diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-08-22 17:14:18 +0400 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-09-14 23:24:52 +0400 |
commit | 566be59ab86c0e030b980645a580d683a015a483 (patch) | |
tree | c5d29c7db2f8ef93e970cb405621f59c57d01b94 /include | |
parent | bf6d0f5dcda17df3cc5577e203d0f8ea1c2ad6aa (diff) | |
download | linux-566be59ab86c0e030b980645a580d683a015a483.tar.xz |
evm: permit mode bits to be updated
Before permitting 'security.evm' to be updated, 'security.evm' must
exist and be valid. In the case that there are no existing EVM protected
xattrs, it is safe for posix acls to update the mode bits.
To differentiate between no 'security.evm' xattr and no xattrs used to
calculate 'security.evm', this patch defines INTEGRITY_NOXATTR.
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/integrity.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/integrity.h b/include/linux/integrity.h index 968443385678..a0c41256cb92 100644 --- a/include/linux/integrity.h +++ b/include/linux/integrity.h @@ -16,6 +16,7 @@ enum integrity_status { INTEGRITY_PASS = 0, INTEGRITY_FAIL, INTEGRITY_NOLABEL, + INTEGRITY_NOXATTRS, INTEGRITY_UNKNOWN, }; |