f854d23263cefa95365b9e671b3347404083079 /include/linux/security.h
parent83da53c5a34564a0a63b26f84293c6e2a639e1e4 (diff)
downloadlinux-6f3be9f562e3027c77bc4482ccf2cea8600a7f74.tar.xz
security: Add hook to invalidate inode security labels
Add a hook to invalidate an inode's security label when the cached information becomes invalid. Add the new hook in selinux: set a flag when a security label becomes invalid. Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> Reviewed-by: James Morris <james.l.morris@oracle.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to 'include/linux/security.h')
-rw-r--r--include/linux/security.h5
1 files changed, 5 insertions, 0 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index e79149a06454..4824a4ccaf1c 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -353,6 +353,7 @@ int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen);
int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid);
void security_release_secctx(char *secdata, u32 seclen);
+void security_inode_invalidate_secctx(struct inode *inode);
int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen);
int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen);
int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen);
@@ -1093,6 +1094,10 @@ static inline void security_release_secctx(char *secdata, u32 seclen)
{
}
+static inline void security_inode_invalidate_secctx(struct inode *inode)
+{
+}
+
static inline int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen)
{
return -EOPNOTSUPP;