Smack: check permissions from user space (v2)
Adds a new file into SmackFS called 'access'. Wanted Smack permission is written into /smack/access. After that result can be read from the opened file. If access applies result contains 1 and otherwise 0. File access is protected from race conditions by using simple_transaction_get()/set() API. Fixes from the previous version: - Removed smack.h changes, refactoring left-over from previous version. - Removed #include <linux/smack.h>, refactoring left-over from previous version. Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@intel.com> Signed-off-by: NCasey Schaufler <cschaufler@cschaufler-intel.(none)>
Showing
想要评论请 注册 或 登录