48 lines
1.6 KiB
C
48 lines
1.6 KiB
C
/*
|
|
* Linux Security Module for Chromium OS
|
|
*
|
|
* Copyright 2016 Google Inc. All Rights Reserved
|
|
*
|
|
* Authors:
|
|
* Mattias Nissler <mnissler@chromium.org>
|
|
*
|
|
* This software is licensed under the terms of the GNU General Public
|
|
* License version 2, as published by the Free Software Foundation, and
|
|
* may be copied, distributed, and modified under those terms.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*/
|
|
|
|
/* FS feature availability policy for inode. */
|
|
enum chromiumos_inode_security_policy {
|
|
CHROMIUMOS_INODE_POLICY_INHERIT, /* Inherit policy from parent dir */
|
|
CHROMIUMOS_INODE_POLICY_ALLOW,
|
|
CHROMIUMOS_INODE_POLICY_BLOCK,
|
|
};
|
|
|
|
/*
|
|
* Inode security policy types available for use. To add an additional
|
|
* security policy, simply add a new member here, add the corresponding policy
|
|
* files in securityfs.c, and associate the files being added with the new enum
|
|
* member.
|
|
*/
|
|
enum chromiumos_inode_security_policy_type {
|
|
CHROMIUMOS_SYMLINK_TRAVERSAL = 0,
|
|
CHROMIUMOS_FIFO_ACCESS,
|
|
CHROMIUMOS_NUMBER_OF_POLICIES, /* Do not add entries after this line. */
|
|
};
|
|
|
|
extern int chromiumos_update_inode_security_policy(
|
|
struct inode *inode,
|
|
enum chromiumos_inode_security_policy_type type,
|
|
enum chromiumos_inode_security_policy policy);
|
|
int chromiumos_flush_inode_security_policies(struct super_block *sb);
|
|
|
|
extern enum chromiumos_inode_security_policy
|
|
chromiumos_get_inode_security_policy(
|
|
struct dentry *dentry,
|
|
enum chromiumos_inode_security_policy_type type);
|