Smack: implement revoking all rules for a subject label Add /smack/revoke-subject special file. Writing a SMACK label to this file will set the access to '-' for all access rules with that subject label. Targeted for git://git.gitorious.org/smack-next/kernel.git Signed-off-by: Rafal Krypa <r.krypa@samsung.com>

commit: 449543b0436a9146b855aad39eab76ae4853e88d [log] [tgz]
author: Rafal Krypa <r.krypa@samsung.com> Wed Jul 11 17:49:30 2012 +0200
committer: Casey Schaufler <casey@schaufler-ca.com> Tue Sep 18 09:50:52 2012 -0700
tree: 1b430fec0506e78929cfd944972d7dd49d0f76fd
parent: c00bedb368ae02a066aed8a888afc286c1df2e60 [diff]
diff --git a/Documentation/security/Smack.txt b/Documentation/security/Smack.txt
index a416479..e68536d 100644
--- a/Documentation/security/Smack.txt
+++ b/Documentation/security/Smack.txt

@@ -194,6 +194,9 @@
 	these capabilities are effective at for processes with any
 	label. The value is set by writing the desired label to the
 	file or cleared by writing "-" to the file.
+revoke-subject
+	Writing a Smack label here sets the access to '-' for all access
+	rules with that subject label.
 
 You can add access rules in /etc/smack/accesses. They take the form:
commit	449543b0436a9146b855aad39eab76ae4853e88d	[log] [tgz]
author	Rafal Krypa <r.krypa@samsung.com>	Wed Jul 11 17:49:30 2012 +0200
committer	Casey Schaufler <casey@schaufler-ca.com>	Tue Sep 18 09:50:52 2012 -0700
tree	1b430fec0506e78929cfd944972d7dd49d0f76fd
parent	c00bedb368ae02a066aed8a888afc286c1df2e60 [diff]