summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorMimi Zohar <zohar@linux.vnet.ibm.com>2011-08-22 17:14:18 +0400
committerMimi Zohar <zohar@linux.vnet.ibm.com>2011-09-14 23:24:52 +0400
commit566be59ab86c0e030b980645a580d683a015a483 (patch)
treec5d29c7db2f8ef93e970cb405621f59c57d01b94 /include
parentbf6d0f5dcda17df3cc5577e203d0f8ea1c2ad6aa (diff)
downloadlinux-566be59ab86c0e030b980645a580d683a015a483.tar.xz
evm: permit mode bits to be updated
Before permitting 'security.evm' to be updated, 'security.evm' must exist and be valid. In the case that there are no existing EVM protected xattrs, it is safe for posix acls to update the mode bits. To differentiate between no 'security.evm' xattr and no xattrs used to calculate 'security.evm', this patch defines INTEGRITY_NOXATTR. Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Diffstat (limited to 'include')
-rw-r--r--include/linux/integrity.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/integrity.h b/include/linux/integrity.h
index 968443385678..a0c41256cb92 100644
--- a/include/linux/integrity.h
+++ b/include/linux/integrity.h
@@ -16,6 +16,7 @@ enum integrity_status {
INTEGRITY_PASS = 0,
INTEGRITY_FAIL,
INTEGRITY_NOLABEL,
+ INTEGRITY_NOXATTRS,
INTEGRITY_UNKNOWN,
};