Hi Serge, On Wed, 28 Oct 2009 09:02:36 -0500 "Serge E. Hallyn" <[email protected]> wrote: > > [ Are there any objections to exporting securebits.h? If not, > can this patch be pushed to linux-next? ]
I am not sure which tree this belongs in? Maybe security-testing (James cc'd)? > diff --git a/include/linux/securebits.h b/include/linux/securebits.h > index d2c5ed8..9ad109e 100644 > --- a/include/linux/securebits.h > +++ b/include/linux/securebits.h > @@ -1,6 +1,13 @@ > #ifndef _LINUX_SECUREBITS_H > #define _LINUX_SECUREBITS_H 1 > > +/* Each securesetting is implemented using two bits. One bit specifies > + whether the setting is on or off. The other bit specify whether the > + setting is locked or not. A setting which is locked cannot be > + changed from user-level. */ > +#define issecure_mask(X) (1 << (X)) > +#define issecure(X) (issecure_mask(X) & > current_cred_xxx(securebits)) You want this second define protected by ifdef __KERNEL__ ... -- Cheers, Stephen Rothwell [email protected] http://www.canb.auug.org.au/~sfr/
pgpM9jqMJ4rY9.pgp
Description: PGP signature
