Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit af4f1360 authored by Mimi Zohar's avatar Mimi Zohar Committed by James Morris
Browse files

security: move LSM xattrnames to xattr.h 



Make the security extended attributes names global. Updated to move
the remaining Smack xattrs.

Signed-off-by: default avatarMimi Zohar <zohar@us.ibm.com>
Acked-by: default avatarSerge Hallyn <serue@us.ibm.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 5ad18a0d

include/linux/capability.h

+0 −3
Original line number Diff line number Diff line
@@ -49,9 +49,6 @@ typedef struct __user_cap_data_struct { 
} __user *cap_user_data_t;





#define XATTR_CAPS_SUFFIX "capability"

#define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX



#define VFS_CAP_REVISION_MASK	0xFF000000

#define VFS_CAP_REVISION_SHIFT	24

#define VFS_CAP_FLAGS_MASK	~VFS_CAP_REVISION_MASK

include/linux/xattr.h

+14 −0
Original line number Diff line number Diff line
@@ -33,6 +33,20 @@ 
#define XATTR_USER_PREFIX "user."

#define XATTR_USER_PREFIX_LEN (sizeof (XATTR_USER_PREFIX) - 1)



/* Security namespace */

#define XATTR_SELINUX_SUFFIX "selinux"

#define XATTR_NAME_SELINUX XATTR_SECURITY_PREFIX XATTR_SELINUX_SUFFIX



#define XATTR_SMACK_SUFFIX "SMACK64"

#define XATTR_SMACK_IPIN "SMACK64IPIN"

#define XATTR_SMACK_IPOUT "SMACK64IPOUT"

#define XATTR_NAME_SMACK XATTR_SECURITY_PREFIX XATTR_SMACK_SUFFIX

#define XATTR_NAME_SMACKIPIN	XATTR_SECURITY_PREFIX XATTR_SMACK_IPIN

#define XATTR_NAME_SMACKIPOUT	XATTR_SECURITY_PREFIX XATTR_SMACK_IPOUT



#define XATTR_CAPS_SUFFIX "capability"

#define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX



struct inode;

struct dentry;

security/selinux/hooks.c

+0 −3
Original line number Diff line number Diff line
@@ -87,9 +87,6 @@ 
#include "netlabel.h"

#include "audit.h"



#define XATTR_SELINUX_SUFFIX "selinux"

#define XATTR_NAME_SELINUX XATTR_SECURITY_PREFIX XATTR_SELINUX_SUFFIX



#define NUM_SEL_MNT_OPTS 5



extern int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm);

security/smack/smack.h

+0 −10
Original line number Diff line number Diff line
@@ -123,16 +123,6 @@ struct smack_known { 
#define SMK_FSHAT	"smackfshat="

#define SMK_FSROOT	"smackfsroot="



/*

 * xattr names

 */

#define XATTR_SMACK_SUFFIX	"SMACK64"

#define XATTR_SMACK_IPIN	"SMACK64IPIN"

#define XATTR_SMACK_IPOUT	"SMACK64IPOUT"

#define XATTR_NAME_SMACK	XATTR_SECURITY_PREFIX XATTR_SMACK_SUFFIX

#define XATTR_NAME_SMACKIPIN	XATTR_SECURITY_PREFIX XATTR_SMACK_IPIN

#define XATTR_NAME_SMACKIPOUT	XATTR_SECURITY_PREFIX XATTR_SMACK_IPOUT



#define SMACK_CIPSO_OPTION 	"-CIPSO"



/*