From 1dbe39424a43e56a6c9aed12661192af51dcdb9f Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 24 May 2011 17:13:13 -0700 Subject: [PATCH] xattr.h: expose string defines to userspace MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit af4f136056c9 ("security: move LSM xattrnames to xattr.h") moved the XATTR_CAPS_SUFFIX define from capability.h to xattr.h. This makes sense except it was previously exports to userspace but xattr.h does not export it to userspace. This patch exports these headers to userspace to fix the ABI regression. There is some slight possibility that this will cause problems in other applications which used these #defines differently (wrongly) and I could JUST export the capabilities xattr name that we broke. Does anyonehave an idea how exposing these headers could cause a problem? Below is what is being exposed to userspace, included here since it isn't clear exactly what is going to be made available from the patch. /* Namespaces */ #define XATTR_OS2_PREFIX "os2." #define XATTR_OS2_PREFIX_LEN (sizeof (XATTR_OS2_PREFIX) - 1) #define XATTR_SECURITY_PREFIX "security." #define XATTR_SECURITY_PREFIX_LEN (sizeof (XATTR_SECURITY_PREFIX) - 1) #define XATTR_SYSTEM_PREFIX "system." #define XATTR_SYSTEM_PREFIX_LEN (sizeof (XATTR_SYSTEM_PREFIX) - 1) #define XATTR_TRUSTED_PREFIX "trusted." #define XATTR_TRUSTED_PREFIX_LEN (sizeof (XATTR_TRUSTED_PREFIX) - 1) #define XATTR_USER_PREFIX "user." #define XATTR_USER_PREFIX_LEN (sizeof (XATTR_USER_PREFIX) - 1) /* Security namespace */ #define XATTR_SELINUX_SUFFIX "selinux" #define XATTR_NAME_SELINUX XATTR_SECURITY_PREFIX XATTR_SELINUX_SUFFIX #define XATTR_SMACK_SUFFIX "SMACK64" #define XATTR_SMACK_IPIN "SMACK64IPIN" #define XATTR_SMACK_IPOUT "SMACK64IPOUT" #define XATTR_NAME_SMACK XATTR_SECURITY_PREFIX XATTR_SMACK_SUFFIX #define XATTR_NAME_SMACKIPIN XATTR_SECURITY_PREFIX XATTR_SMACK_IPIN #define XATTR_NAME_SMACKIPOUT XATTR_SECURITY_PREFIX XATTR_SMACK_IPOUT #define XATTR_CAPS_SUFFIX "capability" #define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX Reported-by: Ozan Çaglayan Signed-off-by: Eric Paris Cc: Mimi Zohar Cc: Serge Hallyn Cc: James Morris Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- include/linux/xattr.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/linux/xattr.h b/include/linux/xattr.h index 6050783005b..aed54c50aa6 100644 --- a/include/linux/xattr.h +++ b/include/linux/xattr.h @@ -13,10 +13,6 @@ #define XATTR_CREATE 0x1 /* set value, fail if attr already exists */ #define XATTR_REPLACE 0x2 /* set value, fail if attr does not exist */ -#ifdef __KERNEL__ - -#include - /* Namespaces */ #define XATTR_OS2_PREFIX "os2." #define XATTR_OS2_PREFIX_LEN (sizeof (XATTR_OS2_PREFIX) - 1) @@ -53,6 +49,10 @@ #define XATTR_CAPS_SUFFIX "capability" #define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX +#ifdef __KERNEL__ + +#include + struct inode; struct dentry; -- 2.20.1