security: Add hook to invalidate inode security labels

Add a hook to invalidate an inode's security label when the cached information becomes invalid. Add the new hook in selinux: set a flag when a security label becomes invalid. Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> Reviewed-by: James Morris <james.l.morris@oracle.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <pmoore@redhat.com>
author: Andreas Gruenbacher <agruenba@redhat.com> 2015-12-24 11:09:40 -0500
committer: Paul Moore <pmoore@redhat.com> 2015-12-24 11:09:40 -0500
commit: 6f3be9f562e3027c77bc4482ccf2cea8600a7f74 (patch)
tree: 3f854d23263cefa95365b9e671b3347404083079 /security/selinux/include
parent: 83da53c5a34564a0a63b26f84293c6e2a639e1e4 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h
index 81fa718d5cb3..a2ae05414ba1 100644
--- a/security/selinux/include/objsec.h
+++ b/security/selinux/include/objsec.h
@@ -37,6 +37,12 @@ struct task_security_struct {
 	u32 sockcreate_sid;	/* fscreate SID */
 };
 
+enum label_initialized {
+	LABEL_MISSING,		/* not initialized */
+	LABEL_INITIALIZED,	/* inizialized */
+	LABEL_INVALID		/* invalid */
+};
+
 struct inode_security_struct {
 	struct inode *inode;	/* back pointer to inode object */
 	union {
author	Andreas Gruenbacher <agruenba@redhat.com>	2015-12-24 11:09:40 -0500
committer	Paul Moore <pmoore@redhat.com>	2015-12-24 11:09:40 -0500
commit	6f3be9f562e3027c77bc4482ccf2cea8600a7f74 (patch)
tree	3f854d23263cefa95365b9e671b3347404083079 /security/selinux/include
parent	83da53c5a34564a0a63b26f84293c6e2a639e1e4 (diff)